urlscan.io logo urlscan.io
SecurityTrails logo

www.turnto23.com Open in urlscan Pro
18.245.60.90  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.turnto23.com/
Effective URL: https://www.turnto23.com/
Submission: On October 24 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 135 IPs in 13 countries across 110 domains to perform 1296 HTTP transactions. The main IP is 18.245.60.90, located in United States and belongs to AMAZON-02, US. The main domain is www.turnto23.com. The Cisco Umbrella rank of the primary domain is 804301.
TLS certificate: Issued by Amazon RSA 2048 M02 on December 20th 2022. Valid for: a year.
This is the only time www.turnto23.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 18.245.60.90 16509 (AMAZON-02)
75 13.224.189.20 16509 (AMAZON-02)
1 2600:9000:211... 16509 (AMAZON-02)
6 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 2606:4700:e0:... 13335 (CLOUDFLAR...)
1 18.245.86.62 16509 (AMAZON-02)
9 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 108.138.1.25 16509 (AMAZON-02)
5 23.35.228.23 16625 (AKAMAI-AS)
1 23.212.211.47 16625 (AKAMAI-AS)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 65.9.61.60 16509 (AMAZON-02)
1 99.86.4.71 16509 (AMAZON-02)
2 13.32.121.37 16509 (AMAZON-02)
1 98.98.134.241 21859 (ZEN-ECN)
8 2a00:1450:400... 15169 (GOOGLE)
1 54.155.18.159 16509 (AMAZON-02)
77 2a00:1450:400... 15169 (GOOGLE)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2001:4860:480... 15169 (GOOGLE)
2 13.32.121.46 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 130.211.23.194 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 142.250.184.230 15169 (GOOGLE)
2 13.32.119.77 16509 (AMAZON-02)
2 35.227.252.103 15169 (GOOGLE)
25 2a02:fa8:8806... 41041 (VCLK-EU-SE)
3 34.149.20.76 15169 (GOOGLE)
2 3.67.162.24 16509 (AMAZON-02)
6 159.89.246.130 14061 (DIGITALOC...)
25 2602:803:c003... 26667 (RUBICONPR...)
6 38 37.252.171.149 29990 (ASN-APPNEX)
3 104.17.208.240 13335 (CLOUDFLAR...)
9 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 3.12.81.4 16509 (AMAZON-02)
1 2600:9000:236... 16509 (AMAZON-02)
233 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
66 2a00:1450:400... 15169 (GOOGLE)
18 161.47.17.28 19994 (RACKSPACE)
41 2a00:1450:400... 15169 (GOOGLE)
2 13.32.27.56 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 108.177.15.154 15169 (GOOGLE)
4 18.197.92.81 16509 (AMAZON-02)
6 23.35.236.201 16625 (AKAMAI-AS)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 6 2620:116:800d... 16509 (AMAZON-02)
33 18.66.147.119 16509 (AMAZON-02)
2 2600:9000:223... 16509 (AMAZON-02)
42 2a00:1450:400... 15169 (GOOGLE)
4 2606:2800:233... 15133 (EDGECAST)
3 2a00:1450:400... 15169 (GOOGLE)
45 46.228.174.115 56396 (AMOBEE)
25 145.40.97.67 54825 (PACKET)
3 38 104.18.26.193 13335 (CLOUDFLAR...)
23 185.64.189.112 62713 (AS-PUBMATIC)
24 216.52.2.48 32475 (SINGLEHOP...)
23 69.166.1.32 27630 (AS-XFERNET)
17 2602:803:c003... 26667 (RUBICONPR...)
3 3.226.38.36 14618 (AMAZON-AES)
2 52.33.9.22 16509 (AMAZON-02)
32 39 142.250.186.162 15169 (GOOGLE)
1 23.35.237.75 16625 (AKAMAI-AS)
1 37.157.6.233 198622 (ADFORM)
1 22 69.173.144.165 26667 (RUBICONPR...)
3 34.98.64.218 396982 (GOOGLE-CL...)
10 198.47.127.205 62713 (AS-PUBMATIC)
1 7 185.64.190.78 62713 (AS-PUBMATIC)
2 23.35.237.56 16625 (AKAMAI-AS)
1 2600:1901:0:8... 396982 (GOOGLE-CL...)
3 23.35.236.188 16625 (AKAMAI-AS)
1 2600:9000:211... 16509 (AMAZON-02)
2 4 76.223.111.18 16509 (AMAZON-02)
1 67.202.105.23 32748 (STEADFAST)
40 23.35.229.251 16625 (AKAMAI-AS)
2 3.75.62.37 16509 (AMAZON-02)
1 34.242.19.90 16509 (AMAZON-02)
2 108.138.26.101 16509 (AMAZON-02)
1 51.89.9.254 16276 (OVH)
8 15.197.193.217 16509 (AMAZON-02)
1 172.240.155.108 7979 (SERVERS-COM)
5 69.166.1.66 27630 (AS-XFERNET)
1 3 34.250.238.79 16509 (AMAZON-02)
4 104.18.24.18 13335 (CLOUDFLAR...)
4 7 208.93.169.131 46244 (WEBMD-IDC...)
6 8 18.184.107.13 16509 (AMAZON-02)
5 7 37.157.3.20 198622 (ADFORM)
5 5 185.184.8.90 204995 (RTB-HOUSE...)
5 5 193.0.160.130 54312 (ROCKETFUEL)
38 142.250.184.226 15169 (GOOGLE)
19 2a00:1450:400... 15169 (GOOGLE)
1 3 54.194.163.10 16509 (AMAZON-02)
1 3 69.192.160.219 16625 (AKAMAI-AS)
1 3 185.86.138.152 201081 (SMARTADSE...)
1 54.155.252.188 16509 (AMAZON-02)
2 52.48.146.251 16509 (AMAZON-02)
5 5 54.78.254.47 16509 (AMAZON-02)
1 216.46.185.183 13649 (ASN-FLEXE...)
11 12 46.228.174.117 56396 (AMOBEE)
1 52.30.88.129 16509 (AMAZON-02)
1 2 34.251.59.251 16509 (AMAZON-02)
2 4 52.46.128.147 16509 (AMAZON-02)
5 5 54.83.245.159 14618 (AMAZON-AES)
4 4 13.32.27.99 16509 (AMAZON-02)
2 35.244.174.68 15169 (GOOGLE)
2 2 35.214.198.34 15169 (GOOGLE)
1 2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 2a05:d018:cc3... 16509 (AMAZON-02)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 178.250.7.11 44788 (ASN-CRITE...)
1 52.95.115.196 16509 (AMAZON-02)
15 185.64.191.210 62713 (AS-PUBMATIC)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 1 3.126.233.203 16509 (AMAZON-02)
1 1 54.209.88.56 14618 (AMAZON-AES)
1 2 151.101.194.49 54113 (FASTLY)
5 5 52.51.216.150 16509 (AMAZON-02)
1 1 70.42.32.255 22075 (AS-OUTBRAIN)
1 1 82.145.213.8 39832 (NO-OPERA)
1 35.186.193.173 15169 (GOOGLE)
1 173.231.181.122 32475 (SINGLEHOP...)
2 2 213.155.156.168 1299 (TWELVE99 ...)
1 195.5.165.20 44968 (IPROM-AS)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
3 4 3.90.125.107 14618 (AMAZON-AES)
2 3 35.204.74.118 396982 (GOOGLE-CL...)
1 2a05:d018:d29... 16509 (AMAZON-02)
1 98.98.134.242 21859 (ZEN-ECN)
3 3 2001:678:cb4:... 56396 (AMOBEE)
1 1 64.227.64.62 14061 (DIGITALOC...)
2 2 141.94.242.226 16276 (OVH)
4 4 141.94.171.214 16276 (OVH)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
2 23.88.86.2 24940 (HETZNER-AS)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 4 77.243.51.121 42697 (NETIC-AS)
4 4 146.59.148.16 16276 (OVH)
2 2 34.102.253.54 396982 (GOOGLE-CL...)
3 185.64.190.81 62713 (AS-PUBMATIC)
8 144.76.104.53 ()
1 4 46.4.10.49 ()
1 4 138.201.63.117 ()
6 145.239.193.130 ()
2 3.124.138.165 ()
2 2 94.23.99.218 ()
1296 135
7    18.245.60.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-90.fra60.r.cloudfront.net
www.turnto23.com
75    13.224.189.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-20.fra2.r.cloudfront.net
ewscripps.brightspotcdn.com
1    2600:9000:211e:1200:13:a391:88c0:21 (United States)

ASN16509 (AMAZON-02, US)
d3plfjw9uod7ab.cloudfront.net
6    2606:4700::6812:83ec (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
5    2a02:26f0:3500:16::215:148f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
3    2606:4700:e0::ac40:670b (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    18.245.86.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-62.fra60.r.cloudfront.net
assets.scrippsdigital.com
9    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:3030::6815:251b (United States)

ASN13335 (CLOUDFLARENET, US)
analyticssystems.net
3    108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net
c.amazon-adsystem.com
5    23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com
hbx.media.net
hblg.media.net
c21lg-d.media.net
1    23.212.211.47 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-211-47.deploy.static.akamaitechnologies.com
ads.rubiconproject.com
1    2a02:26f0:3500:16::215:148b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    65.9.61.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-61-60.fra56.r.cloudfront.net
cdn.parsely.com
1    99.86.4.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-71.fra6.r.cloudfront.net
config.aps.amazon-adsystem.com
2    13.32.121.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-37.fra60.r.cloudfront.net
sb.scorecardresearch.com
1    98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)
pixel.sitescout.com
8    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    54.155.18.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
p1.parsely.com
77    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2606:4700:10::ac43:293c (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    13.32.121.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-46.fra60.r.cloudfront.net
api.ewscloud.com
1    2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.250.184.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net
ad.doubleclick.net
2    13.32.119.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-119-77.fra60.r.cloudfront.net
aax.amazon-adsystem.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
25    2a02:fa8:8806:12::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)
web.hb.ad.cpe.dotomi.com
3    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
2    3.67.162.24 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-162-24.eu-central-1.compute.amazonaws.com
tlx.3lift.com
6    159.89.246.130 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
e.serverbid.com
x.serverbid.com
25    2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
38    37.252.171.149 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
3    104.17.208.240 (None, )

ASN13335 (CLOUDFLARENET, US)
zn5mw1rvkaqsbsmp4wvw-newsy.siteintercept.qualtrics.com
siteintercept.qualtrics.com
9    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    3.12.81.4 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-12-81-4.us-east-2.compute.amazonaws.com
dhukrzx4tb.execute-api.us-east-2.amazonaws.com
1    2600:9000:236e:c400:10:618e:d880:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.ewscloud.com
233    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
8    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com
a639388eb0b206709f754fab04bf1cab.safeframe.googlesyndication.com
0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com
66    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
18    161.47.17.28 (United States)

ASN19994 (RACKSPACE, US)
saambaa.com
api.saambaa.com
41    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    13.32.27.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-56.fra56.r.cloudfront.net
videoads.ewscloud.com
5    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
5    2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
2    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    108.177.15.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f154.1e100.net
bid.g.doubleclick.net
4    18.197.92.81 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-92-81.eu-central-1.compute.amazonaws.com
prebid-a.rubiconproject.com
6    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
2    2a00:1450:400f:3::9 (Ireland)

ASN15169 (GOOGLE, US)
r4---sn-5go7ynld.c.2mdn.net
6    2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
33    18.66.147.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-119.fra60.r.cloudfront.net
tagan.adlightning.com
2    2600:9000:223c:aa00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
42    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
saambaa-static.azureedge.net
3    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
45    46.228.174.115 (United Kingdom)

ASN56396 (AMOBEE, GB)
targeting.unrulymedia.com
25    145.40.97.67 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
38    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
23    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
24    216.52.2.48 (New York, United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
23    69.166.1.32 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
17    2602:803:c003:200::57 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
beacon-ams3.rubiconproject.com
3    3.226.38.36 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-38-36.compute-1.amazonaws.com
1x1.a-mo.net
2    52.33.9.22 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-33-9-22.us-west-2.compute.amazonaws.com
prod.tahoe-analytics.publishers.advertising.a2z.com
39    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
1    23.35.237.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-75.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
22    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
3    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
ewscripps-d.openx.net
10    198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
7    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com
sync.teads.tv
1    2600:1901:0:8344:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
lexicon.33across.com
3    23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    2600:9000:211e:f600:1b:fdeb:7440:93a1 (United States)

ASN16509 (AMAZON-02, US)
sync.serverbid.com
4    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    67.202.105.23 (United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
40    23.35.229.251 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-251.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    34.242.19.90 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-19-90.eu-west-1.compute.amazonaws.com
synchrobox.adswizz.com
2    108.138.26.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-101.fra56.r.cloudfront.net
cdn.adswizz.com
delivery-cdn-cf.adswizz.com
1    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
8    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    172.240.155.108 (United States)

ASN7979 (SERVERS-COM, US)
sync.colossusssp.com
5    69.166.1.66 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
3    34.250.238.79 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-238-79.eu-west-1.compute.amazonaws.com
dpm.demdex.net
4    104.18.24.18 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
7    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
8    18.184.107.13 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-107-13.eu-central-1.compute.amazonaws.com
x.bidswitch.net
7    37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
5    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
5    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
38    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
googleads4.g.doubleclick.net
19    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    54.194.163.10 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-163-10.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
3    69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com
tags.bluekai.com
x.dlx.addthis.com
3    185.86.138.152 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    54.155.252.188 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-252-188.eu-west-1.compute.amazonaws.com
beacon.krxd.net
2    52.48.146.251 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-146-251.eu-west-1.compute.amazonaws.com
ad.360yield.com
match.360yield.com
5    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadm.exelator.com
loada.exelator.com
1    216.46.185.183 (Denver, United States)

ASN13649 (ASN-FLEXENTIAL, US)
global.ib-ibi.com
12    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
usermatch.targeting.unrulymedia.com
sync.1rx.io
sync.targeting.unrulymedia.com
1    52.30.88.129 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-88-129.eu-west-1.compute.amazonaws.com
aa.agkn.com
2    34.251.59.251 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-59-251.eu-west-1.compute.amazonaws.com
synchroscript.deliveryengine.adswizz.com
4    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
5    54.83.245.159 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-245-159.compute-1.amazonaws.com
i.liadm.com
4    13.32.27.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-99.fra56.r.cloudfront.net
live.rezync.com
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
2    35.214.198.34 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 34.198.214.35.bc.googleusercontent.com
csync.loopme.me
2    2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
pubmatic-match.dotomi.com
1    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
1    2a05:d018:cc3:fe04:ef27:6a58:cfcf:8169 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
1    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    52.95.115.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
15    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    85.114.159.93 (Mossingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    3.126.233.203 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-233-203.eu-central-1.compute.amazonaws.com
sonata-notifications.taptapnetworks.com
1    54.209.88.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-88-56.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
5    52.51.216.150 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-216-150.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    70.42.32.255 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    173.231.181.122 (United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
2    213.155.156.168 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
4    3.90.125.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-90-125-107.compute-1.amazonaws.com
a.audrte.com
3    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
1    2a05:d018:d29:3605:83a3:afc2:1d9d:ef7d (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
3    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    64.227.64.62 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    141.94.242.226 (France)

ASN16276 (OVH, FR)
PTR: bixel-3.cloudy.ovh
green.erne.co
4    141.94.171.214 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-8.cloudy.ovh
pixel-eu.onaudience.com
4    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    23.88.86.2 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.2.86.88.23.clients.your-server.de
matching.truffle.bid
2    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
4    77.243.51.121 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
4    146.59.148.16 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-2.cloudy.ovh
pixel.onaudience.com
2    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
3    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
8    144.76.104.53 (None, )

ASN- ()
hal9000.redintelligence.net
4    46.4.10.49 (None, )

ASN- ()
hal90001.redintelligence.net
4    138.201.63.117 (None, )

ASN- ()
hal90003.redintelligence.net
6    145.239.193.130 (None, )

ASN- ()
pv.medialead.de
2    3.124.138.165 (None, )

ASN- ()
t23.intelliad.de
2    94.23.99.218 (None, )

ASN- ()
medialead.de
Apex Domain
Subdomains		 Transfer
307 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
a639388eb0b206709f754fab04bf1cab.safeframe.googlesyndication.com
0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com
3 MB
199 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
ad.doubleclick.net — Cisco Umbrella Rank: 173
bid.g.doubleclick.net — Cisco Umbrella Rank: 1020
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 443
2 MB
109 rubiconproject.com
ads.rubiconproject.com — Cisco Umbrella Rank: 2373
fastlane.rubiconproject.com — Cisco Umbrella Rank: 563
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3219
beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 9971
pixel.rubiconproject.com — Cisco Umbrella Rank: 409
token.rubiconproject.com — Cisco Umbrella Rank: 504
eus.rubiconproject.com — Cisco Umbrella Rank: 662
515 KB
75 brightspotcdn.com
ewscripps.brightspotcdn.com — Cisco Umbrella Rank: 37341
3 MB
64 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 588
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 581
image2.pubmatic.com — Cisco Umbrella Rank: 1116
image6.pubmatic.com — Cisco Umbrella Rank: 967
simage2.pubmatic.com — Cisco Umbrella Rank: 959
simage4.pubmatic.com — Cisco Umbrella Rank: 1354
205 KB
50 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 966
usermatch.targeting.unrulymedia.com — Cisco Umbrella Rank: 5163
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1343
6 KB
41 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
2 MB
41 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 261
acdn.adnxs.com — Cisco Umbrella Rank: 663
secure.adnxs.com — Cisco Umbrella Rank: 542
133 KB
38 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 570
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 513
dsum.casalemedia.com — Cisco Umbrella Rank: 1698
21 KB
33 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 2410
951 KB
28 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 2334
sync.go.sonobi.com — Cisco Umbrella Rank: 1111
26 KB
28 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1090
1x1.a-mo.net — Cisco Umbrella Rank: 3213
924 B
27 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3968
casale-match.dotomi.com — Cisco Umbrella Rank: 3530
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4048
6 KB
24 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 754
9 KB
22 2mdn.net
gcdn.2mdn.net — Cisco Umbrella Rank: 1392
r4---sn-5go7ynld.c.2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 344
303 KB
18 saambaa.com
saambaa.com — Cisco Umbrella Rank: 21904
api.saambaa.com — Cisco Umbrella Rank: 24002
332 KB
16 redintelligence.net
hal9000.redintelligence.net
hal90001.redintelligence.net
hal90003.redintelligence.net
88 KB
11 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 334
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 657
aax.amazon-adsystem.com — Cisco Umbrella Rank: 426
s.amazon-adsystem.com — Cisco Umbrella Rank: 328
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1086
74 KB
9 google.com
www.google.com — Cisco Umbrella Rank: 2
3 KB
9 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
region1.google-analytics.com — Cisco Umbrella Rank: 2250
63 KB
9 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
161 KB
8 medialead.de
pv.medialead.de
medialead.de
4 KB
8 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 19201
pixel.onaudience.com — Cisco Umbrella Rank: 3315
4 KB
8 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 387
3 KB
8 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 402
1 KB
8 adform.net
cm.adform.net — Cisco Umbrella Rank: 1279
c1.adform.net — Cisco Umbrella Rank: 643
dmp.adform.net — Cisco Umbrella Rank: 3616
4 KB
7 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 649
3 KB
7 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 602
4 KB
7 gstatic.com
csi.gstatic.com
fonts.gstatic.com
32 KB
7 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
imasdk.googleapis.com — Cisco Umbrella Rank: 498
136 KB
7 serverbid.com
e.serverbid.com — Cisco Umbrella Rank: 3977
sync.serverbid.com — Cisco Umbrella Rank: 12519
x.serverbid.com — Cisco Umbrella Rank: 14946
2 KB
7 turnto23.com
www.turnto23.com — Cisco Umbrella Rank: 804301
413 KB
6 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1348
pixel.quantserve.com — Cisco Umbrella Rank: 1147
cms.quantserve.com — Cisco Umbrella Rank: 929
20 KB
6 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 659
eb2.3lift.com — Cisco Umbrella Rank: 434
2 KB
6 typekit.net
use.typekit.net — Cisco Umbrella Rank: 560
p.typekit.net — Cisco Umbrella Rank: 722
69 KB
6 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 385
117 KB
5 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 624
3 KB
5 liadm.com
i.liadm.com — Cisco Umbrella Rank: 617
3 KB
5 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 2048
loada.exelator.com — Cisco Umbrella Rank: 31389
4 KB
5 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1000
5 KB
5 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 646
2 KB
5 adswizz.com
synchrobox.adswizz.com — Cisco Umbrella Rank: 9038
cdn.adswizz.com — Cisco Umbrella Rank: 14184
synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 3134
delivery-cdn-cf.adswizz.com — Cisco Umbrella Rank: 5552
21 KB
5 33across.com
ssc.33across.com — Cisco Umbrella Rank: 4057
lexicon.33across.com — Cisco Umbrella Rank: 1726
ssc-cms.33across.com — Cisco Umbrella Rank: 1180
871 B
5 openx.net
rtb.openx.net — Cisco Umbrella Rank: 912
us-u.openx.net — Cisco Umbrella Rank: 547
ewscripps-d.openx.net — Cisco Umbrella Rank: 79331
888 B
5 ewscloud.com
api.ewscloud.com — Cisco Umbrella Rank: 48034
static.ewscloud.com — Cisco Umbrella Rank: 64386
videoads.ewscloud.com — Cisco Umbrella Rank: 167391
535 KB
5 btloader.com
btloader.com — Cisco Umbrella Rank: 1081
api.btloader.com — Cisco Umbrella Rank: 1150
9 KB
5 media.net
hbx.media.net — Cisco Umbrella Rank: 1291
hblg.media.net — Cisco Umbrella Rank: 2435
c21lg-d.media.net — Cisco Umbrella Rank: 2697
138 KB
4 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1270
2 KB
4 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 985
s.tribalfusion.com — Cisco Umbrella Rank: 2451
2 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2979
3 KB
4 turn.com
d.turn.com — Cisco Umbrella Rank: 1513
ad.turn.com — Cisco Umbrella Rank: 1024
2 KB
4 rezync.com
live.rezync.com — Cisco Umbrella Rank: 2003
3 KB
4 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 753
cdn.indexww.com — Cisco Umbrella Rank: 1795
3 KB
4 azureedge.net
saambaa-static.azureedge.net — Cisco Umbrella Rank: 27228
89 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 952
2 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 22832
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 27465
899 B
3 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 898
1 KB
3 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1073
sync.crwdcntrl.net — Cisco Umbrella Rank: 1011
891 B
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 242
3 KB
3 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 363
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 491
589 B
3 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1200
879 B
3 qualtrics.com
zn5mw1rvkaqsbsmp4wvw-newsy.siteintercept.qualtrics.com
siteintercept.qualtrics.com — Cisco Umbrella Rank: 1100
26 KB
3 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1214
131 KB
2 intelliad.de
t23.intelliad.de
1 KB
2 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4613
681 B
2 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3540
673 B
2 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 7788
2 erne.co
green.erne.co — Cisco Umbrella Rank: 31844
824 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5121
560 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 782
770 B
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1165
485 B
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 445
140 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 761
match.360yield.com — Cisco Umbrella Rank: 2517
397 B
2 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 734
817 B
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1584
326 B
2 a2z.com
prod.tahoe-analytics.publishers.advertising.a2z.com — Cisco Umbrella Rank: 4398
375 B
2 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1263
1 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 373
8 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1176
1 KB
2 sitescout.com
pixel.sitescout.com — Cisco Umbrella Rank: 4189
pixel-sync.sitescout.com — Cisco Umbrella Rank: 847
378 B
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 179
3 KB
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 3328
p1.parsely.com — Cisco Umbrella Rank: 2550
24 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 187
89 KB
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2536
555 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6854
277 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1504
283 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 6415
368 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2092
553 B
1 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 637
379 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 915
1 KB
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 6982
345 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1617
524 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 648
363 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1703
424 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1495
181 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 587
501 B
1 ib-ibi.com
global.ib-ibi.com — Cisco Umbrella Rank: 2273
72 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 903
338 B
1 addthis.com
x.dlx.addthis.com — Cisco Umbrella Rank: 1732
182 B
1 colossusssp.com
sync.colossusssp.com — Cisco Umbrella Rank: 1619
202 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 913
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4701
235 B
1 amazonaws.com
dhukrzx4tb.execute-api.us-east-2.amazonaws.com — Cisco Umbrella Rank: 98713
1 google.de
www.google.de — Cisco Umbrella Rank: 6147
408 B
1 analyticssystems.net
analyticssystems.net — Cisco Umbrella Rank: 12514
526 B
1 scrippsdigital.com
assets.scrippsdigital.com — Cisco Umbrella Rank: 49214
4 KB
1 cloudfront.net
d3plfjw9uod7ab.cloudfront.net
24 KB
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
1296 110
Domain Requested by
233 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com
saambaa.com
pagead2.googlesyndication.com
www.turnto23.com
www.googletagservices.com
tagan.adlightning.com
0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com
77 securepubads.g.doubleclick.net www.turnto23.com
d3plfjw9uod7ab.cloudfront.net
securepubads.g.doubleclick.net
www.googletagservices.com
86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com
saambaa.com
tagan.adlightning.com
75 ewscripps.brightspotcdn.com www.turnto23.com
66 tpc.googlesyndication.com d3plfjw9uod7ab.cloudfront.net
86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com
imasdk.googleapis.com
tpc.googlesyndication.com
tagan.adlightning.com
0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com
45 targeting.unrulymedia.com saambaa.com
42 googleads.g.doubleclick.net tagan.adlightning.com
0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com
41 www.googletagservices.com securepubads.g.doubleclick.net
tagan.adlightning.com
0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com
www.turnto23.com
40 eus.rubiconproject.com ads.rubiconproject.com
eus.rubiconproject.com
saambaa.com
www.turnto23.com
39 cm.g.doubleclick.net 32 redirects googleads.g.doubleclick.net
38 googleads4.g.doubleclick.net tagan.adlightning.com
35 ib.adnxs.com 3 redirects ads.rubiconproject.com
saambaa.com
googleads.g.doubleclick.net
acdn.adnxs.com
33 tagan.adlightning.com saambaa.com
tagan.adlightning.com
0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com
25 prebid.a-mo.net saambaa.com
25 fastlane.rubiconproject.com ads.rubiconproject.com
saambaa.com
25 web.hb.ad.cpe.dotomi.com ads.rubiconproject.com
saambaa.com
24 ap.lijit.com saambaa.com
sync.serverbid.com
23 apex.go.sonobi.com saambaa.com
23 hbopenbid.pubmatic.com saambaa.com
22 htlb.casalemedia.com saambaa.com
21 token.rubiconproject.com 1 redirects eus.rubiconproject.com
19 s0.2mdn.net www.turnto23.com
tagan.adlightning.com
17 beacon-ams3.rubiconproject.com tagan.adlightning.com
15 simage2.pubmatic.com ads.pubmatic.com
14 saambaa.com www.turnto23.com
saambaa.com
10 image2.pubmatic.com googleads.g.doubleclick.net
ads.pubmatic.com
10 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
9 www.google.com d3plfjw9uod7ab.cloudfront.net
tagan.adlightning.com
0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com
9 www.googletagmanager.com www.turnto23.com
www.googletagmanager.com
8 hal9000.redintelligence.net tagan.adlightning.com
hal90001.redintelligence.net
hal90003.redintelligence.net
8 x.bidswitch.net 6 redirects
8 match.adsrvr.org sync.serverbid.com
saambaa.com
ssum-sec.casalemedia.com
ads.pubmatic.com
8 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
saambaa.com
cdn.jsdelivr.net
7 sync.1rx.io 7 redirects
7 bh.contextweb.com 4 redirects googleads.g.doubleclick.net
7 image6.pubmatic.com 1 redirects googleads.g.doubleclick.net
ads.pubmatic.com
7 www.turnto23.com ewscripps.brightspotcdn.com
6 pv.medialead.de tagan.adlightning.com
www.turnto23.com
6 c1.adform.net 4 redirects ads.pubmatic.com
6 ads.pubmatic.com saambaa.com
sync.serverbid.com
ads.pubmatic.com
6 cdn.cookielaw.org www.turnto23.com
cdn.cookielaw.org
d3plfjw9uod7ab.cloudfront.net
5 match.prod.bidr.io 5 redirects
5 i.liadm.com 5 redirects
5 p.rfihub.com 5 redirects
5 creativecdn.com 5 redirects
5 sync.go.sonobi.com sync.serverbid.com
5 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
5 0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
tagan.adlightning.com
5 csi.gstatic.com imasdk.googleapis.com
securepubads.g.doubleclick.net
5 fonts.googleapis.com 86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com
saambaa.com
hal90001.redintelligence.net
hal90003.redintelligence.net
5 use.typekit.net www.turnto23.com
use.typekit.net
4 hal90003.redintelligence.net 1 redirects www.turnto23.com
tagan.adlightning.com
hal90003.redintelligence.net
4 hal90001.redintelligence.net 1 redirects www.turnto23.com
tagan.adlightning.com
hal90001.redintelligence.net
4 pixel.onaudience.com 4 redirects
4 uipglob.semasio.net 2 redirects
4 pixel-eu.onaudience.com 4 redirects
4 a.audrte.com 3 redirects ads.pubmatic.com
4 live.rezync.com 4 redirects
4 s.amazon-adsystem.com 2 redirects ssum-sec.casalemedia.com
4 sync.targeting.unrulymedia.com 3 redirects googleads.g.doubleclick.net
4 x.serverbid.com sync.serverbid.com
ads.pubmatic.com
4 eb2.3lift.com 2 redirects ads.rubiconproject.com
googleads.g.doubleclick.net
4 saambaa-static.azureedge.net www.turnto23.com
saambaa.com
4 api.saambaa.com saambaa.com
4 prebid-a.rubiconproject.com ads.rubiconproject.com
3 simage4.pubmatic.com ads.pubmatic.com
3 loada.exelator.com 3 redirects
3 ad.turn.com 3 redirects
3 um.simpli.fi 2 redirects ads.pubmatic.com
3 secure.adnxs.com 3 redirects
3 rtb-csync.smartadserver.com 1 redirects googleads.g.doubleclick.net
3 dpm.demdex.net 1 redirects googleads.g.doubleclick.net
sync.serverbid.com
3 acdn.adnxs.com ads.rubiconproject.com
saambaa.com
3 1x1.a-mo.net
3 partner.googleadservices.com pagead2.googlesyndication.com
tagan.adlightning.com
3 ssc.33across.com ads.rubiconproject.com
3 api.btloader.com btloader.com
3 hbx.media.net d3plfjw9uod7ab.cloudfront.net
www.turnto23.com
hbx.media.net
3 c.amazon-adsystem.com www.turnto23.com
c.amazon-adsystem.com
3 use.fontawesome.com www.turnto23.com
use.fontawesome.com
2 medialead.de 2 redirects
2 t23.intelliad.de www.turnto23.com
tagan.adlightning.com
2 ads.playground.xyz 2 redirects
2 mwzeom.zeotap.com ads.pubmatic.com
2 matching.truffle.bid ads.pubmatic.com
2 s.tribalfusion.com ads.pubmatic.com
2 a.tribalfusion.com 2 redirects
2 green.erne.co 2 redirects
2 cr.frontend.weborama.fr 2 redirects
2 sync.crwdcntrl.net 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 cdn.indexww.com ssum-sec.casalemedia.com
2 cms.quantserve.com 2 redirects
2 csync.loopme.me 2 redirects
2 idsync.rlcdn.com ssum-sec.casalemedia.com
2 synchroscript.deliveryengine.adswizz.com 1 redirects cdn.adswizz.com
2 loadm.exelator.com 2 redirects
2 tags.bluekai.com 1 redirects googleads.g.doubleclick.net
2 js-sec.indexww.com saambaa.com
2 ups.analytics.yahoo.com googleads.g.doubleclick.net
ads.pubmatic.com
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 prod.tahoe-analytics.publishers.advertising.a2z.com c.amazon-adsystem.com
2 pixel.quantserve.com www.turnto23.com
2 rules.quantcount.com secure.quantserve.com
2 secure.quantserve.com www.turnto23.com
2 r4---sn-5go7ynld.c.2mdn.net
2 cdn.jsdelivr.net saambaa.com
2 fonts.gstatic.com fonts.googleapis.com
2 imasdk.googleapis.com 86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com
2 videoads.ewscloud.com securepubads.g.doubleclick.net
2 86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com securepubads.g.doubleclick.net
d3plfjw9uod7ab.cloudfront.net
2 siteintercept.qualtrics.com d3plfjw9uod7ab.cloudfront.net
siteintercept.qualtrics.com
2 e.serverbid.com ads.rubiconproject.com
2 tlx.3lift.com ads.rubiconproject.com
2 rtb.openx.net ads.rubiconproject.com
2 aax.amazon-adsystem.com c.amazon-adsystem.com
2 ad-delivery.net www.turnto23.com
2 api.ewscloud.com ewscripps.brightspotcdn.com
2 btloader.com 1 redirects www.turnto23.com
2 sb.scorecardresearch.com www.turnto23.com
2 connect.facebook.net www.turnto23.com
connect.facebook.net
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 pixel-sync.sitescout.com ads.pubmatic.com
1 pr-bh.ybp.yahoo.com ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 t.adx.opera.com 1 redirects
1 b1sync.zemanta.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 sonata-notifications.taptapnetworks.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 aax-eu.amazon-adsystem.com ads.pubmatic.com
1 dis.criteo.com ads.pubmatic.com
1 delivery-cdn-cf.adswizz.com synchroscript.deliveryengine.adswizz.com
1 s.company-target.com 1 redirects
1 d.adroll.com ssum-sec.casalemedia.com
1 d.turn.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 aa.agkn.com googleads.g.doubleclick.net
1 usermatch.targeting.unrulymedia.com 1 redirects
1 global.ib-ibi.com googleads.g.doubleclick.net
1 match.360yield.com googleads.g.doubleclick.net
1 ad.360yield.com googleads.g.doubleclick.net
1 beacon.krxd.net googleads.g.doubleclick.net
1 x.dlx.addthis.com googleads.g.doubleclick.net
1 bcp.crwdcntrl.net googleads.g.doubleclick.net
1 sync.colossusssp.com sync.serverbid.com
1 onetag-sys.com sync.serverbid.com
1 cdn.adswizz.com sync.serverbid.com
1 synchrobox.adswizz.com sync.serverbid.com
1 ewscripps-d.openx.net ads.rubiconproject.com
1 ssc-cms.33across.com ads.rubiconproject.com
1 sync.serverbid.com ads.rubiconproject.com
1 lexicon.33across.com ads.rubiconproject.com
1 pixel.rubiconproject.com googleads.g.doubleclick.net
1 cm.adform.net googleads.g.doubleclick.net
1 ad.yieldlab.net googleads.g.doubleclick.net
1 a639388eb0b206709f754fab04bf1cab.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 static.ewscloud.com
1 dhukrzx4tb.execute-api.us-east-2.amazonaws.com d3plfjw9uod7ab.cloudfront.net
1 c21lg-d.media.net hbx.media.net
1 www.google.de
1 zn5mw1rvkaqsbsmp4wvw-newsy.siteintercept.qualtrics.com d3plfjw9uod7ab.cloudfront.net
1 ad.doubleclick.net www.turnto23.com
1 stats.g.doubleclick.net www.google-analytics.com
1 region1.google-analytics.com www.googletagmanager.com
1 hblg.media.net www.turnto23.com
1 p1.parsely.com www.turnto23.com
1 pixel.sitescout.com www.turnto23.com
1 config.aps.amazon-adsystem.com d3plfjw9uod7ab.cloudfront.net
1 cdn.parsely.com www.turnto23.com
1 p.typekit.net use.typekit.net
1 ads.rubiconproject.com d3plfjw9uod7ab.cloudfront.net
1 analyticssystems.net www.turnto23.com
1 assets.scrippsdigital.com www.turnto23.com
1 d3plfjw9uod7ab.cloudfront.net www.turnto23.com
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 sync.search.spotxchange.com Failed googleads.g.doubleclick.net
1296 187
Subject Issuer Validity Valid
*.scrippsnationalnews.com
Amazon RSA 2048 M02		 2022-12-20 -
2024-01-18		 a year crt.sh
ewscripps.brightspotcdn.com
Amazon RSA 2048 M01		 2023-03-31 -
2024-04-28		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2023-04-01 -
2024-03-31		 a year crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-21 -
2024-10-21		 a year crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
*.scrippsdigital.com
Amazon RSA 2048 M01		 2023-06-09 -
2024-07-07		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-25		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-08-02 -
2023-10-31		 3 months crt.sh
*.parsely.com
Amazon RSA 2048 M02		 2023-05-06 -
2024-06-03		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.ewscloud.com
Amazon RSA 2048 M03		 2023-08-15 -
2024-09-12		 a year crt.sh
api.btloader.com
GTS CA 1D4		 2023-10-10 -
2024-01-08		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-06-09 -
2024-07-10		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2023-08-30 -
2023-11-28		 3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.consumableaudio.com
R3		 2023-08-15 -
2023-11-13		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.qualtrics.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-27 -
2024-03-26		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.execute-api.us-east-2.amazonaws.com
Amazon RSA 2048 M01		 2023-06-01 -
2024-06-29		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.saambaa.com
Go Daddy Secure Certificate Authority - G2		 2023-04-03 -
2024-05-04		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
quantserve.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
*.adlightning.com
Amazon RSA 2048 M01		 2023-07-08 -
2024-08-05		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2023-10-10 -
2023-12-19		 2 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2023-07-16 -
2024-07-16		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-10 -
2024-05-10		 a year crt.sh
*.a-mo.net
R3		 2023-10-06 -
2024-01-04		 3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
prod.tahoe-analytics.publishers.advertising.a2z.com
Amazon RSA 2048 M01		 2023-02-21 -
2024-03-21		 a year crt.sh
teads.tv
R3		 2023-10-09 -
2024-01-07		 3 months crt.sh
lexicon.33across.com
GTS CA 1D4		 2023-10-01 -
2023-12-30		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
sync.serverbid.com
Amazon RSA 2048 M02		 2023-03-22 -
2024-04-19		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.adswizz.com
Amazon RSA 2048 M02		 2023-06-21 -
2024-07-19		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.colossusssp.com
Go Daddy Secure Certificate Authority - G2		 2023-09-08 -
2024-10-09		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh
*.deliveryengine.adswizz.com
Amazon RSA 2048 M02		 2023-02-09 -
2024-02-13		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2023-10-09 -
2024-11-07		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.iprom.net
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02		 2023-10-08 -
2024-11-06		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
truffle.bid
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
redintelligence.net
R3		 2023-10-10 -
2024-01-08		 3 months crt.sh
pv.medialead.de
R3		 2023-10-12 -
2024-01-10		 3 months crt.sh
*.intelliad.de
Thawte TLS RSA CA G1		 2023-07-31 -
2024-08-30		 a year crt.sh

This page contains 165 frames:

Primary Page: https://www.turnto23.com/
Frame ID: A18EF3F02F8940F5170FE919BD9C6AE9
Requests: 174 HTTP requests in this frame

Frame: https://hbx.media.net/checksync.php?cid=8CU6Q6626&cs=1&cv=37&hb=1&vsSync=1&prvid=23%2C29%2C38%2C54%2C58%2C59%2C71%2C75%2C79%2C80%2C96%2C97%2C102%2C106%2C108%2C117%2C126%2C141%2C147%2C159%2C175%2C178%2C201%2C203%2C226%2C229%2C239%2C246%2C251%2C261%2C262%2C273%2C294%2C326%2C339%2C345%2C445%2C450%2C459%2C461%2C2026%2C2027%2C2030%2C2034%2C3007%2C3010%2C3012%2C3016%2C3017%2C3018&refUrl=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0&ckdel=0&gpp=&gpp_sid=
Frame ID: 3C86D1EF18CFFFDE18AD104316F18915
Requests: 2 HTTP requests in this frame

Frame: https://86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5175094A0CD0FE0C958980D9BE9BD1E2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AB7DEF834E89A9CDBF2773FFDC3204CD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0C6B55797B2BFA824223466D14B08883
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvom0K3xf6aJpgMLshlZ17rimP915QvmkP5D7UD_3Yr4IX0iLNClgOCOffS3YrD8_pbgohDjZV0kAokpM7bKmC2VzYxJ35lXdD9PPPkxYqrL5gEFPZCe77gTnkt592p5_9-EHFaAizt0-tPMUzDOGNB0J2q2nymmQvulyUPMJJ3pMiYDZ2DFSW8p-lS7BRju_zcVrrcJqXyUC1RoofcnBGUcYFv4wOUzJG1wOoUtC741bOEQVxEB_k_QTjrgE0Ty8VylvSTGN8793ZW2VPlGR7Vnp69FYoHKAuyB60FhmIlKZzqyND1joASsy9s8nfKSpbajTSFRwfbmo_XVahXJ3oXnzUrFRlgPYw6jqkDXM-EGUz0-6Q&sai=AMfl-YSBTetu5zf1MkqLK0F0J5BqkYlUUZyC5jPCCIcbSNmTkpkBQ5CfE8DUIhe-6BbbRoFpZofvlsaksNH3Q4A8My94XovO3UVHnZTWMHxGbu_7KlTAgtlWhiMhJnX9kpmDSbESl-EcDRTlZtdU15s&sig=Cg0ArKJSzAjNdjr8z95xEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: EF70C87B39D4CB12EAB0236893941BC6
Requests: 164 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYsCxzA5TgxIyMQgmAjJIKsI-epKNQwyNodnHaDNPnmNFl4j_sZFmeXp8nOWnDTjD-eDJFJbjTe4JpS7pobrqiQrrSAeSD-F1GQUF4HK7x3tuAvEJyIUj0KHhduemQsJt6k-lyYxItMVOwc3bR0UWYhTYE84oELHzfg21mmx3CJ1Cy2gpHBFfHCLN0ZFP5P8gIKpdZZwD9UFux4VgfTy0sgNTbuBSzhCUcs-vM9Sw83Amr_n_OujI9s5FwuorORENQeUHblZMsJ_RWHR0g2CFlryM77XK8hk8C_vm_lNlK02wCG3B8wGYprhSZ3mY96UXWYhb55M9emXmxyHHP2LlTUcXtBO9sYY2kLynTl-lWvSuKoEl7&sai=AMfl-YQsZ2VfuN0ud6MZ2yQMMfuZ_YpRRcwvashZ93lCGwNZDZQxZN7To6-4zwUe0UWT5YZHFlALACvPr02gkYR_urmxk_LbXTq0-5FsbN370G7I3CaxTHGYW7bHnuQ63jE-guYW0ugMTbjkPjNCX78s&sig=Cg0ArKJSzGrTpN1-CgLREAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: EE06EE0FCA4F3FE8A6E904583655C2AC
Requests: 152 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv5iXDCFJEqUmU5DbIkTF4hW_El3UcXaPwv9e3XGeu8XMlW-vnA_I1iFRD5FzzZ5Qh_xLLlHiwIsl79iQ7WHT9x_Kyj0KSeHgDC_RUq7ZHEc09xUrObtrlFiV2umt7zqcT7C1MlnGASrOsbjBfo7u-EnzWYgaskVHhAd-yXfBmDfCLt7WoKMhQhijWtXz4x5J3kQC8o-eofJfkBNuYFZMtZfAaPeFzR_rTS7jua22VYohYC2yxb65Sf6tqcV3crguhD-_jYqKX98Q1MOTTV2gdQMzY41AY9aJAGJVh2jJRs42LRzGF5-0jgfNpEDj0iaLgmi9VAcxKo3QcbSlHN5MD7-80Dam8-hCwNzLFLp6TNlekgcCCU-ZoqRDKGUkRP0g&sai=AMfl-YSxlQxUfPQIo1Fm1GD1gyu2u5qzZIq-Pwg4qsoBwvoVMV8R2xjNYGNXxtlIkh2i_26_BBUzC_C8ZH72V0WaALEGgkSrip-zAeo9fK1o5H5-WctQL7_IoOzA5c9fFPKRsq7Mgt62kiBdlhZS-Ir1&sig=Cg0ArKJSzBw2sN6agpqaEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: C3B2D8DA0425F2E2F5A1CC4D8D3C37B6
Requests: 5 HTTP requests in this frame

Frame: https://86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BF598A59921818C36B931340478E2F88
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 5BDF0C3404160937C882B7B1620458FD
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231019/r20190131/zrt_lookup.html
Frame ID: F07314624823175C8BBB1564B8C2908D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6200089548495652&output=html&adk=1812271804&adf=3279755400&lmt=1698112256&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x540_l%7C212x540_r&format=0x0&url=https%3A%2F%2Fwww.turnto23.com%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698119455942&bpp=10&bdt=1387&idt=563&shv=r20231019&mjsv=m202310180101&ptt=9&saldr=aa&cookie=ID%3De50e849b35181897%3AT%3D1698119454%3ART%3D1698119454%3AS%3DALNI_Mb5-AwItlY21SH9fpmhb-BfN2L0Xw&gpic=UID%3D00000ca185f196c1%3AT%3D1698119454%3ART%3D1698119454%3AS%3DALNI_MZ3lXs6HWnz-gMYNjwKFORAKht3QA&nras=1&correlator=5899886685643&frm=23&ife=4&pv=2&ga_vid=1990415797.1698119454&ga_sid=1698119457&ga_hid=2120292015&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=728&ish=90&ifk=3773104044&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31078019%2C44805113%2C44805533%2C44805934%2C44806737%2C31078297%2C31079012%2C44806141&oid=2&pvsid=530274199045409&tmod=677431818&uas=0&nvt=1&fsapi=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.7atj4yn12goa&btvi=1&fsb=1&dtd=616
Frame ID: 7F9915EBE053C6D0EE134A2B17C57589
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6200089548495652&output=html&adk=1812271804&adf=3279755403&lmt=1698112256&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x540_l%7C212x540_r&format=0x0&url=https%3A%2F%2Fwww.turnto23.com%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698119456313&bpp=3&bdt=1598&idt=267&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&cookie=ID%3De50e849b35181897%3AT%3D1698119454%3ART%3D1698119454%3AS%3DALNI_Mb5-AwItlY21SH9fpmhb-BfN2L0Xw&gpic=UID%3D00000ca185f196c1%3AT%3D1698119454%3ART%3D1698119454%3AS%3DALNI_MZ3lXs6HWnz-gMYNjwKFORAKht3QA&nras=1&correlator=5899886685643&frm=23&ife=4&pv=1&ga_vid=1990415797.1698119454&ga_sid=1698119457&ga_hid=282875182&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=728&ish=90&ifk=2754386938&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077328%2C44805112%2C44805533%2C44805914%2C44805932%2C44806737%2C31078297%2C44803793%2C44806141&oid=2&pvsid=2815794612805761&tmod=227490395&uas=0&nvt=1&fsapi=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.jxm8jziqhh8v&fsb=1&dtd=289
Frame ID: CA6A72B90A6EC6B272F497D77A3FE32C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E4742DCB2CB54306D77D4051CCF28369
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 375B8CD6DD8FF47790C0E2D701673F4F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 27E31B1304616565BCE63FAF53C7CC6F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D17095485BFB6AEE37868B203B1C3B2E
Requests: 2 HTTP requests in this frame

Frame: https://a639388eb0b206709f754fab04bf1cab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 1B9FA4064CB4336C89CDC5BBBF19786F
Requests: 1 HTTP requests in this frame

Frame: https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: E7837852F23DA860F4D93E1F6CA46B60
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Frame ID: 1A2B9B37AE18B63ED1D434725C9DBA03
Requests: 24 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Frame ID: FBB1F3382C5C99B92DA20CE5ECAAB988
Requests: 20 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Frame ID: 0E6525C53C2A24A5504732CC7E0851DA
Requests: 20 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Frame ID: 4EEE39681D3B1E0424413437E583C856
Requests: 24 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Frame ID: 455FCA35BB643175109CDBDC79A1932D
Requests: 20 HTTP requests in this frame

Frame: https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: F29C4DB3DC26E9BA4FB661EC3E124420
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNW_vRy65imeUP7vc65vA0eesdgPlOxflawl43GTDKHHksPBALugqYCDolM97DfbnhXf2ZAOF2rFtpg59ptSeTh4RK7nsGKEOgAW8MkvHDifG2VUOC9zIHauaiwGMHowhFgE9WosAuRAR9s5kptCqUdNe0pWFyDz7Cb2WHeAYb1ByiYdXyE
Frame ID: 5F05E0DB4704BAE589A6FFF2E134FEA6
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNW7jbA6MaJgp1mM79DU_ip711lUDUdQK9cxzudTWj0oPaDAE3YkhZCZE6QwZ1YwMrJgWPfD1lZXIF5q-MBj228kP4dZpYX1VfVuPowq1ysiKCKeMJ2i0HUDAozRJL5rDp0teeV5h0ZMMa77ZdBZM_z083jOM9AHB4heoQNkYXzbV1D1VTA
Frame ID: 993E475423FCB2971F90063C078988DF
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNWooYYBwITSZFUXinDUOOJ5ULFVeZh_IvZDgV5a8MuOdYkzpjKi0DyyTpjPE5WpSW74hhLig5zu7ArSLVWqIuJbvarm4dtmpN5VC9ZdyvX23HyF5Ka1aqdq6eJGF6SJ45KC3y-rJf1I54ByyP3X_uUY6d3LytkdCzFUuXkHWiJcAzSac_Q
Frame ID: A3407220F369DB18D4D4B5D5E6CCA1C9
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNUV2ZOub46kklzPXFbq0nBl47oM7eZNb3H7hLwRyySvArsb1w3wBbN294oClqbquhFQAb5ihBTk7zfHGtEqAZP0V4R76yOq5F8s0A52oPE67sTBxie_-GEpGNwnpuDXuBn8AW85sW5KXFtcYwI2KP9zl5VfZXc-Q5IVbJU7EdNeJPt3fpw
Frame ID: 72B369233CB08F343CE18384A750673E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNXDr2_lwWvbzZAygpWWHC0wUFl9jPdUwIWjpYDRzsw6-KmdzPPBImPSrYlh-oS_tVziRZ1fxmaOARwCP04r6Bzay2rGF8ExR4xAVr03mK5yYZ1fKf2s8K663STXUWIkt8HUmn6qlV-plsWTrzZAqViYEL1a1nSO_9cEmPRsNk4bFZarxNw
Frame ID: 4487DB2E63CE08D30F5F45D1ADA8BEAC
Requests: 4 HTTP requests in this frame

Frame: https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 96DA79632FF90DB4A4E7DA22D86AC217
Requests: 16 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Frame ID: 1D4D9299C6FB00391E5A68B2D8E69157
Requests: 22 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Frame ID: 2E724600C5D3C4B47CB7B3B72CFCB1B3
Requests: 20 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Frame ID: 4DB5987808C53E615FE93D324EC150E4
Requests: 20 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Frame ID: 77F2DC40C2ECB2B083FDC72235260EF7
Requests: 20 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Frame ID: 26849700A40A26E8FDDBEB35EB868B21
Requests: 20 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Frame ID: E1B01398E3FC07B4936ED2A1DCF32E64
Requests: 22 HTTP requests in this frame

Frame: https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 68C056FE319F7F93D305BAB44AC8A66F
Requests: 16 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E6B89D9CBC537AD346FC99DBDF027404
Requests: 3 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000248.html
Frame ID: 81C7516C817708D4EBAD863AB7C47316
Requests: 10 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 1FC8A3B99E9E190AA88C2DA18AE8AAE6
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dSDWpmByur67OuaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&gpp=&gpp_sid=
Frame ID: 4EA23B300899C6D0DCE95DF7E9D35C9F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: E850E0D20039762B51D8023EFD420496
Requests: 3 HTTP requests in this frame

Frame: https://ewscripps-d.openx.net/w/1.0/pd
Frame ID: 45148F68E30008405C56FF0BA3F1FDB0
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Frame ID: 0E9AC3167E91866C1CEE88B5CB20F192
Requests: 9 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Frame ID: ED94E948ECC74FB9EC9390445E8D73CC
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNWvIXRt2ChVR2JC0dh30gPXiHk4-ltgFO8WQDo2MyrZkJlrHKRCMVwh2R9y38mDCt_We3qtjpPFh1oRx1SjCVjwx48doJsPUApnczzCKVP3S-rBH6M8AQqHOCSnVYYW25GM_f0BNlXY-NS04e9ZzkoQlHbLTciXA3OS6S5rVQCm0pRoRb8
Frame ID: 4967C33173A6548A6942A01A29573AC0
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNVZABvKUrbbqu_nS9qjV2MPBI_wB73GmF67OuxESQ7EzGdwgh4No6Syug4D97rOzBSXhZX83Q5u03v0uxcuYjaYZCBQ1HFPq4aRkTkvOAw2fdvCBRdTGxXgqmFB5FmYpkSO5cBCqulrxO5FJJDGgLLvBPz8ZAwqi_TauolEj9O2rgnCayk
Frame ID: B1B767482C38715600B63F55D4F257E4
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNV-vd68UxBdS7mh4WqUrQdlQb_pjsfsilq9kcRyCWa_SHvLkEfV1zIpd-VUs43aF0Ypwddop_TVAAbtvxTPHAZ-98mEAjgFE_9UsIbd_J-x1guKQ6xvq_cR6d2LWWwnrxbjnbAuq398Cjl-j0ci5mXEEt3n_MTXtuwz1lhdC99F5kR0g-s
Frame ID: 2F3F8A418BFF7605294F6E2AC57F7418
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNXsSLpIQ4-f9nMH0RB9EQr7WWib8Tx50w0q90XwFzxYFnfPTITaAEyYF4cGHuu8UqZRMmRgE1wlQlMnhZ2ZYk705MFE2rew5LXgvjf9P0BZ8fR0YFTBN6wXevlSLPkvIJWugZpmSxT1ISIkZnKHGDwBS5U4D3qSbryFeAZDAqFkJpgrMjw
Frame ID: 3490E940594E91FE6D446A82196C0EE4
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNWkkLN4FWa_7PjaxuT4SRJhbm31TOgTpUDsEP2YIhkdIH11cJWJJVspaxxcWQ_xD_YvCyaQZtyMX9j-OpbFlXXudzJeEGas1cOiyGFWEnAOCKmWszOJlv8qDYWXiFPnRtyj7cf7zlnpw2EtpuRBEA20hsKpRziKf4v4PxYI70Jc1ZY5c6U
Frame ID: 39BE4CDBA02A422A7DCEDEAD3CBE0031
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNWKSRJRBy6hufmBfgAHHWaemfWlIs3Z2YgbXGaQpVYBEHD3njXO6Sb0S7ichEHsrAB5mTVtkNNo8iEeRgv9xJkQ2N5a00lAaplbNBhw8XTFSrPn_zKbQhzHRIfnMCztX2_z98Hnc0hTu_w_C_YjEhzdZ8KRjs4RMafq9XDtItDElxX7Ljo
Frame ID: 56BCDBFED339A8B81AA3ECCA7C62126F
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: CC92E72F92909E3AD253AF37508C3707
Requests: 19 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6c68086c0c61793&gdpr=&gdpr_consent=&us_privacy=
Frame ID: 8B12046152944B8A58A952968D9BA8E5
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Frame ID: 0B31EBAAE1D3382336C17012790156D0
Requests: 22 HTTP requests in this frame

Frame: https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 3BE46CFE90221BB5DCD23D8656439FF0
Requests: 16 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Frame ID: 39B4378075675E0BAA17B59B9773FE4F
Requests: 20 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Frame ID: E6EC9BAFA389AB0236FC0A186B098B0E
Requests: 20 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 195F5053A4122F4F437FDE54BEDF5156
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Frame ID: 6038301306ACFD0076823BCCE67424AE
Requests: 8 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9473112AC8A56F8BC3B7E3D737AB302C
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 92A1968104E819306C68E2924F6A1BC3
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: FD4DE8531158FFED7A9C6242C3DE8568
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Frame ID: 62D227A124DEC47B78BACEFA933D3AEE
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 6964507DF087B5818D25B82BD531F24E
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 9E68B9E962DA1F74241EEE39364E1ECE
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 61C06EBD9286A429D15C153EFE4CEDFD
Requests: 3 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 3C46808CAA11923EE12BCC5652BB5B8F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 03E7571BEE9CC746B30B955F6BBCA9E8
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: A611E6B91BF85BAC0473EF8B3906F969
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: F0E1EAB252B80FC183A8C625ED39711A
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 0B460F237D047E639684AA495CC257C7
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNUUE35yhomTjPhw9Dtzmlj0gZXRjtykYaqvRyDNkRIuE8CTQ7h2Dyi7eoJR7kyE2cLUu-weJZpCl64gVwv508cH4Wd8Ui3HxF1HHpEcxS_Ne23uLlYJ5TJw4kzeLojc1iBg3TP_9yJiXT3eE70IZNObIhh6ZOV-m1xOk8BhxkE1VIliCQo
Frame ID: 6231C6216CEA1502CBECFC8702B9ECEA
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 2BCD70ECE371527BD8C9A66573746CEB
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNU8ueg2K63YWa8Z3_qaTRX2lNpjvX0qOG6MifEEDlpiTMJvdju4nctInEGi7bPcB5LcyaBYFu6aVv8_SFyt49-yDYBERg
Frame ID: 5D2858A8BBE1C886EC7E0576802E4957
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNU4pjE01UVtV6wHpSVY2CBIPAwxyobxfw0rlaHNpyDUu-WphsSSnw7oWKQOxJzvsUKOURMwODVnkMm18bYyXHH_BXuUxmRHUcMghwyuTvL8H_LfHauwXbUPBg4mZ5QEmSWnoTZnI0l2-a1zusxm89OUUovnx8X1nCiOYrgpLuoBGOfDWbk
Frame ID: 64F33C6E2D3646C6602D578D880EE011
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNW08YnO7vEsGjdzvvJ4OuJWxOJFkWh2TSUmrA2hbpWJCkyGKKFBsq25IzMwTnKUPfQFO0LWAtpJ1iBRqPcHYu_mZA7A1NSqSn2NlmOLBhm8bd5UYLHISJIgVDTjzwkivEPLEoBo_XlR7VloMwtIF1T13PLHXDqUlNa7Y-pEiFjzstQqadI
Frame ID: 079433A66AF64CD778288A1274F9041A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNXHI5SKIQeqyIwS7a7t8htScNAqT3jqqGaMqwuQQxI1_RWJuikkjHe72hozDYE0yVXZAErqYQ7UO2eXDld4y1ZBi2Y64zo_YvaZtqR4b4PEbfj7Je2oJAbhFqzz8iRrNYEK31adcB7_JE2S6_XEjfJHFBHU-49ZDCwERJLRtM129U5F8QU
Frame ID: C252880F665F5D4923BB6B16DD5BA6ED
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turnto23.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 0FD1A43A7F15B270DB921689A26A2A31
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turnto23.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 711EA8FB3EE35BF382E84594C80776CE
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNWdDit01XBuNsP4nHQT_lEX4VuydzDRQEcjUcDnr2BcfSCsou6RP0y-bQbzrkQv7ubHkE2RAZ67NDIhBieoXci56NxnWQ
Frame ID: 61D53CAC82EEDE4AC75AEBB2165451C0
Requests: 1 HTTP requests in this frame

Frame: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Frame ID: 5C05988A373E551314832BA68F748514
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 2D56C01AA31FD0B6C5C1D3AA420DE74A
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 3571E4C4B14AC822F1652B25C2C6578D
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 3C46BFB47A5B45381E69A754A74B6655
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 1682916C9368CC78FE16EBBDABD1C917
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: DF2573DA67546AF02ED3BF99C1F6FEFB
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNVnoce2Bq5TfDzfV11BgNaCVNy0Ii_pYm3WfHIOj7_gopya0hp9PixX0cJT2NAnLZztZk8D9Isetrlsq5dehJ3YmOVivg
Frame ID: D8AD8382F0E9AA6F1060FC1DF3428469
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: EFD66278538962360D030C259741FEEA
Requests: 3 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: FA969ECEF53987CE6AAC057AE4F3A040
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=8AE5D383-F837-45F9-BA87-CDF87E9AE850&redir=true&gdpr=0&gdpr_consent=
Frame ID: 95D9D53CF1A888BB29F8F399288B621B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=7UHx-ugS8P32QaD8uUHvrr4Q96j2QveruEJESNIR
Frame ID: E1A167D31D7D83037F3F11B138C1D177
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4312790940954201807&gdpr=0&gdpr_consent=
Frame ID: 2D861637D559D0D047D76540340914C1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7293367566882044049&gdpr=0&gdpr_consent=
Frame ID: F89A5FED02E4FD913210BACCF300DA0F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=baab58b2-68a4-4914-9c13-dab5bdc5ee08&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: F737A0DEF839DA0ABE4AABEBDC94F056
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=qyPVnmOPXyNfoHzh_CaV57Ki0Yw&gdpr=0&gdpr_consent=
Frame ID: 9C7D472BA3D78A90B92C145DC38D2B28
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZTc-KQAaN1GdCAAb
Frame ID: 9D80CF51E8EEAB98F3BED8D4AED43D8B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAA7CE7Kbn4AABg2eq4zdA&gdpr=0&gdpr_consent=
Frame ID: 1DE278BF2CCD8C0B71782E2515EEB6FA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 354E846E591149415EE4A9A9399034DB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Frame ID: 49E2446A37927C9B08970CB4EC30D9C7
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUdd961f5ab8cc4dd4b32ffe74a98e2197
Frame ID: 69A8EC1DCA3672F51869448EC82EE3DB
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 96CEEB2F52908F6697873E024644AF35
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 56C012E80A4B9B18BBD7B3195A4712EF
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=889298685119183901
Frame ID: 1FA6EECDF585FD8E19E964E12A0F5216
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5142336725909842241
Frame ID: 8AC428648CAE2C79973F4DC0F0131E6B
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 456A16ECB9E4212C7FA40B59758A0111
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: 2D521D1477031D5BE4B9F340BF9C78AA
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 356E3589A22A4FD8993306B91F4E3195
Requests: 1 HTTP requests in this frame

Frame: https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=3&spui=&dpui=8AE5D383-F837-45F9-BA87-CDF87E9AE850
Frame ID: D8C53A5380087894598792C455A6587B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 408B891C7A01E9DE47568D835001E750
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8EF28BA2FE860586831E9E7288D36D4D
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C749008DD0404209046896C7F72B2FC0
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 93911BB0CB66FBA1D7B98845B8AB7C44
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNUgKoNtt7bgCaORDoQ8izLimV3JDEDsJoyqqFcxc-8LBpfC74qz0JSwysd9PvYsz4AgzUDXlXnY3QFv0VotT3Wb1q4W8A
Frame ID: 812DA418486DBB86044134BFAC3921C1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B5CE1A858028CADCFFA0A017D90F72FF
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 748DE9D08955E584FFE3B72878226F59
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: F9853249F5EA9030D2D03D95CE122420
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 91E462B94F6B4CEACE918753E9D8EF3B
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: D69A48E59D111C0FA6F55DE3D6ED2F67
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 893625EC8BE69CE07333D97DB14B65E4
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F00B051F5AA4ED39D6079B7696253BF0
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DEE11D2FA3B518A4B7EFB2BE74EE884B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3BD39EF9CDB7D709A1A8FFB208455966
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A3ADC4392141A99FEC2EFD396164688B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E5D42F02026DECCFAE70D38917EFFD43
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 59F89DFB2130E668768238D9C65D479A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 086D03DF68A1E36D9776DF98B24AF066
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=90&slotname=RON_728x90_House&adk=3207061216&adf=3171362780&pi=t.ma~as.RON_728x90_House&w=728&lmt=1698112267&url=https%3A%2F%2Fwww.turnto23.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698119463789&bpp=1901&bdt=3942&idt=3347&shv=r20231019&mjsv=m202310180101&ptt=5&saldr=sd&cookie=ID%3De50e849b35181897-22f4cb2b01e300fb%3AT%3D1698119454%3ART%3D1698119456%3AS%3DALNI_Mb5gUuI9aS6qK2x-t47jw9hNBFWDA&gpic=UID%3D00000ca185f196c1%3AT%3D1698119454%3ART%3D1698119454%3AS%3DALNI_MZ3lXs6HWnz-gMYNjwKFORAKht3QA&correlator=5899886685643&frm=23&ife=4&pv=2&ga_vid=1990415797.1698119454&ga_sid=1698119467&ga_hid=1255673043&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1839&biw=1600&bih=1200&isw=728&ish=90&ifk=1601150885&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C44805112%2C44805533%2C44805914%2C44805933%2C44806738%2C31078301%2C44803793%2C31079012&oid=2&pvsid=2566649514969005&tmod=133986209&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.rd80pzr6434p&btvi=1&fsb=1&dtd=3371
Frame ID: 3AA09A5645B9D64EA5AE6DEBDE29D37C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D05FF8F76F7535483EF405E3C0AB825E
Requests: 3 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Frame ID: A24B86C821187EA2568887ED08A635FC
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B517A667D54645C2A45D2DF45F32DC82
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 43498A731D1C013FEEB6B28E5A62FFF0
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2DB89BBD9004C22951846556F0932E5E
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=8AE5D383-F837-45F9-BA87-CDF87E9AE850&gdpr=0&gdpr_consent=
Frame ID: E1BFE56DC3E1A4C4FD4AA34432C6CDF1
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Gp1rLOrtXYhXSQSSXSaQXWVY&gdpr=0&gdpr_consent=
Frame ID: 08E1B42740EF5C7FE712F74E17E78AD2
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 2BC71174AD1DD9274A9994132E5C2055
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: FC916849887AD4E39581FAA1A6A57264
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7A4D58EE25704C63B7D9B1C3BDCA1C17&gdpr=0&gdpr_consent=
Frame ID: 2CAC2BE728381300A6A64D86B36F5846
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ad3b9d34-cd6c-4e64-bc76-55434edc65f1-003
Frame ID: 3039EB39018D119DBC897961D97E0593
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 438CD7E8A3C08EFE7F2AFB3472A4706B
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=8AE5D383-F837-45F9-BA87-CDF87E9AE850&gdpr=0&gdpr_consent=
Frame ID: BFDD0CCC1554540164515C5662C3B984
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JaTgMXbVMTRXgjbVT&gdpr=0&gdpr_consent=
Frame ID: 0D420FB6AB264891B9A2D53DF9190D22
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: A3A165A44468C9FAEA47EDF09E2447CC
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 5A7E7D42092A59183AB071AF383528CE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7A4D58EE25704C63B7D9B1C3BDCA1C17&gdpr=0&gdpr_consent=
Frame ID: 35E1F5C02CC195053D5DC55020060AA4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ad3b9d34-cd6c-4e64-bc76-55434edc65f1-003
Frame ID: EF07F1A96AD62A30E676BF18F5ECE006
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1964B44E1CA34A7731A4F053859D52A7
Requests: 3 HTTP requests in this frame

Frame: https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=3&spui=&dpui=8AE5D383-F837-45F9-BA87-CDF87E9AE850
Frame ID: D4F1EC0FCF20898F141833B724F55C9D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=90&slotname=RON_728x90_House&adk=3207061216&adf=3171375561&pi=t.ma~as.RON_728x90_House&w=728&lmt=1698112268&url=https%3A%2F%2Fwww.turnto23.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698119467900&bpp=473&bdt=642&idt=1037&shv=r20231019&mjsv=m202310190101&ptt=5&saldr=sd&cookie=ID%3De50e849b35181897-22f4cb2b01e300fb%3AT%3D1698119454%3ART%3D1698119456%3AS%3DALNI_Mb5gUuI9aS6qK2x-t47jw9hNBFWDA&gpic=UID%3D00000ca185f196c1%3AT%3D1698119454%3ART%3D1698119454%3AS%3DALNI_MZ3lXs6HWnz-gMYNjwKFORAKht3QA&correlator=5899886685643&frm=23&ife=4&pv=1&ga_vid=1990415797.1698119454&ga_sid=1698119469&ga_hid=1502835861&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1839&biw=1600&bih=1200&isw=728&ish=90&ifk=1601150885&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C44805112%2C44805534%2C44805932%2C44806738%2C31078301%2C31079013%2C31079012&oid=2&pvsid=3997054607154673&tmod=216564388&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.a6gd2pyyfal8&btvi=1&fsb=1&dtd=1054
Frame ID: FB6D774D3AC67286082C639E85ED7807
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9480CC63C73195D8B24622B61F899ED0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 96151199E2170FD98BB5E61FD7474E08
Requests: 2 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Frame ID: DFAF90EC385B3B84449AB39DA4982D94
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5yrvGATAB&v=APEucNW1sj6srprIbaXaVoKOaqHK0b74P6go-bZOUa3N34dYjm51_59sQYZ7fjA_hPnQSN0FgDX_HzBTo2AbMJ5ANki35F8Cp2eKIBIRmTxJx9YuULBjUoT0F9gBSR2T5teG2OsYUR91I8aSyCzPRoA5clf_jS1S-83yuoxnQBc_XG_OjRDCRng
Frame ID: F9F035A23F039B471699537FF22F57F2
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Frame ID: 612D0B4B09DB27932BB54A30F4ECCF06
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5yrvGATAB&v=APEucNVGffyXAJ4DZmOtd1Gofz1wgYVMvzjTrRNQqwmUxOu5zyAoS0RgcC7FouvSoW0SN0Ni273cVgegsShIJmRHtPj6_zHvm4URZSqgc54gHEB4JBYU22eyjkx6jCagMDMSaddlPLJ0s3RByf3VYZaCAz2uto13bFLSdy8P4ldjPR2-4U4VwHA
Frame ID: EF4A5167502C7D14A62D433F6FA6DFC7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 924788489A1F24ED860BD667F14BD3D0
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 016811232CED34605F4072068DB69209
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=92804000009849004444640012487001&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 27F234C96AEF2B354491BC28013C8186
Requests: 1 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=92804000009849004444640012487001&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: FBDC3D0C5CEEAF7639A0C4687D35A221
Requests: 1 HTTP requests in this frame

Frame: https://hal90001.redintelligence.net/request_content.php?s=92804000009849004444640012487001&a=078f35f5
Frame ID: E518CB28EB40B9CA31682FF51518CD08
Requests: 6 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 9F3B6B68284FED860E73847D622FEC04
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=55583800010662104444640012487003&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 423EA1268040A6DF114B46191FE4BF81
Requests: 1 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=55583800010662104444640012487003&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: B44731408C1D545889E946500E74C114
Requests: 1 HTTP requests in this frame

Frame: https://hal90003.redintelligence.net/request_content.php?s=55583800010662104444640012487003&a=c997e1aa
Frame ID: EB6012E0650D1FBBE96361F1A5ED3244
Requests: 6 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 8BFB6BABFF9527F19073459B9E4BF4DB
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

23ABC News Bakersfield: Breaking News Weather TrafficBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

  1. http://www.turnto23.com/ HTTP 307
    https://www.turnto23.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • swfobject.*\.js
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

1296
Requests

93 %
HTTPS

29 %
IPv6

110
Domains

187
Subdomains

135
IPs

13
Countries

14409 kB
Transfer

34749 kB
Size

121
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.turnto23.com/ HTTP 307
    https://www.turnto23.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 113
  • https://btloader.com/tag?aax_id=AAX21O2VJ&upapi=true HTTP 302
  • https://btloader.com/tag?o=5107371200741376&upapi=true
Request Chain 226
  • https://gcdn.2mdn.net/videoplayback/id/a92cae990e1856ea/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1729655455/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/2607882F230463A29FF71DBFE8925992F30FA18A.2FA81FFB42F20EC6BA09A98D5056A4BD3EA4AACC/key/ck2/file/file.mp4 HTTP 302
  • https://r4---sn-5go7ynld.c.2mdn.net/videoplayback/id/a92cae990e1856ea/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1729655455/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/11892793083ECB9762B874FA34FDD348A18F0CE6.01AA3E180F4C710063F2E06ABF0F891DF5A88EA9/key/cms1/cms_redirect/yes/mh/Yt/mip/2a00:c98:2050:a007:2::5/mm/42/mn/sn-5go7ynld/ms/onc/mt/1698118424/mv/u/mvi/4/pl/60/file/file.mp4
Request Chain 559
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm HTTP 302
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEFaJ-vAEOFzfe2TSh7aiVVY&google_cver=1
Request Chain 560
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm HTTP 302
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEOd9ip1yI1dTNs1W6P29KEg&google_cver=1&adform_v=1
Request Chain 561
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHry_3yFxYopnrbmnIexs78&google_cver=1
Request Chain 562
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTc-IyL251t0GCIZaPF.ywAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHry_3yFxYopnrbmnIexs78&google_cver=1&google_hm=2
Request Chain 563
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOvIP4qJ9Zh76fleK5OPY6w&google_cver=1
Request Chain 564
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDMxMjc5MDk0MDk1NDIwMTgwNw%3D%3D
Request Chain 568
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_dbm HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFBWIhDdNLfzBGxUt1CALa4&google_cver=1
Request Chain 569
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGRkYmI1ZThiNzBiOTljOGJiOGJhZjllZGZhZmRmNTUwODhiNWQzYw
Request Chain 570
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPE8qBMKVlbW-amzTkXMxFo&google_cver=1
Request Chain 574
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_dbm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&piggybackCookie=CAESEMM2ygb3xgPTw8YWHmYyhBg&google_cver=1
Request Chain 576
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEAfMykLHKgNyCG_3UP8AKz4&google_cver=1
Request Chain 607
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGYtUGUZosZtaZybN59RtWk&google_cver=1
Request Chain 684
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D HTTP 302
  • https://x.serverbid.com/usersync?gpp=&gpp_sid=&ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=ZTc-IyL251t0GCIZaPF.ywAA%263365
Request Chain 685
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=4312790940954201807
Request Chain 694
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEDFnMTb9pMfzBakzApHCgaE&google_cver=1 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=771&dpuuid=CAESEDFnMTb9pMfzBakzApHCgaE&google_cver=1
Request Chain 695
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEE9cONnzWkBrQQurjhtJN5w&dongle=c627&google_cver=1
Request Chain 696
  • https://eb2.3lift.com/sync/google/demand?sync=1 HTTP 302
  • https://eb2.3lift.com/sync/google/demand?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzY3NzU0NjgwNzQxNDE2MDEzNjUxNA%3D%3D
Request Chain 703
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=b50b9b83-306e-4cfb-a81e-c8ac12fa8442&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=OEpORC14UTRQSUl4UkFobFY2aU1JUQ&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESENUiPU9gZxHpr86a2WFjUas&google_cver=1
Request Chain 704
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=sonobi HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=sonobi HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=7591070485493745832&ssp=sonobi
Request Chain 705
  • https://creativecdn.com/cm-notify?pi=sonobi HTTP 302
  • https://creativecdn.com/cm-notify?pi=sonobi&tc=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=wXoHZ3CCVamCkjiGD42q&pi=sonobi&tc=1
Request Chain 706
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5142336725909842241
Request Chain 712
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=baab58b2-68a4-4914-9c13-dab5bdc5ee08&google_hm=YmFhYjU4YjItNjhhNC00OTE0LTljMTMtZGFiNWJkYzVlZTA4 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEOH3NV6p9Elgu3JKQYjMlzE&google_cver=1&ssp=sonobi&bsw_param=baab58b2-68a4-4914-9c13-dab5bdc5ee08
Request Chain 713
  • https://creativecdn.com/cm-notify?pi=sonobi HTTP 302
  • https://creativecdn.com/cm-notify?pi=sonobi&tc=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=wXoHZ3CCVamCkjiGD42q&pi=sonobi&tc=1
Request Chain 715
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=b50b9b83-306e-4cfb-a81e-c8ac12fa8442&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=S1lyRmpSYlg0UHlpUklHUVpQMW1XQQ&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESENUiPU9gZxHpr86a2WFjUas&google_cver=1
Request Chain 716
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5107433830583191578
Request Chain 724
  • https://cm.g.doubleclick.net/pixel?google_nid=lotameddp&google_cm HTTP 302
  • https://bcp.crwdcntrl.net/gmap/?google_gid=CAESEL9hqgd80Qw_UoisKfjLZLs&google_cver=1
Request Chain 725
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm HTTP 302
  • https://tags.bluekai.com/site/2981?id=&google_gid=CAESEGxAjvWkvh-04crx_PBWJEM&google_cver=1
Request Chain 726
  • https://tags.bluekai.com/site/2981?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dbluekai%26google_hm%3D%24_BK_UUID_B64 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_hm=bVhia2M5OTk5OVk5QmU1aw%3D%3D
Request Chain 727
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_cm HTTP 302
  • https://x.dlx.addthis.com/e/googlegdn_sync?na_exid=CAESED4TDconUC2H4hvDSQZ6e7Y&google_cver=1
Request Chain 728
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEKv5WLnoYRn9hrIH5vZjeKg&google_cver=1
Request Chain 730
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm HTTP 302
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEPs0XgYrjfOy4zxKGhwIEFE&google_cver=1
Request Chain 731
  • https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&dsp_callback=1&google_dbm HTTP 302
  • https://ad.360yield.com/match?publisher_dsp_id=55&dsp_callback=1&external_user_id=CAESEHhJI2ijo0peyNBe1EEaoiI&google_cver=1
Request Chain 733
  • https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_cm HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=001&bi=&j=0&google_gid=CAESEPCdYYxFR_gjPKWsxYotF2M&google_cver=1 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=001&bi=&j=0&google_gid=CAESEPCdYYxFR_gjPKWsxYotF2M&google_cver=1&xl8blockcheck=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_hm=NWQ5MmVkYmNiN2Y1YTVjNTUwYzkzNjNjYTNhOGNkMmY&
Request Chain 734
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_dbm HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESENUiPU9gZxHpr86a2WFjUas&google_cver=1
Request Chain 735
  • https://bh.contextweb.com/bh/rtset?pid=547259&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcontextweb%26google_hm%3D%25%25ENCRYPTED_VGUID_B64%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_hm=OFFEeGpndUxaVlFXTnI5WHdqaGJHdw&pid=547259
Request Chain 752
  • https://cm.g.doubleclick.net/pixel?google_nid=ibehavior&google_cm&pid=266&go=244276&m&google_dbm HTTP 302
  • https://global.ib-ibi.com/image.sbxx?pid=266&go=244276&m=&google_gid=CAESEAzCfzB_OTDJZw0mk0H1t80&google_cver=1
Request Chain 753
  • https://cm.g.doubleclick.net/pixel?google_nid=unruly_dbm&google_cm HTTP 302
  • https://usermatch.targeting.unrulymedia.com/usermatch/google/CAESEKet9HT4qv-BHqejd-oQf6s?google_cver=1 HTTP 302
  • https://sync.1rx.io/usersync/google/CAESEKet9HT4qv-BHqejd-oQf6s?google_cver=1 HTTP 302
  • https://sync.1rx.io/usersync/google/CAESEKet9HT4qv-BHqejd-oQf6s?zcc=1&cb=1698119462220 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ad3b9d34-cd6c-4e64-bc76-55434edc65f1-003
Request Chain 754
  • https://sync.1rx.io/usersync/google/0?dspret=1&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dunruly_dbm%26google_hm%3D%5BRX_UUID_B64_BIN%5D HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ad3b9d34-cd6c-4e64-bc76-55434edc65f1-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dunruly_dbm%26google_hm%3DA607nTTNbE5kvHZVQ07cZfE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unruly_dbm&google_hm=A607nTTNbE5kvHZVQ07cZfE
Request Chain 840
  • https://cm.g.doubleclick.net/pixel?google_nid=9303729787&google_cm HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212305768&google_gid=CAESEHZAoSu4FtEg1DMDFryAk2I&google_cver=1
Request Chain 859
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=175765&dpuuid=967d9e7d9eab0c72f798203d184fe677
Request Chain 898
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTc_IyL251t0GCIZaPF-ywAADSUAAAAB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTc_IyL251t0GCIZaPF-ywAADSUAAAAB&gpp=&gpp_sid=&dcc=t
Request Chain 899
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZTc_IyL251t0GCIZaPF-ywAADSUAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGhiF6JZ6ToeMCM8JgLXjX8&google_cver=1
Request Chain 900
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZTc-IyL251t0GCIZaPF.ywAA%263365&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZTc-IyL251t0GCIZaPF.ywAA%263365&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=bc221082c835437da07eeaea47a2e6de HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=bc221082-c835-437d-a07e-eaea47a2e6de HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=fcd552e8-4b4b-49a7-923e-13f50d7077e4%3A1698119465.198511&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dfcd552e8-4b4b-49a7-923e-13f50d7077e4%253A1698119465.198511%26_%3D1698119465.2003314&cb=1698119465.2003677 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5142336725909842241&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dfcd552e8-4b4b-49a7-923e-13f50d7077e4%253A1698119465.198511%26_%3D1698119465.2003314 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=fcd552e8-4b4b-49a7-923e-13f50d7077e4%3A1698119465.198511&_=1698119465.2003314
Request Chain 901
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZTc-IyL251t0GCIZaPF.ywAA%263365 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=wXoHZ3CCVamCkjiGD42q&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZTc-IyL251t0GCIZaPF.ywAA%263365
Request Chain 902
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=6046c246-c6f7-46a4-a543-814bcf3bb9e2&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 903
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=P0ZpzToVaMokRjjLa0Z3mWwXb58kRW-cakWHdz2d
Request Chain 904
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1698205865
Request Chain 906
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZTc_IyL251t0GCIZaPF-ywAADSUAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGhiF6JZ6ToeMCM8JgLXjX8&google_cver=1
Request Chain 907
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZTc-IyL251t0GCIZaPF.ywAA%263365&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZTc-IyL251t0GCIZaPF.ywAA%263365&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=490d9251f3644791a9522ad212180ed4 HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=4043584326490653053 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=490d9251-f364-4791-a952-2ad212180ed4 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=fcd552e8-4b4b-49a7-923e-13f50d7077e4%3A1698119465.198511&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dfcd552e8-4b4b-49a7-923e-13f50d7077e4%253A1698119465.198511%26_%3D1698119465.4419568&cb=1698119465.441993 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5142336725909842241&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dfcd552e8-4b4b-49a7-923e-13f50d7077e4%253A1698119465.198511%26_%3D1698119465.4419568 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=fcd552e8-4b4b-49a7-923e-13f50d7077e4%3A1698119465.198511&_=1698119465.4419568
Request Chain 908
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTc_IyL251t0GCIZaPF-ywAADSUAAAAB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTc_IyL251t0GCIZaPF-ywAADSUAAAAB&gpp=&gpp_sid=&dcc=t
Request Chain 911
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1713930665&external_user_id=cab8222a-6441-4db7-9ad7-1bfb6446483b
Request Chain 912
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7591070485493745832&expiration=1699329080
Request Chain 913
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4312790940954201807
Request Chain 977
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=7UHx-ugS8P32QaD8uUHvrr4Q96j2QveruEJESNIR
Request Chain 978
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4312790940954201807&gdpr=0&gdpr_consent=
Request Chain 979
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7293367566882044049&gdpr=0&gdpr_consent=
Request Chain 980
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=baab58b2-68a4-4914-9c13-dab5bdc5ee08&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_121b0aff-ca1f-4762-863b-11ba6f64a1b2&bsw_param=baab58b2-68a4-4914-9c13-dab5bdc5ee08&expires=10&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=baab58b2-68a4-4914-9c13-dab5bdc5ee08&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 981
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=qyPVnmOPXyNfoHzh_CaV57Ki0Yw&gdpr=0&gdpr_consent=
Request Chain 982
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZTc-KQAaN1GdCAAb
Request Chain 983
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBN0NFN0tibjRBQUJnMmVxNHpkQQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAA7CE7Kbn4AABg2eq4zdA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=870500467373172628&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAA7CE7Kbn4AABg2eq4zdA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D870500467373172628%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=870500467373172628&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAA7CE7Kbn4AABg2eq4zdA&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAA7CE7Kbn4AABg2eq4zdA&gdpr=0&gdpr_consent=
Request Chain 984
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 985
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Request Chain 986
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUdd961f5ab8cc4dd4b32ffe74a98e2197
Request Chain 989
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=889298685119183901
Request Chain 990
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5142336725909842241
Request Chain 995
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iuXTg_g3Rfm6h834fproUA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 997
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2827461676 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=8AE5D383-F837-45F9-BA87-CDF87E9AE850
Request Chain 998
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=8AE5D383-F837-45F9-BA87-CDF87E9AE850 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MzMwNWlOWS03dmFSSEd1aG1EdEtSWGdGdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=7591070485493745832&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 999
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OEFFNUQzODMtRjgzNy00NUY5LUJBODctQ0RGODdFOUFFODUw&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 1000
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMM2ygb3xgPTw8YWHmYyhBg&google_cver=1
Request Chain 1002
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7591070485493745832
Request Chain 1007
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4043584326490653053&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 1009
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:5cd3e657-449d-4acd-b1a2-0c97f89e597b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 1139
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=23b28d88280d2453/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DGp1rLOrtXYhXSQSSXSaQXWVY%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DGp1rLOrtXYhXSQSSXSaQXWVY%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Gp1rLOrtXYhXSQSSXSaQXWVY&gdpr=0&gdpr_consent=
Request Chain 1140
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 1142
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7A4D58EE25704C63B7D9B1C3BDCA1C17&gdpr=0&gdpr_consent=
Request Chain 1143
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=1320780502 HTTP 302
  • https://sync.1rx.io/usersync/turn/4043584326490653053?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ad3b9d34-cd6c-4e64-bc76-55434edc65f1-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-ad3b9d34-cd6c-4e64-bc76-55434edc65f1-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ad3b9d34-cd6c-4e64-bc76-55434edc65f1-003
Request Chain 1145
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=8AE5D383-F837-45F9-BA87-CDF87E9AE850&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=8AE5D383-F837-45F9-BA87-CDF87E9AE850&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 1146
  • https://pixel.onaudience.com/?partner=214&mapped=8AE5D383-F837-45F9-BA87-CDF87E9AE850&gdpr=0&gdpr_consent= HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=5d92edbcb7f5a5c550c9363ca3a8cd2f&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 1147
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4312790940954201807
Request Chain 1150
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=8AE5D383-F837-45F9-BA87-CDF87E9AE850&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=8AE5D383-F837-45F9-BA87-CDF87E9AE850&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 1151
  • https://pixel.onaudience.com/?partner=214&mapped=8AE5D383-F837-45F9-BA87-CDF87E9AE850&gdpr=0&gdpr_consent= HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=5d92edbcb7f5a5c550c9363ca3a8cd2f&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 1153
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D39puKE4JaTgMXbVMTRXgjbVT%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=161&icm&cver&mapped=5d92edbcb7f5a5c550c9363ca3a8cd2f&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D39puKE4JaTgMXbVMTRXgjbVT%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JaTgMXbVMTRXgjbVT&gdpr=0&gdpr_consent=
Request Chain 1154
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 1155
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4312790940954201807
Request Chain 1157
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7A4D58EE25704C63B7D9B1C3BDCA1C17&gdpr=0&gdpr_consent=
Request Chain 1158
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=556306136 HTTP 302
  • https://sync.1rx.io/usersync/turn/4043584326490653053?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ad3b9d34-cd6c-4e64-bc76-55434edc65f1-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-ad3b9d34-cd6c-4e64-bc76-55434edc65f1-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ad3b9d34-cd6c-4e64-bc76-55434edc65f1-003
Request Chain 1284
  • https://hal90001.redintelligence.net/request.php?zone=encwumjulb0v&nw=20&renderingType=javascript&namespace=d292e831bb&subid=&uid=db147bc607081337&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=1x1&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A8&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCj5H_MD83ZcnNFdazx_APrZ--6AWbpoCiadWS6ovOD_YuEAEgur7wFmCVgoCAsAfIAQmpAi77K4TJ5bE-qAMByAObBKoEoAJP0OJRcyEI0cpNK2kQPOf_mok64kr9sL6Ddu1nJYn0mse5yNnyIPRaOEDLU19FYwUi0LJ73Q03-XSPIRphQfMxfMDD2DOC1i0ODYGoRNTp9A-K9ZktHdlsE94u3POR9aDZfAZcEH1lPhqcyUGVU8WmBvC7bgUN7JqWMDBI0kcFb_7OvZhQQMYjRNFGWGdWPlgI5TaPMhMKgHj-LX6iy7K_qcZHJQuJGFd-U9m1IHUDxZoLdR0xQx0CwnYlrvODGmV2krfK7-fAtlIslQLMbhD0fpvKsfX9uMVR-w4t2OgZieCkfqOhlhDD4z5YIQRFbI4jR_7qIIMAtr9GjcjpUVLCTI2J883bLd4BETKrCugdKgjtYqKMh1wKsH6Lm_87dJjABNGiz9SABOAEA4gFtd3Jgj6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYXzICqgI6AoBASL39wTryCA1iaWRkZXItNDEwMDAwgAoEmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CREWwE7OgqxTQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSQADICaaN6vEnzfkK6f1U8MA6p-gAJRPYrBnOPtsUDZX7HeN4Fr5N8Ft0dkaYvnENXqU5Eek7AxFH4NRSROXD2tMYAQ%26sig%3DAOD64_2K0Ui2nMZZdNNPYDJBdaOzZ5eXqA%26client%3Dca-pub-6579838053286784%26dbm_c%3DAKAmf-C52e4r1m1HUw1UenigKHpoeYf5WLr9ATkqgJHlkprvvUu853s6yxVEMrB2JgwptHPiUGFio5yP_kjvz8lTnSswJeV21Ftww-xwl4_ULcittGkMxeDbAgUOgYjFZDlZ-Dbs-jL56ZC19j2Vg2yrE1rhZ68bHwZh9GeaTrGXRJArtItKaC0%26cry%3D1%26dbm_d%3DAKAmf-CD_8ammSDd24NB7lDsEcLR0o0qsOjjpAMN7k5N5IPU1Rph4kIf56EgvmKWDf9pbrQ04-Dz66R32OYv04MqPX0FLmF2IG32JC6J682zMouW-O2GepnQ7_q-0pi2WeChqmtjw3QhKYmcgm19AHyyISvbtvDgyPZUnYLojCRpqjNkcPTTUcMbLwk4n-Pu9hdmthi1-nOA0PnI9sUYti6quLu6Qfd5vAJ3aQLd4R8ld4Hdzf1mqRWFupbxgy1WJwxRsFEOQdxtwrKs7nOTAPai2MAe6uXtoE2DTGj6a2vyEfsEqT09VkA24UPuAzh52D9TXSxcwJiUFmMYkaMz6iQnxhZFgxKZgXR71vKDg3DZHh7Noi9tPpXJ0Lm8tPv3G-jUNA-f7KMp2BgoEhpPGbS-nOG_ADEW_YmqBhjqQjh6EfvEhiFWrDZxRUOP_G77KCI5zjd8L413enJNGYY2o92Qqbziq1kX0YE5Wm-knrslHTD5kjjPsuU-X2xUJr-mHMnvo_wgNJr-f5ENy8dL3DsGDM2XsgvNvK7r6k8IhpCFup3is1mhtnE%26adurl%3D&documentReferer=https%3A%2F%2Fwww.turnto23.com%2F&ancestorOrigins=https%3A%2F%2Fwww.turnto23.com%2Chttps%3A%2F%2Fwww.turnto23.com&random=2249981693277&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 HTTP 302
  • https://hal90001.redintelligence.net/request.php?zone=encwumjulb0v&nw=20&renderingType=javascript&namespace=d292e831bb&subid=&uid=db147bc607081337&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=1x1&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A8&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCj5H_MD83ZcnNFdazx_APrZ--6AWbpoCiadWS6ovOD_YuEAEgur7wFmCVgoCAsAfIAQmpAi77K4TJ5bE-qAMByAObBKoEoAJP0OJRcyEI0cpNK2kQPOf_mok64kr9sL6Ddu1nJYn0mse5yNnyIPRaOEDLU19FYwUi0LJ73Q03-XSPIRphQfMxfMDD2DOC1i0ODYGoRNTp9A-K9ZktHdlsE94u3POR9aDZfAZcEH1lPhqcyUGVU8WmBvC7bgUN7JqWMDBI0kcFb_7OvZhQQMYjRNFGWGdWPlgI5TaPMhMKgHj-LX6iy7K_qcZHJQuJGFd-U9m1IHUDxZoLdR0xQx0CwnYlrvODGmV2krfK7-fAtlIslQLMbhD0fpvKsfX9uMVR-w4t2OgZieCkfqOhlhDD4z5YIQRFbI4jR_7qIIMAtr9GjcjpUVLCTI2J883bLd4BETKrCugdKgjtYqKMh1wKsH6Lm_87dJjABNGiz9SABOAEA4gFtd3Jgj6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYXzICqgI6AoBASL39wTryCA1iaWRkZXItNDEwMDAwgAoEmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CREWwE7OgqxTQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSQADICaaN6vEnzfkK6f1U8MA6p-gAJRPYrBnOPtsUDZX7HeN4Fr5N8Ft0dkaYvnENXqU5Eek7AxFH4NRSROXD2tMYAQ%26sig%3DAOD64_2K0Ui2nMZZdNNPYDJBdaOzZ5eXqA%26client%3Dca-pub-6579838053286784%26dbm_c%3DAKAmf-C52e4r1m1HUw1UenigKHpoeYf5WLr9ATkqgJHlkprvvUu853s6yxVEMrB2JgwptHPiUGFio5yP_kjvz8lTnSswJeV21Ftww-xwl4_ULcittGkMxeDbAgUOgYjFZDlZ-Dbs-jL56ZC19j2Vg2yrE1rhZ68bHwZh9GeaTrGXRJArtItKaC0%26cry%3D1%26dbm_d%3DAKAmf-CD_8ammSDd24NB7lDsEcLR0o0qsOjjpAMN7k5N5IPU1Rph4kIf56EgvmKWDf9pbrQ04-Dz66R32OYv04MqPX0FLmF2IG32JC6J682zMouW-O2GepnQ7_q-0pi2WeChqmtjw3QhKYmcgm19AHyyISvbtvDgyPZUnYLojCRpqjNkcPTTUcMbLwk4n-Pu9hdmthi1-nOA0PnI9sUYti6quLu6Qfd5vAJ3aQLd4R8ld4Hdzf1mqRWFupbxgy1WJwxRsFEOQdxtwrKs7nOTAPai2MAe6uXtoE2DTGj6a2vyEfsEqT09VkA24UPuAzh52D9TXSxcwJiUFmMYkaMz6iQnxhZFgxKZgXR71vKDg3DZHh7Noi9tPpXJ0Lm8tPv3G-jUNA-f7KMp2BgoEhpPGbS-nOG_ADEW_YmqBhjqQjh6EfvEhiFWrDZxRUOP_G77KCI5zjd8L413enJNGYY2o92Qqbziq1kX0YE5Wm-knrslHTD5kjjPsuU-X2xUJr-mHMnvo_wgNJr-f5ENy8dL3DsGDM2XsgvNvK7r6k8IhpCFup3is1mhtnE%26adurl%3D&documentReferer=https%3A%2F%2Fwww.turnto23.com%2F&ancestorOrigins=https%3A%2F%2Fwww.turnto23.com%2Chttps%3A%2F%2Fwww.turnto23.com&random=2249981693277&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Request Chain 1288
  • https://hal90003.redintelligence.net/request.php?zone=encwumjulb0v&nw=20&renderingType=javascript&namespace=7878fee121&subid=&uid=cd4dde6313dfb551&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A8&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZzE2MD83ZZO9KtDi7gPwppCABZumgKJp1ZLqi84P9i4QASC6vvAWYJWCgICwB8gBCakCBuiBPIXmsT6oAwHIA5uEgIAEqgSgAk_Q_PyIFiwLpGeIMbltZismvPMYWRuGUQaHb5rmQRagCwkmxX0BNv-sQVosWIpXetEg3KXhVKIBhMGkCXx0ONxBni2YJuqVvXrnrCK_3jWdmQ9uViueR2QDAN1jBoiupfEUiQuS1PQ-Pv9XMEd2GH_j6UvrEU-Ch-7CrCXlcqkWvX8vJblHcsBh5_04Afw0oyFakMgDWqnqdcAGWDsUg63C50RUXISN8gPDReh3_c9aRgkarUAj4QgOSMUMBrkT9lkk-8YrlQl88pVrFsZBRm6i83Us5hWwZ0APC-TYRp0LOqo5YKB_Z3PKmdvPVA5R_uLzK3tLjPmhhfVGyzh54pcqktFNJ2zz6-FwGHM9UY-gP5TpkjqhaZmC_geNK9fi6sAE0aLP1IAE4AQDiAW13cmCPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARhfMgKqAjoCgEBIvf3BOvIIDWJpZGRlci00MTAwMDCACgSYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJERbATs6CrFNATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSQADICaaNdtphya-PMVExwRoFC2P2UFfjUMZmJDSRK44ek51bTCUzYCpfbH0-pzcTumyFFpY4sQnZZ5cVsGfGeTYYAQ%26sig%3DAOD64_2mp56wEGHB4fo5b9iRQdFEP-ICYA%26client%3Dca-pub-6579838053286784%26dbm_c%3DAKAmf-DA7IQKEr-y5uc6B-DF8NjgtSIer48tKKSzu62xmRPvGghskSebNPRJvuEH80UFw1YZ27WDylCjSVwjOuD7u2Gz8It0PDlKFZpm4BQYqvcggQSkXZALFXpLz3rRpMCWV84dxR2Hwat8MoiSmdMyM_xkG5K_l5e0CorXjNFuZB_5-IC5iNE%26cry%3D1%26dbm_d%3DAKAmf-Cwj1wTB6WzFX9GCzYGTFrD332U-C5choaPz4dmetnfa2Uk1UnZQNRpzvCm-pYgfOkjR647xoWDkJvskIVctxVZ4B6qJwOcS6LYjBrZM_d9ICEO72x8TuUdLK_SF6l6hPssFBRkRGvKbi8Ikl3s17ufJKpuzcfljhgZnp9tThpKmcvEf1brZVErGEXypDe0iYZdIcf22TrcWwK0kR7iDdSZv_G1ZLfRYYKRt5oM5xmzS1q9LKlwPJt3OwSfWH8xanVlopksGYKuNVJEtZNoWJOmjzOdW_b-1IZSzi5HM2YccbJcmeLwkarm6tvTyfVkqXaTNcetuyKLmkHBIfMa7OzAFDNT81QbGGnviLqCuXEx5B_FJrUv7nO_zu4cm664yPOM2QTdYQ0ohUEc2EEsSaNJumoek0sa1oaD3jqSo3WZECgauxF3J4_sUZFaG6hRULohcS4OOjo7nyZS_RDjC1vCy5v1hzJtYQylFYrkxzUnVjL8zIv2i_4pgCkFcmq62u82zOWqKDh6e2qO8_1oQpqSKB5TCTVz9mRRf0xwvpow6LVVEig%26adurl%3D&documentReferer=https%3A%2F%2Fwww.turnto23.com%2F&ancestorOrigins=https%3A%2F%2Fwww.turnto23.com%2Chttps%3A%2F%2Fwww.turnto23.com&random=3355771414658&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90003.redintelligence.net/request.php?zone=encwumjulb0v&nw=20&renderingType=javascript&namespace=7878fee121&subid=&uid=cd4dde6313dfb551&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A8&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZzE2MD83ZZO9KtDi7gPwppCABZumgKJp1ZLqi84P9i4QASC6vvAWYJWCgICwB8gBCakCBuiBPIXmsT6oAwHIA5uEgIAEqgSgAk_Q_PyIFiwLpGeIMbltZismvPMYWRuGUQaHb5rmQRagCwkmxX0BNv-sQVosWIpXetEg3KXhVKIBhMGkCXx0ONxBni2YJuqVvXrnrCK_3jWdmQ9uViueR2QDAN1jBoiupfEUiQuS1PQ-Pv9XMEd2GH_j6UvrEU-Ch-7CrCXlcqkWvX8vJblHcsBh5_04Afw0oyFakMgDWqnqdcAGWDsUg63C50RUXISN8gPDReh3_c9aRgkarUAj4QgOSMUMBrkT9lkk-8YrlQl88pVrFsZBRm6i83Us5hWwZ0APC-TYRp0LOqo5YKB_Z3PKmdvPVA5R_uLzK3tLjPmhhfVGyzh54pcqktFNJ2zz6-FwGHM9UY-gP5TpkjqhaZmC_geNK9fi6sAE0aLP1IAE4AQDiAW13cmCPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARhfMgKqAjoCgEBIvf3BOvIIDWJpZGRlci00MTAwMDCACgSYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJERbATs6CrFNATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSQADICaaNdtphya-PMVExwRoFC2P2UFfjUMZmJDSRK44ek51bTCUzYCpfbH0-pzcTumyFFpY4sQnZZ5cVsGfGeTYYAQ%26sig%3DAOD64_2mp56wEGHB4fo5b9iRQdFEP-ICYA%26client%3Dca-pub-6579838053286784%26dbm_c%3DAKAmf-DA7IQKEr-y5uc6B-DF8NjgtSIer48tKKSzu62xmRPvGghskSebNPRJvuEH80UFw1YZ27WDylCjSVwjOuD7u2Gz8It0PDlKFZpm4BQYqvcggQSkXZALFXpLz3rRpMCWV84dxR2Hwat8MoiSmdMyM_xkG5K_l5e0CorXjNFuZB_5-IC5iNE%26cry%3D1%26dbm_d%3DAKAmf-Cwj1wTB6WzFX9GCzYGTFrD332U-C5choaPz4dmetnfa2Uk1UnZQNRpzvCm-pYgfOkjR647xoWDkJvskIVctxVZ4B6qJwOcS6LYjBrZM_d9ICEO72x8TuUdLK_SF6l6hPssFBRkRGvKbi8Ikl3s17ufJKpuzcfljhgZnp9tThpKmcvEf1brZVErGEXypDe0iYZdIcf22TrcWwK0kR7iDdSZv_G1ZLfRYYKRt5oM5xmzS1q9LKlwPJt3OwSfWH8xanVlopksGYKuNVJEtZNoWJOmjzOdW_b-1IZSzi5HM2YccbJcmeLwkarm6tvTyfVkqXaTNcetuyKLmkHBIfMa7OzAFDNT81QbGGnviLqCuXEx5B_FJrUv7nO_zu4cm664yPOM2QTdYQ0ohUEc2EEsSaNJumoek0sa1oaD3jqSo3WZECgauxF3J4_sUZFaG6hRULohcS4OOjo7nyZS_RDjC1vCy5v1hzJtYQylFYrkxzUnVjL8zIv2i_4pgCkFcmq62u82zOWqKDh6e2qO8_1oQpqSKB5TCTVz9mRRf0xwvpow6LVVEig%26adurl%3D&documentReferer=https%3A%2F%2Fwww.turnto23.com%2F&ancestorOrigins=https%3A%2F%2Fwww.turnto23.com%2Chttps%3A%2F%2Fwww.turnto23.com&random=3355771414658&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 1296
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=92804000009849004444640012487001&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=92804000009849004444640012487001&t=htlp&gdpr=1&consent=1&gdpr_consent=
Request Chain 1303
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=55583800010662104444640012487003&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=55583800010662104444640012487003&t=htlp&gdpr=1&consent=1&gdpr_consent=

1296 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.turnto23.com/
Redirect Chain
  • http://www.turnto23.com/
  • https://www.turnto23.com/
419 KB
81 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-90.fra60.r.cloudfront.net
Software
N/A / Brightspot
Resource Hash
a92f26ad45031cc81c54bd4779898bedc980b3e5915abd5d58d7406dee1a639f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://cms.scrippsdigital.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
35
Cache-Control
max-age=120
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
frame-ancestors 'self' https://cms.scrippsdigital.com
Content-Type
text/html;charset=UTF-8
Date
Tue, 24 Oct 2023 03:50:16 GMT
Server
N/A
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 c2bfbd57ba266fad66928f7d9fe2f1c6.cloudfront.net (CloudFront)
X-Amz-Cf-Id
XGKvIRI9f9MxVFgvvxJP2b6S7wIJybYjNdi2Siko1FMWvfF4wpvdyg==
X-Amz-Cf-Pop
FRA60-P5
X-Cache
Hit from cloudfront
X-Content-Type-Options
nosniff
X-Powered-By
Brightspot

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://www.turnto23.com/
Non-Authoritative-Reason
HSTS
All.min.b05b79e663b526ad147c3a026af162e8.gz.css
ewscripps.brightspotcdn.com/resource/0000018b-3ea5-d7be-a9fb-beb78de10000/styleguide/ 		115 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ewscripps.brightspotcdn.com/resource/0000018b-3ea5-d7be-a9fb-beb78de10000/styleguide/All.min.b05b79e663b526ad147c3a026af162e8.gz.css
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
797b9a55629c348d9421cf908c354e0d7bc152328f711101d80860c85e9c6973

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 17 Oct 2023 17:18:45 GMT
Content-Encoding
gzip
Via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C1
Age
556328
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
21321
Last-Modified
Tue, 17 Oct 2023 17:18:41 GMT
Server
AmazonS3
ETag
"4b99655e2abebbd71796374f6528fb48"
Content-Type
text/css
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
X-Amz-Cf-Id
ifEm8BvfGLMNryMXd888EKHdAcXRG3ZzngaLMBhhEvl1h-Xk88XO3w==
6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
d3plfjw9uod7ab.cloudfront.net/ 		94 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:1200:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
89c9e80ecd6f37be835fe762db514ef63023190e1905645372c551b8c2201c89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
2YmoUKxvEerAgqYu5_hCgTSn3.Rs3vac
content-encoding
br
via
1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
date
Tue, 24 Oct 2023 03:15:44 GMT
last-modified
Thu, 03 Nov 2022 13:16:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
2108
etag
W/"e4a531bd392e3e19506b373bc5c8c363"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600, public
x-amz-cf-id
VxUip7HpRwEWmAieVyw2NCv712dJV95tZ09rlpOix3IGN81k00m5Aw==
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fc7f40fe3b6fca4d842274e5c319024864535325c7484e201b7c53257209809
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 24 Oct 2023 03:50:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
HAfQnQ1aKA6QX2rlLtw0Ew==
age
24197
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6821
x-ms-lease-status
unlocked
last-modified
Mon, 23 Oct 2023 16:07:32 GMT
server
cloudflare
etag
0x8DBD3E229E2FD41
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
50454938-301e-0079-5eea-05c5a7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
81af42148ef0382e-FRA
tsu4adm.css
use.typekit.net/ 		21 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/tsu4adm.css
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
2c3a91c494210da400070d1f6f58f3ab199d22fcc822ce8d5dda8ce17840cf6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Tue, 24 Oct 2023 03:50:52 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1741
all.css
use.fontawesome.com/releases/v5.1.0/css/ 		45 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.1.0/css/all.css
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:670b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550

Request headers

Referer
https://www.turnto23.com/
Origin
https://www.turnto23.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
KYJ8KCFE2YGQNEKR
age
1449423
alt-svc
h3=":443"; ma=86400
x-amz-id-2
escD+JzcbdmOwygrCo1MLmYgAPezxwUbXgVBGC48GDSqqB3VCXmNXlBwYTfZTs2IsfnuAi9VGds=
last-modified
Wed, 30 Jun 2021 15:30:31 GMT
server
cloudflare
etag
W/"826c57385f3d35cfed5478ba7b1f5c03"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2Fi%2BDGOV4UiLRUSSG5M12W9cJz35PUqqDcO7FtT93gP5ZsCizMaHwLtKuwd%2BhsHkLFWnnzg%2BcjuZHdLXSBh9drajRZCWf46yvmPGi4Rn%2FWErLJ6l4Pv5dfu3DxeT2POXghuBvJQyZBWHvfW0jms8tyJU"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
81af42149ea3361f-FRA
/
ewscripps.brightspotcdn.com/dims4/default/e90eca7/2147483647/strip/true/crop/733x133+0+0/resize/400x73!/quality/90/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/e90eca7/2147483647/strip/true/crop/733x133+0+0/resize/400x73!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Fcf%2F8e%2Ff028071a44a79debd9d35ae90156%2Fmain-logo.png
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
ffb3cbb692a508d81baac2714794cd9f522c1bc8e04dd282c7da81f5d7490e65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 23 May 2023 03:43:09 GMT
Via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
13306063
ETag
ccf0a05133d576a5cb6e4b69b880a901
X-Cache
Hit from cloudfront
Content-Type
image/png
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
9527
X-Amz-Cf-Id
LhEq_nWE3JuBmk6f-9OY_NGHPNRWJj4A7OOuvk2nP6GFABy5DyWrpg==
Expires
Wed, 22 May 2024 03:43:09 GMT
/
ewscripps.brightspotcdn.com/dims4/default/7b3ab31/2147483647/strip/true/crop/750x422+0+328/resize/320x180!/format/webp/quality/90/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/7b3ab31/2147483647/strip/true/crop/750x422+0+328/resize/320x180!/format/webp/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Fde%2F85%2F45805184499f9d7b9372c134153d%2Frory-k-douglas.png
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
283f66f72b50d1a90a4b8ec7482a4c82f40aeb5ea9255b1f2d100dfad882bd3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Mon, 23 Oct 2023 23:28:05 GMT
Via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
15766
ETag
f15b300f8f126ef4ebd2118e270caf73
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
10346
X-Amz-Cf-Id
q-SUsn1Xls6twHT3eV6OptNavFfSEy4W4VqZPW7pvRY_wf_y10s82w==
Expires
Tue, 22 Oct 2024 23:28:06 GMT
/
ewscripps.brightspotcdn.com/dims4/default/399f72f/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/399f72f/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Fc2%2F58%2F190d5d79495392ea8964a8cde55e%2Fcopy-of-our-dear-dead-drug-lord.png
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
6df45560cee53656a767b06e1a5a3475fceb104bd208783adfe6376de7bd3789

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 07:58:52 GMT
Via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
244320
ETag
6bc5b044c1fb32c76c951d1937b4319d
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
29030
X-Amz-Cf-Id
0Y4_JSBSRwVlclJIaRvxHnYdZu8G0NU7KJq5HmHgkCW_G08UbEg6uw==
Expires
Sun, 20 Oct 2024 07:58:52 GMT
/
ewscripps.brightspotcdn.com/dims4/default/d2bf424/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/d2bf424/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F24%2Ffc%2F21f93fd04b9ca77cff47e59ffd91%2Fposter-image-4.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
7d5212e078ec348f7b470830a5e1613091d69286801f5343a25c296e1d57f3e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 03:50:52 GMT
Via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
ETag
99831fbe92ea62ef44a92adc752cb578
X-Cache
Miss from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
7400
X-Amz-Cf-Id
MwPsWXchqu3F0xGcByhNthvWLZLFe5x4uDVRC-lhKa77ovfWjN0wTA==
Expires
Wed, 23 Oct 2024 03:50:53 GMT
/
ewscripps.brightspotcdn.com/dims4/default/4fbf81d/2147483647/strip/true/crop/658x90+0+0/resize/658x90!/format/webp/quality/90/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/4fbf81d/2147483647/strip/true/crop/658x90+0+0/resize/658x90!/format/webp/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F34%2Fc0%2F01408fe64bf1abb4ea9f4a186c09%2Fdownload.png
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
8078f0197f96b825a4c864342272ca8bd374f303696fe36aeb5c7ded7625e00c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sun, 22 Oct 2023 13:50:02 GMT
Via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
136851
ETag
9a4d0dd168e0f3ce72be946e338ac3b2
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
14064
X-Amz-Cf-Id
pivknO2f63fJIGA0EdjpqdcZiynynt6uFYatnWzhrePUZ8vW6hgtuA==
Expires
Mon, 21 Oct 2024 13:50:02 GMT
/
ewscripps.brightspotcdn.com/dims4/default/cd3f7e4/2147483647/strip/true/crop/2785x1567+0+261/resize/320x180!/format/webp/quality/90/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/cd3f7e4/2147483647/strip/true/crop/2785x1567+0+261/resize/320x180!/format/webp/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Fea%2F61%2F69bcb015444c9787f45c2c604f3c%2Fcheer.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
cd7ca1b30d182ad464248fd37d2dedbc44b76c36aa99f056e0d775afe58cc319

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 05:19:00 GMT
Via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
253912
ETag
4cd8040c6caadf88911ccb74cc0a1571
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
22270
X-Amz-Cf-Id
I3Luhu5oezfvBvpd03SGQst9lrDnzxBatTn5Fk7QruEsamfDC0PXJw==
Expires
Sun, 20 Oct 2024 05:19:01 GMT
/
ewscripps.brightspotcdn.com/dims4/default/872cd61/2147483647/strip/true/crop/1024x576+1+0/resize/320x180!/format/webp/quality/90/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/872cd61/2147483647/strip/true/crop/1024x576+1+0/resize/320x180!/format/webp/quality/90/?url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fause%2Fslices%2F9a7%2F3870ad0511fa47a79b3577075088ec91%2F9a7ea157c39844618bb1ce1d13f95f6c%2Fposter_a3570d185e384805b455688b2d74ce31.png
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
ac2f0b1a69b9ff186c6dcf21d9e3270ef3a0610d35206057af231608548797ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Mon, 23 Oct 2023 12:18:52 GMT
Via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
55921
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
20358
X-Amz-Cf-Id
pZ4BzL2XoSx6Tzd9X7wyQPu5pWU-GnkC_X7t7ow4yfKSZM2GgA7QEA==
Expires
Tue, 22 Oct 2024 12:18:52 GMT
/
ewscripps.brightspotcdn.com/dims4/default/47cc32f/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/47cc32f/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/?url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fause%2Fslices%2F6a1%2F3870ad0511fa47a79b3577075088ec91%2F6a1d3a0fcbf3467b96e38581f4e36454%2Fposter_5cfeecccc562479e83ab962a4f6fca07.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
577aa7dee2a55345b557658b0bd8e980a2b2a291533f852ce07504b5dde20619

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Fri, 20 Oct 2023 01:07:50 GMT
Via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
355383
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
10834
X-Amz-Cf-Id
yNx_GuKMziDVNkogQomzjLsvD6jWVM2ym7Hw21imOzp25PIcBUcu8w==
Expires
Sat, 19 Oct 2024 01:07:50 GMT
/
ewscripps.brightspotcdn.com/dims4/default/4841d28/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/4841d28/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/?url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fause%2Fslices%2Ffa3%2F3870ad0511fa47a79b3577075088ec91%2Ffa3f7089b89d4942834b3fe01e753c3d%2Fposter_1d5992a6207643da9e5eb888348087f4.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
a7338f9af98646f84f767e52ccc6d5f7ffe96f93789a5b3bb9aa9f4c41a6620f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Fri, 20 Oct 2023 14:13:46 GMT
Via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
308227
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
13930
X-Amz-Cf-Id
o0c2I-jl0Qc1OSW7PLS3mN7oB6N_LfT_TvwPaqCHaYzUoMxyJqXyZA==
Expires
Sat, 19 Oct 2024 14:13:46 GMT
/
ewscripps.brightspotcdn.com/dims4/default/31b2d57/2147483647/strip/true/crop/4032x2268+0+0/resize/320x180!/format/webp/quality/90/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/31b2d57/2147483647/strip/true/crop/4032x2268+0+0/resize/320x180!/format/webp/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Fd2%2F9b%2F71215caa410fa31af11c9df38949%2Fpxl-20231018-012118108-mp.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
185c87387b640e0c6c002709a8afac0e3c47034b01560c56cbdd1f68a7857189

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Fri, 20 Oct 2023 01:07:50 GMT
Via
1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
355382
ETag
f2fe0d808558b885dad3d1877ca4dc40
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
16830
X-Amz-Cf-Id
yZOeSRFlQzQ-LXwoRBrDugfK7cwDlhBTFicyQSUNCRAAZ-RtMeV8TA==
Expires
Sat, 19 Oct 2024 01:07:51 GMT
/
ewscripps.brightspotcdn.com/dims4/default/e224914/2147483647/strip/true/crop/2023x1138+30+0/resize/320x180!/format/webp/quality/90/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/e224914/2147483647/strip/true/crop/2023x1138+30+0/resize/320x180!/format/webp/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Fe7%2Fd6%2F033032594c838e5d981feb2ddb52%2Fscreen-shot-2023-10-19-at-5-37-46-am.png
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
dba4e42b172c7321e5fb4f037bc2080a218a2b5605ac05dfcca4dade2111d83c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Fri, 20 Oct 2023 14:13:46 GMT
Via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
308227
ETag
9f205be242c3c3ea7e6ae164e720b383
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
17126
X-Amz-Cf-Id
oOeUZNSclGJ7VcFOLBOlWNMEZyPWOk5WT2CUmHnvYQMuHOQi3PGRWw==
Expires
Sat, 19 Oct 2024 14:13:46 GMT
/
ewscripps.brightspotcdn.com/dims4/default/161b5f7/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/161b5f7/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/?url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fause%2Fslices%2Fd55%2F3870ad0511fa47a79b3577075088ec91%2Fd55fed4acd0d41be9c72c1751cd02b2c%2Fposter_83c3cf9b45094a5d8dfe8c70ff577d72.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
87caa13fcecef08fbb4b7e29be3e468bdd40073f83fe6411bfc9f258b9c50dcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Fri, 20 Oct 2023 14:13:46 GMT
Via
1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
308227
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
5856
X-Amz-Cf-Id
KEnAtGYjmiPsVumbWE-uNTI8JsYTrLw8dKqxxkBNtLV_CVvEq6tBxw==
Expires
Sat, 19 Oct 2024 14:13:46 GMT
/
ewscripps.brightspotcdn.com/dims4/default/2c55955/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/2c55955/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/?url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fausw%2Fslices%2F784%2F3870ad0511fa47a79b3577075088ec91%2F784df87ad86d4cd0bf631e6f0f680038%2Fposter_24575b371fd74c45b1596d98826004a9.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
e5b5cc5ba9db92239a11a158418c1329a8a3e8c2ad63fe384fe8596fbf4d363c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Fri, 20 Oct 2023 03:33:15 GMT
Via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
346658
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
7972
X-Amz-Cf-Id
tBZU14KOszmz4jzvustKZaarMsQZHw2IEYH43EF0On9L6IeA9AC83Q==
Expires
Sat, 19 Oct 2024 03:33:15 GMT
/
ewscripps.brightspotcdn.com/dims4/default/2228d19/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/2228d19/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/?url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fause%2Fslices%2F24f%2F3870ad0511fa47a79b3577075088ec91%2F24f24b7ca1354db699c16559b5cb466d%2Fposter_5fbe8d990f0f47c6817e4878745be2bf.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
c5efa211a717e15a66764cd60214b7711e2a420817a07de3492a5be535ed0cfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Fri, 20 Oct 2023 14:13:46 GMT
Via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
308227
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
14868
X-Amz-Cf-Id
4-u2UlFyOwmyLqixVkrqY4EPMJYTG675WRfkqa-eOV2_CH3m2YhWvQ==
Expires
Sat, 19 Oct 2024 14:13:46 GMT
/
ewscripps.brightspotcdn.com/dims4/default/509645b/2147483647/strip/true/crop/4032x2268+0+0/resize/320x180!/format/webp/quality/90/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/509645b/2147483647/strip/true/crop/4032x2268+0+0/resize/320x180!/format/webp/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F26%2Fa5%2F80d35e074397b26cf14226663982%2Fimg-0086.JPG
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
9c088a7bde5392310e96013928bf747b644276f32a9f99e4a8722eb1dd4f1364

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 00:52:49 GMT
Via
1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
442683
ETag
271eb5f835b1ee6d531db36434154c04
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
20414
X-Amz-Cf-Id
SjkJ3R8yLGui64jiBpGjeLV0gzPMQZSyukBvdzdLK5LRFS_hqTXl8w==
Expires
Fri, 18 Oct 2024 00:52:50 GMT
/
ewscripps.brightspotcdn.com/dims4/default/138fa33/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/138fa33/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/?url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fause%2Fslices%2F652%2F3870ad0511fa47a79b3577075088ec91%2F6524925a98d142e9bde51207d6e35a36%2Fposter_a1b9f0f62a5b438892b54b1723f7723b.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
c95c231cd986ca8ef3ddf1b4000c6231149ac7b25541880a3f944c551c956591

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 18 Oct 2023 21:20:19 GMT
Via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
455434
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
7362
X-Amz-Cf-Id
niYniA6DUwuWd-yXRF0mBeyUha1v-QLU3r7aVT_gG4QzeKiGik30dw==
Expires
Thu, 17 Oct 2024 21:20:19 GMT
/
ewscripps.brightspotcdn.com/dims4/default/f2517c4/2147483647/strip/true/crop/2446x1376+34+0/resize/320x180!/format/webp/quality/90/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/f2517c4/2147483647/strip/true/crop/2446x1376+34+0/resize/320x180!/format/webp/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Fe9%2F96%2Fa3c907b64be0a59f3307b2bd67da%2Fscreen-shot-2023-10-18-at-5-23-14-am.png
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
2f9f270447055553c235d4826867c3d205563764a75e7356984a851520b6f370

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 14:34:57 GMT
Via
1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
393355
ETag
1b450b41798cb1a8d759b4c6cbf76c12
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
7514
X-Amz-Cf-Id
Avd6Vb8d6gcRzyF3oQItNNJDthTOSTxex2cQQaZW3Gfq4l1lt5GnFQ==
Expires
Fri, 18 Oct 2024 14:34:58 GMT
/
ewscripps.brightspotcdn.com/dims4/default/6e7548e/2147483647/strip/true/crop/960x540+0+90/resize/320x180!/format/webp/quality/90/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/6e7548e/2147483647/strip/true/crop/960x540+0+90/resize/320x180!/format/webp/quality/90/?url=https%3A%2F%2Fcdn.scrippsnews.com%2Fimages%2Fvideos%2Fz%2F1697625227_i9AO2d.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
2464e277470219ca26236f4de51da1839890269f1ea9a61ae207342305adee9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 18 Oct 2023 11:24:50 GMT
Via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
491163
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
20174
X-Amz-Cf-Id
okryMzNX2JrjVrHfxr5fTw51WRoEtv14V2bvJrmb6kEWrw_TqTBQSg==
Expires
Thu, 17 Oct 2024 11:24:50 GMT
/
ewscripps.brightspotcdn.com/dims4/default/4bcf266/2147483647/strip/true/crop/1006x566+9+0/resize/320x180!/format/webp/quality/90/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/4bcf266/2147483647/strip/true/crop/1006x566+9+0/resize/320x180!/format/webp/quality/90/?url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fause%2Fslices%2F760%2F3870ad0511fa47a79b3577075088ec91%2F760bce94a20041d1be76c4ffebd6ac87%2Fposter_d8e52c37fb504ee7b4d6cdd35f7e87b0.png
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
323ac3fbd8542090ee1930eeed2890ac57fe245b2c39696028083e7b5f29ea1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 18 Oct 2023 09:20:09 GMT
Via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
498644
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
8486
X-Amz-Cf-Id
fiz2pZq0rn4GRiM5ArqRlNyZRJrUSu3Ln2_093_pHEeeR-aBWG_HPw==
Expires
Thu, 17 Oct 2024 09:20:09 GMT
/
ewscripps.brightspotcdn.com/dims4/default/496af0d/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/496af0d/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/?url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fause%2Fslices%2F70a%2F3870ad0511fa47a79b3577075088ec91%2F70acdab296914b4185ba804c9c50fa80%2Fposter_0ed806515dbe4ea2b1e8bc1cd8c76d7a.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
b362f760a64601810a2fad3f90c881917cc0d8675000a391e83d388a1a402fce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 18 Oct 2023 06:59:39 GMT
Via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
507074
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
7934
X-Amz-Cf-Id
AscSKPAcy17M_ZuADmcT8n-TiSblIdy37Nwl38_1gtnlEB5WV9h3Nw==
Expires
Thu, 17 Oct 2024 06:59:39 GMT
/
ewscripps.brightspotcdn.com/dims4/default/97fc148/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/97fc148/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/?url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fause%2Fslices%2Fa84%2F3870ad0511fa47a79b3577075088ec91%2Fa84686112a2f4a6ab3af53c59f294cbb%2Fposter_a72c5156bc194ce8b7724b64f5111b6e.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
8ba88ae52d13bdabfe18fe7f3016123a106dd662c85bdeac7bc1125f69354a76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 18 Oct 2023 06:59:39 GMT
Via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
507074
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
4542
X-Amz-Cf-Id
FDguwPKPJsFyAsHUODgdxcWqUNM-UnIZDEaUFRm7ZZv71oEqZCbATQ==
Expires
Thu, 17 Oct 2024 06:59:39 GMT
/
ewscripps.brightspotcdn.com/dims4/default/dd29175/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/dd29175/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F66%2Fc8%2Fd516cabe4f668d9ad31f44274ed4%2Fposter-image.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
d5061bc947687a1eeebe87f1584543bae02599492ae58114605038f92ec52078

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Mon, 23 Oct 2023 12:18:52 GMT
Via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
55921
ETag
7d94bf2145f99008baa3f4f6ca38e4a1
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
8726
X-Amz-Cf-Id
-nY28p_yJmvk6-jc2CsmKf0jjix3VRKDJV6I7VOlXctMjAShZC1KRA==
Expires
Tue, 22 Oct 2024 12:18:52 GMT
/
ewscripps.brightspotcdn.com/dims4/default/5e88379/2147483647/strip/true/crop/960x540+8+0/resize/320x180!/format/webp/quality/90/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/5e88379/2147483647/strip/true/crop/960x540+8+0/resize/320x180!/format/webp/quality/90/?url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fause%2Fslices%2Fc6c%2F3870ad0511fa47a79b3577075088ec91%2Fc6c96e5dc944463dae9fcb01bea810fb%2Fposter_57c3826a8f3f411b80ed1cf3b02e5226.png
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
99ca44f09f49dbaffe75720ddcd89edfaa202917d4789bea9ab322cbe14bbb57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 18 Oct 2023 06:59:47 GMT
Via
1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
507065
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
6794
X-Amz-Cf-Id
zxBpnlt-jKMRPjz6hLxWPnHBVMLl2BrrYj3s59USqUkhQqd20ZLgdA==
Expires
Thu, 17 Oct 2024 06:59:48 GMT
/
ewscripps.brightspotcdn.com/dims4/default/f92e7c9/2147483647/strip/true/crop/2439x1372+40+0/resize/320x180!/format/webp/quality/90/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/f92e7c9/2147483647/strip/true/crop/2439x1372+40+0/resize/320x180!/format/webp/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F1c%2F8f%2F47e590b6452e948c7637f64d428c%2Fscreenshot-2023-10-17-at-2-11-24-pm.png
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
dd19ee9a5613e4fbe9fe8e4dc92970d2b57774cd8bf45af979675d2a60a66bde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 18 Oct 2023 06:59:48 GMT
Via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
507064
ETag
16ee084e54220c83b713e463f433c49a
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
14664
X-Amz-Cf-Id
DY00cJHmYZ7UXsM_g2z-l_z9MMxwNzA2JNKiOQlfVhT5So37nWjMAg==
Expires
Thu, 17 Oct 2024 06:59:49 GMT
/
ewscripps.brightspotcdn.com/dims4/default/f963349/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/f963349/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F72%2Fe6%2Fce547137422ab8bef91522d21af5%2Fkcso.png
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
f9820c9d715ce9c243cedf205444b57206ef1de56c70b12e778c7151efeb22b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 18 Oct 2023 21:20:19 GMT
Via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
455434
ETag
91402aa3a6fa7d915b36538b9df8739d
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
10364
X-Amz-Cf-Id
c27dhKJbJ0CJtY70I7OQLzcsPqH15_fLKnENb-Plo8frgaLUbdJw9g==
Expires
Thu, 17 Oct 2024 21:20:19 GMT
/
ewscripps.brightspotcdn.com/dims4/default/2b3ed0a/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/2b3ed0a/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/?url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fause%2Fslices%2Fedf%2F3870ad0511fa47a79b3577075088ec91%2Fedf79e202437421db2b0bf9c0082ad6f%2Fposter_3615df988e6e470ab23b19d9305755a4.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
0d930e8638bbff18b2e06b0828ace05d2798f2ba27a03d42755350ccde39be8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 18 Oct 2023 22:43:13 GMT
Via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
450460
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
7856
X-Amz-Cf-Id
-W83dOaOIqCsA5TJRm4kKLMC3UWU60uBNd6H18O7IPVhFFi42Y4s6Q==
Expires
Thu, 17 Oct 2024 22:43:13 GMT
/
ewscripps.brightspotcdn.com/dims4/default/5570e06/2147483647/strip/true/crop/1170x658+0+403/resize/320x180!/format/webp/quality/90/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/5570e06/2147483647/strip/true/crop/1170x658+0+403/resize/320x180!/format/webp/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F26%2Fd5%2F714d8efc4bdd88052153418b2232%2Fimg-09dab4e8872d-1.jpeg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
34ccb0f889207c2d579ee5c3e30dc691449c4e42fc7e6bd7fad771f830ad5c02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 18 Oct 2023 22:43:12 GMT
Via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
450460
ETag
baf56edef903d8af6cb400fb2f05eb67
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
9838
X-Amz-Cf-Id
tUeCho7F8ZGglo1uhKBdmOu4zG_hyfYvLcM-Pp_d4s9DXwn8_AwC8Q==
Expires
Thu, 17 Oct 2024 22:43:13 GMT
/
ewscripps.brightspotcdn.com/dims4/default/a457370/2147483647/strip/true/crop/960x540+0+90/resize/320x180!/format/webp/quality/90/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/a457370/2147483647/strip/true/crop/960x540+0+90/resize/320x180!/format/webp/quality/90/?url=https%3A%2F%2Fcdn.scrippsnews.com%2Fimages%2Fvideos%2Fz%2F1697543269_wdv2Pe.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
5fa706e29292d1a242d2fe536f6f02263b492b541fafd4580fb4adb1fab6bd20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 17 Oct 2023 13:21:03 GMT
Via
1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
570590
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
13852
X-Amz-Cf-Id
hEh4SlGdxKwYnQ3iQaLs3j6VKEcx04xOIB695QwCrFHgJrRhderi8w==
Expires
Wed, 16 Oct 2024 13:21:03 GMT
/
ewscripps.brightspotcdn.com/dims4/default/1a1ed03/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/1a1ed03/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/?url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fause%2Fslices%2F3dc%2F3870ad0511fa47a79b3577075088ec91%2F3dc653dc882647fe9cdb8c8486f67a8e%2Fposter_8fd7766714da4405b341d4752062c88f.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
648b841e2377cb6fcd32eacb8ca4e5d86e424071323f49d64665eca7a4f8e161

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 18 Oct 2023 22:43:13 GMT
Via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
450460
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
7662
X-Amz-Cf-Id
GeqHE1qqcNy5NrxGmPDEJI4jBEcswsngqww2FZwFglUELLixeQIGvg==
Expires
Thu, 17 Oct 2024 22:43:13 GMT
/
ewscripps.brightspotcdn.com/dims4/default/e9fb301/2147483647/strip/true/crop/1003x564+6+0/resize/320x180!/format/webp/quality/90/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/e9fb301/2147483647/strip/true/crop/1003x564+6+0/resize/320x180!/format/webp/quality/90/?url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fausw%2Fslices%2F6f5%2F3870ad0511fa47a79b3577075088ec91%2F6f5c8d5d81054bc6b218ba9047c5d9ce%2Fposter_ffaad78fa3464c078bdb7f15cd495111.png
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
1386ec2c92b822e037eb126e171f4596c14203c4dc62fe70969a56a9bb7fd168

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 18 Oct 2023 06:59:48 GMT
Via
1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
507065
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
11344
X-Amz-Cf-Id
UAqH__-D2ppxAMK8DqBcVdGSAcIBPaTVJjSrsng4hU0cAM1E5SNmzg==
Expires
Thu, 17 Oct 2024 06:59:48 GMT
/
ewscripps.brightspotcdn.com/dims4/default/b1fae6c/2147483647/strip/true/crop/1269x714+140+0/resize/320x180!/format/webp/quality/90/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/b1fae6c/2147483647/strip/true/crop/1269x714+140+0/resize/320x180!/format/webp/quality/90/?url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fause%2Fslices%2Fcd5%2F3870ad0511fa47a79b3577075088ec91%2Fcd5075e121e5406a8ee45819b18e73c1%2Fposter_80207717bdcc417a8d04d9b6be1f6582.png
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
60d3fa2a92dcf0117935636ca0f2ba5e78c5eb0704bfc1ab35f012342381c5c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sun, 15 Oct 2023 07:51:33 GMT
Via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
763160
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
11060
X-Amz-Cf-Id
DH96potbbRvIGd4A66N6eGBqMi_Npr2JTm4yJqtTZ1uK09xHj7LyOQ==
Expires
Mon, 14 Oct 2024 07:51:33 GMT
/
ewscripps.brightspotcdn.com/dims4/default/ae7cd90/2147483647/strip/true/crop/1447x814+58+0/resize/320x180!/format/webp/quality/90/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/ae7cd90/2147483647/strip/true/crop/1447x814+58+0/resize/320x180!/format/webp/quality/90/?url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fause%2Fslices%2F789%2F3870ad0511fa47a79b3577075088ec91%2F789fa700768442b987e7e17d40c7b8eb%2Fposter_ce2f1053bf7b4d8890ab397ea15a90c0.png
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
14beb831885426d7d822f9439d84648380871dc48286325a0b689e11ed7c7300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sun, 15 Oct 2023 07:51:33 GMT
Via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
763160
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
10748
X-Amz-Cf-Id
V2-SPdj5I6fUDAze2_EzYarQ_lXbglgztxNp-12iXC44j6S1F3X61A==
Expires
Mon, 14 Oct 2024 07:51:33 GMT
/
ewscripps.brightspotcdn.com/dims4/default/905c3a7/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/905c3a7/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/?url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fausw%2Fslices%2F60d%2F3870ad0511fa47a79b3577075088ec91%2F60dffb933b0845659c3a13c7a1cc38ac%2Fposter_bb0da75e1a7948178849b2bf1db2b998.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
eb718e9a80bccde9b1409107abba6356a5ad91bc3e9e7b4879757b3cd53a5341

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 18 Oct 2023 09:49:54 GMT
Via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
496859
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
6032
X-Amz-Cf-Id
WAyrSTA6ebPUjhVWyvs4GHkOfYNEYnMbB5CqBZc-qRnI9htRelkN_g==
Expires
Thu, 17 Oct 2024 09:49:54 GMT
/
ewscripps.brightspotcdn.com/dims4/default/68cf5bd/2147483647/strip/true/crop/1483x834+9+0/resize/320x180!/format/webp/quality/90/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/68cf5bd/2147483647/strip/true/crop/1483x834+9+0/resize/320x180!/format/webp/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Fe3%2F26%2F76b3122c47be9a5ee78716189546%2Fscreenshot-2023-10-13-at-4-30-06-pm.png
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
3bb0a8d40d59158f74ee37a867c9b3688cbc3f817bd0e2afba0dd70524ea0fcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 14 Oct 2023 04:48:43 GMT
Via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
860530
ETag
39b635ac431a3dbe00b4de45960b3a9a
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
12980
X-Amz-Cf-Id
8Vr3ysnr5bFdJYRIS2hGXK9Ft2fEgUstG-R6r-q18cL0Q2gngKgsSA==
Expires
Sun, 13 Oct 2024 04:48:43 GMT
/
ewscripps.brightspotcdn.com/dims4/default/ed39d9f/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/ed39d9f/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/?url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fause%2Fslices%2F40c%2F3870ad0511fa47a79b3577075088ec91%2F40ca061874854741a9514df33788033e%2Fposter_16421779515a4bc6ba68ba2ea93b5335.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
13fb80c5df275d26a55d0a3014d34bbc49998ee53732110393c7f2c55b7f0b96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 14 Oct 2023 04:48:43 GMT
Via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
860530
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
8438
X-Amz-Cf-Id
EbTBs-7GIftsWEONsTb4QI74XwUCJH6Up0uuFHaj0TlOaZbAROYVbQ==
Expires
Sun, 13 Oct 2024 04:48:43 GMT
/
ewscripps.brightspotcdn.com/dims4/default/bf1c073/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/bf1c073/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F5f%2Ff3%2Fca9f273b49ef9c195a068ea5c702%2Fposter-image-12.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
2eb6047bcd21f1e7377677dcf26ec4699884d92d0ac91372740de56ed7288cd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 20:48:37 GMT
Via
1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
889336
ETag
9973ac8d5f3db7b9cde2b3176060c489
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
12218
X-Amz-Cf-Id
ndmhqHUsMBr6Gt2fMTcazJeOF2kKVEL1iInwZM1M5sQ8SZbWQIHaXg==
Expires
Sat, 12 Oct 2024 20:48:37 GMT
/
ewscripps.brightspotcdn.com/dims4/default/6cf710a/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/6cf710a/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/?url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fause%2Fslices%2Ff7c%2F3870ad0511fa47a79b3577075088ec91%2Ff7cd86867d54478d9b0fe447cb9d4e7d%2Fposter_bdb4cd58229d4acba7b7ea95b6ccac78.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
54220344a758515fcb688cadc9429037171600f33e09bfa0ec371b11a5212a0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 20:48:37 GMT
Via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
889336
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
10376
X-Amz-Cf-Id
5VU5lFPGcSYLopZ6iHSKockBqLMIl4CxD7Y8fzbAgpIUYjc9HDEFlw==
Expires
Sat, 12 Oct 2024 20:48:37 GMT
/
ewscripps.brightspotcdn.com/dims4/default/4a55ff1/2147483647/strip/true/crop/960x540+0+90/resize/320x180!/format/webp/quality/90/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/4a55ff1/2147483647/strip/true/crop/960x540+0+90/resize/320x180!/format/webp/quality/90/?url=https%3A%2F%2Fcdn.scrippsnews.com%2Fimages%2Fvideos%2Fz%2F1697199842_k3Ch2A.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
493ff6d469d3ef0450a103d814abd9c64197d6be07b149460660274f4c91fc18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 12:53:12 GMT
Via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
917861
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
14974
X-Amz-Cf-Id
p2pxf7NaOTkQtaTatVj8jEl7-I92TvAWkWGhbBqiMePsG7LijBROcQ==
Expires
Sat, 12 Oct 2024 12:53:12 GMT
/
ewscripps.brightspotcdn.com/dims4/default/256440f/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/256440f/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/?url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fausw%2Fslices%2F0c5%2F3870ad0511fa47a79b3577075088ec91%2F0c51f7a4b75b49779c78346444004c88%2Fposter_73ff1d6fee1244d7b10e13b963b5f076.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
329c2533e80f90fd6b20ba31d2aa5903213e33ef54c2f8fc309b4a416c627642

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 18 Oct 2023 09:49:54 GMT
Via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
496859
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
11014
X-Amz-Cf-Id
lNFB68u9YK7XOt3OUHTw7ayzakAGMG-W-BcpdoPGQj5Npg7h2xyfMg==
Expires
Thu, 17 Oct 2024 09:49:54 GMT
/
ewscripps.brightspotcdn.com/dims4/default/84b2ef6/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/84b2ef6/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Fac%2Fb9%2F6487bb4a4d67bb96c356d61c1694%2Fposter-image.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
f744b1fc6eaddde86e46fd919e90588f7099b655f403a911254009490b0f1487

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sun, 22 Oct 2023 13:50:03 GMT
Via
1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
136850
ETag
54b263e11fa0ff9ba7abe92ff98df544
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
6298
X-Amz-Cf-Id
V2BV9dCWxqVvQJCC8KW4c27QPMZTWD2bprxNOjJCs75pnkN3Zcqh1A==
Expires
Mon, 21 Oct 2024 13:50:03 GMT
/
ewscripps.brightspotcdn.com/dims4/default/71ca9dc/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/71ca9dc/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/?url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fause%2Fslices%2F710%2F3870ad0511fa47a79b3577075088ec91%2F710ae435b023447e91d75906521564a6%2Fposter_afced665b3874f908a60a2c6a67cf0c0.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
8205b4a286ac2aa077630a09500b32fc19062a5b0511cdac2982f4306589f49c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 18 Oct 2023 07:00:35 GMT
Via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
507018
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
11562
X-Amz-Cf-Id
Tx7U83OhRMS8eGl70SgMsHo-Bvj8tmt6FkV56jL4eeNOmrPmGyT8TQ==
Expires
Thu, 17 Oct 2024 07:00:35 GMT
/
ewscripps.brightspotcdn.com/dims4/default/40f6f1f/2147483647/strip/true/crop/1684x947+0+153/resize/320x180!/format/webp/quality/90/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/40f6f1f/2147483647/strip/true/crop/1684x947+0+153/resize/320x180!/format/webp/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F73%2Fa0%2F4abbc2dd4f44908871a5575cb1d7%2Fscreenshot-2023-10-12-at-5-24-15-pm.png
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
c28e48482f738e83604914f155aba449664555adc04e95b0f63a3efa68f48950

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 14 Oct 2023 04:38:06 GMT
Via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
861167
ETag
7955615aa2807b13387fb27720cdec53
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
10170
X-Amz-Cf-Id
uXZj3w3YOyxogeOj6lEIDBsDGfRRePtTW7nps5vK3U0_FcGDm6leog==
Expires
Sun, 13 Oct 2024 04:38:06 GMT
/
ewscripps.brightspotcdn.com/dims4/default/ab33e0e/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/ab33e0e/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Ffd%2F65%2Feef7f2b1405983f13d99bf60241d%2Fposter-image-11.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
ce745d2d5bf55949251a0341e18e6115f8d0af8223b4f0c5f6461e95450b8787

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 00:52:57 GMT
Via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
442676
ETag
c79f6999fe40af3b0329b3aeec3476a2
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
7100
X-Amz-Cf-Id
OSMzfNFSBxPBXHH1mD5tbu3ldKaQksHkO1LLT7U0sCrKH9e-apERgA==
Expires
Fri, 18 Oct 2024 00:52:57 GMT
/
ewscripps.brightspotcdn.com/dims4/default/4886d7e/2147483647/strip/true/crop/2064x1161+0+2/resize/320x180!/format/webp/quality/90/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/4886d7e/2147483647/strip/true/crop/2064x1161+0+2/resize/320x180!/format/webp/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F66%2F8d%2F4e39efc846c2a0513655ed8cce86%2Fscreen-shot-2023-10-12-at-6-31-16-am.png
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
90ab58d5036e3750b920bd9b60a75f48fe668448d03bbb8df22ebcc8d0961aa1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 12 Oct 2023 16:12:31 GMT
Via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
992301
ETag
010f04c45b3e7b4b5a6ccbe6c591c098
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
13498
X-Amz-Cf-Id
_UGYs1siktFWjr0yv2X_21pH2uS8aU7AR8I2y2hGdSgs8C-jMXkUqQ==
Expires
Fri, 11 Oct 2024 16:12:32 GMT
/
ewscripps.brightspotcdn.com/dims4/default/332b785/2147483647/strip/true/crop/1024x576+0+0/resize/320x180!/format/webp/quality/90/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/332b785/2147483647/strip/true/crop/1024x576+0+0/resize/320x180!/format/webp/quality/90/?url=https%3A%2F%2Fewscripps.brightspotcdn.com%2F39%2Fae%2F0666cfc44ad28d654f804807fff4%2Fap22301725597773.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
8fad8206f9b8a03a67e54eb77bd26556f1450e435cf230387f2af7acb500368f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sun, 24 Sep 2023 18:04:19 GMT
Via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
2540794
ETag
eeeb849b601cdd0152af6a410288eb55
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
12338
X-Amz-Cf-Id
OdXGBPkomDQdBi-sxvvaMqkcpCBJ5t4EwQZ4YanKr8Z7YpmVFE4IIw==
Expires
Mon, 23 Sep 2024 18:04:19 GMT
/
ewscripps.brightspotcdn.com/dims4/default/72d1b74/2147483647/strip/true/crop/4032x2268+0+0/resize/320x180!/format/webp/quality/90/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/72d1b74/2147483647/strip/true/crop/4032x2268+0+0/resize/320x180!/format/webp/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Fe5%2Fbe%2F4cabe10f486d849512bd35abd331%2Fpxl-20231011-164102653.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
8f6fa121cd2340e5a7e01f50642158f1391acf7fc297ab44cd08fe10a76f7b85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 07:58:55 GMT
Via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
244317
ETag
3a4f999c39d53039f2e20d2bad889804
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
23966
X-Amz-Cf-Id
6zW1bC_rPhzUNojKjm2ZMsRspuJqXqOoruITSOqJtkMyIAxQYtQIZA==
Expires
Sun, 20 Oct 2024 07:58:56 GMT
/
ewscripps.brightspotcdn.com/dims4/default/39a18c0/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/39a18c0/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/?url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fause%2Fslices%2F2d3%2F3870ad0511fa47a79b3577075088ec91%2F2d3369f406db407da1a188b81dcfbc97%2Fposter_24e39620279e47c29c2e03cde5f7f111.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
b83a5325f3a63719df02bc5826a0a0fb9c529c1d0f7cf5b4521e6d11cfbbfe34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 11 Oct 2023 22:03:26 GMT
Via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
1057647
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
8512
X-Amz-Cf-Id
c6KijqO2hpTmXXoISJ8a7ZeGHhjoiThWvu1NqY7fKhbkwtkkJr8gTA==
Expires
Thu, 10 Oct 2024 22:03:26 GMT
/
ewscripps.brightspotcdn.com/dims4/default/dd5a022/2147483647/strip/true/crop/4032x2268+0+452/resize/320x180!/format/webp/quality/90/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/dd5a022/2147483647/strip/true/crop/4032x2268+0+452/resize/320x180!/format/webp/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F72%2F50%2F28adaa314a34a136751d3f09af13%2Fone-of-the-cats-getting-neutered.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
db0d80e465f3418e85675db61b05a7f7a6ec31864066de73fe37adbe12a300fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 11 Oct 2023 20:07:49 GMT
Via
1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
1064583
ETag
34e85333d9a1fffdd6060b7c7b02b5b3
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
23544
X-Amz-Cf-Id
dKd-nif_YDyp85sX76DR-M7fGkeyfgf7QfGO_DOkymw0RDBPXyfKwg==
Expires
Thu, 10 Oct 2024 20:07:50 GMT
/
ewscripps.brightspotcdn.com/dims4/default/309f4f4/2147483647/strip/true/crop/916x515+0+429/resize/320x180!/format/webp/quality/90/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/309f4f4/2147483647/strip/true/crop/916x515+0+429/resize/320x180!/format/webp/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F4c%2F2f%2Ff4b19196420683ec378a1e237bac%2Fscreenshot-2023-10-10-at-5-13-39-pm.png
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
a9bedaac92cc91cb53c3ab652684c85333c22b574a378a8d8b31987fe80eb830

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 11 Oct 2023 17:06:49 GMT
Via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
1075444
ETag
9e329b75ca3a3acdc722dd49fbacd1be
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
10806
X-Amz-Cf-Id
xsA9_bJecRk7JZAMJGEmNy_9nbLMx15AGTl45Lv9UhTB1Yk8o9FCjA==
Expires
Thu, 10 Oct 2024 17:06:49 GMT
/
ewscripps.brightspotcdn.com/dims4/default/ab39ef8/2147483647/strip/true/crop/953x536+3+0/resize/320x180!/format/webp/quality/90/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/ab39ef8/2147483647/strip/true/crop/953x536+3+0/resize/320x180!/format/webp/quality/90/?url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fausw%2Fslices%2F00e%2F3870ad0511fa47a79b3577075088ec91%2F00e87338bee64304bc8944c228ef3186%2Fposter_02288d12f48c45bea5aafc4f748322ae.png
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
1e15c0d4f18c6cf44000de95c20b77c3b644005ace03570970225f481160a184

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 11 Oct 2023 20:07:49 GMT
Via
1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
1064584
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
11580
X-Amz-Cf-Id
Dl6FKYNUpPGHrJF_C-eGXwWVHWVNaFdunkEseieHgTGB2OYByyyoEA==
Expires
Thu, 10 Oct 2024 20:07:49 GMT
/
ewscripps.brightspotcdn.com/dims4/default/92df015/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/92df015/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/?url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fause%2Fslices%2F037%2F3870ad0511fa47a79b3577075088ec91%2F0372ba8c3c914de0b6b1a30e2635f5c0%2Fposter_ef7a7b1d69c4422c9f5587058efe6305.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
9950c566673460ec055fcebef68b5bbd0eb611c1cf4fbf7a1d0b0ed374895dd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 11 Oct 2023 06:57:53 GMT
Via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
1111980
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
8242
X-Amz-Cf-Id
MQtQvRyaaS8RqXsdZ9-C36SM5HhrkXybKVxNlGTB4vIJO-1EOE8wbw==
Expires
Thu, 10 Oct 2024 06:57:53 GMT
/
ewscripps.brightspotcdn.com/dims4/default/b1f865d/2147483647/strip/true/crop/992x558+0+4/resize/320x180!/format/webp/quality/90/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/b1f865d/2147483647/strip/true/crop/992x558+0+4/resize/320x180!/format/webp/quality/90/?url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fause%2Fslices%2F1c5%2F3870ad0511fa47a79b3577075088ec91%2F1c58ac5b01ee4c03af69b515d7741092%2Fposter_3932a637e3844f40b85e4b619436e672.png
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
594daa4d2d56adf6462615b4144d76eac33280262756172916b817c840af46d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 11 Oct 2023 06:57:53 GMT
Via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
1111980
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
16666
X-Amz-Cf-Id
NFIDvdyZPLODxO-LrxOm9eA8rCYSKLIhE5WXlC7I247rdGpKpBVNtA==
Expires
Thu, 10 Oct 2024 06:57:53 GMT
/
ewscripps.brightspotcdn.com/dims4/default/b28755e/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/b28755e/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F53%2F30%2Fac875f0f4eacab3161d5a651e492%2Fposter-image.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
fcb478fb055b163547e965b61193c2ecd55503cf237430cd13733a343184f9be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 11 Oct 2023 06:57:53 GMT
Via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
1111980
ETag
4de72ce9cbbf251e22306aa008744775
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
6486
X-Amz-Cf-Id
0QVJRMkLJytMJXlVNGp1_hdABu1__UBkLtq-K6SjVxqL5ywwlsfDNQ==
Expires
Thu, 10 Oct 2024 06:57:53 GMT
/
ewscripps.brightspotcdn.com/dims4/default/139fe63/2147483647/strip/true/crop/1728x972+81+0/resize/320x180!/format/webp/quality/90/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/139fe63/2147483647/strip/true/crop/1728x972+81+0/resize/320x180!/format/webp/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Fb2%2Fd5%2F3fb30e7e488d8653864d711d3ea6%2Fscreen-shot-2023-10-10-at-7-48-20-am.png
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
ebcfa276e25d109999ff4d4ac61094e56a4f0d997b5ec7c622ca12be98b538c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 11 Oct 2023 06:57:53 GMT
Via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
1111980
ETag
0dda1db8e1d22a8d2383faecd5e0d878
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
17960
X-Amz-Cf-Id
4bWrcQW9aj-2DtM8L6xcA9-WIZ6Y-Y2e1wuJ4rZC1bPe0FCpKZoQIg==
Expires
Thu, 10 Oct 2024 06:57:53 GMT
/
ewscripps.brightspotcdn.com/dims4/default/be536e7/2147483647/strip/true/crop/1369x770+133+0/resize/320x180!/format/webp/quality/90/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/be536e7/2147483647/strip/true/crop/1369x770+133+0/resize/320x180!/format/webp/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Fbf%2F23%2Fb98c6e0340caae8dc0947cbf02b0%2Fscreenshot-2023-10-09-at-5-54-13-pm.png
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
a196b3ea49d3c5804e7d51fbeb3d143b3ac33a25c55b9a3d6ec7dde16f666734

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 07:58:56 GMT
Via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
244317
ETag
b3b1c019d9d0c78ff1bd993bab10f41f
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
15016
X-Amz-Cf-Id
IMs5wLJgEawefbRpv4QRbdo1PP6t9lkl0bVA_y2PC2CKxfINNFIFXA==
Expires
Sun, 20 Oct 2024 07:58:56 GMT
/
ewscripps.brightspotcdn.com/dims4/default/df61066/2147483647/strip/true/crop/3328x1872+0+39/resize/320x180!/format/webp/quality/90/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/df61066/2147483647/strip/true/crop/3328x1872+0+39/resize/320x180!/format/webp/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F72%2F1e%2F5d1c96f64127a4210b56658dc817%2Fscreenshot-2023-10-09-at-5-57-47-pm.png
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
c74d74e850012430d18faf53f2af98f2d30bffed2ab3cc1a8b76e55c049724bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 10 Oct 2023 11:56:15 GMT
Via
1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
1180477
ETag
4fae4c4e0f2989b1022a4ab8062beded
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
16790
X-Amz-Cf-Id
VKn85EYkEgeIBnWJbiXOov4Acp5o1IkxjVlFGweUAIGD24okXeV4qA==
Expires
Wed, 09 Oct 2024 11:56:15 GMT
/
ewscripps.brightspotcdn.com/dims4/default/c5d1955/2147483647/strip/true/crop/6000x3375+0+625/resize/320x180!/format/webp/quality/90/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/c5d1955/2147483647/strip/true/crop/6000x3375+0+625/resize/320x180!/format/webp/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F0d%2Fd2%2Fff76d4f54d7891074adb259e2204%2Fsar-1.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
9ce8c0ab3df1df8637fa83be1f16e3c8e85b4fa087399e440957c410d22b6b30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 07:58:56 GMT
Via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
244316
ETag
670b0f2ea2dad541a73d956afb2e632e
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
26328
X-Amz-Cf-Id
XMmAtZJr2LJG-crlcHpZ2l3qEO4XcyFQuyrJzoEv6VAR4xJT7kl4Wg==
Expires
Sun, 20 Oct 2024 07:58:57 GMT
/
ewscripps.brightspotcdn.com/dims4/default/d95d043/2147483647/strip/true/crop/922x519+0+7/resize/320x180!/format/webp/quality/90/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/d95d043/2147483647/strip/true/crop/922x519+0+7/resize/320x180!/format/webp/quality/90/?url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fausw%2Fslices%2F9f0%2F3870ad0511fa47a79b3577075088ec91%2F9f0f3da7ac6d4f4b9c1510f33245f5e2%2Fposter_1cb66b8b6ff14b6285cdcc940df6a5c3.png
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
717788798913c99f4d821085cec987ada9bbf33d93e8ae14152a99a4fa0a742e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 07:58:57 GMT
Via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
244316
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
10452
X-Amz-Cf-Id
AaUHGDdoRkosSqiO-OJQfs_XsHAugCuwRqB_YJicK_D8BYdK-EUJTA==
Expires
Sun, 20 Oct 2024 07:58:57 GMT
/
ewscripps.brightspotcdn.com/dims4/default/35256f5/2147483647/strip/true/crop/689x388+0+7/resize/320x180!/format/webp/quality/90/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/35256f5/2147483647/strip/true/crop/689x388+0+7/resize/320x180!/format/webp/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Fe3%2F10%2F1c19d52d4e7aa8afc5aa47a065f2%2Fnitro-circuz-23.png
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
d6d37d97fadc4ac4d4c5a1d0dc33111910d890a43588a1157c827702e97d73dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Mon, 09 Oct 2023 23:14:39 GMT
Via
1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
1226174
ETag
5c5702218b767c489d56d3a0e544bc84
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
18998
X-Amz-Cf-Id
oV9jG5dkefZ7geqvV6ye-LpPudS9KRr31z7gCBpiRrpL-JKJPb52Dg==
Expires
Tue, 08 Oct 2024 23:14:39 GMT
/
ewscripps.brightspotcdn.com/dims4/default/c669931/2147483647/strip/true/crop/960x540+0+90/resize/320x180!/format/webp/quality/90/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/c669931/2147483647/strip/true/crop/960x540+0+90/resize/320x180!/format/webp/quality/90/?url=https%3A%2F%2Fcdn.scrippsnews.com%2Fimages%2Fvideos%2Fz%2F1696897866_HieOTA.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
f5fefd6b4d657208d3e73ca6e2c5ea7054878f9c777eaec5f6bf27591554555f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 10 Oct 2023 00:38:00 GMT
Via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
1221173
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
23598
X-Amz-Cf-Id
1nG2LJlfX1dYpg3_u-rpSxXSDDe_MgQlhc4Yheu7NBrLqpP5Wjm98w==
Expires
Wed, 09 Oct 2024 00:38:00 GMT
/
ewscripps.brightspotcdn.com/dims4/default/bef7375/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/bef7375/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/format/webp/quality/90/?url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fausw%2Fslices%2F11c%2F3870ad0511fa47a79b3577075088ec91%2F11c22cb679d2454192e3a90a1f035d7b%2Fposter_b51a118c639f4b3dbfe9b4bc047b1900.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
c7df33c045f83baa2d02d7e96e4c67d4d3eae6a07783de1630467dbb6ef6f0c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sun, 08 Oct 2023 04:17:42 GMT
Via
1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
1380791
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
4904
X-Amz-Cf-Id
6vK3LxETskFPVahdPASYM7DOYMLbcO_dIOvWhB1ZHtCjLA8VUjxC9w==
Expires
Mon, 07 Oct 2024 04:17:42 GMT
/
ewscripps.brightspotcdn.com/dims4/default/4c5c412/2147483647/strip/true/crop/480x360+0+0/resize/480x360!/format/webp/quality/90/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/4c5c412/2147483647/strip/true/crop/480x360+0+0/resize/480x360!/format/webp/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F1f%2F36%2Fd2b2201f4d21925b7e0a222c5426%2Fpromo-480x360.png
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
023443b476afa0e02a46cd802152f0694d552be9e7420551159f3dd520d064e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 06 Sep 2023 20:59:13 GMT
Via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
4085500
ETag
446082fad88cd74c2c33b0a635f456e1
X-Cache
Hit from cloudfront
Content-Type
image/webp
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
32148
X-Amz-Cf-Id
blFcAd5G854LocYdG6MXeUN7mFy2be_w8caORoon3z2OLykjUf-qFg==
Expires
Thu, 05 Sep 2024 20:59:13 GMT
logo-scripps.png
assets.scrippsdigital.com/cms/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.scrippsdigital.com/cms/images/logo-scripps.png
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-62.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d66c157e60a88623fc6bb87393d303096b3a2db235ad33c1cdb80ed71ee38c42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
8lNexGmb6tKD4SPVOeXslwnzBtFWYJoV
Date
Mon, 23 Oct 2023 04:14:39 GMT
Via
1.1 e0bdfd4f00aaa5b927cf38c4eda059ca.cloudfront.net (CloudFront)
Last-Modified
Mon, 23 Oct 2017 14:04:11 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P6
Age
84975
ETag
"f46791d665054bf21da09492d448e1d2"
X-Cache
Hit from cloudfront
Content-Type
image/png
x-amz-replication-status
COMPLETED
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3532
X-Amz-Cf-Id
XbTA7U1glgAiFrBidZkkoaqwslpgaM2wtDzYD0lg8ktG24Jep2yPSg==
All.min.1d81dc5b66e888b6e6b737a4bb21bd67.gz.js
ewscripps.brightspotcdn.com/resource/0000018b-3ea5-d7be-a9fb-beb78de10000/styleguide/ 		1010 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ewscripps.brightspotcdn.com/resource/0000018b-3ea5-d7be-a9fb-beb78de10000/styleguide/All.min.1d81dc5b66e888b6e6b737a4bb21bd67.gz.js
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
adf2e6738bddea9fb56e542bbf10e92ea7458eab87dfd6da633d51069b6a5ee9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 17 Oct 2023 17:18:44 GMT
Content-Encoding
gzip
Via
1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C1
Age
556330
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
116975
Last-Modified
Tue, 17 Oct 2023 17:18:42 GMT
Server
AmazonS3
ETag
"20881b159624409be7e2e52735ad588f"
Content-Type
text/javascript
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
X-Amz-Cf-Id
jJzSbvqCZekj0Mp0PWrna39g6T8KYAkbsO0Q9dVktdxPUvlrcYSGTA==
bsp-analytics.min.3d492319d8b084de04ab3a208c32f0b5.gz.js
ewscripps.brightspotcdn.com/resource/0000018b-3ea5-d7be-a9fb-beb78de10000/_resource/analytics/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ewscripps.brightspotcdn.com/resource/0000018b-3ea5-d7be-a9fb-beb78de10000/_resource/analytics/bsp-analytics.min.3d492319d8b084de04ab3a208c32f0b5.gz.js
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e4d188579bddcd83fc8d1383f60e6a50c5cc3428e4f6c32b493a8cce04bc9c87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 17 Oct 2023 17:18:44 GMT
Content-Encoding
gzip
Via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C1
Age
556329
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
3003
Last-Modified
Tue, 17 Oct 2023 17:18:42 GMT
Server
AmazonS3
ETag
"c066757a8992615b576ac565d39d182d"
Content-Type
text/javascript
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
X-Amz-Cf-Id
3KzY_jQAMCSby2TxsvItN7SKbvXOLjAks2I2Ffd9-3rGfgDdkvlhMQ==
gtm.js
www.googletagmanager.com/ 		217 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-L6JB
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ab7424c2f60d4e403fc8c43c0b245927e2fbea67e15dc3642cf9c5eddbd75e63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74475
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 24 Oct 2023 03:50:53 GMT
6d6d25e3-5be4-444b-82ae-a8f0bb892234
analyticssystems.net/api/v2/client/impression/ 		0
526 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/client/impression/6d6d25e3-5be4-444b-82ae-a8f0bb892234?rand=438528
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SFbpNzDdpTnXyKzh5V75BWGFpSpfpHmu6xtwEkd84Djky4tsvuhM%2FW7VVKDnciwZauQpf2N%2FeGoKh0uNBwhd0knErf%2FPXvmDztJH%2BSDmNcLrSlEYATj6RlAFnnqwo0tko6%2F7ST8EEzmqmrF0Su4nYwTShQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
81af42159de53aa2-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
x-request-id
F5DupUt9oJM4ZfUymXmx
4e2c2eed-09df-4b77-a788-1f351b30c8ed.json
cdn.cookielaw.org/consent/4e2c2eed-09df-4b77-a788-1f351b30c8ed/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/4e2c2eed-09df-4b77-a788-1f351b30c8ed/4e2c2eed-09df-4b77-a788-1f351b30c8ed.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f68ba9ea52969fb30dca0370962056160abc5cbc8dba244b9dbf575af356e2ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 24 Oct 2023 03:50:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
75540
content-md5
B7eYHVVSnNOlo6R3xEbMZw==
content-length
1134
x-ms-lease-status
unlocked
last-modified
Thu, 18 Mar 2021 14:42:07 GMT
server
cloudflare
etag
0x8D8EA1C01577C6C
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
71c1047d-d01e-0150-6fe1-5a81bb000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
81af42151aea2bdc-FRA
expires
Wed, 25 Oct 2023 03:50:52 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		263 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c5f80cce6889f5bd1236ae540178efed729c20bf20c5afaeed6e2fa02d50323

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:23:27 GMT
content-encoding
gzip
via
1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront), 1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront)
last-modified
Tue, 17 Oct 2023 19:57:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
1647
x-amz-server-side-encryption
AES256
etag
W/"b9a7eb01b5274e82795d834c0b8154f1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
6o567D8v8TqqRBoao1fdAYewXECTTbvMdnUtlrQeG8J4oy-ji9iNhQ==
bidexchange.js
hbx.media.net/ 		537 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/bidexchange.js?cid=8CU6Q6626&version=5.1&dn=www.turnto23.com
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f8bd99942081b3f6cd7e41469b659443a71bfd03e55b3099c4ae04504a6474b0
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
content-encoding
gzip
date
Tue, 24 Oct 2023 03:50:53 GMT
server
Apache
vary
Accept-Encoding
x-mnet-h
E
content-type
text/javascript; charset=utf-8
cache-control
max-age=1800
timing-allow-origin
*
link
<https://hbx.media.net/__media__/js/ucreative.js?cv=1>;rel=prefetch;as=script
expires
Tue, 24 Oct 2023 04:20:53 GMT
5776_Scripps_Local_Stations.js
ads.rubiconproject.com/prebid/ 		613 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.211.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-211-47.deploy.static.akamaitechnologies.com
Software
Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash
9c6e688b1de8b05df1e8fdc845ee5eed212f9e78f3e00e603699448ad7b43aeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:53 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 20:27:26 GMT
server
Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
content-length
132822
expires
Tue, 24 Oct 2023 03:50:53 GMT
p.css
p.typekit.net/ 		5 B
172 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=tsu4adm&ht=tk&f=137.138.139.140.169.170.171.172.175.176.141.142.143.144.147.148.151.152.153.154.155.156.157.160.161.162.165.166.167.168&a=142069966&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:53 GMT
last-modified
Fri, 23 Jun 2023 17:09:47 GMT
server
nginx
etag
"6495d1db-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.15.0/ 		372 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.15.0/otBannerSdk.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a964d2953dc3df9f7532f7e033397e6fffd16b2316c7bd20e2270bb3cdfc5e9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 24 Oct 2023 03:50:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
irsyHA4ScyRoaWoUUTe5ww==
age
68026
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
84314
x-ms-lease-status
unlocked
last-modified
Tue, 23 Mar 2021 01:57:54 GMT
server
cloudflare
etag
0x8D8ED9F12F4599F
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
01a3486d-d01e-0010-72e1-5aee00000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
81af42156f72382e-FRA
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0f5045704d930f800266bd20f9b0a92a4ec88c9405d89d8bf75e67d4848d21ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 24 Oct 2023 03:50:53 GMT
content-md5
G07riWoQGOUmC7Vbc83yuQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
reporting-endpoints
x-fb-debug
GqZsg1YrDkZbQbJJpOr0BgNMCOlCeUpbjJtpsIaXPu6UqV/KNDrB6E6FuvBduiXoGJY9TgGhriXm2hooVFclPw==
x-fb-content-md5
168bb99ec72f0fd0d5964f8518a62fce
cross-origin-opener-policy
same-origin-allow-popups
etag
"88511624fc82baec02b7e3da0b51c04e"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-fb-optimizer
0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:52:50 GMT
/
ewscripps.brightspotcdn.com/dims4/default/78e7602/2147483647/strip/true/crop/1280x720+0+0/resize/1280x720!/quality/90/ 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/78e7602/2147483647/strip/true/crop/1280x720+0+0/resize/1280x720!/quality/90/?url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fause%2Fslices%2Febf%2F3870ad0511fa47a79b3577075088ec91%2Febf5d0d77bff499a957410572a618b63%2Fposter_7d571754a5274c16aea76f7e0161aa50.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
581ee015da1b8b85367b537755e29f1d064e98564c1ed60d95888a9cccec11a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 03:50:53 GMT
Via
1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
X-Cache
Miss from cloudfront
Content-Type
image/jpeg
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
86394
X-Amz-Cf-Id
DX714ng76RWqjYTUynpcfQl6oY8BtLZeC9uY5_qgaKhQ_hijoB5lRw==
Expires
Wed, 23 Oct 2024 03:50:53 GMT
/
ewscripps.brightspotcdn.com/dims4/default/c43b9d5/2147483647/strip/true/crop/1479x832+31+0/resize/1280x720!/quality/90/ 		998 KB
999 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/c43b9d5/2147483647/strip/true/crop/1479x832+31+0/resize/1280x720!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Fd9%2F88%2F40502958416a97526b87cbb9fdd5%2Fscreenshot-2023-10-23-at-5-09-29-pm.png
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
a6c042359f40fcbc436a895af92ad0774db0979c94111d6ccf5b906a75be8863

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 00:38:30 GMT
Via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
11542
ETag
ced01b33e19bc0b1e9cfc5848a04f8ca
X-Cache
Hit from cloudfront
Content-Type
image/png
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
1022167
X-Amz-Cf-Id
LoziRkHwOw4PMC9WzuOBmQ_Km7RsLNQquScPZj9m2qBoz2ND88ahyA==
Expires
Wed, 23 Oct 2024 00:38:31 GMT
/
ewscripps.brightspotcdn.com/dims4/default/a214955/2147483647/strip/true/crop/960x540+0+90/resize/1280x720!/quality/90/ 		191 KB
192 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/a214955/2147483647/strip/true/crop/960x540+0+90/resize/1280x720!/quality/90/?url=https%3A%2F%2Fcdn.scrippsnews.com%2Fimages%2Fvideos%2Fz%2F1698019393_E6Ghbq.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
049a0988afbe0292eae92b1a4ee09dbed6ee3f6755d47b46ea8c7a4203f0d92c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Mon, 23 Oct 2023 00:16:56 GMT
Via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
99237
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
195781
X-Amz-Cf-Id
ZmeXLriyl-slxQaGXO1panIWJHodVw_cIrHl_LcL3Zxe_iQa6PFMrQ==
Expires
Tue, 22 Oct 2024 00:16:56 GMT
/
ewscripps.brightspotcdn.com/dims4/default/304a7aa/2147483647/strip/true/crop/1280x720+0+0/resize/1280x720!/quality/90/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/304a7aa/2147483647/strip/true/crop/1280x720+0+0/resize/1280x720!/quality/90/?url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fause%2Fslices%2Fa81%2F3870ad0511fa47a79b3577075088ec91%2Fa810527fe7d940c0aa676e5bfbd53046%2Fposter_1bcceaa6b4484b82bc3f1db9a30cd73a.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
a1ae0ed71f172ec8e25416221120a3eae7c020c83b1ee09a928a279af9bbceca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sun, 22 Oct 2023 16:39:12 GMT
Via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
126701
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
109530
X-Amz-Cf-Id
8M82NrVgKB0ZlTjMvImBP1CABiTuJEXoNlL9PWKZUq1Z7483SUpAag==
Expires
Mon, 21 Oct 2024 16:39:12 GMT
/
ewscripps.brightspotcdn.com/dims4/default/dd852fd/2147483647/strip/true/crop/4032x2268+0+0/resize/1280x720!/quality/90/ 		311 KB
311 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/dd852fd/2147483647/strip/true/crop/4032x2268+0+0/resize/1280x720!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F9e%2F62%2Faab9918040a099dfb105d249f24b%2Fpxl-20231020-170713953.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
c671dba350a7f875dfa8aabcd17f18ec6a0c09c9403ddf56349b7d97510d4962

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 00:26:49 GMT
Via
1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
271443
ETag
ab4fb41a215363425807aa6e16ab20dd
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
318181
X-Amz-Cf-Id
7Nchwm6UAGj8yODuRHAJzeFzjBQyev5uXDwFiWTQCLu6eR--HhQgHw==
Expires
Sun, 20 Oct 2024 00:26:50 GMT
/
ewscripps.brightspotcdn.com/dims4/default/71b31e1/2147483647/strip/true/crop/4032x2268+0+378/resize/1280x720!/quality/90/ 		341 KB
342 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/71b31e1/2147483647/strip/true/crop/4032x2268+0+378/resize/1280x720!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F21%2F9d%2F31fe10e744f991ecf3b3fa73aed4%2Fnaturalization.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
de907bac978ab46c71b237ef56901252e6f8a75b5bda1768d86d48292a1f150e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Mon, 23 Oct 2023 12:02:31 GMT
Via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
56901
ETag
ef553566e31874ec17ffdb3f84bbf314
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
349599
X-Amz-Cf-Id
My9xjelJ-u6x8ltGMFAtzOiNaTCWHLgODVDAe7C-ndqggrcl2hHmtw==
Expires
Tue, 22 Oct 2024 12:02:32 GMT
/
ewscripps.brightspotcdn.com/dims4/default/8858120/2147483647/strip/true/crop/150x84+0+21/resize/320x180!/quality/90/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/8858120/2147483647/strip/true/crop/150x84+0+21/resize/320x180!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F1f%2Fc4%2Fd7ccc61f4b74a6fb365a7e4f4b8d%2Fbio-martinez.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
9e4e465a192bb601566253a6f277475d9901cd4e65b980b6e9afba0a414769a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sun, 22 Oct 2023 06:54:07 GMT
Via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
161806
ETag
f281849cb69526c64af6b1823b6b6ead
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
12668
X-Amz-Cf-Id
kVVHTE_hTXImxBrJxuhC0Yg-OBF4E9-gfWjIWu45fYT4FIo3lGY2-A==
Expires
Mon, 21 Oct 2024 06:54:07 GMT
/
ewscripps.brightspotcdn.com/dims4/default/ee4a231/2147483647/strip/true/crop/1660x934+0+557/resize/320x180!/quality/90/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/ee4a231/2147483647/strip/true/crop/1660x934+0+557/resize/320x180!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Fb9%2Fd0%2F66814ef64d13ade4200ef007fcdf%2Fimg-1360.JPG
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
e0c1e35d7f07be8f8ac6d6ae789913f4fdf9230edd710ebb3a6ae0a9181c19c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 03:39:53 GMT
Via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
259860
ETag
f885c7c621148134bb0d28e8ffee4814
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
16750
X-Amz-Cf-Id
ebJ4Zq8fHvjRQR3oAjBwbG34nawzAWkycw1oPQj_IbuBRw4m_80aPw==
Expires
Sun, 20 Oct 2024 03:39:53 GMT
/
ewscripps.brightspotcdn.com/dims4/default/e675179/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/quality/90/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/e675179/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/quality/90/?url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fause%2Fslices%2F737%2F3870ad0511fa47a79b3577075088ec91%2F7375da6049d5430abdf2e4c51f1699f7%2Fposter_025ac07d119048ed9a84ef3224ce6122.jpg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
943ef5dc99d5f15801abf010672f38219b93e2d9b865f66f9dad732716dae5a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 03:39:58 GMT
Via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
259855
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
8136
X-Amz-Cf-Id
yk_UPukNG3iNrnbigvWR42BNNgCm4Uf_iOxeEmq0qXGHhkMOydiiow==
Expires
Sun, 20 Oct 2024 03:39:58 GMT
/
ewscripps.brightspotcdn.com/dims4/default/60e013d/2147483647/strip/true/crop/1200x675+0+113/resize/320x180!/quality/90/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/60e013d/2147483647/strip/true/crop/1200x675+0+113/resize/320x180!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Fd3%2F39%2F9a55d54e4fd58ff67713982d9475%2Fmine-rescue-1.jpeg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
e879b3153e1a7c5e782ae1d53ccddc97f6cc719bae34a46ad835f8c2369ac570

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sun, 22 Oct 2023 16:39:14 GMT
Via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA2-C1
Age
126699
ETag
e6272cde0dbbf5c6d111de032566d96a
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Robots-Tag
nofollow
Content-Length
21447
X-Amz-Cf-Id
U5g5zk3thzgUNvodoottEWS1aOn_8KbBMlUfLSTTM4qNHgfEeFpKlw==
Expires
Mon, 21 Oct 2024 16:39:14 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:670b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9

Request headers

Referer
https://use.fontawesome.com/releases/v5.1.0/css/all.css
Origin
https://www.turnto23.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
KYJ318VSMZF96YPA
age
1449423
alt-svc
h3=":443"; ma=86400
content-length
59572
x-amz-id-2
dDSKDPyTgTLD/MvXyEiP2llZsksQ4SqbZA3o4F9CSbDJZ2HtmdIpcdnovEycEJ5EhbCKhrFr/NU=
last-modified
Wed, 30 Jun 2021 15:30:49 GMT
server
cloudflare
etag
"18d2347ab2a9f40ca2247cdb03303d84"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0st56b95c%2FHQzTxaqsH4rqGW3pBaw9Pumj%2BvglBV36dN7O8i3B3qmySP2WA%2Fp0jtsbJDYZGz5z%2BLzNZKpH70lIKtus06mKgkH%2Fd%2BpHtxkyDp2rhRAcrfzUh6%2BTGohgF%2FC5nAIyea75SUgsiyapgLXtZp"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
81af42157f1e361f-FRA
l
use.typekit.net/af/8738d8/00000000000000007735e611/30/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/8738d8/00000000000000007735e611/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n8&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
5d8f24de649d274c051960845b51a0407362d6b4c80de23985e648d3378708f5

Request headers

Referer
https://use.typekit.net/tsu4adm.css
Origin
https://www.turnto23.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:53 GMT
server
nginx
etag
"a5565f97e4389f39e94f7880b2c8088023e4d88a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16880
l
use.typekit.net/af/efe4a5/00000000000000007735e609/30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/efe4a5/00000000000000007735e609/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
b4096925f34c85d0c0e934ad77c44165dcd66fecc354c153784d246f00911da5

Request headers

Referer
https://use.typekit.net/tsu4adm.css
Origin
https://www.turnto23.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:53 GMT
server
nginx
etag
"ef52ad3657e4d4a42c21db6c00d5c7ccc649bc94"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16560
l
use.typekit.net/af/2555e1/00000000000000007735e603/30/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/2555e1/00000000000000007735e603/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
81a6361b1f6ff5f9f6ca05b773fb993d7b7b3f668635ccba4379fa3ecb9a7e3e

Request headers

Referer
https://use.typekit.net/tsu4adm.css
Origin
https://www.turnto23.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:53 GMT
server
nginx
etag
"96c7595dad6bb306bf9cc4c7a3b3d28654c7d636"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16832
_track
www.turnto23.com/ 		0
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.turnto23.com/_track
Requested by
Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000018b-3ea5-d7be-a9fb-beb78de10000/_resource/analytics/bsp-analytics.min.3d492319d8b084de04ab3a208c32f0b5.gz.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-90.fra60.r.cloudfront.net
Software
N/A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://cms.scrippsdigital.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Content-Security-Policy
frame-ancestors 'self' https://cms.scrippsdigital.com
Date
Tue, 24 Oct 2023 03:50:52 GMT
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Via
1.1 c2bfbd57ba266fad66928f7d9fe2f1c6.cloudfront.net (CloudFront)
Server
N/A
X-Amz-Cf-Pop
FRA60-P5
X-Cache
Miss from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
YHEIkDrJrwN5Gf4MVsfisSS4D1pLI-Q_1PmjlFY5jT13lmXH7dSHVg==
fa-brands-400.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 		62 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:670b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1

Request headers

Referer
https://use.fontawesome.com/releases/v5.1.0/css/all.css
Origin
https://www.turnto23.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
0RGZTB4E50C97DV6
age
1449423
alt-svc
h3=":443"; ma=86400
content-length
63376
x-amz-id-2
WOj7sUWm4YrDqCsAoqWudlSM+bTU/u8WxnSrOwkB4JhcAu9m96Jpxl0pJ0FSknhh3/B/6CbKtnE=
last-modified
Wed, 30 Jun 2021 15:30:49 GMT
server
cloudflare
etag
"f319eac1c755f9929fd856720ce1695e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lx3UyExQ1owXkK0%2BFJaaJhaS3lR2%2FbajlZqqFrTRQNOo0AF8DI8AvkyzUzICGEUnGnaoenXYue9K2SKjQgaef5uA0uXal2ZSgkZmz%2BNc0IKNm%2FkOH2cHLRAzaFGNZ4NyOHqaEUmGjtbqFF2lMOWvSigm"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
81af4215cf57361f-FRA
l
use.typekit.net/af/3322cc/00000000000000007735e616/30/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/3322cc/00000000000000007735e616/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=i4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
fdcb74f626ef8f1059c0e3bd503017b8fdda4a54afcc26a4da734f5fd5c7a87a

Request headers

Referer
https://use.typekit.net/tsu4adm.css
Origin
https://www.turnto23.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:53 GMT
server
nginx
etag
"71f986ad2b4d0b6a0e5a056380e0c8c577137ae8"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
17212
p.js
cdn.parsely.com/keys/turnto23.com/ 		66 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/turnto23.com/p.js
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.61.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-61-60.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
c888cad41f1abd8cfd3461e0dcd9b1b4a777101bb23f6c3dff2fb7d63e822084

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
public
date
Mon, 23 Oct 2023 06:06:47 GMT
content-encoding
gzip
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified
Thu, 18 Feb 2021 19:18:57 GMT
server
nginx
x-amz-cf-pop
FRA56-C1
age
78246
etag
W/"602ebda1-10711"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
OO0l1nES8FNoUqUrZPsnRk9yoeXAwVReepyzfZsmvGtRWqaPSIdXug==
expires
Tue, 24 Oct 2023 06:06:47 GMT
en.json
cdn.cookielaw.org/consent/4e2c2eed-09df-4b77-a788-1f351b30c8ed/4d0b06d0-30ab-434a-8856-1c08f337ac57/ 		58 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/4e2c2eed-09df-4b77-a788-1f351b30c8ed/4d0b06d0-30ab-434a-8856-1c08f337ac57/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.15.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef8f2083a44752d1c6d0cb8a311ee6083bf6e7ebf9219dff075803e64cb777d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 24 Oct 2023 03:50:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
75540
content-md5
bWtu9tPnLX2/XE/Tr6U17g==
content-length
11459
x-ms-lease-status
unlocked
last-modified
Thu, 18 Mar 2021 14:42:12 GMT
server
cloudflare
etag
0x8D8EA1C045F7B2D
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
44323774-d01e-003c-7f81-eb1044000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
81af42164c112bdc-FRA
expires
Wed, 25 Oct 2023 03:50:53 GMT
3295
config.aps.amazon-adsystem.com/configs/ 		505 B
770 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3295
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-71.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
8a34cf128b04be2b9696f0904cb75525c2cf7c87fe85c90db7c106b58d181263

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:39:04 GMT
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
709
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
505
x-amz-cf-id
Byi4m1EeOLj2MHKc2JTA-I7aMoGZjHb_YDQJJNbgo0wLiXYdQrS5mw==
config
c.amazon-adsystem.com/cdn/prod/ 		612 B
971 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3295&u=https%3A%2F%2Fwww.turnto23.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
Server /
Resource Hash
4b7a070460c400d1fbe9368ab6aee1a08f396a4091bdd79966c57863b57aed42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 02:54:29 GMT
via
1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
age
3383
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.turnto23.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
612
x-amz-cf-id
-KjmKQJ99UDnMzEHoZld8FeDuxuUrW5CEw2owMLJKoHJDZaRWAxJUQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
date
Mon, 23 Oct 2023 04:38:16 GMT
x-amz-cf-pop
FRA56-P6
age
83558
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
ezBldMUuWjj6TIddWgXBgWLpBXlNvIW6gfVcD8elbR7ghIMt31XSjw==
sdk.js
connect.facebook.net/en_US/ 		301 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=f0bed1c0b415b744abd4a563013feb97
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ef6e10cfa1ca06d74341af9e659d856539273cf0dc4a5c17f03f67ed04eae6d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.turnto23.com/
Origin
https://www.turnto23.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 24 Oct 2023 03:50:53 GMT
content-md5
jmeKnDseVY5mHOwtm94rQA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88270
reporting-endpoints
x-fb-debug
0Yw8q5+k4nD/MYLQTsWam6bW9lhOCm6xe3IaG6MdbrhPJecaiUPdCtb/brkAyZZKasUnanivsX6IPtCPR6f+rg==
x-fb-content-md5
d7c58d117775ac32731466567301c006
cross-origin-opener-policy
same-origin-allow-popups
etag
"e3bb188737c4a792014ff220cf911203"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Wed, 23 Oct 2024 02:10:47 GMT
ucreative.js
hbx.media.net/__media__/js/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/__media__/js/ucreative.js?cv=1
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
content-encoding
gzip
date
Tue, 24 Oct 2023 03:50:53 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=928079
content-length
2114
expires
Fri, 03 Nov 2023 21:38:52 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-37.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 07:14:51 GMT
content-encoding
gzip
via
1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jul 2023 22:21:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
74163
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
HMNKZuYgKfw0kriv-AKETQ_jucidCU6X7yS3lOXqjKPc581KjivZ5A==
a
www.googletagmanager.com/ 		0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-L6JB&v=3&t=t&pid=1017670271&cv=60&rv=3an0&tc=21&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAACA&h=Ag&dl=www.turnto23.com%2F&tdp=GTM-L6JB;127934;0;0;0&z=0
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:53 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
td
www.googletagmanager.com/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/td?id=GTM-L6JB&v=3&t=t&pid=1017670271&cv=60&rv=3an0&tc=21&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAACA&h=Ag&dl=www.turnto23.com%2F&tdp=GTM-L6JB;127934;0;0;0&z=0
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:53 GMT
server
Golfe2
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-L6JB&v=3&t=t&pid=1017670271&cv=60&rv=3an0&tc=21&es=1&e=gtm.init&eid=0&u=AAAAAAAAAAAAAACA&h=Ag&z=0
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:53 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
88f2a0fd9298a35d
pixel.sitescout.com/iap/ 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/iap/88f2a0fd9298a35d
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Tue, 24 Oct 2023 03:50:52 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-L6JB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 24 Oct 2023 03:49:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
71
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 24 Oct 2023 05:49:42 GMT
js
www.googletagmanager.com/gtag/ 		259 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-43S1SYMQEN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-L6JB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
edaa3d1db669f9b95feaca48807abad4293a7401a64737e625e145e063b10069
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89100
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 24 Oct 2023 03:50:53 GMT
a
www.googletagmanager.com/ 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-L6JB&v=3&t=t&pid=1017670271&cv=60&rv=3an0&tc=21&es=1&e=gtm.js&eid=1&u=AAAAAAAAAAAAAACA&h=Ag&tr=1html.5html.1html.5html.1html.5html&ti=1html.1html.1html.1html.1html.1html&z=0
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:53 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
/
p1.parsely.com/plogger/ 		43 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1698119453381&plid=94845976&idsite=turnto23.com&url=https%3A%2F%2Fwww.turnto23.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.turnto23.com%2F&sref=&sts=1698119453375&slts=0&title=23ABC+News+Bakersfield%3A+Breaking+News+Weather+Traffic&date=Tue+Oct+24+2023+05%3A50%3A53+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&pvid=58241887&u=pid%3De179981f5235fd2df821a7fd02f5e155
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.18.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 03:50:53 GMT
Cache-Control
no-cache
Last-Modified
Tuesday, 24-Oct-2023 03:50:53 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
875427aa16ef20c2b16fb3b3a0e79fcd1327790a055b9674c315a05e1df2c9fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29255
x-xss-protection
0
server
cafe
etag
201 / 19654 / 31079032 / config-hash: 16502004400228972408
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:50:53 GMT
tag
btloader.com/
Redirect Chain
  • https://btloader.com/tag?aax_id=AAX21O2VJ&upapi=true
  • https://btloader.com/tag?o=5107371200741376&upapi=true
21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5107371200741376&upapi=true
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Server
2606:4700:10::ac43:293c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81af12992cec1b4398ab1ad80e8eafe974a680cdf7162c27f652d7343608d9e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:53 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Tue, 24 Oct 2023 02:55:27 GMT
server
cloudflare
age
3133
etag
"0a03923d176761266963bb45a73f4f11"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
81af4218ddb82c02-FRA
content-length
8574

Redirect headers

date
Tue, 24 Oct 2023 03:50:53 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
97
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
location
/tag?o=5107371200741376&upapi=true
cache-control
public, max-age=3600, must-revalidate
cf-ray
81af4217fd302c02-FRA
otFlat.json
cdn.cookielaw.org/scripttemplates/6.15.0/assets/ 		12 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.15.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.15.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6f671638248959ffc2d4a5ab50761cbb5f482ae1fb203f3c8310eb4ccb64108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 24 Oct 2023 03:50:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
FTl5ijosCMU3Ic++8F/2bw==
age
75540
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2864
x-ms-lease-status
unlocked
last-modified
Tue, 23 Mar 2021 01:57:46 GMT
server
cloudflare
etag
0x8D8ED9F0DD0D265
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
55835c75-b01e-0140-45e1-5ab75d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
81af4217cd0c2bdc-FRA
otPcPanel.json
cdn.cookielaw.org/scripttemplates/6.15.0/assets/v2/ 		47 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.15.0/assets/v2/otPcPanel.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.15.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6716207d8af64d06be048ab0b7fd9c4e723b8bb6fdb5ceabada90866127fae0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 24 Oct 2023 03:50:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
rI3dhmEJvijYanVDn7GBOg==
age
75540
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
11445
x-ms-lease-status
unlocked
last-modified
Tue, 23 Mar 2021 01:57:48 GMT
server
cloudflare
etag
0x8D8ED9F0F6BE564
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
6129a3f4-501e-00a4-1293-f03025000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
81af4217dd0f2bdc-FRA
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-L6JB&v=3&t=t&pid=1017670271&cv=60&rv=3an0&tc=21&es=1&e=*&eid=2&u=AAAAAAAIAAAAAACI&h=Ag&tr=1googtag.1ua.1gaawe.1html.5html.5googtag.5gaawe&ti=2googtag.1ua.1gaawe.1html.1html.2googtag.1gaawe&z=0
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:53 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-L6JB&v=3&t=t&pid=1017670271&cv=60&rv=3an0&tc=21&es=1&e=*&eid=18&u=AAAAAAAIAAAAAACI&h=Ag&z=0
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:53 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
log
hblg.media.net/ 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfk&evtid=flog&itype=HB&tElp=45&adt=desktop&cid=8CU6Q6626&ct=FRANKFURT&cc=DE&ugd=4&app=0&pht=1200&pid=8PRL4E7N3&dn=turnto23.com&servname=ssp-serving-yang-7854dbf447-xqz6w&svr=2023101907_229_102309_36_000000_0_ssp&sc=HE&version=4&vh=1200&vw=1600&vsid=&vid=00001698119453479029970147841968&sspAbBucket=CONTROL&lw=1&dapp=green&nob=&bx_dc=mnet_sc&itypeid=1&sd=1&adbd=0&npa=0&gdpr_enf=1&csex=0&gdfstr=Y-N&gdpr=1&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&suc=0&tcf_api=0&tcf_gdpr=&usp_enf=1&usp_status=0&usp_ldf=&usp_string=&ufca=-1&coppa_status=&coppa_applied=&id_details=&gpp_present=0&gpp_dec_sid%3C%3E=&gpp_sid%3C%3E=&uspca_status=-----------&uspco_status=-----------&uspct_status=-----------&uspnat_status=-----------&usput_status=-----------&uspva_status=-----------&abte=SSP_CLIENT&rtype=&lbr=1&mnkv=&pabte=&pc=&ccat=&floc_id=&floc_ver=&gfundl=700&gtd=&inid=&ngfundl=1000&rdl=700&r_tim%3C%3E=&pubdpa=&a=0&r=209&lper=1&requrl=https%3A%2F%2Fwww.turnto23.com%2F&kwrf=
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:53 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 24 Oct 2023 03:50:53 GMT
b
sb.scorecardresearch.com/ 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=6036471&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1698119453563&ns_c=UTF-8&c7=https%3A%2F%2Fwww.turnto23.com%2F&c8=23ABC%20News%20Bakersfield%3A%20Breaking%20News%20Weather%20Traffic&c9=
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-37.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:53 GMT
via
1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
tiqP_5ZYvklzkM6knzamwl6mvYkuYg46iae4LSbLTo-l8buqr_SAIQ==
x-cache
Miss from cloudfront
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:23:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
1632
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
697
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 24 Oct 2023 04:23:41 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/ 		422 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079032
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b333a33f794194adaf94287fb06c6529010aade13c0574140ea03f4bd9f433bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 07:37:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
72815
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135328
x-xss-protection
0
server
cafe
etag
16474413789440466402
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 22 Oct 2024 07:37:18 GMT
collect
region1.google-analytics.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-43S1SYMQEN&gtm=45je3an0&_p=1919047938&cid=95429075.1698119454&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698119453&sct=1&seg=0&dl=https%3A%2F%2Fwww.turnto23.com%2F&dt=23ABC%20News%20Bakersfield%3A%20Breaking%20News%20Weather%20Traffic&en=page_view&_fv=1&_ss=1&ep.Date_Published=&ep.Author=&ep.Editor=&ep.Category=Homepage&ep.Sub_Category=&epn.Days_Since_Published=19654&ep.isStory=false&ep.Has_Video=false&ep.Is_Gallery=false&ep.Logged_In=
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-43S1SYMQEN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
api.ewscloud.com/prod/scheduler/v1/com.turnto23/schedules/current/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.ewscloud.com/prod/scheduler/v1/com.turnto23/schedules/current/?type=web
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-46.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://www.turnto23.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
GET,OPTIONS
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Tue, 24 Oct 2023 03:50:53 GMT
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
x-amz-apigw-id
NSbMuHPJoAMEaQQ=
x-amz-cf-id
pG_N-OCcM0Ng6wYuJsIDkNmY59zc_zIlcK9Zg7GnwFzMq4KWZGGCzw==
x-amz-cf-pop
FRA60-P1
x-amzn-requestid
8b3c481a-abd5-4061-bd65-b1ea6b3a0fe3
x-amzn-trace-id
Root=1-65373f1d-6c6b5f2a76885833599334c8
x-cache
Miss from cloudfront
weather
www.turnto23.com/ 		101 KB
101 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.turnto23.com/weather?_renderer=json
Requested by
Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000018b-3ea5-d7be-a9fb-beb78de10000/styleguide/All.min.1d81dc5b66e888b6e6b737a4bb21bd67.gz.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-90.fra60.r.cloudfront.net
Software
N/A / Brightspot
Resource Hash
f6c9a0c94181cd282c37e2c8706bb0f8506a6ae6f564fbc23acd4f90634710c9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://cms.scrippsdigital.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' https://cms.scrippsdigital.com
Date
Tue, 24 Oct 2023 03:50:54 GMT
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Via
1.1 c2bfbd57ba266fad66928f7d9fe2f1c6.cloudfront.net (CloudFront)
Server
N/A
X-Amz-Cf-Pop
FRA60-P5
X-Powered-By
Brightspot
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Content-Type
application/json;charset=UTF-8
Cache-Control
max-age=420
Connection
keep-alive
X-Robots-Tag
nofollow
X-Amz-Cf-Id
SdtLBPvbO0d8MzzUCn33l1Jt6491MC-wtzzqEuI_1VcM1i_iI5xSDQ==
breaking-news-alerts
www.turnto23.com/ 		75 KB
76 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.turnto23.com/breaking-news-alerts?_renderer=json
Requested by
Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000018b-3ea5-d7be-a9fb-beb78de10000/styleguide/All.min.1d81dc5b66e888b6e6b737a4bb21bd67.gz.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-90.fra60.r.cloudfront.net
Software
N/A / Brightspot
Resource Hash
ba9e238c4275121e8573d1a0adc09a033cb2314f5c33a26661e566d10104326a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://cms.scrippsdigital.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' https://cms.scrippsdigital.com
Date
Tue, 24 Oct 2023 03:49:44 GMT
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Via
1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P5
Age
68
X-Powered-By
Brightspot
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Server
N/A
Content-Type
application/json;charset=UTF-8
Cache-Control
max-age=420
X-Robots-Tag
nofollow
X-Amz-Cf-Id
PBd04Ly19GremvPwuqgGsgKOicp835oUngMmVFNend3OuNH9QCgJrw==
alerts
www.turnto23.com/weather/ 		76 KB
77 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.turnto23.com/weather/alerts?_renderer=json
Requested by
Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000018b-3ea5-d7be-a9fb-beb78de10000/styleguide/All.min.1d81dc5b66e888b6e6b737a4bb21bd67.gz.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-90.fra60.r.cloudfront.net
Software
N/A / Brightspot
Resource Hash
1cf576f8fc2874b35ed18fbb559e2cf33f83d7a9d60482e48320524e119fa767
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://cms.scrippsdigital.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' https://cms.scrippsdigital.com
Date
Tue, 24 Oct 2023 03:49:45 GMT
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Via
1.1 69387ca0ad24846d99bf107cb3133bf6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P5
Age
68
X-Powered-By
Brightspot
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Server
N/A
Content-Type
application/json;charset=UTF-8
Cache-Control
max-age=420
X-Robots-Tag
nofollow
X-Amz-Cf-Id
4xlPPaQqZ8HXoWLjUj8VdsFKV8Vug6EvL84z2Nzae-SYL8G3aRDXqA==
school-closings-delays
www.turnto23.com/weather/ 		76 KB
76 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.turnto23.com/weather/school-closings-delays?_renderer=json
Requested by
Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000018b-3ea5-d7be-a9fb-beb78de10000/styleguide/All.min.1d81dc5b66e888b6e6b737a4bb21bd67.gz.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-90.fra60.r.cloudfront.net
Software
N/A / Brightspot
Resource Hash
38c231bc557cd27a5d8395b46a77d54bae05334fedf5321380f0bf4a7f779a4e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://cms.scrippsdigital.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' https://cms.scrippsdigital.com
Date
Tue, 24 Oct 2023 03:49:44 GMT
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Via
1.1 7dbea139a5c4f501bc4b0e9d19a50c9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P5
Age
68
X-Powered-By
Brightspot
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Server
N/A
Content-Type
application/json;charset=UTF-8
Cache-Control
max-age=420
X-Robots-Tag
nofollow
X-Amz-Cf-Id
cKH5rMUYPlSRBVB3PiDfhH60ViF4TO5ngGqs5Gmk5o-BbjCor0zGLQ==
/
api.ewscloud.com/prod/scheduler/v1/com.turnto23/schedules/current/ 		9 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.ewscloud.com/prod/scheduler/v1/com.turnto23/schedules/current/?type=web
Requested by
Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000018b-3ea5-d7be-a9fb-beb78de10000/styleguide/All.min.1d81dc5b66e888b6e6b737a4bb21bd67.gz.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-46.fra60.r.cloudfront.net
Software
/
Resource Hash
99aaebb5b0f309a69e743d08725be55ea8f5a1713364cefc6024ce58aa9c6ae9

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
Authorization
Token bc22df1e0efb4dcb53f2438a4b71da118f05788c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:54 GMT
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amzn-trace-id
Root=1-65373f1e-15b0f8fc72eb7901289c3d9e
x-amzn-requestid
6d7dc717-3713-415a-aa5c-769698cca0e8
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
NSbMxFJwIAMEp6A=
content-length
9181
x-amz-cf-id
2JDgeUDQ_ekHyNLOHI4ZhsGKtffTvTdefrfjpIw-z3mjhd8vsCl6kQ==
collect
www.google-analytics.com/j/ 		3 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1919047938&t=pageview&_s=1&dl=https%3A%2F%2Fwww.turnto23.com%2F&ul=en-us&de=UTF-8&dt=23ABC%20News%20Bakersfield%3A%20Breaking%20News%20Weather%20Traffic&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBACEAjBAAAACAAI~&jid=2027562434&gjid=1404074&cid=95429075.1698119454&tid=UA-40066851-1&_gid=1990415797.1698119454&_r=1&_slc=1&gtm=45He3an0n51L6JB&cd20=&cd21=&cd22=&cd23=Homepage&cd24=&cd26=19654&cd31=false&cd33=false&cd35=false&z=939142607
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1919047938&t=pageview&_s=1&dl=https%3A%2F%2Fwww.turnto23.com%2F&ul=en-us&de=UTF-8&dt=23ABC%20News%20Bakersfield%3A%20Breaking%20News%20Weather%20Traffic&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEAjBAAAACAAI~&jid=1511248575&gjid=1045524903&cid=95429075.1698119454&tid=UA-40538852-1&_gid=1990415797.1698119454&_slc=1&cd20=&cd21=&cd22=&cd23=Homepage&cd24=&cd26=19654&cd31=false&cd33=false&cd30=&cd34=false&z=1501207841
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-40538852-1&cid=95429075.1698119454&jid=1511248575&gjid=1045524903&_gid=1990415797.1698119454&_u=aGDAiEAjBAAAAGAAI~&z=1812714512
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 24 Oct 2023 03:50:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
state
api.btloader.com/mw/ 		0
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: btloader.com
URL: https://btloader.com/tag?aax_id=AAX21O2VJ&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 24 Oct 2023 03:50:53 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1322545
x-guploader-uploadid
ADPycdsLsPnNlBzlzHOQ8pfsmumGi4pyerGGDLVUlo8-SHse7ZeGqjtUHesowkGqEZrcUxuTEmxq4TLmuynu_aD5dgNX2l4u4YVk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OOmpD633sLr5j%2FRFDLebZazDYHlvTAJgVWLBnnJ174S9UtGae6N1vRTY86IkRFPl5NNQgUzTNfaj0%2FGmoyfnb%2BQMEQk9N0uHkGPFDn217toHxn9TDqwp%2FTPFQpWD1WXInDgzOre6n8iK%2BiggPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
81af4219fda44dc6-FRA
expires
Sun, 08 Oct 2023 21:24:59 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 10:57:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60827
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 24 Oct 2023 10:57:06 GMT
px.gif
ad-delivery.net/ 		43 B
939 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.6174018865135846
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1322545
x-guploader-uploadid
ADPycdsLsPnNlBzlzHOQ8pfsmumGi4pyerGGDLVUlo8-SHse7ZeGqjtUHesowkGqEZrcUxuTEmxq4TLmuynu_aD5dgNX2l4u4YVk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xkeJHuGjBvDuMkbk%2Fo2Hq9tI3zUvTAaNcGyUoeXzdRdGQ1VCz%2BXbM%2FpyyrLX8KhsLQwU9FQ2TLO5cFJwIoihikqCGcm2ROHWU%2BmPqML0v8ykpgKu1zDOV8eXOIL1FZ%2BSCrBjp%2BoI5ZaBWhq2oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
81af4219fda54dc6-FRA
expires
Sun, 08 Oct 2023 21:24:59 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		64 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3295&u=https%3A%2F%2Fwww.turnto23.com%2F&pid=0jyM5Rt50QnUJ&cb=0&ws=1600x1200&v=23.1010.1530&t=1500&slots=%5B%7B%22sd%22%3A%22MAD_INVIEW%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22MAD_RIGHT_RAIL%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:53 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
7KCM4VKWA0AR0CYXAQ5P
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.turnto23.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
uz7ySBB9rI8GC9RB3ChJ8_z_upAY02MX2xNW9Sv5xAvQK2fWS5J37w==
prebidjs
rtb.openx.net/openrtbb/ 		53 B
250 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
d14e2db8b864a788b773a8cda28bcb3b427cb8a4746031660385fc722e80871a

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 24 Oct 2023 03:50:53 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.turnto23.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		0
215 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:53 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
expires
0
hb
ssc.33across.com/api/v1/ 		66 B
331 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dMRW1kByur67OuaKj0P0Le
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
763c57eb4e5b2159b738bc0b91be5d435d25fe3f388e926d94108ba271bd1cd1

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 24 Oct 2023 03:50:53 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.turnto23.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		66 B
140 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dJ-bV6Byur67OuaKj0P0Le
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
763c57eb4e5b2159b738bc0b91be5d435d25fe3f388e926d94108ba271bd1cd1

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 24 Oct 2023 03:50:53 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.turnto23.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
auction
tlx.3lift.com/header/ 		19 B
560 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.17.0&referrer=https%3A%2F%2Fwww.turnto23.com%2F&tmax=2000
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.67.162.24 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-162-24.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:53 GMT
accept-ch
sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model
x-auction-status
16, 16
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v2
e.serverbid.com/api/ 		0
189 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.turnto23.com
date
Tue, 24 Oct 2023 03:50:54 GMT
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
fastlane.json
fastlane.rubiconproject.com/a/api/ 		498 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=5776&site_id=361740&zone_id=1954240%3B1954238&size_id=2%3B15&alt_size_ids=%3B10&eid_pubcid.org=362d19aa-d0bf-4d4c-a015-9dfcc98f8705%5E1&rf=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.domain=turnto23.com&tg_i.page=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.aupname=%2F6088%2Fssp.kero%26mad_inview%3B%2F6088%2Fssp.kero%26mad_right_rail&tg_i.pbadslot=%2F6088%2Fssp.kero%2Finview-bottom%3B%2F6088%2Fssp.kero%2Fhome%2Flanding%23MAD_RIGHT_RAIL&tk_flint=dmpbjs_v8.17.0&x_source.tid=f7006669-132a-4000-b71b-334ef9cdea79&l_pb_bid_id=2031b93bf9f96be%3B21d895ebe4d6e08&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=dd93c12a-5798-4db1-b93f-80cf710b459f%3B7f7e196b-aa38-477e-9f71-76f2bbe3a096&rp_maxbids=1&p_gpid=%2F6088%2Fssp.kero%2Finview-bottom%3B%2F6088%2Fssp.kero%2Fhome%2Flanding%23MAD_RIGHT_RAIL&slots=2&rand=0.10586826798976823
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6883b04de92ee7568205248e36b46fa0ba820662c0babffa70b264b6133c0194

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:54 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		260 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
d3f7ff529117a85b4278d401d03a23c6474987c9c39fd55dfe7fc8ed5495e020
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:53 GMT
an-x-request-uuid
8e2b2c36-45d4-4f8b-a902-be6128a2940c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.140; 178.162.209.140; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
260
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		64 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3295&u=https%3A%2F%2Fwww.turnto23.com%2F&pid=0jyM5Rt50QnUJ&cb=1&ws=1600x1200&v=23.1010.1530&t=1500&slots=%5B%7B%22sd%22%3A%22MAD_HOMEPAGE_SHOWCASE%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:53 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
XP5G9ZTHCDEX2J1ZQYEJ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.turnto23.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
263wW0XSO9fmTVouStAOiJm25g8lGEfC1CH8SoVf49NIoLAWzZdwIA==
v2
e.serverbid.com/api/ 		0
16 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.turnto23.com
date
Tue, 24 Oct 2023 03:50:54 GMT
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
fastlane.json
fastlane.rubiconproject.com/a/api/ 		465 B
982 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=5776&site_id=361740&zone_id=1954244&size_id=2&alt_size_ids=57&eid_pubcid.org=362d19aa-d0bf-4d4c-a015-9dfcc98f8705%5E1&rf=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.domain=turnto23.com&tg_i.page=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.aupname=%2F6088%2Fssp.kero&tg_i.pbadslot=%2F6088%2Fssp.kero%2Fhome%2Flanding%23MAD_HOMEPAGE_SHOWCASE&tk_flint=dmpbjs_v8.17.0&x_source.tid=706a1e80-283c-467a-82a4-f726dcef2d89&l_pb_bid_id=3087eac0d99579b&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=f09c3bd8-6b28-4d58-83d6-0bf8565c57d9&rp_maxbids=1&p_gpid=%2F6088%2Fssp.kero%2Fhome%2Flanding%23MAD_HOMEPAGE_SHOWCASE&slots=1&rand=0.951474619626175
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a1dda4b0626dab9d9bd1738d60fd60aa7ec86216a97d2f643e06538bab98c6b5

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:53 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
465
expires
Wed, 17 Sep 1975 21:32:10 GMT
hb
ssc.33across.com/api/v1/ 		66 B
149 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dSDWpmByur67OuaKj0P0Le
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
0fee5b1ef0abe81fc9707fbe6056f07e28a00d15db0d0a4c8600f63bab9785e0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 24 Oct 2023 03:50:53 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.turnto23.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
prebid
ib.adnxs.com/ut/v3/ 		13 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
593020cf5d3e63224b556bcbde5b53f41654dd245db946c4abcb83b97ef61833
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:54 GMT
content-encoding
gzip
an-x-request-uuid
d9b0ac73-69df-433a-ae8d-4d0598e4dfbd
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.140; 178.162.209.140; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
129 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
104054dd60f1110f22d4df22d0e51e46f4c88ced8338db94a4d19836d2e65172

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 24 Oct 2023 03:50:53 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.turnto23.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
auction
tlx.3lift.com/header/ 		19 B
543 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.17.0&referrer=https%3A%2F%2Fwww.turnto23.com%2F&tmax=2000
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.67.162.24 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-162-24.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:53 GMT
accept-ch
sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt
x-auction-status
16
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		0
216 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:53 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
expires
0
/
zn5mw1rvkaqsbsmp4wvw-newsy.siteintercept.qualtrics.com/SIE/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zn5mw1rvkaqsbsmp4wvw-newsy.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_5mW1RvKaqSbsmP4
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bc89c5f44b051d3dbb0daaab22d9be57a5eee843602ba96e6ce69aab16958ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
132438
cf-polished
origSize=9155
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"23c3-kZ+W3RmUiLbgO3ynKRTH4DLZ96E"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
81af421b1eeb902a-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin
*
checksync.php
hbx.media.net/ Frame 3C86 		29 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/checksync.php?cid=8CU6Q6626&cs=1&cv=37&hb=1&vsSync=1&prvid=23%2C29%2C38%2C54%2C58%2C59%2C71%2C75%2C79%2C80%2C96%2C97%2C102%2C106%2C108%2C117%2C126%2C141%2C147%2C159%2C175%2C178%2C201%2C203%2C226%2C229%2C239%2C246%2C251%2C261%2C262%2C273%2C294%2C326%2C339%2C345%2C445%2C450%2C459%2C461%2C2026%2C2027%2C2030%2C2034%2C3007%2C3010%2C3012%2C3016%2C3017%2C3018&refUrl=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0&ckdel=0&gpp=&gpp_sid=
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CU6Q6626&version=5.1&dn=www.turnto23.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d1a0472ce85bace4a31f4c7e9a58f16009a817284b68e4b791dbd845e064fa45
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains max-age=604800

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
10178
content-type
text/html; charset=UTF-8
date
Tue, 24 Oct 2023 03:50:53 GMT
expires
Thu, 26 Oct 2023 03:50:53 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
country
api.btloader.com/ 		16 B
141 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: btloader.com
URL: https://btloader.com/tag?aax_id=AAX21O2VJ&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:53 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=FV6pWMVr&w=5178607528312832&o=5107371200741376&cv=2.1.20-1-gef591d7&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.turnto23.com%2F&sid=dzNNxJV46&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?aax_id=AAX21O2VJ&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 24 Oct 2023 03:50:53 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-40538852-1&cid=95429075.1698119454&jid=1511248575&_u=aGDAiEAjBAAAAGAAI~&z=281595269
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-40538852-1&cid=95429075.1698119454&jid=1511248575&_u=aGDAiEAjBAAAAGAAI~&z=281595269
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
log
c21lg-d.media.net/ Frame 3C86 		35 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&del=1&vsid=3411210531492437000V10&origin=1&flt=0&pvgid[]=data-p&pvgid[]=data-b&pvgid[]=data-t&pvgid[]=data-sov&pvgid[]=data-r1&pvgid[]=data-pb&pvgid[]=data-xu&pvgid[]=data-tx&pvgid[]=data-bs&pvgid[]=data-c&pvgid[]=data-ct
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CU6Q6626&cs=1&cv=37&hb=1&vsSync=1&prvid=23%2C29%2C38%2C54%2C58%2C59%2C71%2C75%2C79%2C80%2C96%2C97%2C102%2C106%2C108%2C117%2C126%2C141%2C147%2C159%2C175%2C178%2C201%2C203%2C226%2C229%2C239%2C246%2C251%2C261%2C262%2C273%2C294%2C326%2C339%2C345%2C445%2C450%2C459%2C461%2C2026%2C2027%2C2030%2C2034%2C3007%2C3010%2C3012%2C3016%2C3017%2C3018&refUrl=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0&ckdel=0&gpp=&gpp_sid=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hbx.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 24 Oct 2023 03:50:54 GMT
cache-control
max-age=0, no-cache, no-store
expires
Tue, 24 Oct 2023 03:50:54 GMT
content-length
35
content-type
image/gif
12.52cbbcf53287bbd2bb03.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		69 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/12.52cbbcf53287bbd2bb03.chunk.js?Q_CLIENTVERSION=1.101.0&Q_CLIENTTYPE=web&Q_BRANDID=www.turnto23.com
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
beb2f8bbbd49243623d9436e4b4ccaa979d6f5f5cf4c70ff33bc6dd93ca7a741
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
589241
cf-polished
origSize=71571
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 09 Oct 2023 17:51:04 GMT
cf-bgj
minify
server
cloudflare
etag
W/"11793-18b15905b40"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
81af421b6f08902a-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin
*
prod
dhukrzx4tb.execute-api.us-east-2.amazonaws.com/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://dhukrzx4tb.execute-api.us-east-2.amazonaws.com/prod
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.12.81.4 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-12-81-4.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_5mW1RvKaqSbsmP4&Q_CLIENTVERSION=1.101.0&Q_CLIENTTYPE=web
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.52cbbcf53287bbd2bb03.chunk.js?Q_CLIENTVERSION=1.101.0&Q_CLIENTTYPE=web&Q_BRANDID=www.turnto23.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a75f123b32bc1da6572a242a2d0e6066cbd7754158af4a4f02fdace3a3d51e07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 24 Oct 2023 03:50:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
permissions-policy
camera=(), geolocation=(), microphone=()
trace-id
d5f33157c7d0c3c6
cf-ray
81af421baf36902a-FRA
timing-allow-origin
*
clear.png
static.ewscloud.com/weathercenter/prod/static/weathericons/nighttime/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ewscloud.com/weathercenter/prod/static/weathericons/nighttime/clear.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:c400:10:618e:d880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2878c06eaa36809d2bf556a97ac803fa0870241e075817b5310e9b0410cc66d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
RgtSkm87P6w6gRBwIC_xgbHBwCF2khsW
date
Tue, 24 Oct 2023 03:48:07 GMT
via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
age
183
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
2382
last-modified
Wed, 31 May 2023 17:25:14 GMT
server
AmazonS3
etag
"fc75b0aa31f555c7c7e2145d8789524c"
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
zVnaqSpaZr1KKxlWblwRU6dczjS5_L8maCyPOyhj7HXyiE2qS_YSdw==
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=148997012788839&correlator=1080912497832676&eid=31079032&output=ldjh&gdfp_req=1&vrg=202310180101&ptt=17&impl=fifs&iu_parts=6088%2Cssp.kero%2Chome%2Clanding&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250%7C728x90&ifi=1&didk=1691704254&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1698119454236&lmt=1698112254&adxs=70&adys=1520&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.turnto23.com%2F&vis=1&psz=1460x30&msz=1460x30&fws=4&ohw=1500&ga_vid=95429075.1698119454&ga_sid=1698119454&ga_hid=1919047938&ga_fc=true&ga_cid=1990415797.1698119454&dlt=1698119452784&idt=946&prev_scp=categories%3Dhomepage%26pt%3Dlanding%252Cfalse%26fname%3Dhome%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C12%26au%3Dhome%252Flanding%26refresh%3D0%26amznbid%3D2%26amznp%3D2%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D970x250%26hb_pb_appnexus%3D0.63%26hb_adid_appnexus%3D41a80091d9e55be%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.63%26hb_adid%3D41a80091d9e55be%26hb_bidder%3Dappnexus&adks=585828213&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079032
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0dc2b91061cfb857bdf7403e2a77b37d955aad84eb976af80e7dac2935914e50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:54 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12200
x-xss-protection
0
google-lineitem-id
6301305540
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138433043141
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310180101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079032
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0eb6a2c2938c36636048ead176826ce36105c77d70fddbf3a660828d4073a2e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12280
x-xss-protection
0
container.html
86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5175 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079032
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 03:50:54 GMT
expires
Wed, 23 Oct 2024 03:50:54 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		145 KB
34 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=148997012788839&correlator=3100000474619953&eid=31079032&output=ldjh&gdfp_req=1&vrg=202310180101&ptt=17&impl=fifs&iu_parts=6088%2Cssp.kero%2Cinview-bottom%2Chome%2Clanding&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2F4%2C%2F0%2F1%2F3%2F4&prev_iu_szs=728x90%2C994x30%7C10x1%2C300x600%7C300x250&ifi=2&didk=1836905583~4094274218~2389685870&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1698119454318&lmt=1698112254&adxs=-12245933%2C-12245933%2C1050&adys=-12245933%2C-12245933%2C1914&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C2&ucis=2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.turnto23.com%2F&vis=1&psz=1600x0%7C1500x0%7C300x30&msz=1600x-1%7C994x0%7C300x30&fws=644%2C132%2C4&ohw=1600%2C1600%2C1500&ga_vid=95429075.1698119454&ga_sid=1698119454&ga_hid=1919047938&ga_fc=true&ga_cid=1990415797.1698119454&dlt=1698119452784&idt=946&prev_scp=categories%3Dhomepage%26pt%3Dlanding%252Cfalse%26fname%3Dhome%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C11%26au%3Dhome%252Flanding%26refresh%3D0%26amznbid%3D2%26amznp%3D2%7Ccategories%3Dhomepage%26pt%3Dlanding%252Cfalse%26fname%3Dhome%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C1%26au%3Dhome%252Flanding%26refresh%3D0%7Ccategories%3Dhomepage%26pt%3Dlanding%252Cfalse%26fname%3Dhome%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C1%26au%3Dhome%252Flanding%26refresh%3D0%26amznbid%3D2%26amznp%3D2&adks=3989627229%2C330196380%2C1525872688&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079032
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
30805b5bab1c490d0a0a5d6f4e6730c9d9942d732962a1df3374f462a375abe9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:54 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35039
x-xss-protection
0
google-lineitem-id
6301305540,6383302773,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138433043141,138450971080,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 24 Oct 2023 03:50:54 GMT
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-L6JB&v=3&t=t&pid=1017670271&cv=60&rv=3an0&tc=21&es=1&e=gtm.load&eid=26&u=AgAAAAAIAAAAAACI&h=Ag&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:54 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AB7D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
33958
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Oct 2023 18:24:56 GMT
expires
Tue, 22 Oct 2024 18:24:56 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0C6B 		829 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ca22eba124587108138d0be01642860a9753af08fa9ba6d9e1841b68dc79ba58
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-r55InvtJ8YXLe2c1VSp2Xg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-r55InvtJ8YXLe2c1VSp2Xg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 03:50:54 GMT
expires
Tue, 24 Oct 2023 03:50:54 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
pagead2.googlesyndication.com/bg/ Frame AB7D 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d341447828796fe3d9c13df41f7e1066f4cb4730571fe61c1bd6ac8df7e82fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 14:11:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
481167
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15187
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Oct 2024 14:11:27 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0C6B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310180101&jk=148997012788839&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame EF70 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvom0K3xf6aJpgMLshlZ17rimP915QvmkP5D7UD_3Yr4IX0iLNClgOCOffS3YrD8_pbgohDjZV0kAokpM7bKmC2VzYxJ35lXdD9PPPkxYqrL5gEFPZCe77gTnkt592p5_9-EHFaAizt0-tPMUzDOGNB0J2q2nymmQvulyUPMJJ3pMiYDZ2DFSW8p-lS7BRju_zcVrrcJqXyUC1RoofcnBGUcYFv4wOUzJG1wOoUtC741bOEQVxEB_k_QTjrgE0Ty8VylvSTGN8793ZW2VPlGR7Vnp69FYoHKAuyB60FhmIlKZzqyND1joASsy9s8nfKSpbajTSFRwfbmo_XVahXJ3oXnzUrFRlgPYw6jqkDXM-EGUz0-6Q&sai=AMfl-YSBTetu5zf1MkqLK0F0J5BqkYlUUZyC5jPCCIcbSNmTkpkBQ5CfE8DUIhe-6BbbRoFpZofvlsaksNH3Q4A8My94XovO3UVHnZTWMHxGbu_7KlTAgtlWhiMhJnX9kpmDSbESl-EcDRTlZtdU15s&sig=Cg0ArKJSzAjNdjr8z95xEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 24 Oct 2023 03:50:54 GMT
smb-dispad_728x90.js
saambaa.com/widget/gpt/728x90/assets/ Frame EF70 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
7029d848f52bfa1b717070483f5a9446bade819c06378e48eb09652eda2a8bb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:52 GMT
content-encoding
gzip
last-modified
Mon, 11 Sep 2023 23:18:29 GMT
server
Microsoft-IIS/8.5
etag
"8010ef456e5d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
12006
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EF70 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079032
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:50:54 GMT
generate_204
tpc.googlesyndication.com/ Frame AB7D 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ZdjPew
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:54 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
truncated
/ Frame EF70 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e6f2671d44eaac17168918f69d4365fda6f2a49d5a3f046341d3301783576924

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame EE06 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYsCxzA5TgxIyMQgmAjJIKsI-epKNQwyNodnHaDNPnmNFl4j_sZFmeXp8nOWnDTjD-eDJFJbjTe4JpS7pobrqiQrrSAeSD-F1GQUF4HK7x3tuAvEJyIUj0KHhduemQsJt6k-lyYxItMVOwc3bR0UWYhTYE84oELHzfg21mmx3CJ1Cy2gpHBFfHCLN0ZFP5P8gIKpdZZwD9UFux4VgfTy0sgNTbuBSzhCUcs-vM9Sw83Amr_n_OujI9s5FwuorORENQeUHblZMsJ_RWHR0g2CFlryM77XK8hk8C_vm_lNlK02wCG3B8wGYprhSZ3mY96UXWYhb55M9emXmxyHHP2LlTUcXtBO9sYY2kLynTl-lWvSuKoEl7&sai=AMfl-YQsZ2VfuN0ud6MZ2yQMMfuZ_YpRRcwvashZ93lCGwNZDZQxZN7To6-4zwUe0UWT5YZHFlALACvPr02gkYR_urmxk_LbXTq0-5FsbN370G7I3CaxTHGYW7bHnuQ63jE-guYW0ugMTbjkPjNCX78s&sig=Cg0ArKJSzGrTpN1-CgLREAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
smb-dispad_728x90.js
saambaa.com/widget/gpt/728x90/assets/ Frame EE06 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
7029d848f52bfa1b717070483f5a9446bade819c06378e48eb09652eda2a8bb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:52 GMT
content-encoding
gzip
last-modified
Mon, 11 Sep 2023 23:18:29 GMT
server
Microsoft-IIS/8.5
etag
"8010ef456e5d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
12006
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EE06 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079032
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:50:54 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C3B2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv5iXDCFJEqUmU5DbIkTF4hW_El3UcXaPwv9e3XGeu8XMlW-vnA_I1iFRD5FzzZ5Qh_xLLlHiwIsl79iQ7WHT9x_Kyj0KSeHgDC_RUq7ZHEc09xUrObtrlFiV2umt7zqcT7C1MlnGASrOsbjBfo7u-EnzWYgaskVHhAd-yXfBmDfCLt7WoKMhQhijWtXz4x5J3kQC8o-eofJfkBNuYFZMtZfAaPeFzR_rTS7jua22VYohYC2yxb65Sf6tqcV3crguhD-_jYqKX98Q1MOTTV2gdQMzY41AY9aJAGJVh2jJRs42LRzGF5-0jgfNpEDj0iaLgmi9VAcxKo3QcbSlHN5MD7-80Dam8-hCwNzLFLp6TNlekgcCCU-ZoqRDKGUkRP0g&sai=AMfl-YSxlQxUfPQIo1Fm1GD1gyu2u5qzZIq-Pwg4qsoBwvoVMV8R2xjNYGNXxtlIkh2i_26_BBUzC_C8ZH72V0WaALEGgkSrip-zAeo9fK1o5H5-WctQL7_IoOzA5c9fFPKRsq7Mgt62kiBdlhZS-Ir1&sig=Cg0ArKJSzBw2sN6agpqaEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
scripps_wallpaper_driver_v3.js
videoads.ewscloud.com/agency/retention/wallpaper/js/ Frame C3B2 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://videoads.ewscloud.com/agency/retention/wallpaper/js/scripps_wallpaper_driver_v3.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079032
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-56.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a5e7bdeec32432f86e9a8349a1c2e359270a67e6b3a2b99a4058e2a977ff16a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
xV3Yy3zwRNCozBwOBhgVxeQFeXhU6_Bd
Date
Tue, 24 Oct 2023 03:36:47 GMT
Via
1.1 08b9c2fd11813ffdb8fa03129d0a465c.cloudfront.net (CloudFront)
Last-Modified
Sat, 13 Mar 2021 01:12:33 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-C2
Age
848
ETag
"03e4d7fd33600d00fb6034924ed4cd39"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
x-amz-replication-status
COMPLETED
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2692
X-Amz-Cf-Id
qG5ICdPGpQzs279IkhE3o6KGyvla6JS-56tWtFhfECmFfOlgx0sXYg==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C3B2 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079032
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:50:54 GMT
container.html
86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BF59 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 03:50:54 GMT
expires
Wed, 23 Oct 2024 03:50:54 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231019/r20110914/ Frame BF59 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231019/r20110914/abg_lite_fy2021.js
Requested by
Host: 86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com
URL: https://86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:02:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
38931
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9137
x-xss-protection
0
server
cafe
etag
5200559654007170660
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:02:03 GMT
css
fonts.googleapis.com/ Frame BF59 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: 86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com
URL: https://86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 24 Oct 2023 03:50:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 03:41:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 24 Oct 2023 03:50:54 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/ Frame BF59 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/outstream.min.css
Requested by
Host: 86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com
URL: https://86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 14:10:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
481245
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2920
x-xss-protection
0
last-modified
Wed, 11 Oct 2023 10:41:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 14:10:09 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/ Frame BF59 		372 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/outstream.min.js
Requested by
Host: 86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com
URL: https://86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed307b9176ce74e8ec5cd56461795d1c63e3a2df73afe3dbb03731e20a8e7101
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 14:10:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
481245
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132010
x-xss-protection
0
last-modified
Wed, 11 Oct 2023 10:41:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 14:10:09 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231019/r20110914/client/ Frame BF59 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231019/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com
URL: https://86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:02:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
38931
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:02:03 GMT
truncated
/ Frame EE06 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f7a393458c6b5ddae2f4911216353787e07f756d7cadf7af15d70595c3444a57

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
SHA_57061_WallPaper_1920x1400-C-Replay.jpg
videoads.ewscloud.com/agency/dca_projects/56000_58000/SHA-57061-Scripps-Howard-Awards-Promo-Graphics-2023/ 		519 KB
520 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://videoads.ewscloud.com/agency/dca_projects/56000_58000/SHA-57061-Scripps-Howard-Awards-Promo-Graphics-2023/SHA_57061_WallPaper_1920x1400-C-Replay.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-56.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
44cc19ce59e9c7e92ee72808bf74e669d19d7f724789334f4acbaf602d43bd6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
mnf4wYB0KYQYZBYe8ey_boEe_vRcYhT3
Date
Tue, 24 Oct 2023 03:24:20 GMT
Via
1.1 08b9c2fd11813ffdb8fa03129d0a465c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
Age
1595
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
Connection
keep-alive
Content-Length
531607
Last-Modified
Fri, 13 Oct 2023 15:39:17 GMT
Server
AmazonS3
ETag
"13a4610f4557d934f76d96428ddecea1"
Content-Type
image/jpeg
Accept-Ranges
bytes
X-Amz-Cf-Id
Wg8Tfa1k_PQOLH0Couj3XCMkUGI90GCRnK9a54v44y_lo-uQfDGptQ==
truncated
/ Frame C3B2 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
577cd6273df8d1bc51ca6ddf9c7ffbffe5893ee06cba164933b9ea31f72ee3a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame C3B2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvPJ0BXb4Ntj4ntn1LkwQ_e5m3vk4-nvCPzQMMNS7WXwYDSJzxI3pfCPTre991WKbwAAImUFkYtybk_cS-DjkXAfc4uE0eObq35yELqlj-vbdtUDFTZR9l4ZQ7IZH8BcJsihZKT2Mdw1BW9K7KHcjMnxMtaRxyHklQThjHD1MSJbxic3W7zGNIveAztGP00MdQEk-_vO2WOKKLOyHytOjYiBLo8RRyXxqYeRnqkO65b61kYQiQ3OHaWkxUwxQvB_SwIs9Edgy-VpdcC1CYSa36ubTUuzeV8fHr47I9fqCmplaPPnvAJsddXujPvIqLrVPhkGzDcWeUF_DVoj7VyMQO9gNNXJTX_KWyAq7cnP7REOJKp7A&sai=AMfl-YSqpsmmKKT22uNOowKCo8t7MMScTY-_FivggonKLE9ppzLM1CXb4ZwCBop4fyvMrhM3vmFq5M9KkWgm9wLGQBOlJWaHRqnVpTtU9xMTA1Mf5QHCgTAq-GBp9z7Tz9rNfJYPnAZqMmYwDMtIRBXN&sig=Cg0ArKJSzIYMwXgQ027CEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 24 Oct 2023 03:50:54 GMT
csi
csi.gstatic.com/ Frame BF59 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lo3sh983&c=3895798938372&slotId=1947899469186&qqid=CMSh9fbjjYIDFQIv4AodjGAMGg&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BF59 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 13:37:19 GMT
x-content-type-options
nosniff
age
224016
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 20 Oct 2024 13:37:19 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BF59 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 04:06:52 GMT
x-content-type-options
nosniff
age
344643
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Oct 2024 04:06:52 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BF59 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C6ssDHj83ZcSaF4LegAeMwbHQAYSl57tz7tvM5fQR8C4QASDmlIUYYJWCgICwB8gBBakCBuiBPIXmsT6oAwHIA5sEqgSrAk_Q0Dku-4B7G2HumKjoWBDzuEIEa3KklNet8q9l7h4J8lN8uuqG7mweaDYlYvibIkCYS_3tppnOC2-Wws-jqFqcB-B-WVyMswSDusXc45hxZGIY_r2fuCQLFFuHevhRpiHIW6a4JWRy4j4PmCAXLNSvu6Fvb8ZzNme6vu3YO0PWz5Wr0_BCJ9jfYFcmsc3rLPNCb-GvJb6t_S4HT4GjhSoDoQy_UPqShbBICElqAtOMmVXCPagZFLbfatFTsYg6Htvl0MC80AngAVvBy1vy7B_7hygLewpP8M3VuedZ6Iriai1eO3SymvK4fcfu5pHxNWTTZCFx2SOoNVnNdV9F2X_qMFpTdagCGRv9rhDY61sf8SYO6xDxCtfHFVin3BQE_KfFbBMJtvpbkhEMwASmm5bSzQTgBAOIBfrcwOtMkAYBoAZ2gAeN_-ewA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsB4AsBgAwBqg0CREXiDRMIqtvz9uONggMVAi_gCh2MYAwasBPfy9MUyBPa9dLjA9ATANgTCogUA9gUAdAVAfgWAYAXAegXBQ&eventType=clickstring&clientTime=1698119455040&ai=C6ssDHj83ZcSaF4LegAeMwbHQAYSl57tz7tvM5fQR8C4QASDmlIUYYJWCgICwB8gBBakCBuiBPIXmsT6oAwHIA5sEqgSrAk_Q0Dku-4B7G2HumKjoWBDzuEIEa3KklNet8q9l7h4J8lN8uuqG7mweaDYlYvibIkCYS_3tppnOC2-Wws-jqFqcB-B-WVyMswSDusXc45hxZGIY_r2fuCQLFFuHevhRpiHIW6a4JWRy4j4PmCAXLNSvu6Fvb8ZzNme6vu3YO0PWz5Wr0_BCJ9jfYFcmsc3rLPNCb-GvJb6t_S4HT4GjhSoDoQy_UPqShbBICElqAtOMmVXCPagZFLbfatFTsYg6Htvl0MC80AngAVvBy1vy7B_7hygLewpP8M3VuedZ6Iriai1eO3SymvK4fcfu5pHxNWTTZCFx2SOoNVnNdV9F2X_qMFpTdagCGRv9rhDY61sf8SYO6xDxCtfHFVin3BQE_KfFbBMJtvpbkhEMwASmm5bSzQTgBAOIBfrcwOtMkAYBoAZ2gAeN_-ewA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsB4AsBgAwBqg0CREXiDRMIqtvz9uONggMVAi_gCh2MYAwasBPfy9MUyBPa9dLjA9ATANgTCogUA9gUAdAVAfgWAYAXAegXBQ
Requested by
Host: 86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com
URL: https://86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame BF59 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lo3sh9aa&c=3895798938372&slotId=1947899469186&qqid=CMSh9fbjjYIDFQIv4AodjGAMGg&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.kg&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame BF59 		31 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CC1r03EjmzugrPTd-p3sT6k2L6g7ofarlQCKhtNaoZyNjie5644XHz0k0DlPhiYRYfyrDnDM8i8URedOr-8l8roz5gQQ&cry=1&dbm_d=AKAmf-C0ODELjZRNdw0CK4P6F4NvHjyYKR7oc90bgfO3BBugSHULevvv7U4oE4JTQMGlz4VB5g_CeBCqs7-2rZZQtlgqpcLOGcGmfx_eTNNT3M1GS_sKuC3l7kbmFLpLca5F7g65X6BvlueAcDVKXyCQ7Ch-Y-fgGe_5QWGf-v5jPuOhWXJdCvOXpcM2gMs1uXLejP_lOKef4QkPAQee_QJvlAlGxTrlZp-91AGML6OPmynPRcEoKZ2wHJtgwKSvWtbMsEMUf--HUX6cgqE4NjO4DCqbwPM94CKUgll01zVN2ayM0BJvle_8O1mQjbZ5CsezPRLSr6immQUhLUxUl6UI49hULESDJleNmY83ywYFmjjTu0MoyEfLiCvieycj3amHFWyEmAETZ7zCr5CP52VHDNxJzynHdC-By0AwuuUN_tnAIg_42960Hm4-MZUYfL2Al4927hn7g7k3r-bC9NwucTfISCM4AvqiT6-5a6udjzBIU9iOYkBiUqi9Gr-bm1aurkko-JurslsUbrcpsasQqob4HLJuIWvknpOqogbNCAgOTZhIvaJWz6sa8AG6EAAFYto3hZRdzrxrnxQaylLCezmWYMOe8CaU67baeW6uVLOaNYDunUaiv_Sqa7SOyi-5n16Xr2JSfhvotIFywOb_lN8Fh5q6P9EWa1dTx2cw1Er2yLz-mTSQUtf09TfhbkDn5Isprm6dqDi8bvro14EOczEjmN5Z7tO_d4XJb1XbmCK3-vZlgEJpxTasADLOnJuN2Q9gBKNYn8O7WQ6jJ2DBZgA50g1mTqiAf82J0-SvO1yor0pLVa_9wfHwoC0JrOeFDLXJLfOm-JmJAnf7cW2SK57_Nn5fS0kQKX_lRzXLjthgMzGz7AOPZhVe4iqcxmj9EKJY-ccUrGMGUSpYCrz9rIC3-eMft6zlrBH5wGRLYXlbFJp09466aActWeff2QnYS1AiE9moJ2NlMvE6SlUI4Dbjf1TBsaPDs7-efFw29FNI8QAwWj3aUrS7m24lhLNAiePRhc9JVQNQYGP5NK5X5CgEAG-EP8yp3ctY84WTI9dZHUHQcTKyNsaQeOJ-rKKDKeR0lGq_Zc0hi8UI4-hcXGT6VzzIB06FYXWEx6eTgBI9isOejlCNTuo6vOj8y_OUT4eYD5J_FkoHGE5QqVuB0de8KEqdKQu8P3XyvL4H7xsGBqqD9idVJn4y_6Jv3duY1W0G2g1Jf-ytlyRDTkhoIsKO7l-P8NhHANpCVm2i0vZ5Ty-_wVfQEKayK1fbLknYETJ0mrG9JyWadykf3bvW-dBUEFYNcMPch66OdIoIZ2VYeXE_CM9lPH_vw4fB0lbHLYdtIyzbSG2AAhakCd4r_7m8s2E77abafGIL8OwaAioAw3Ounf737X367q9VeakSxBD_lFoi46whIx4yTG9WkEje6owP41EsGwDmisFGMNXs4ai0xnmVVivv60B3Oml5SdDywpadlpRCLEumQARWNP3W_pTfzkXOjxUbgeUbsZNGOcFar9OPy0nACxw8YXLPsdXk1KpA5WyQ2ia8AYG6q2NcmrZPUoEJeNqpQnbDCftJ-tMC9WhX-3u5LEcC7lZgS1y4YMrRwS39SqUuLVC52NaufloLKSSp3wbox35sOcZehMzdSGdP-DHyHGKXexuqzWzJ_tgY78qIra7_-ZYaWEOh4PTlK8-yWjZsZhpooDkh9Yk_Wef0EZYSmVK6Y_WzyuZwWrAUQaSOtz1Tqc5BAxYwJcG2WO7pFAKqf1I-mFGoaYnIQRBmDYV7KlETqnfNjU4qBMS6WxhNigevPEBWlt1rQ611PLiqPX0exFfcRZ1SttNwt1PujjJurJ7D7OLxAhQGjPm7PwKdo0AZeQbs5WzGtb0GGjJ8VbJERitDgaaieLOT25NiQnijpuHnHFKFgI4juKwISIvO5gqBtPCcTCMk5Y6dLmh4LhZa63tg9j6n50UrFG33RgJmRmbpFPfYppS4MYlNRWzY0MmM_O74ZISXOSGVnAi_JxGBLLCi_2PyMNlj3YjRKH-o2kNjTgV3icOlQ3JMN_mLMHNmSLcJx66mNaAMOf2znXNK7wv-YZr1NQU7mo-tm1OwsDCf_AjGj-y2ir0neWNYpziID830gzbRHF4rr8aJ4OImUMdpLT0dmKt9d84cTS1oJ1mStdolyfEpsrzS7-sAHePU_feC-w5G0Ft7ROmnWkeTSh0uDImy-rCFiJZ_fjfvpC2wKf8nJFR7DM-BQjolJkFRsnwi78nTEralzhNsqPJl9Y5T9pLHFq-dD5Zc0hvLCZx8QLDoGd6hmMyuyAlzadGOpj82pkhWZzk1B2r7WeXONWe3wjnLc7k1oyLtU_2FH7LYZDFzACaVvQ9Jq9p20PIQukuW7I0WJTU3gAa7yxlb1c2HSzI42Arxzj6QLboWKOztbIkC94jA_ACXs-Grs738cV-JKSQQGmXkPM0F9v2rFqqLNzO0eY3bXrJqY-m4j_OuG4xB4TY5Nm3if1K2ZAaFTCPIBRcfNrnzuGjPZTAqffZoCjUDFcPgvwHKjtbwkQKsmZQkprW3rAYfWyogUtL127pXJEPaQPa7yOnhQf8Hx9yZFztL-HXkzhX0cT0veDKpZMDgFs-en5ZXQncd9U4XcVyjEl5Nrt_NCJFVmh7Himst57OJD8djnXNpmWWrorAObkZEO5PQa3Nk1leSs8kNS4z6YoPWjQULCBiiHlQKmw1icl0nRU72WRzbl7eDFhXee_hq9HgflbZwtu7pfTtWryLlorFuCNUQ75ALrsas8dzXuw6KbF6CqYxbSFpUsr4Rq7Xa3VudDPZtxyV8be_eZ6icn709SyclCubxxD1WD4XRo_MwkLlGdDy1OI0-w73Y4gFme6bcZ8yerfsrXcMqeIq-tXLW3OBjKoINoarfZRtjCPNlrc6NZjFqu46BCEFhihCxL2ZoMi9bdX0JIA3TnnqfXjAObmhlfgTM11WopwyTzA-XROhJbR5SRVv1PQ3cTlofPPAmd5bpJFFk1o7Toyo_-pZ1-AzPaty4MrdfcQzrsSlve9vXYowuMrkUNpWwLJahm8w8qDPxDw1BkhgGe2Z1hmFgUOiGaD0fqpDpYc0xsJRKLl7HxH-iiJSEjaEl5MXEZv53Y7uP9-hfrBPBoyP2QSDHckPv_KlpzEA1NzRW4RYdg4x9SuhBklBU3yZq5IDX0WV0QdSDB5HlyuuNOqFkR07Oy4ZlvfYx72y2xkIwH0bOERg20MQMUNxGepnPg6jh0i7YOhsFQrfA6ete0QT9UOD1crFZbIQbNX5d_ZIKBTkiz4Z_-AQPnVD2kGeDeFj-oOSwcCp4I2iKXHUmqO_T-WNIF9achQ8zgm8uWugEHnpIU4lJ5y1bkc7lCTBMrmpAo0R5FY3NwNKnEGdenk4VJPg8_5upW1vQeHl7RBRZE_TkO-2yFbRKot1nAuOqZpuDXP-TnUOlFUn3EMYElFIjfVwqwqDkzKOOEtXiXH9XafAdeDrcrZ_0swRSmIv6tDx_wOqSYva23xv1rF59MSuYfRHJiPTUk7o0Vc4H5kUwYungxw4unfnyZG8QbC6XLJvD03W1u5quSJ_DB3dPKL9xDZKicko3pR-9YAKtESDCc63S264-Sl0wNAkl-F5HaKRVpnBx0p9SnQ0cx52MmzKMLdpwMXs56bP76BJaxN4SujRBnjgE2QWPyEc0iGtuCJrccjwY8yV4t0z-JyQAC9dNiP6kVfLED6nmH2nlBBahV-gKVUp7gw-Tt5Wp3F66XwNAo8TWgGVijEmot2nAqHqdZGKOR7WhsED42GOGcj4DG-xAKsTjHBAVwptsjY10qXj4PXnG3XzfzusEwWtlrqLQlqS0wnYhF6pU2EaSuZdv6wiTg_BclzFpyq4HY4VNn6toxV3LVSHD6kuPnqjHkZcrLMeC4_tqa_ZSS0zARmBeGCC2McFaydj0gJQZWoK6abBWNGprnmM0NmAfwVa9UsbiSHHK2_wm5VjKp1RMHI9XqCrYk3HaVoDZf_yunFu6JkQHSA_wqQCm64Z-xnYJQJTZN87JpjBwj3lvX8CAHyeFDfwo46sl3Z5XOKzOpRhQHqZfhKwy48PhIXO2T2j7y2LbmE8tyI6rDQ&cid=CAQSTADICaaNUipDyuQjuluZfr7ZM84_whj0PJzyWIhEnCLqYTQUBp-KxlqiCz_HRPmPfAr6B0p2DcUDBGwMRivQijbbx3VMiRL4j_TptrIYAQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.15.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f154.1e100.net
Software
cafe /
Resource Hash
180d7f305496c5767206068a21f3e5fe5a91eb6d83dcbc55aeb0b718323b2bdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17558
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame BF59 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5cecdbd68236d1313ae3d4bfda8ba50a6228968a09fdccb6aaacf2b4212de1db

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.92.81 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-92-81.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.turnto23.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Tue, 24 Oct 2023 03:50:55 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ 		0
125 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.92.81 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-92-81.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 24 Oct 2023 03:50:55 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CQ-r0Hj83ZcSaF4LegAeMwbHQAYSl57tz7tvM5fQR8C4QASDmlIUYYJWCgICwB8gBBakCBuiBPIXmsT6oAwGqBKgCT9DQOS77gHsbYe6YqOhYEPO4QgRrcqSU163yr2XuHgnyU3y66obubB5oNiVi-JsiQJhL_e2mmc4Lb5bCz6OoWpwH4H5ZXIyzBIO6xdzjmHFkYhj-vZ-4JAsUW4d6-FGmIchbprglZHLiPg-YIBcs1K-7oW9vxnM2Z7q-7dg7Q9bPlavT8EIn2N9gVyaxzess80Jv4a8lvq39LgdPgaOFKgOhDL9Q-pKFsEgISWoC04yZVcI9qBkUtt9q0VOxiDoe2-XQwLzQCeABW8HLW_LsH_uHKAt7Ck_wzdW551noiuJqLV47dLKa8uB8XRt1A7enikCGRc47KR7vcUGvSpxPPTOOBHR_CwgwA38E0vBno7XcCBZU6H9IDnPodYvE-KIGw3p7hETYTDPABKabltLNBOAEA4gF-tzA60ySBQYIAxACGAGSBQsIIhACGAFI7NaIApIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAHjf_nsAOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChDPkzgY7rP5-QHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsB4g0TCKrb8_bjjYIDFQIv4AodjGAMGrAT38vTFMgT2vXS4wPQEwDYEwqIFAPYFAHQFQGAFwGyFx4KHAgAEhRwdWItMjA0NDQyODkxMTAyMjk0MhitixHoFwU&sigh=P6Mc70njY_Q&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaNUipDyuQjuluZfr7ZM84_whj0PJzyWIhEnCLqYTQUBp-KxlqiCz_HRPmPfAr6B0p2DcUDBGwMRivQijbbx3VMiRL4j_TptrIYAQ&vt=10&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 24 Oct 2023 03:50:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame BF59 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CQ-r0Hj83ZcSaF4LegAeMwbHQAYSl57tz7tvM5fQR8C4QASDmlIUYYJWCgICwB8gBBakCBuiBPIXmsT6oAwGqBKgCT9DQOS77gHsbYe6YqOhYEPO4QgRrcqSU163yr2XuHgnyU3y66obubB5oNiVi-JsiQJhL_e2mmc4Lb5bCz6OoWpwH4H5ZXIyzBIO6xdzjmHFkYhj-vZ-4JAsUW4d6-FGmIchbprglZHLiPg-YIBcs1K-7oW9vxnM2Z7q-7dg7Q9bPlavT8EIn2N9gVyaxzess80Jv4a8lvq39LgdPgaOFKgOhDL9Q-pKFsEgISWoC04yZVcI9qBkUtt9q0VOxiDoe2-XQwLzQCeABW8HLW_LsH_uHKAt7Ck_wzdW551noiuJqLV47dLKa8uB8XRt1A7enikCGRc47KR7vcUGvSpxPPTOOBHR_CwgwA38E0vBno7XcCBZU6H9IDnPodYvE-KIGw3p7hETYTDPABKabltLNBOAEA4gF-tzA60ySBQYIAxACGAGSBQsIIhACGAFI7NaIApIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAHjf_nsAOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChDPkzgY7rP5-QHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsB4g0TCKrb8_bjjYIDFQIv4AodjGAMGrAT38vTFMgT2vXS4wPQEwDYEwqIFAPYFAHQFQGAFwGyFx4KHAgAEhRwdWItMjA0NDQyODkxMTAyMjk0MhitixHoFwU&sigh=P6Mc70njY_Q&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaNUipDyuQjuluZfr7ZM84_whj0PJzyWIhEnCLqYTQUBp-KxlqiCz_HRPmPfAr6B0p2DcUDBGwMRivQijbbx3VMiRL4j_TptrIYAQ&vt=10&cbvp=2&vis=1
Requested by
Host: 86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com
URL: https://86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com/
Attribution-Reporting-Eligible
event-source
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 24 Oct 2023 03:50:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
css
fonts.googleapis.com/ Frame EF70 		6 KB
802 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 24 Oct 2023 03:50:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 02:31:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 24 Oct 2023 03:50:55 GMT
select.css
saambaa.com/widget/gpt/728x90/assets/ Frame EF70 		1006 B
776 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saambaa.com/widget/gpt/728x90/assets/select.css
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f9d9c7a87c8d45bf544e7e77ebd3e5ca06c28c690e4c36bf6def49fa95326941

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:52 GMT
content-encoding
gzip
last-modified
Mon, 26 Jun 2017 22:37:38 GMT
server
Microsoft-IIS/8.5
etag
"02525d0cceed21:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
645
smb-dispAd_728x90.css
saambaa.com/widget/gpt/728x90/assets/ Frame EF70 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saambaa.com/widget/gpt/728x90/assets/smb-dispAd_728x90.css
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
ba24eda30cf8adc762f0c2027b5e616f52d83f231c5ddd28f7b6f733d1438fc9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:52 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 20:03:24 GMT
server
Microsoft-IIS/8.5
etag
"04e99bf32b4d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
2981
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161763/8209/ Frame EF70 		233 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/161763/8209/pwt.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
00df4c71abce5525e275be8f94ee32a07ffbeea94226e8096bbb432e3928e8b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:55 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 01:09:13 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=32768
accept-ranges
bytes
content-length
78875
expires
Tue, 24 Oct 2023 12:57:03 GMT
0
api.saambaa.com/properties/widgetconfig/728x90/partner/turnto23.com/platform/ Frame EF70 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.saambaa.com/properties/widgetconfig/728x90/partner/turnto23.com/platform/0?callback=__smbcfgldr936152
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b8af800c7b6345f563d1da2fe5c0ded2e544bfa39c3d75bdcd946f354923a501

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:52 GMT
content-encoding
gzip
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
content-length
1515
vary
Accept-Encoding
content-type
application/javascript
ga4mp.umd.min.js
cdn.jsdelivr.net/npm/@analytics-debugger/ga4mp@latest/dist/ Frame EF70 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@analytics-debugger/ga4mp@latest/dist/ga4mp.umd.min.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b647edf1597f3427578fc09d41be48660f2388e92022eb0693975efd38acda0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2504
x-jsd-version
0.0.8
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230053-FRA, cache-yyz4545-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"231b-bu7prZXfHly9j0HIF61RLekhwNc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2BOW7AEQW7faypg0BTMAZ%2F8mDaMvpeHa%2F0HeP4Q%2Fn3b6Lg72WFzyNsnJrNxOQNYsolMBZ6fw7aCWHtTITCOTTMGlnKYji6yu8FVY6pgse8l5hKwM0Gx4KNZdAUS80CIlkKcmp%2FvVKldeXRGXYWU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
81af4222efa703c4-FRA
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame EF70 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b35ac8a01a854d2726d5a17c8297f4555cd336084d9a5e5d2f952e49913d8775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29252
x-xss-protection
0
server
cafe
etag
685 / 19654 / m202310180101 / config-hash: 16502004400228972408
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:50:55 GMT
saambaa_prebid.js
saambaa.com/assets/js/ Frame EF70 		354 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saambaa.com/assets/js/saambaa_prebid.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c46261799db2b9293be2af0302b45e51ab5d1e383d0e7b4994432c8fe0ff3d26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:52 GMT
content-encoding
gzip
last-modified
Mon, 17 Jul 2023 22:48:25 GMT
server
Microsoft-IIS/8.5
etag
"808288cb0b9d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
115053
analytics.js
www.google-analytics.com/ Frame EF70 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 24 Oct 2023 03:49:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
73
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 24 Oct 2023 05:49:42 GMT
css
fonts.googleapis.com/ Frame EE06 		6 KB
779 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 24 Oct 2023 03:50:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 02:45:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 24 Oct 2023 03:50:55 GMT
select.css
saambaa.com/widget/gpt/728x90/assets/ Frame EE06 		1006 B
688 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saambaa.com/widget/gpt/728x90/assets/select.css
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f9d9c7a87c8d45bf544e7e77ebd3e5ca06c28c690e4c36bf6def49fa95326941

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:52 GMT
content-encoding
gzip
last-modified
Mon, 26 Jun 2017 22:37:38 GMT
server
Microsoft-IIS/8.5
etag
"02525d0cceed21:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
645
smb-dispAd_728x90.css
saambaa.com/widget/gpt/728x90/assets/ Frame EE06 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saambaa.com/widget/gpt/728x90/assets/smb-dispAd_728x90.css
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
ba24eda30cf8adc762f0c2027b5e616f52d83f231c5ddd28f7b6f733d1438fc9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:52 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 20:03:24 GMT
server
Microsoft-IIS/8.5
etag
"04e99bf32b4d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
2981
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161763/8209/ Frame EE06 		233 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/161763/8209/pwt.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
00df4c71abce5525e275be8f94ee32a07ffbeea94226e8096bbb432e3928e8b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:55 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 01:09:13 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=32768
accept-ranges
bytes
content-length
78875
expires
Tue, 24 Oct 2023 12:57:03 GMT
0
api.saambaa.com/properties/widgetconfig/728x90/partner/turnto23.com/platform/ Frame EE06 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.saambaa.com/properties/widgetconfig/728x90/partner/turnto23.com/platform/0?callback=__smbcfgldr141898
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
7de013e5ea8474daa73832c5d2b90579801ccff7ff402cd01cd1f3d490244f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:52 GMT
content-encoding
gzip
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
content-length
1524
vary
Accept-Encoding
content-type
application/javascript
ga4mp.umd.min.js
cdn.jsdelivr.net/npm/@analytics-debugger/ga4mp@latest/dist/ Frame EE06 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@analytics-debugger/ga4mp@latest/dist/ga4mp.umd.min.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b647edf1597f3427578fc09d41be48660f2388e92022eb0693975efd38acda0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2504
x-jsd-version
0.0.8
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230053-FRA, cache-yyz4545-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"231b-bu7prZXfHly9j0HIF61RLekhwNc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LTORUVGLMsAn55J1I1s2AHaytWLlu3jlZWO9xWyBbeECQF6zsdr60k%2BtA7PUX1NGxd6BGmOG6LzwKf9PGbHQ2zAexARxsaawa6G9IFFOfEXdbzTDgIcUIPDCJ%2FKsyG01eT0if3V0fLeZQmhCydA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
81af4222efa603c4-FRA
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame EE06 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b201f87a9f0434b6a7e689ca5b3bed68770c7c8d94aaf10e1ae756cd44f93129
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29255
x-xss-protection
0
server
cafe
etag
288 / 19654 / 31079032 / config-hash: 16502004400228972408
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:50:55 GMT
saambaa_prebid.js
saambaa.com/assets/js/ Frame EE06 		354 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saambaa.com/assets/js/saambaa_prebid.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c46261799db2b9293be2af0302b45e51ab5d1e383d0e7b4994432c8fe0ff3d26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:52 GMT
content-encoding
gzip
last-modified
Mon, 17 Jul 2023 22:48:25 GMT
server
Microsoft-IIS/8.5
etag
"808288cb0b9d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
115053
analytics.js
www.google-analytics.com/ Frame EE06 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 24 Oct 2023 03:49:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
73
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 24 Oct 2023 05:49:42 GMT
csi
csi.gstatic.com/ Frame BF59 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lo3sh9ar&c=3895798938372&slotId=1947899469186&qqid=CMSh9fbjjYIDFQIv4AodjGAMGg&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame BF59 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 22:32:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
105486
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 21 Oct 2024 22:32:49 GMT
file.mp4
r4---sn-5go7ynld.c.2mdn.net/videoplayback/id/a92cae990e1856ea/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1729655455/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame BF59
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/a92cae990e1856ea/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1729655455/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
  • https://r4---sn-5go7ynld.c.2mdn.net/videoplayback/id/a92cae990e1856ea/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1729655455/sparams/acao,ctier,expire,id,ip,ipbits,itag...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r4---sn-5go7ynld.c.2mdn.net/videoplayback/id/a92cae990e1856ea/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1729655455/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/11892793083ECB9762B874FA34FDD348A18F0CE6.01AA3E180F4C710063F2E06ABF0F891DF5A88EA9/key/cms1/cms_redirect/yes/mh/Yt/mip/2a00:c98:2050:a007:2::5/mm/42/mn/sn-5go7ynld/ms/onc/mt/1698118424/mv/u/mvi/4/pl/60/file/file.mp4
Protocol
HTTP/1.1
Server
2a00:1450:400f:3::9 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 03:50:55 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
3406784
Last-Modified
Fri, 06 Oct 2023 21:49:16 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Tue, 24 Oct 2023 03:50:55 GMT

Redirect headers

date
Tue, 24 Oct 2023 03:50:55 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
652
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com
location
https://r4---sn-5go7ynld.c.2mdn.net/videoplayback/id/a92cae990e1856ea/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1729655455/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/11892793083ECB9762B874FA34FDD348A18F0CE6.01AA3E180F4C710063F2E06ABF0F891DF5A88EA9/key/cms1/cms_redirect/yes/mh/Yt/mip/2a00:c98:2050:a007:2::5/mm/42/mn/sn-5go7ynld/ms/onc/mt/1698118424/mv/u/mvi/4/pl/60/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/ Frame EF70 		422 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b333a33f794194adaf94287fb06c6529010aade13c0574140ea03f4bd9f433bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:47:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
32594
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135328
x-xss-protection
0
server
cafe
etag
16474413789440466402
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 22 Oct 2024 18:47:41 GMT
event
prebid-a.rubiconproject.com/ 		0
125 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.92.81 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-92-81.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 24 Oct 2023 03:50:55 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.92.81 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-92-81.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.turnto23.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Tue, 24 Oct 2023 03:50:55 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 5BDF 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
75721
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Oct 2023 06:48:54 GMT
expires
Tue, 22 Oct 2024 06:48:54 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/ Frame EE06 		422 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079032
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b333a33f794194adaf94287fb06c6529010aade13c0574140ea03f4bd9f433bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 07:37:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
72817
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135328
x-xss-protection
0
server
cafe
etag
16474413789440466402
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 22 Oct 2024 07:37:18 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310180101&jk=148997012788839&bg=!n5ylnNPNAAaMkNwkrJA7ADQBe5WfOC2Dqb_9N0N8m-OGAZyQl3lhlp5A-1LegbQAPikuDIBPSZWZnbYtPbzIn2-duZR_AgAAAE1SAAAABGgBBwoAOaCOD15F0WjF4OBMpX8K15KN17DTNrX6U59pyMfc9M3rnZ8zu44Woh2O6d_hS6JKNWYCEJf5XzAjvJkCxxyipIRBX9pocC2cVtamN-2kiCMzFSCAOfrbcZq82KHQytsxOkc2yZBPr-H3ydTXva_YfTLBaxOGs9v5NLjWnIMombaC5XsZjCOnSkEPePggVg71ruPyXAd4cW8jgmtQaKG-0XMAPrXg1kVn8jjNqAYvW6-i1BpEGxnnFxr8-1WxWQ2tMGEkeMY8iNruPBV2O0LhnsJ6JnN5LXBSIgpwSEsyh-CGvR1dy2aa283setSwZ3nYrkOf3tFPddqdOAxItnjrTyhOB0X2JfoxFGeTFN4xM5pd0aDSNFmyEsr7hiW2Nza3Y8BiUth4qboepi1lNNnhnINdVzA7KT2kySIjBy_oUw_qO0PWlEXKFb3au9nu7wReNYkDU4grHi-RAvBoYbOdbJ7JsrCoxlGE0p4ft5SQDrlrnNeP7dnz1PzAxFbzPYuwXkCmmqNhdjj23tQ0Q3_v8tx7hX6_Mje7Dytnqk16i7xOgIm2zl4RvQACtomwVHIARKgA6l0211gVPejq23L4Fs11T8khmB59gWabb8qQvv480JEuaSjhR0EtbIubuFIupaLIBrzksHYDbPQwrjLNIjcX1IeLVw6fZqwMmSAtDRw5QJ5KgymDsc9hZ1lBQNeL0vz0ZsYv_GLmd6YXa3FGoFvS5F_dgR1Uca6WinldZ8iTNIloyX87iQsch85RjG6pEh8ojQPZoZczKt0k9RuV0yqMsDptoCuczCbgoTGt13mCAdGPpUblgSi9fz8UZUPB5kJ78sLXM8SqQNqKHZaT2BqRoqhMbldTfmY8OzLOWx5a6ZIB6fiHalL9XxaZE39tGFOXWLBGcI-K7JiXVhem1mq76k8Z7iZjI0-nl6gfyi3Xi7Ruh5_zniGPUZ4DGn7po5d4gr1Juq9Rj-FdqxK_VstYe4LJCIi9y_UFynem3XUPjChPXAffPmPJDP3isN_xP1ASGw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
8QxZzmuR7J82fz3RFS-hWDtjrj1St-cfLbl-hWRCZEo.js
pagead2.googlesyndication.com/bg/ Frame 5BDF 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/8QxZzmuR7J82fz3RFS-hWDtjrj1St-cfLbl-hWRCZEo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f10c59ce6b91ec9f367f3dd1152fa1583b63ae3d52b7e71f2db97e856442644a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:54:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
482169
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15035
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Oct 2024 13:54:46 GMT
quant.js
secure.quantserve.com/ Frame EF70 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:55 GMT
content-encoding
gzip
etag
"0nVqEbFaTM2zzuiWgn9NwQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 31 Oct 2023 03:50:55 GMT
op.js
tagan.adlightning.com/saambaa-scripps/ Frame EF70 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-scripps/op.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
effcb37466d42c01aee829b50ad7a5f3eb6e540af405ca5511a4bb8f5efe1fb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
NREHr2TrvOK6ZitOcohabBs0n3UaiKx6
content-encoding
gzip
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
date
Tue, 24 Oct 2023 03:32:43 GMT
x-amz-cf-pop
FRA60-P4
age
1098
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
7090
x-amz-meta-git_commit
bf5d88b
last-modified
Mon, 23 Oct 2023 23:01:21 GMT
server
AmazonS3
etag
"62bae34fedd231207fdc6a016bc4b72d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1800
accept-ranges
bytes
x-amz-cf-id
vfijcmD8MR5PMWe_Kbh7lid7xKQq8faleWPb8vy9RTE0s5kJSlX1vg==
0
api.saambaa.com/post/storyboard/12463/market/ Frame EF70 		1 KB
807 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.saambaa.com/post/storyboard/12463/market/0
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c2c25bb39f8efa8b490d7c22d2f4ad85f62b78f0fcc7b0aa74c6771f017a55ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:53 GMT
content-encoding
gzip
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://www.turnto23.com
access-control-allow-credentials
true
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame EF70 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6200089548495652
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5b8cf5ba57b2f1136536c6259c1ab39a48a70e9fe2faf33469be697dff659757
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Origin
https://www.turnto23.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51096
x-xss-protection
0
server
cafe
etag
7981227230651774334
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:50:55 GMT
logo-saambaa.png
saambaa.com/assets/image/ Frame EF70 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa.com/assets/image/logo-saambaa.png
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
d33f7513fa0e7c91f0612b7ef6e44aadedc1ea2165b737d22c425835ea130b96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:53 GMT
last-modified
Mon, 02 Oct 2017 20:10:35 GMT
server
Microsoft-IIS/8.5
etag
"22c03482ba3bd31:0"
x-powered-by
ASP.NET
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
2412
loader-dots.gif
saambaa.com/widget/gpt/728x90/assets/ Frame EF70 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa.com/widget/gpt/728x90/assets/loader-dots.gif
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
03aad58f643224f6ce0d2172cb2ed55ca8129bdab96873e2d4ed033972f0c800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:53 GMT
last-modified
Mon, 26 Jun 2017 22:37:38 GMT
server
Microsoft-IIS/8.5
etag
"02525d0cceed21:0"
x-powered-by
ASP.NET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
33406
truncated
/ Frame EF70 		690 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d6a5e09e10f94077749be842a39eccdb423df69e86b81b279683fcfc33ad443c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
quant.js
secure.quantserve.com/ Frame EE06 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:55 GMT
content-encoding
gzip
etag
"0nVqEbFaTM2zzuiWgn9NwQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 31 Oct 2023 03:50:55 GMT
op.js
tagan.adlightning.com/saambaa-scripps/ Frame EE06 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-scripps/op.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
effcb37466d42c01aee829b50ad7a5f3eb6e540af405ca5511a4bb8f5efe1fb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
NREHr2TrvOK6ZitOcohabBs0n3UaiKx6
content-encoding
gzip
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
date
Tue, 24 Oct 2023 03:32:43 GMT
x-amz-cf-pop
FRA60-P4
age
1098
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
7090
x-amz-meta-git_commit
bf5d88b
last-modified
Mon, 23 Oct 2023 23:01:21 GMT
server
AmazonS3
etag
"62bae34fedd231207fdc6a016bc4b72d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1800
accept-ranges
bytes
x-amz-cf-id
dFQlArPp7IDM82Qz7jXrDOB-Zcds9SyYuWKnvfF6xO63_H-9ILdD9Q==
logo-saambaa.png
saambaa.com/assets/image/ Frame EE06 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa.com/assets/image/logo-saambaa.png
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
d33f7513fa0e7c91f0612b7ef6e44aadedc1ea2165b737d22c425835ea130b96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:53 GMT
last-modified
Mon, 02 Oct 2017 20:10:35 GMT
server
Microsoft-IIS/8.5
etag
"22c03482ba3bd31:0"
x-powered-by
ASP.NET
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
2412
loader-dots.gif
saambaa.com/widget/gpt/728x90/assets/ Frame EE06 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa.com/widget/gpt/728x90/assets/loader-dots.gif
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
03aad58f643224f6ce0d2172cb2ed55ca8129bdab96873e2d4ed033972f0c800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:53 GMT
last-modified
Mon, 26 Jun 2017 22:37:38 GMT
server
Microsoft-IIS/8.5
etag
"02525d0cceed21:0"
x-powered-by
ASP.NET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
33406
0
api.saambaa.com/post/storyboard/12463/market/ Frame EE06 		1 KB
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.saambaa.com/post/storyboard/12463/market/0
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c2c25bb39f8efa8b490d7c22d2f4ad85f62b78f0fcc7b0aa74c6771f017a55ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:53 GMT
content-encoding
gzip
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://www.turnto23.com
access-control-allow-credentials
true
content-length
591
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame EE06 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6200089548495652
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
26fa19d21396c4583f8365633a30b55610879050a08a0097991b6f1eb47b9ec9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Origin
https://www.turnto23.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51094
x-xss-protection
0
server
cafe
etag
8740868399582406128
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:50:55 GMT
collect
www.google-analytics.com/g/ Frame EF70 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-C8BLF2PJDB&cid=1412431911.1698119455&_npa=1&_s=1&sid=1698119455&sct=1&dl=https%3A%2F%2Fwww.turnto23.com%2F&dr=https%3A%2F%2Fwww.turnto23.com%2F&dt=&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=0&uap=&uapv=&uaw=0&seg=1&en=smb_728x90_desktop
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@analytics-debugger/ga4mp@latest/dist/ga4mp.umd.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ Frame EE06 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-C8BLF2PJDB&cid=1491216272.1698119455&_npa=1&_s=1&sid=1698119455&sct=1&dl=https%3A%2F%2Fwww.turnto23.com%2F&dr=https%3A%2F%2Fwww.turnto23.com%2F&dt=&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=0&uap=&uapv=&uaw=0&seg=1&en=smb_728x90_desktop
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@analytics-debugger/ga4mp@latest/dist/ga4mp.umd.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame EE06 		690 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d6a5e09e10f94077749be842a39eccdb423df69e86b81b279683fcfc33ad443c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
file.mp4
r4---sn-5go7ynld.c.2mdn.net/videoplayback/id/a92cae990e1856ea/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1729655455/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame BF59 		870 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r4---sn-5go7ynld.c.2mdn.net/videoplayback/id/a92cae990e1856ea/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1729655455/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/11892793083ECB9762B874FA34FDD348A18F0CE6.01AA3E180F4C710063F2E06ABF0F891DF5A88EA9/key/cms1/cms_redirect/yes/mh/Yt/mip/2a00:c98:2050:a007:2::5/mm/42/mn/sn-5go7ynld/ms/onc/mt/1698118424/mv/u/mvi/4/pl/60/file/file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400f:3::9 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Range
bytes=0-

Response headers

expires
Tue, 24 Oct 2023 03:50:55 GMT
date
Tue, 24 Oct 2023 03:50:55 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-3406783/3406784
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
3406784
last-modified
Fri, 06 Oct 2023 21:49:16 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com
client-protocol
quic
b-bf5d88b-a63e596d.js
tagan.adlightning.com/saambaa-scripps/ Frame EE06 		81 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fa89391e3469f8058741d523202cc91c8d09cd60904bb4e8b7f29cdd131e21f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 12:53:47 GMT
content-encoding
gzip
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-version-id
w2CFDfXgWToQaU2Wu4JnPbCVlMPRw.zt
x-amz-cf-pop
FRA60-P4
age
831429
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30736
x-amz-meta-git_commit
bf5d88b
last-modified
Mon, 25 Sep 2023 15:15:46 GMT
server
AmazonS3
etag
"a1617ff72fe85a663d89bf61d753aef9"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
XPFdQtO11ZHvt6YfR7LyDJAR4HwPlJtBnhmO3CTvaXhuOJndWwwqUA==
bl-34df212-412faea5.js
tagan.adlightning.com/saambaa-scripps/ Frame EE06 		68 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-scripps/bl-34df212-412faea5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c849c8c65be44de422c18eea1d8d2ede23aefd848e8ca38632f8e0baf46409c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 23:01:34 GMT
content-encoding
gzip
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-version-id
JECc_4XSiYcqR.0QHH4.ZXrT7dd89F3e
x-amz-cf-pop
FRA60-P4
age
17362
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29189
x-amz-meta-git_commit
34df212
last-modified
Mon, 23 Oct 2023 23:00:53 GMT
server
AmazonS3
etag
"61dcdd6c21fb71c028a03b5e5ff6aa09"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
PEOgN73B1ebJR7z2MgfN8gX8OKr_t2IW1kZDYXzYTTf5EZzotnKtYQ==
b-bf5d88b-a63e596d.js
tagan.adlightning.com/saambaa-scripps/ Frame EF70 		81 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fa89391e3469f8058741d523202cc91c8d09cd60904bb4e8b7f29cdd131e21f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 12:53:47 GMT
content-encoding
gzip
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-version-id
w2CFDfXgWToQaU2Wu4JnPbCVlMPRw.zt
x-amz-cf-pop
FRA60-P4
age
831429
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30736
x-amz-meta-git_commit
bf5d88b
last-modified
Mon, 25 Sep 2023 15:15:46 GMT
server
AmazonS3
etag
"a1617ff72fe85a663d89bf61d753aef9"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
qJS6o8I5yNHkHE5de6izdIPxAuNl0pZDZRSnDZxK_atLWWl1EnzpDQ==
bl-34df212-412faea5.js
tagan.adlightning.com/saambaa-scripps/ Frame EF70 		68 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-scripps/bl-34df212-412faea5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c849c8c65be44de422c18eea1d8d2ede23aefd848e8ca38632f8e0baf46409c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 23:01:34 GMT
content-encoding
gzip
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-version-id
JECc_4XSiYcqR.0QHH4.ZXrT7dd89F3e
x-amz-cf-pop
FRA60-P4
age
17362
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29189
x-amz-meta-git_commit
34df212
last-modified
Mon, 23 Oct 2023 23:00:53 GMT
server
AmazonS3
etag
"61dcdd6c21fb71c028a03b5e5ff6aa09"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
cOAXUYFz9L2tugL2UBvxA9Nocn6ZDZNgkzJCco1VetaX7tGhLtGzmw==
rules-p-TWKb6gH_3MnFX.js
rules.quantcount.com/ Frame EF70 		160 B
635 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-TWKb6gH_3MnFX.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:aa00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b6276bdfd4e4844bffab5fc63afcbf296b5ab01ffab5ec61c7c513ba41089d09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:45:08 GMT
via
1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
348
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Fri, 14 Oct 2022 00:10:08 GMT
server
AmazonS3
etag
"60b74b47b16486dd7914c1bc3fe2b29f"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
nHpW43YyVXOUjbEkgBE3oXwsQ1YTcW5wAQ9PAUwp5dC7o7W7cXvApw==
rules-p-TWKb6gH_3MnFX.js
rules.quantcount.com/ Frame EE06 		160 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-TWKb6gH_3MnFX.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:aa00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b6276bdfd4e4844bffab5fc63afcbf296b5ab01ffab5ec61c7c513ba41089d09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:45:08 GMT
via
1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
348
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Fri, 14 Oct 2022 00:10:08 GMT
server
AmazonS3
etag
"60b74b47b16486dd7914c1bc3fe2b29f"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
xjg5HuPy_QTYAekUPDeJwbHoB-lGr4_Ok4a-w6ES-yGK8uF8-u3Ssg==
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180101/ Frame EF70 		394 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6200089548495652&plah=www.turnto23.com&bust=31079012
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6200089548495652
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
72884ce61ad28488aa1bd7421e1e3649264ab64943a5369df089cea97ab14385
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136920
x-xss-protection
0
server
cafe
etag
5008667220748539836
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:50:55 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231019/r20190131/ Frame F073 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231019/r20190131/zrt_lookup.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
15674
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4480
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Oct 2023 23:29:42 GMT
etag
4569948109300706969
expires
Mon, 06 Nov 2023 23:29:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180101/ Frame EE06 		394 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6200089548495652&plah=www.turnto23.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6200089548495652
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0827767b6e50f2c51ce9ca205d956b3158d98695b305c63501544fe99f73e86c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136920
x-xss-protection
0
server
cafe
etag
18019655772273022238
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:50:56 GMT
blank.png
saambaa.com/assets/image/ Frame EF70 		68 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa.com/assets/image/blank.png
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:53 GMT
last-modified
Wed, 14 Feb 2018 23:02:54 GMT
server
Microsoft-IIS/8.5
etag
"cebd78f2e7a5d31:0"
x-powered-by
ASP.NET
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
68
728x90_oahu_v3.png
saambaa-static.azureedge.net/sidestage/ Frame EF70 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa-static.azureedge.net/sidestage/728x90_oahu_v3.png
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/676B) /
Resource Hash
446b97e70c328363f2cd5fbc1eee6d8307ee92ef0a8e894bbca5409e110095e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 24 Oct 2023 03:50:56 GMT
last-modified
Thu, 27 Jan 2022 00:46:57 GMT
server
ECAcc (frb/676B)
content-md5
5VOrxFk1xKRvkGqad3v+sA==
age
337963
etag
0x8D9E12E85B2CCAC
x-cache
HIT
content-type
image/png
x-ms-request-id
e3aa0027-f01e-001d-511a-0334e8000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
17345
blank.png
saambaa.com/assets/image/ Frame EE06 		68 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa.com/assets/image/blank.png
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:53 GMT
last-modified
Wed, 14 Feb 2018 23:02:54 GMT
server
Microsoft-IIS/8.5
etag
"cebd78f2e7a5d31:0"
x-powered-by
ASP.NET
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
68
728x90_oahu_v3.png
saambaa-static.azureedge.net/sidestage/ Frame EE06 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa-static.azureedge.net/sidestage/728x90_oahu_v3.png
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/676B) /
Resource Hash
446b97e70c328363f2cd5fbc1eee6d8307ee92ef0a8e894bbca5409e110095e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 24 Oct 2023 03:50:56 GMT
last-modified
Thu, 27 Jan 2022 00:46:57 GMT
server
ECAcc (frb/676B)
content-md5
5VOrxFk1xKRvkGqad3v+sA==
age
337963
etag
0x8D9E12E85B2CCAC
x-cache
HIT
content-type
image/png
x-ms-request-id
e3aa0027-f01e-001d-511a-0334e8000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
17345
csi
csi.gstatic.com/ Frame BF59 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lo3sh9ef&c=3895798938372&slotId=1947899469186&qqid=CMSh9fbjjYIDFQIv4AodjGAMGg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1617&mt=video%2Fmp4&vs=720x1280&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=22&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.oa&ua_e=1&ape=1&ple=0&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:56 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel;r=2057180283;rf=0;a=p-TWKb6gH_3MnFX;url=https%3A%2F%2Fwww.turnto23.com%2F;ref=https%3A%2F%2Fwww.turnto23.com%2F;uht=2;fpan=1;fpa=P0-50163491-1698119455910;pbc=594322fa-f6a2-4300-8529-316a7fb2...
pixel.quantserve.com/ Frame EF70 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=2057180283;rf=0;a=p-TWKb6gH_3MnFX;url=https%3A%2F%2Fwww.turnto23.com%2F;ref=https%3A%2F%2Fwww.turnto23.com%2F;uht=2;fpan=1;fpa=P0-50163491-1698119455910;pbc=594322fa-f6a2-4300-8529-316a7fb2181c;ns=1;ce=1;qjs=1;qv=d48babbb-20231018122215;cm=;gdpr=0;d=turnto23.com;dst=1;et=1698119456355;tzo=-120;ogl=;ses=a3cc5e35-523b-425e-84f4-8488f2628a57;mdl=
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:56 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel;r=1831167240;rf=0;a=p-TWKb6gH_3MnFX;url=https%3A%2F%2Fwww.turnto23.com%2F;ref=https%3A%2F%2Fwww.turnto23.com%2F;uht=2;fpan=1;fpa=P0-159855721-1698119455912;pbc=594322fa-f6a2-4300-8529-316a7fb...
pixel.quantserve.com/ Frame EE06 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1831167240;rf=0;a=p-TWKb6gH_3MnFX;url=https%3A%2F%2Fwww.turnto23.com%2F;ref=https%3A%2F%2Fwww.turnto23.com%2F;uht=2;fpan=1;fpa=P0-159855721-1698119455912;pbc=594322fa-f6a2-4300-8529-316a7fb2181c;ns=1;ce=1;qjs=1;qv=d48babbb-20231018122215;cm=;gdpr=0;d=turnto23.com;dst=1;et=1698119456358;tzo=-120;ogl=;ses=a3cc5e35-523b-425e-84f4-8488f2628a57;mdl=
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:56 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame EF70 		216 B
555 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.turnto23.com&callback=_gfp_s_&client=ca-pub-6200089548495652&cookie=ID%3De50e849b35181897%3AT%3D1698119454%3ART%3D1698119454%3AS%3DALNI_Mb5-AwItlY21SH9fpmhb-BfN2L0Xw&gpic=UID%3D00000ca185f196c1%3AT%3D1698119454%3ART%3D1698119454%3AS%3DALNI_MZ3lXs6HWnz-gMYNjwKFORAKht3QA
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6200089548495652&plah=www.turnto23.com&bust=31079012
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4550746366703f4d024deace79fb586300593fb08a081f10697dbef863a97230
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
204
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7F99 		603 B
116 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6200089548495652&output=html&adk=1812271804&adf=3279755400&lmt=1698112256&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x540_l%7C212x540_r&format=0x0&url=https%3A%2F%2Fwww.turnto23.com%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698119455942&bpp=10&bdt=1387&idt=563&shv=r20231019&mjsv=m202310180101&ptt=9&saldr=aa&cookie=ID%3De50e849b35181897%3AT%3D1698119454%3ART%3D1698119454%3AS%3DALNI_Mb5-AwItlY21SH9fpmhb-BfN2L0Xw&gpic=UID%3D00000ca185f196c1%3AT%3D1698119454%3ART%3D1698119454%3AS%3DALNI_MZ3lXs6HWnz-gMYNjwKFORAKht3QA&nras=1&correlator=5899886685643&frm=23&ife=4&pv=2&ga_vid=1990415797.1698119454&ga_sid=1698119457&ga_hid=2120292015&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=728&ish=90&ifk=3773104044&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31078019%2C44805113%2C44805533%2C44805934%2C44806737%2C31078297%2C31079012%2C44806141&oid=2&pvsid=530274199045409&tmod=677431818&uas=0&nvt=1&fsapi=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.7atj4yn12goa&btvi=1&fsb=1&dtd=616
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 03:50:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame EF70 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=MAD_INVIEW&cls=sal--container%20ad--inview%20size--728x90%20sal--loaded&ign=false&pw=1600&ph=1200&x=0&y=1130.4
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame EE06 		216 B
271 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.turnto23.com&callback=_gfp_s_&client=ca-pub-6200089548495652&cookie=ID%3De50e849b35181897%3AT%3D1698119454%3ART%3D1698119454%3AS%3DALNI_Mb5-AwItlY21SH9fpmhb-BfN2L0Xw&gpic=UID%3D00000ca185f196c1%3AT%3D1698119454%3ART%3D1698119454%3AS%3DALNI_MZ3lXs6HWnz-gMYNjwKFORAKht3QA
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6200089548495652&plah=www.turnto23.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1673135c92e9aee856bae71f33a38583105115d0a7a09b9f0a0e3aca57113268
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
203
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame EE06 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=MAD_INVIEW&cls=sal--container%20ad--inview%20size--728x90%20sal--loaded&ign=false&pw=1600&ph=1200&x=0&y=1130.4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6200089548495652&plah=www.turnto23.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame CA6A 		603 B
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6200089548495652&output=html&adk=1812271804&adf=3279755403&lmt=1698112256&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x540_l%7C212x540_r&format=0x0&url=https%3A%2F%2Fwww.turnto23.com%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698119456313&bpp=3&bdt=1598&idt=267&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&cookie=ID%3De50e849b35181897%3AT%3D1698119454%3ART%3D1698119454%3AS%3DALNI_Mb5-AwItlY21SH9fpmhb-BfN2L0Xw&gpic=UID%3D00000ca185f196c1%3AT%3D1698119454%3ART%3D1698119454%3AS%3DALNI_MZ3lXs6HWnz-gMYNjwKFORAKht3QA&nras=1&correlator=5899886685643&frm=23&ife=4&pv=1&ga_vid=1990415797.1698119454&ga_sid=1698119457&ga_hid=282875182&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=728&ish=90&ifk=2754386938&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077328%2C44805112%2C44805533%2C44805914%2C44805932%2C44806737%2C31078297%2C44803793%2C44806141&oid=2&pvsid=2815794612805761&tmod=227490395&uas=0&nvt=1&fsapi=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.jxm8jziqhh8v&fsb=1&dtd=289
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 03:50:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame EF70 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvCOGZTMGbDCSrmhkCXNEalPu7yLxt1EH2GkyWEJcUYpEDoj_mpLuoymZjnu_k87X18u1LjxJfGTPZehRKKNud4R29uSp8ZJOoUwI06o0D4AK1HifUJcGMPf1wqklHyXRx73VUi4xiSC5urMdJhzA5qG_2W2nOReA6fdGQ1xdPoq7abP-UqD7b1SFKbozKu5WKrsGuapDiS9ljWpHJKF9RVW09LuxDassNm3BlTRw0PJu2BbcGv_m8dmLcQQUpWtQHCeWBvR9qMrzZVERnwsvRlK5xONx4coKnpKEFU27MdOJHBmSTmFq3ieK4maMRmc1FDBxU2MJhlxLKq_sdPT8f05XhiYIZ-Dfbc3I5hdmnktzQTtk8Shg&sai=AMfl-YSn-aSXKHD_01hGwPzSoF0rXpXitkXgO7MpAU7pvJC_z_7Tm-qm89DgTkxhJgF0tgN6lTclM0wAR94WHyZ3AMEH6bHFRSXaSq5WTz7oLgJivn1nJf-D7o8XVGmHwxX7C5hogQH0dohaM193hZA&sig=Cg0ArKJSzMF0CZ3wdq7_EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 24 Oct 2023 03:50:56 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame EF70 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231019&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6200089548495652&plah=www.turnto23.com&bust=31079012
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b60027faece44b420b9bcbba834808626141ba9fde3a68bdf04ad10d359866ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12444
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5BDF 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=Bgpu8Hz83ZY-UCd-U9fgPssCJ0AgAAAAAOAHgBAI&bg=!BQalBknNAAao7_3LiO87ADQBe5WfOPOxxDczCbXaptxjjNwpo0dBoHIGnpp3oHi9ThyzgYZ0cmAPMxBu1uy4Uvvbn0ikAgAAA91SAAAABGgBB5kDA9and1fkSe39z0Zr81ZMeXu6rXL7tJs4_qy0Dx0iYJQWnvX-Kf6erKb2fUb_e1jdHoONh7hhL4sDmSdT-Mg35xTxG3HNuqKA_2ruGGftEMnyx-dVWKhN4V-uQGFGpQgEtkwl4g5N-Px8WFMAvhO0cagXs35qYxtMdYRubVTW5SgEOgLh7EshGxVyCaUq-i4NYIwY_0_p5aHuxS9mVX-uvGtyXCYUdap_LNlOefh2InMcgTyFWlA9a1Ql7UPOe3vhFLaJw69i3m7nZfvQa7IdxXZ9ipsLcNTyjwkuy7awN1cb31j9sbAJhTjUVnbdTtXqmjahVQy-1kbaM-3rRBL-uPl1uKgbV249PHUXhph0NlaQ-FDi649K4ljgK6SbOZz21egALUgQFoOZZ0ywWnl2tKrlIKSym6bbXkMXfK-oV7vuikGd0CpcGqU2BjgnSullNIDqgKz3lBmTm84XX6-d_neJ8Fl5xxVuXPAJs_Hp-tdDto-dQwKI43w8q3QEbGIPM_3R6uLgVC5tK6Khao1c_V6wS_zca3gBiIUCKBzlPpcKJYZ41PFPtB-3-7AQUneNPS0CIj1W21zrYaThDzTXE-8NzluTvR5d8nXsNPoYkRRToyc-CduwQK6ant855kG4f0M1jK8IXBKf69_BRmNTcWD5bKncZNoYqg4VRUN_xwnanqzJL2GuJU44JfM9Q-6fVfKvGIpWxDy0J7bYVTh-qv2CdWG7IYRk1Y-Z-kKPbhDoHfbnaJqu9rMTueyPxvb_7XKaaTax-DIWf44Shd4MWmb-lA_c5oFAPuDB5gbXD5Asud6ysbLL3xK3XT37bxW_pcNmRKpglUC_1FXr51iVtnIbxFWzymHaavtBms5LJ5C12RpfnoW3WG6Fq09RQwiWUcouFissqLnbH5hbN2PS6IOAmdFXJqkyoYE1djatsLD2kRKMW65olUEnDXt1ZXCzEqQ88PVOEZOVzhw0aG3X9Vh2umX_qkWsThvHwYjDzR7n7YoHcab_Elrn6ZvVwccOHR0VBA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame EF70 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 24 Oct 2023 03:50:56 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame EE06 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstIZb3GlhvgOF6PAkfZSAG0Nukx05fyrzAnXfKXkkzA8UX61TyR1_IdIMJXnoG0jg5lixMr7qXLu5y6fuQUTLaXlzQN5-5dx1vHNVLt_ABwfiOE5CrY2g08vv7D5sM2rOaqgcUS1jpjQ4eUJFIxpBqFi-NEzeX2uackSDtxidN6XO5FDSNRD7ymCxZyPkrREolkP73kSFMyCsRkUv3B5tGIa74xWnpfFTwC1YS6rqbgxN2b7ymUZL6TlgS_hDsB7G8hNCRu3eT4NhIYQou7a7UzPd5mje3u6Ml4TWhir3eIB_cYLUeKZzWrHKyBD6q7AVMVBTdS9MsN45t_IPGlCMSKkTHnls0T3QjuYzCUfq0Cc-qrogxGi5o&sai=AMfl-YSxwUIPaTMWoJ4YnM5Wa4hI88RfHtSNh0hangkpfKB8rlt48FRbDBmtuztWadh7mglMapeBfl7URnkvu1IHrb8AbheTrowtgksdk2BNCOV0qThIYtPx3Q48Mb8Z3ELQEhgBmnSWi208sLM6hBp5&sig=Cg0ArKJSzH-gaq9ys2tHEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 24 Oct 2023 03:50:56 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame EE06 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231017&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6200089548495652&plah=www.turnto23.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7e9d796a15dd7cb0ba2073dd49de6d1efacf4708ff791a227d350f95a00fc1f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12196
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E474 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
33960
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Oct 2023 18:24:56 GMT
expires
Tue, 22 Oct 2024 18:24:56 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 375B 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
acb3a6c766954e7423f0ffd1e12e605e11811bd358a7a1be5443d4b1c80a4a80
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jPBjJqTlNt96crFlp-ItKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-jPBjJqTlNt96crFlp-ItKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 03:50:56 GMT
expires
Tue, 24 Oct 2023 03:50:56 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar2.js
tpc.googlesyndication.com/sodar/ Frame EE06 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 24 Oct 2023 03:50:56 GMT
nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
pagead2.googlesyndication.com/bg/ Frame E474 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d341447828796fe3d9c13df41f7e1066f4cb4730571fe61c1bd6ac8df7e82fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 14:11:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
481169
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15187
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Oct 2024 14:11:27 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 375B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231019&jk=530274199045409&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 27E3 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
33960
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Oct 2023 18:24:56 GMT
expires
Tue, 22 Oct 2024 18:24:56 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D170 		829 B
558 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9d63c4021880813abfb6f9eace7f9b956bc221cb642dd33d8b7062a4e6878f97
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YocZBH9t8ocGgr2ynbbFSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-YocZBH9t8ocGgr2ynbbFSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 03:50:56 GMT
expires
Tue, 24 Oct 2023 03:50:56 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame D170 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231017&jk=2815794612805761&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
kdR3Uc-Lch-XuU6BJZRbuWDa0aJJ9it8wzNxgvcOl3M.js
pagead2.googlesyndication.com/bg/ Frame 27E3 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/kdR3Uc-Lch-XuU6BJZRbuWDa0aJJ9it8wzNxgvcOl3M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91d47751cf8b721f97b94e8125945bb960dad1a249f62b7cc3337182f70e9773
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 21:24:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
23206
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14703
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 22 Oct 2024 21:24:10 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.turnto23.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.turnto23.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 24 Oct 2023 03:50:56 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.turnto23.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.turnto23.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 24 Oct 2023 03:50:56 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.turnto23.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.turnto23.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 24 Oct 2023 03:50:56 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.turnto23.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.turnto23.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 24 Oct 2023 03:50:56 GMT
c
prebid.a-mo.net/a/ Frame EF70 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Tue, 24 Oct 2023 03:50:56 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.turnto23.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame EF70 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:56 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame EF70 		144 B
993 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
b15848dd9a41b28740439b32767ae21b2642dc4a40a3edec09fe18023ba45572
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
an-x-request-uuid
90d9859d-d513-4ef8-9033-ec7c0cf405ed
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.140; 178.162.209.140; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
144
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame EF70 		36 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
830b8e9de60f12249f00579f567c620c2f1e9b12072d1ba1f9c10031cf04bb76

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8kOSZkGI4rLxJ%2B6fFKk0BJxpCywFaiGvqqT9cL8DYI26o5k1NbTGhyg9DFo55p9mVR7eAdwDyv4%2B2blC45SUAjQ9a92EAyt7O4TkOTURJtSePRsfth0mdVoobmZxjHcTfuyN1M14"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81af422dcee691de-FRA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame EF70 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000007,1,,,&eid_pubcid.org=594322fa-f6a2-4300-8529-316a7fb2181c%5E1&rf=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.domain=turnto23.com&tg_i.page=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.pbadslot=%2F65889844%2Fron01_728x90_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=101c5ed89be86e7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90_desktop&slots=1&rand=0.15879331520518059
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
84bd432c981c22e15c9a14f9ad0140373ba7b72938ecfcbd431ac53df52f5d21

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:56 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame EF70 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.turnto23.com
date
Tue, 24 Oct 2023 03:50:56 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame EF70 		24 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 New York, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
7127bd4b5682c041ce003b319c9693ee3001cfd052a035b0c2a8650ed6f9d190

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 24 Oct 2023 03:50:56 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.turnto23.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
trinity.json
apex.go.sonobi.com/ Frame EF70 		729 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2216d4653b4ef610f%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.turnto23.com%2F&s=8c198827-06bb-47a4-9cc6-df0bce5c1d02&pv=0245b9f9-5b0e-44d5-aeb3-a45e7619c3b2&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22turnto23.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22turnto23.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.turnto23.com%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.88%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000007%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22594322fa-f6a2-4300-8529-316a7fb2181c%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.32 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
605e3ffc2242cb28691c4a7755955af2188fc1b27cebe9843bdd28734d791a22
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-12
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
440
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame EF70 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.turnto23.com
pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame EF70 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000007,1,,,&eid_pubcid.org=594322fa-f6a2-4300-8529-316a7fb2181c%5E1&rf=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.domain=turnto23.com&tg_i.page=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.pbadslot=%2F65889844%2Fron01_728x90b_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=21e3de9852d41b1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90b_desktop&slots=1&rand=0.6730658465225079
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
aa2184d6bdb6dcebc710e9cfb8263d8cb3747b9276a18e6c9a642c8a7f8a7f8d

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame EF70 		145 B
994 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
f19cfde79e6d2bff9c93ec10bae81577b9df8233f8462c3caceba9a55ad9cb92
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
an-x-request-uuid
39280523-19cb-4335-9049-ec5651dea322
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.140; 178.162.209.140; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
145
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ Frame EF70 		24 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 New York, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
71ac1a14b9d4a0266420bed3cb1afd5cff14a68dc820d0a5c58179db252c8720

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 24 Oct 2023 03:50:56 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.turnto23.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
unruly_prebid
targeting.unrulymedia.com/ Frame EF70 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.turnto23.com
pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ Frame EF70 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Tue, 24 Oct 2023 03:50:56 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.turnto23.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
pbjs
htlb.casalemedia.com/openrtb/ Frame EF70 		37 B
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22180a8e9cc696e7b67bb5dff2135731ee30824db2a5ec6af586e6e92cf7a72f

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wc1pfkIoSG%2FYYe%2FS5IJJ%2BOHSnxIpcT2%2BvIKfnyVOfbclvUukZlykDt9DCDHdJZG2qeaZA6Wh159BwNH6GhIckzGkAR2EcxA42mwfS0DbWMHPmQrClNKvdTtvBN5wmWtjy1xjONtf"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81af422dcee891de-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame EF70 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:56 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
expires
0
trinity.json
apex.go.sonobi.com/ Frame EF70 		729 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22355a89ee1a4a7a8%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90b_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.turnto23.com%2F&s=a7a0203b-9a9a-42da-ba3f-2f8e09e79527&pv=0245b9f9-5b0e-44d5-aeb3-a45e7619c3b2&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22turnto23.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22turnto23.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.turnto23.com%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.88%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000007%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22594322fa-f6a2-4300-8529-316a7fb2181c%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.32 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
ab1125f06c48d3f438ff2bffb9650fa4a08263637396f2f4d63bf9538b1009f0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-48
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
441
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame EF70 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.turnto23.com
date
Tue, 24 Oct 2023 03:50:56 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ Frame EF70 		729 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2240d2a9d53b73b51%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90c_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.turnto23.com%2F&s=fe6a3d17-8cbf-49b9-8083-ce4727887920&pv=0245b9f9-5b0e-44d5-aeb3-a45e7619c3b2&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22turnto23.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22turnto23.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.turnto23.com%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.88%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000007%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22594322fa-f6a2-4300-8529-316a7fb2181c%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.32 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
ba0e6d25bd1f435864bd37ef90a0c39abfdf8d462ca2871ca2a0d38b2fd0cec8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-81
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
442
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame EF70 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.turnto23.com
pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame EF70 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:56 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
expires
0
c
prebid.a-mo.net/a/ Frame EF70 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Tue, 24 Oct 2023 03:50:56 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.turnto23.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
pbjs
htlb.casalemedia.com/openrtb/ Frame EF70 		37 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf9c2565472796553b58be6175534ac19dd9e40fbef7515fea96e3a9a86aa8e0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PVkzy7YsL7zWi0VtNjT5YWS6dhPjBZjcLldF2gj7RhcxFkCvjjPGCaDHRU7Fipwqe%2FHw9vQSxDB6RE7f319ncLClMc3AFLWf4eOqvt8b1332yDIyttIKVCer3g7Ovns93lyesqzP"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81af422dcef191de-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame EF70 		144 B
993 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
77a3469e555db092e4bf07c42b573e4adec6a0cdfea6914f5374e3ec74af135d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
an-x-request-uuid
c99a4ccb-962f-485c-b599-b8e80e082c24
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.140; 178.162.209.140; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
144
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ Frame EF70 		24 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 New York, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
33982d79fb15b2dc8d3ffa18b7bae94a6d9d62f4a370d2485f3b56baefadd786

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 24 Oct 2023 03:50:56 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.turnto23.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
translator
hbopenbid.pubmatic.com/ Frame EF70 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.turnto23.com
date
Tue, 24 Oct 2023 03:50:55 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame EF70 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000007,1,,,&eid_pubcid.org=594322fa-f6a2-4300-8529-316a7fb2181c%5E1&rf=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.domain=turnto23.com&tg_i.page=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.pbadslot=%2F65889844%2Fron01_728x90c_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=568116b59dfb675&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90c_desktop&slots=1&rand=0.9192219226510439
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
208fdd4ced789c8dc9f1f70ea617deab787b280444e22ac039458084bb373c9b

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame EF70 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:56 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame EF70 		145 B
995 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
d93dbb308c9ee05f12a636b520bd4c2165a1bc58d887e75c4857a12187cdba5d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
an-x-request-uuid
8d68e98c-87e4-4c93-9559-3b35d878d2cc
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.140; 178.162.209.140; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
145
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
trinity.json
apex.go.sonobi.com/ Frame EF70 		729 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%226324ea0b5c8134f%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90d_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.turnto23.com%2F&s=ad708101-c6ff-45c7-9cc3-f41073bdae76&pv=0245b9f9-5b0e-44d5-aeb3-a45e7619c3b2&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22turnto23.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22turnto23.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.turnto23.com%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.88%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000007%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22594322fa-f6a2-4300-8529-316a7fb2181c%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.32 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
5c2e8d38712960d262f98dbba5a13a3a4855a24b12b336151e5f3581afcaf893
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-50
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
441
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame EF70 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.turnto23.com
date
Tue, 24 Oct 2023 03:50:55 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame EF70 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000007,1,,,&eid_pubcid.org=594322fa-f6a2-4300-8529-316a7fb2181c%5E1&rf=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.domain=turnto23.com&tg_i.page=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.pbadslot=%2F65889844%2Fron01_728x90d_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=67b3fc29581fa04&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90d_desktop&slots=1&rand=0.6552686380369956
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9e6ebf055937e7bc01a1f505dab51499478200cf23f3b871151f41d3538e3382

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ Frame EF70 		24 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 New York, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
39406742d2944d872bc7b0b90e8af33d1384cc837e9d1801c17eb40c64600558

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 24 Oct 2023 03:50:56 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.turnto23.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
pbjs
htlb.casalemedia.com/openrtb/ Frame EF70 		37 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
daf714d406597e66ea78021d3403a9ab04015d4e580ab7f4c6adf6a9056e90bc

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I2PGWdvp1m27BG04tJbJCelMwIKSlcVvb3OSd0DrA1NHK8cz2kYJQOvrLIaspmCmPAagj5H2aPyXi7sQ1dtypnnI4GNMAGvGpt2fJC1fxhwwvAuzu4YGjkKOjyFCD709DyXA4HOZ"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81af422def0391de-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
c
prebid.a-mo.net/a/ Frame EF70 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Tue, 24 Oct 2023 03:50:56 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.turnto23.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
unruly_prebid
targeting.unrulymedia.com/ Frame EF70 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.turnto23.com
pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.turnto23.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.turnto23.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 24 Oct 2023 03:50:56 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.turnto23.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.turnto23.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 24 Oct 2023 03:50:57 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.turnto23.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.turnto23.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 24 Oct 2023 03:50:57 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.turnto23.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.turnto23.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 24 Oct 2023 03:50:57 GMT
trinity.json
apex.go.sonobi.com/ Frame EE06 		728 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2227e8bf52575aa4%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.turnto23.com%2F&s=5cdd2247-3604-4845-9a08-3b8bf0618733&pv=e88b58d0-70fb-493b-8df0-9cfa1395c5b3&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22turnto23.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22turnto23.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.turnto23.com%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.88%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000007%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22594322fa-f6a2-4300-8529-316a7fb2181c%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.32 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8784bd6b0af5e41f1d21cf0ab2396b425a8b24393507919e77f25392bebfdd6b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-24
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
441
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame EE06 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:56 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
expires
0
pbjs
htlb.casalemedia.com/openrtb/ Frame EE06 		36 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ca3aba52f015c4f5f1db95d50e5f2ddf5a75c793385dff9e9ac3b9bf97d2069

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ViZA4MgOUObw19WTkDTW29rauisaVSsnjl20czceJc3ZZaGsQUrpYBiQCJBtEE6zsEFHfqc1Gh6b%2FOVEuAATEhp6%2BEQbeFHHajm1hwL6l%2FsIVhbHlbQyKXEFxuq0kQ6rzuVpKlC"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81af422e3f2291de-FRA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
bid
ap.lijit.com/rtb/ Frame EE06 		24 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 New York, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
f223ca48b7c6707a7203f42dc4a632f7db04d0bb8d954d37838816af6c068347

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 24 Oct 2023 03:50:57 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.turnto23.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
c
prebid.a-mo.net/a/ Frame EE06 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Tue, 24 Oct 2023 03:50:56 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.turnto23.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame EE06 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000007,1,,,&eid_pubcid.org=594322fa-f6a2-4300-8529-316a7fb2181c%5E1&rf=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.domain=turnto23.com&tg_i.page=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.pbadslot=%2F65889844%2Fron01_728x90_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=12d3b2fb0c2a742&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90_desktop&slots=1&rand=0.9877854939668791
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
799a084462c5a85e566915691792bf800a13954c0662312f246c68a1d492f2ba

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame EE06 		144 B
993 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
1c7aded36ae5e4c9989f619065d86d04f61c6ec0b65f92b63cef9b69a12318dd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
an-x-request-uuid
54a82142-8e32-44bc-97f5-b4ed2df86904
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.140; 178.162.209.140; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
144
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame EE06 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.turnto23.com
date
Tue, 24 Oct 2023 03:50:57 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/ Frame EE06 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.turnto23.com
pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame EE06 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000007,1,,,&eid_pubcid.org=594322fa-f6a2-4300-8529-316a7fb2181c%5E1&rf=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.domain=turnto23.com&tg_i.page=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.pbadslot=%2F65889844%2Fron01_728x90b_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=2169754671820b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90b_desktop&slots=1&rand=0.13860477447397046
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a0c3f870df4566089ac5969249d0aff4b020b97f1ca1c8eae4619c26541a5e51

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
trinity.json
apex.go.sonobi.com/ Frame EE06 		729 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2223748b613b863b2%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90b_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.turnto23.com%2F&s=52628a5c-e906-405b-8bfc-02bcbc2a79d0&pv=e88b58d0-70fb-493b-8df0-9cfa1395c5b3&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22turnto23.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22turnto23.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.turnto23.com%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.88%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000007%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22594322fa-f6a2-4300-8529-316a7fb2181c%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.32 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
b51644ddb858d342171b8e299ae1797b9655e8d39485aec7afb90d7692f8eaa5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-116
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
441
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame EE06 		145 B
993 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
fa269d86853ca342c78b339dc6cb033f485ecb4c30850b4d2788dc0638e04c95
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
an-x-request-uuid
9ac70fae-5fd1-4005-92c3-521c0c327f10
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.140; 178.162.209.140; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
145
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame EE06 		37 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1eeb4e2a375efd651f1d8c9d078b136c8bc3ecda53a1133e74101890a9452af7

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P4%2FHwJAv9sRoniAhTy15AEdpR1ySURgw6OQB0ClMOlVigXzmSE0vOvxA8B49PbYk69Ozj%2FWTKsxMlO%2FVeO5LqaedEQUupybGebX4SEiWPZP38NzMG99XmCMnkBaVcQeDTebdjcNW"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81af422e4f4891de-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
unruly_prebid
targeting.unrulymedia.com/ Frame EE06 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.turnto23.com
pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame EE06 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.turnto23.com
date
Tue, 24 Oct 2023 03:50:57 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame EE06 		23 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 New York, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
6189d6dd1ac8331d35282928125273abdc6499aa8206478d1fcbb77afb409d11

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 24 Oct 2023 03:50:57 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.turnto23.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
23
c
prebid.a-mo.net/a/ Frame EE06 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Tue, 24 Oct 2023 03:50:56 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.turnto23.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame EE06 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
expires
0
c
prebid.a-mo.net/a/ Frame EE06 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Tue, 24 Oct 2023 03:50:56 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.turnto23.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
prebid
ib.adnxs.com/ut/v3/ Frame EE06 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
2c7724fa0c8a5721c0010e8098d0710d8c01ae839d763bee33b69abea88185af
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
gzip
an-x-request-uuid
040baf65-73a7-4f06-8673-d8c7af3e5e12
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.140; 178.162.209.140; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame EE06 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.turnto23.com
pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame EE06 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame EE06 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000007,1,,,&eid_pubcid.org=594322fa-f6a2-4300-8529-316a7fb2181c%5E1&rf=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.domain=turnto23.com&tg_i.page=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.pbadslot=%2F65889844%2Fron01_728x90c_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=48fb7d825e9ad2a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90c_desktop&slots=1&rand=0.9651294023539052
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d0688a78b669577ec4942bd5fe2e0b23e45574036a869c02da73791d414ef8ca

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
trinity.json
apex.go.sonobi.com/ Frame EE06 		729 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%225031fd5b911cabe%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90c_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.turnto23.com%2F&s=3d078bb4-366c-40db-86d0-789dd83bc284&pv=e88b58d0-70fb-493b-8df0-9cfa1395c5b3&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22turnto23.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22turnto23.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.turnto23.com%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.88%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000007%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22594322fa-f6a2-4300-8529-316a7fb2181c%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.32 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
d1d66d789bd948aa18a9f958e95c58a126bfc1289816784e1493d3c7a00d528a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-89
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
441
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame EE06 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.turnto23.com
date
Tue, 24 Oct 2023 03:50:56 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame EE06 		24 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 New York, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
edc3681a1c512be5665b2ba07351162b8acfb4fa6bb510c03357b1aac137046c

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 24 Oct 2023 03:50:57 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.turnto23.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
pbjs
htlb.casalemedia.com/openrtb/ Frame EE06 		37 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90ae53641eb3c42e020b92a233f09be4c2db89578b976c61f97a27a9b6478d83

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3hJ5tHS%2B7KCX%2FYMeT24q9oGqEYzXbz2JRN2607mKukrmz%2BXvS6zh46abn8eeZXIftYMBLibiddsm9%2FfGtEFtsJ4HUuYU2xBmhM2q5tclE2WhMRnI518MVTaqI2DTQ4tPFR87W0Ed"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81af422e5f5291de-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame EE06 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000007,1,,,&eid_pubcid.org=594322fa-f6a2-4300-8529-316a7fb2181c%5E1&rf=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.domain=turnto23.com&tg_i.page=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.pbadslot=%2F65889844%2Fron01_728x90d_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=59d2eba5d79f4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90d_desktop&slots=1&rand=0.6465773447864018
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9ee9aa0f93237db0cfa0cf08f81f3bb75af4bacf0fd6a55a70b94d520080f873

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame EE06 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.turnto23.com
pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame EE06 		24 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 New York, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
3db505f708a9989915d9a3dfb226467dc557082613465271e8bc4d17d4d497e2

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 24 Oct 2023 03:50:57 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.turnto23.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame EE06 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
expires
0
c
prebid.a-mo.net/a/ Frame EE06 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Tue, 24 Oct 2023 03:50:56 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.turnto23.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
translator
hbopenbid.pubmatic.com/ Frame EE06 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.turnto23.com
date
Tue, 24 Oct 2023 03:50:57 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ Frame EE06 		729 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2271c0ce1605d12ba%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90d_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.turnto23.com%2F&s=1e85ed04-12ac-443d-bd3e-4a2786e50207&pv=e88b58d0-70fb-493b-8df0-9cfa1395c5b3&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22turnto23.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22turnto23.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.turnto23.com%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.88%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000007%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22594322fa-f6a2-4300-8529-316a7fb2181c%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.32 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
26479f09f59e26fcdf87fc8c9b1c254ac82d935486d15d46ea0f79fafea11f1d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-63
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
442
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame EE06 		37 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee4871835c5e6cb2c6fa43613663450ea851c12b62f795bda6a0f8d5bcdd5cbe

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FHdQej4ewGrJLlVH7GKvNUbN6dp4LaJeB%2BEWqQKOYw6EsA0isoeWWC9%2BkF0aME6QyPWSBHvqZltoyAUZnkAHXYF7n9tLQiSVLAPU%2BUj0LgjsN3uGegXzgAtaRpyBCb1AnP6tRpne"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81af422e6f5991de-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame EE06 		145 B
994 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
09fb1e63fdd9bb5ca96ee92e4435cfbf7e55179227bb517b0cc4d8d7ac477746
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
an-x-request-uuid
d80581bd-7bda-40e2-a406-8641d6860495
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.140; 178.162.209.140; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
145
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame E474 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?z8kSQg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:57 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 27E3 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?S-LpQg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:57 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.turnto23.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.turnto23.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 24 Oct 2023 03:50:57 GMT
c
prebid.a-mo.net/a/ Frame EF70 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Tue, 24 Oct 2023 03:50:56 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.turnto23.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
unruly_prebid
targeting.unrulymedia.com/ Frame EF70 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.turnto23.com
pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame EF70 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
db3f9ec6f9431efdd527fa24e534ffa0227a7409b5a2e4c50db39e6ba851b7b0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
gzip
an-x-request-uuid
859743dc-39f2-4f93-8ae7-7a8d2a2da0a5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.140; 178.162.209.140; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame EF70 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000007,1,,,&eid_pubcid.org=594322fa-f6a2-4300-8529-316a7fb2181c%5E1&rf=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.domain=turnto23.com&tg_i.page=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.pbadslot=%2F65889844%2Fron01_728x90e_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=84b967ddcfa76f7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90e_desktop&slots=1&rand=0.6753596834317435
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
245195fa8ccc0ca45ae60a9ea59522e0ea43cff8fb4c8fbcd5ac7fbd5560d1e2

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ Frame EF70 		25 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 New York, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
fc494fb3691404eebf7d3e39a042469d31fee2863f5307d0697fe41ee9f9f073

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 24 Oct 2023 03:50:57 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.turnto23.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
trinity.json
apex.go.sonobi.com/ Frame EF70 		729 B
976 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2288da396b59f456b%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90e_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.turnto23.com%2F&s=f41e5460-8430-4901-b40e-dead276e85e4&pv=0245b9f9-5b0e-44d5-aeb3-a45e7619c3b2&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22turnto23.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22turnto23.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.turnto23.com%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.88%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000007%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22594322fa-f6a2-4300-8529-316a7fb2181c%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.32 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
0decd5276d4bdfd43f9d6d887dcbe8337ccea5f0d17744488b5a6ebdab22b766
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-12
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
441
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame EF70 		37 B
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
620a07002f926d9e5071dbd4300c813f123c84d597a5f30651d9493986e64048

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a9KHCyVA7oimBohEIT9xQlHR%2BA8PlktX991ZPQgRzjlZEy5anRmfQ2LRRP8FaE4q6xsxDU15sUFwEdYJVT7UJ30D7ldzEJJzAA4XCJcNO1s35B8KbkUDQmGIH7JTELhxIvj%2FAo5d"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81af422fa9331e6a-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame EF70 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
expires
0
translator
hbopenbid.pubmatic.com/ Frame EF70 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.turnto23.com
date
Tue, 24 Oct 2023 03:50:57 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
ads
securepubads.g.doubleclick.net/gampad/ Frame EF70 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=530274199045409&correlator=8883689879929&eid=31078932%2C31077693&output=ldjh&gdfp_req=1&vrg=202310180101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90b_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=2&didk=1238102904&sfv=1-0-40&eri=1&sc=1&cookie=ID%3De50e849b35181897-22f4cb2b01e300fb%3AT%3D1698119454%3ART%3D1698119456%3AS%3DALNI_Mb5gUuI9aS6qK2x-t47jw9hNBFWDA&gpic=UID%3D00000ca185f196c1%3AT%3D1698119454%3ART%3D1698119454%3AS%3DALNI_MZ3lXs6HWnz-gMYNjwKFORAKht3QA&abxe=1&dt=1698119457237&lmt=1698112257&adxs=436&adys=1839&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=1&ucis=fo12utrtfqds&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fwww.turnto23.com%2F&ref=https%3A%2F%2Fwww.turnto23.com%2F&top=https%3A%2F%2Fwww.turnto23.com%2F&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&ga_vid=1990415797.1698119454&ga_sid=1698119457&ga_hid=2120292015&ga_fc=true&dlt=1698119454556&idt=792&prev_scp=Domain%3Dturnto23.com%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.20%26hb_adid_rubicon%3D18612c5eab4b5503%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.20%26hb_adid%3D18612c5eab4b5503%26hb_bidder%3Drubicon&adks=2587397766&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
520e4e303c171de9446cf45674490ab0104e31ce452a5174d0c236bcc56cc748
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11878
x-xss-protection
0
google-lineitem-id
6152679822
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138412693225
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a639388eb0b206709f754fab04bf1cab.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1B9F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a639388eb0b206709f754fab04bf1cab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 03:50:57 GMT
expires
Wed, 23 Oct 2024 03:50:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.turnto23.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.turnto23.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 24 Oct 2023 03:50:57 GMT
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame EF70 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame EF70 		145 B
994 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
b9ea1d6ab153b5ecf884fe467972d9e71308566792e3139bd4b8d6993d82b15e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
an-x-request-uuid
eb719e0a-082e-4b4c-98cc-fa55954c8c67
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.140; 178.162.209.140; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
145
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ Frame EF70 		25 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 New York, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
c3fbc8349fe685cbd563da86958681f44e54cc6e0b357442519b964781210529

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 24 Oct 2023 03:50:57 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.turnto23.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
c
prebid.a-mo.net/a/ Frame EF70 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Tue, 24 Oct 2023 03:50:56 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.turnto23.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
trinity.json
apex.go.sonobi.com/ Frame EF70 		730 B
976 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2210461ff18cc1f429%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90f_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.turnto23.com%2F&s=6fcfbf37-8f7c-44ce-a357-057a167a73b8&pv=0245b9f9-5b0e-44d5-aeb3-a45e7619c3b2&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22turnto23.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22turnto23.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.turnto23.com%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.88%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000007%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22594322fa-f6a2-4300-8529-316a7fb2181c%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.32 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
d44ffae446c882db7683bb7a254a0a998292004a6961590f06278f04aca26c58
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-12
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
441
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame EF70 		38 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f9699029a3259a609976633f23c6677b0d0eb2a4912f72cbe48ae999232d30b

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0yUHMez1tC08IMqqTy8hPoZ9TTZx%2Bt4GutjZtqyBTGx5MLcanVE%2Byv0fwEaPzg5FCk14dqJUZAfTPpZteniks9Xoy4yLTdkl7UpGaHG6sDfwr547zdlgD0m6DsX%2BIK7JVV5UAmeq"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81af422fd95f1e6a-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame EF70 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000007,1,,,&eid_pubcid.org=594322fa-f6a2-4300-8529-316a7fb2181c%5E1&rf=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.domain=turnto23.com&tg_i.page=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.pbadslot=%2F65889844%2Fron01_728x90f_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=10820d61c02e22a5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90f_desktop&slots=1&rand=0.9977939087446552
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
766f6a2b53c856b0e0aba25eea158bad2db9339a3fed9b42c60f98d3b2cd422f

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame EF70 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.turnto23.com
date
Tue, 24 Oct 2023 03:50:55 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/ Frame EF70 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.turnto23.com
pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
ads
securepubads.g.doubleclick.net/gampad/ Frame EF70 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=530274199045409&correlator=882696711933566&eid=31078932%2C31077693&output=ldjh&gdfp_req=1&vrg=202310180101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90c_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=3&didk=1238102907&sfv=1-0-40&eri=1&sc=1&cookie=ID%3De50e849b35181897-22f4cb2b01e300fb%3AT%3D1698119454%3ART%3D1698119456%3AS%3DALNI_Mb5gUuI9aS6qK2x-t47jw9hNBFWDA&gpic=UID%3D00000ca185f196c1%3AT%3D1698119454%3ART%3D1698119454%3AS%3DALNI_MZ3lXs6HWnz-gMYNjwKFORAKht3QA&abxe=1&dt=1698119457262&lmt=1698112257&adxs=436&adys=1839&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=2&ucis=2cg74m3iav5d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fwww.turnto23.com%2F&ref=https%3A%2F%2Fwww.turnto23.com%2F&top=https%3A%2F%2Fwww.turnto23.com%2F&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&ga_vid=1990415797.1698119454&ga_sid=1698119457&ga_hid=2120292015&ga_fc=true&dlt=1698119454556&idt=792&prev_scp=Domain%3Dturnto23.com%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.20%26hb_adid_rubicon%3D18723ec345aaae4a%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.20%26hb_adid%3D18723ec345aaae4a%26hb_bidder%3Drubicon&adks=658150668&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1088ffd03c472e24273139ea4104ea73f4689dab14b2c243486cf09e15c2847b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11837
x-xss-protection
0
google-lineitem-id
5111852809
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138274875292
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.turnto23.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.turnto23.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 24 Oct 2023 03:50:57 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame EF70 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000007,1,,,&eid_pubcid.org=594322fa-f6a2-4300-8529-316a7fb2181c%5E1&rf=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.domain=turnto23.com&tg_i.page=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.pbadslot=%2F65889844%2Fron01_728x90g_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=114ecf64a88bb222&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90g_desktop&slots=1&rand=0.5905802403801834
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
488a67494b2295609f2c3d18e23486c959bcd180d0d5a7ad7367275ee533215a

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ Frame EF70 		25 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 New York, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
6ca85dce202aa58472fc014b66011a48e171fe9ead74f3f75bb48b304637db8f

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 24 Oct 2023 03:50:57 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.turnto23.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
translator
hbopenbid.pubmatic.com/ Frame EF70 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.turnto23.com
date
Tue, 24 Oct 2023 03:50:56 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/ Frame EF70 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.turnto23.com
pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ Frame EF70 		730 B
975 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221223c3c98efb4af3%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90g_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.turnto23.com%2F&s=9b96ba76-ec05-4476-b547-334bc87852fa&pv=0245b9f9-5b0e-44d5-aeb3-a45e7619c3b2&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22turnto23.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22turnto23.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.turnto23.com%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.88%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000007%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22594322fa-f6a2-4300-8529-316a7fb2181c%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.32 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
fabc8427a346e6f57c6cb14424aad67c2adff0b0a198aea685d8c6cf2c69355f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-12
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
440
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
c
prebid.a-mo.net/a/ Frame EF70 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Tue, 24 Oct 2023 03:50:57 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.turnto23.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame EF70 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
expires
0
pbjs
htlb.casalemedia.com/openrtb/ Frame EF70 		38 B
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2154a81cc3716d27bf944d277cbf3ba54d8d5fd067afc9ae965726e0e5b5a77

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FZvsZdmGzrmrir3%2FKiMoAirtkhJOO0JrewPgwCrHXEgzxf3XSAQ189sckhtucf9ypubE2ncmbQjKAFaNTVvNaMUeFSv2NiQ8ChVD%2FRDSlan%2FQh4TZLKClD0InaFjMHH%2BnqVwj85B"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81af423009761e6a-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame EF70 		146 B
995 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
7bfe81031c453d0fa568b4666c28e7e2d27de9a72dfaa4ce8c89eb083d618957
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
an-x-request-uuid
24728165-6fbe-421b-8443-1a10009ca7c4
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.140; 178.162.209.140; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
146
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame EF70 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=530274199045409&correlator=3506687377278429&eid=31078932%2C31077693&output=ldjh&gdfp_req=1&vrg=202310180101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90d_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=4&didk=1238102906&sfv=1-0-40&eri=1&sc=1&cookie=ID%3De50e849b35181897-22f4cb2b01e300fb%3AT%3D1698119454%3ART%3D1698119456%3AS%3DALNI_Mb5gUuI9aS6qK2x-t47jw9hNBFWDA&gpic=UID%3D00000ca185f196c1%3AT%3D1698119454%3ART%3D1698119454%3AS%3DALNI_MZ3lXs6HWnz-gMYNjwKFORAKht3QA&abxe=1&dt=1698119457284&lmt=1698112257&adxs=436&adys=1839&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=3&ucis=ohp3r565vvcx&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fwww.turnto23.com%2F&ref=https%3A%2F%2Fwww.turnto23.com%2F&top=https%3A%2F%2Fwww.turnto23.com%2F&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&ga_vid=1990415797.1698119454&ga_sid=1698119457&ga_hid=2120292015&ga_fc=true&dlt=1698119454556&idt=792&prev_scp=Domain%3Dturnto23.com%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.12%26hb_adid_rubicon%3D1882bb8463523008%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.12%26hb_adid%3D1882bb8463523008%26hb_bidder%3Drubicon&adks=4283511922&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e00548beae4bdf5d7b0af8f0ce7cbb5179f16c13b491f86086f4191d513a973
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11826
x-xss-protection
0
google-lineitem-id
6152679810
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138412692382
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.turnto23.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.turnto23.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 24 Oct 2023 03:50:57 GMT
trinity.json
apex.go.sonobi.com/ Frame EE06 		729 B
977 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2278c9c8012ba66d4%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90e_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.turnto23.com%2F&s=a8628230-87ba-4bf3-82e5-4a771bf42eab&pv=e88b58d0-70fb-493b-8df0-9cfa1395c5b3&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22turnto23.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22turnto23.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.turnto23.com%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.88%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000007%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22594322fa-f6a2-4300-8529-316a7fb2181c%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.32 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
51cda630cfb2315e00576f8b5c1904e65ce1f7cef0d8372acd9c97027ea0e1a6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-12
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
442
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame EE06 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
expires
0
unruly_prebid
targeting.unrulymedia.com/ Frame EE06 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.turnto23.com
pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame EE06 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.turnto23.com
date
Tue, 24 Oct 2023 03:50:55 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame EE06 		145 B
994 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
eb65580e83a113a649b9c625cd5953cda3bc33dcd588879e0cab390c7a88fff8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
an-x-request-uuid
3514f6b8-2b0b-4d49-b7d3-d4a08d263a51
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.140; 178.162.209.140; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
145
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame EE06 		37 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eba46237e8af3091facfc0b05d562a5f162cf4978692dd0085822f52d2efc966

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R0CXOEb1YihAmeJVFqgO808QD6OCj3pYm4xmMpUb5vx2WtUJSKuRXnG3%2FJ0c3aAojWGrQjHOn5u3VAtVpFhSoACyFz%2BkVs5KYcL7XSKCXTLT5yOkN8RWlTvRIzaq%2BjjgzFHpV0Ut"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81af4230198a1e6a-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
c
prebid.a-mo.net/a/ Frame EE06 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Tue, 24 Oct 2023 03:50:57 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.turnto23.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
bid
ap.lijit.com/rtb/ Frame EE06 		25 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 New York, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
3121e0001cbc5057ed8e9612cdb21b7f64ef7748e29a14e767f0d11698d1ae27

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 24 Oct 2023 03:50:57 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.turnto23.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame EE06 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000007,1,,,&eid_pubcid.org=594322fa-f6a2-4300-8529-316a7fb2181c%5E1&rf=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.domain=turnto23.com&tg_i.page=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.pbadslot=%2F65889844%2Fron01_728x90e_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=94a7ec9c5ffb05d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90e_desktop&slots=1&rand=0.7644600511275901
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
71af00dc540f712de353ad05201088db4f04ed9c142bef165c4dc6da0f44dbf6

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame EE06 		31 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2815794612805761&correlator=3917535853513296&eid=31079032&output=ldjh&gdfp_req=1&vrg=202310180101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=2&didk=1238102905&sfv=1-0-40&eri=1&sc=1&cookie=ID%3De50e849b35181897-22f4cb2b01e300fb%3AT%3D1698119454%3ART%3D1698119456%3AS%3DALNI_Mb5gUuI9aS6qK2x-t47jw9hNBFWDA&gpic=UID%3D00000ca185f196c1%3AT%3D1698119454%3ART%3D1698119454%3AS%3DALNI_MZ3lXs6HWnz-gMYNjwKFORAKht3QA&abxe=1&dt=1698119457304&lmt=1698112257&adxs=436&adys=1105&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=nmtqm5frl7ri&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fwww.turnto23.com%2F&ref=https%3A%2F%2Fwww.turnto23.com%2F&top=https%3A%2F%2Fwww.turnto23.com%2F&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&ga_vid=1990415797.1698119454&ga_sid=1698119457&ga_hid=282875182&ga_fc=true&dlt=1698119454716&idt=691&prev_scp=Domain%3Dturnto23.com%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.12%26hb_adid_rubicon%3D185a2f1017f051d8%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.12%26hb_adid%3D185a2f1017f051d8%26hb_bidder%3Drubicon&adks=1332890142&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079032
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bba475f382cf94be3abaa5558f9ea170d83b889bab8f9114060e94067f97820f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12867
x-xss-protection
0
google-lineitem-id
6152679810
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138412693228
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E783 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079032
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 03:50:57 GMT
expires
Wed, 23 Oct 2024 03:50:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.turnto23.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.turnto23.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 24 Oct 2023 03:50:57 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame EE06 		37 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0cb621dcf81a814d8cfde3e75d142eea8c1d3b76d7469b753e3f689ea232ff1

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UBSPZ9wvm4X7f5rE2xauEOlZtT%2B2%2BFVOVYDY12z2xkvEaI%2Fs2oiSPMbYN5pcqetpD2q%2FVerFukOTFaqsBa5e7zvvZWsnmRaLStdrjhlRbF4PYjtI4mJLv51jwjH72Gb1W1QImbzn"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81af423039981e6a-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame EE06 		144 B
993 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
57e07ee4412b6df5c367409c3b5f85b4c7051e4961d6a61a55f616f71eb960e7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
an-x-request-uuid
3976eba7-a5b8-4da6-b338-b932795088ae
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.140; 178.162.209.140; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
144
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
trinity.json
apex.go.sonobi.com/ Frame EE06 		730 B
978 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221003c5f66c89c39b%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90f_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.turnto23.com%2F&s=56e64898-2e23-4ed6-8afd-d5be7b49b05f&pv=e88b58d0-70fb-493b-8df0-9cfa1395c5b3&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22turnto23.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22turnto23.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.turnto23.com%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.88%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000007%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22594322fa-f6a2-4300-8529-316a7fb2181c%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.32 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
81754d9914d5f6bf571d980672db535c0963d42f4724c9bdf4fdb1250692e987
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-63
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
443
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame EE06 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.turnto23.com
date
Tue, 24 Oct 2023 03:50:57 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame EE06 		25 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 New York, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b436cd178eb37817ffa0580cf6f45cb42de8c152db784e7349cc0447e1b062d3

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 24 Oct 2023 03:50:57 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.turnto23.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
unruly_prebid
targeting.unrulymedia.com/ Frame EE06 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.turnto23.com
pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ Frame EE06 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Tue, 24 Oct 2023 03:50:56 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.turnto23.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame EE06 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame EE06 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000007,1,,,&eid_pubcid.org=594322fa-f6a2-4300-8529-316a7fb2181c%5E1&rf=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.domain=turnto23.com&tg_i.page=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.pbadslot=%2F65889844%2Fron01_728x90f_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=112cb05f7dad65ec&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90f_desktop&slots=1&rand=0.7324705670107392
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
aff4d39b59092d38bcd20767d6d2ea4ee26df82fd1b3610a609479e2f5459b39

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame EE06 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2815794612805761&correlator=3510192744395433&eid=31079032&output=ldjh&gdfp_req=1&vrg=202310180101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90b_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=3&didk=1238102904&sfv=1-0-40&eri=1&sc=1&cookie=ID%3De50e849b35181897-22f4cb2b01e300fb%3AT%3D1698119454%3ART%3D1698119456%3AS%3DALNI_Mb5gUuI9aS6qK2x-t47jw9hNBFWDA&gpic=UID%3D00000ca185f196c1%3AT%3D1698119454%3ART%3D1698119454%3AS%3DALNI_MZ3lXs6HWnz-gMYNjwKFORAKht3QA&abxe=1&dt=1698119457324&lmt=1698112257&adxs=436&adys=1105&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=36y50j6vebsh&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fwww.turnto23.com%2F&ref=https%3A%2F%2Fwww.turnto23.com%2F&top=https%3A%2F%2Fwww.turnto23.com%2F&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&ga_vid=1990415797.1698119454&ga_sid=1698119457&ga_hid=282875182&ga_fc=true&dlt=1698119454716&idt=691&prev_scp=Domain%3Dturnto23.com%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.20%26hb_adid_rubicon%3D1867f10c881abc5f%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.20%26hb_adid%3D1867f10c881abc5f%26hb_bidder%3Drubicon&adks=2587397766&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079032
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
adf649e2e1ba0489c53a4730b06ce0e0188cc167aea81d85dafc19e44e2163cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11825
x-xss-protection
0
google-lineitem-id
6152679822
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138412693210
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.turnto23.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.turnto23.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 24 Oct 2023 03:50:57 GMT
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame EE06 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
expires
0
pbjs
htlb.casalemedia.com/openrtb/ Frame EE06 		37 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17fd7aa71dc3034a47341dc744184e16fb2d6e4a25082588fa49dc7119065625

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oeob84ZBi69j86JKfZ631ehCBVqytxRBTLdrZ4Aqm5M1VRwlwE3ZfhaHhd01oQxjnm1XtZHHNdd77oGy4Lq1Mylwz8LFAjz3yUfVf4U%2BLYP0vuwjB4iXgNZhKjlRlSLGYRXhqPBP"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81af423059b01e6a-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame EE06 		146 B
994 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
02944027b173aff64af1590bfde87c3e78a59c15a9be7dc95c57d06f2a6422bd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
an-x-request-uuid
65af17e3-4ea1-407a-bae7-3b2a805a21ce
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.140; 178.162.209.140; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
146
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame EE06 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000007,1,,,&eid_pubcid.org=594322fa-f6a2-4300-8529-316a7fb2181c%5E1&rf=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.domain=turnto23.com&tg_i.page=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.pbadslot=%2F65889844%2Fron01_728x90g_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=1205d88aefe4e498&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90g_desktop&slots=1&rand=0.49162648841712975
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
709ca4b1c3024530eff9697a4b9795f39910557ab89a3376dc280d4b37b7bd6c

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame EE06 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.turnto23.com
date
Tue, 24 Oct 2023 03:50:56 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ Frame EE06 		730 B
977 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22124ed0888fb9626d%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90g_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.turnto23.com%2F&s=6d11b49c-5e60-4fe7-955d-11572626a398&pv=e88b58d0-70fb-493b-8df0-9cfa1395c5b3&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22turnto23.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22turnto23.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.turnto23.com%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.88%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000007%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22594322fa-f6a2-4300-8529-316a7fb2181c%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.32 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
970f6dd3f071aaed8bcd5b39bf4846b572e73faff628ea752b336f7e18f955bc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-63
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
442
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ Frame EE06 		25 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 New York, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
5c5ad269940d94ab40420e13e08a58cb47757c1dc7f8d3bf7f1b677f863e639b

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 24 Oct 2023 03:50:57 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.turnto23.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
c
prebid.a-mo.net/a/ Frame EE06 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Tue, 24 Oct 2023 03:50:56 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.turnto23.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
unruly_prebid
targeting.unrulymedia.com/ Frame EE06 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.turnto23.com
pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
ads
securepubads.g.doubleclick.net/gampad/ Frame EE06 		89 KB
41 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2815794612805761&correlator=4282584320400962&eid=31079032&output=ldjh&gdfp_req=1&vrg=202310180101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90c_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=4&didk=1238102907&sfv=1-0-40&eri=1&sc=1&cookie=ID%3De50e849b35181897-22f4cb2b01e300fb%3AT%3D1698119454%3ART%3D1698119456%3AS%3DALNI_Mb5gUuI9aS6qK2x-t47jw9hNBFWDA&gpic=UID%3D00000ca185f196c1%3AT%3D1698119454%3ART%3D1698119454%3AS%3DALNI_MZ3lXs6HWnz-gMYNjwKFORAKht3QA&abxe=1&dt=1698119457345&lmt=1698112257&adxs=436&adys=1105&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=o175s5w83hos&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fwww.turnto23.com%2F&ref=https%3A%2F%2Fwww.turnto23.com%2F&top=https%3A%2F%2Fwww.turnto23.com%2F&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&ga_vid=1990415797.1698119454&ga_sid=1698119457&ga_hid=282875182&ga_fc=true&dlt=1698119454716&idt=691&prev_scp=Domain%3Dturnto23.com%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D728x90%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D189f40895c3428f5%26hb_bidder_appnexus%3Dappnexus%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.12%26hb_adid_rubicon%3D187f4e8165213628%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.12%26hb_adid%3D187f4e8165213628%26hb_bidder%3Drubicon&adks=658150668&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079032
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5cd484128d4d21711133e156f7b2cc97797d9d129e94923535256ea3dd6e1568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42060
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame EF70 		38 B
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b9c237b76d36ffad22559780860321a7bd90851970e6fee99c8df04e5dd777

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Djm8vEGyFoISZLWJr8C1ebhOXCP3Jfpz5BuSHpuue2XV2%2BtkkXlAvkWhH%2FPru%2Bxw3JutMrduxVCLIeGs0VXrH4Tfi42YUA0jLmrMkpK%2B6q2fXZdStt6uNxWPcudzS3iT3G%2FjrHXR"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81af423079c71e6a-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame EF70 		146 B
995 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
162149da25015d6903e8cbc353d848bd3979b3e0eab64eeca42a73b12a21717d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
an-x-request-uuid
2310b99a-c8e9-4a5e-ae85-45f960b86e52
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.140; 178.162.209.140; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
146
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame EF70 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
expires
0
translator
hbopenbid.pubmatic.com/ Frame EF70 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.turnto23.com
date
Tue, 24 Oct 2023 03:50:55 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/ Frame EF70 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.turnto23.com
pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame EF70 		25 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 New York, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
f1e70058e511b595ecb92c464adbe7f430b8223cc2ab2748314d14ee7c4bebc3

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 24 Oct 2023 03:50:57 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.turnto23.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
trinity.json
apex.go.sonobi.com/ Frame EF70 		729 B
976 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22144307513dafbe8%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90h_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.turnto23.com%2F&s=a0dbcd98-3435-4815-9d73-fa4cbb47d117&pv=0245b9f9-5b0e-44d5-aeb3-a45e7619c3b2&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22turnto23.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22turnto23.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.turnto23.com%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.88%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000007%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22594322fa-f6a2-4300-8529-316a7fb2181c%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.32 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
92ea551088c33435cd0d5ca7ad8964da120b66a5e1a93b2f854e02d2a949f8c1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-63
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
441
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
c
prebid.a-mo.net/a/ Frame EF70 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Tue, 24 Oct 2023 03:50:57 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.turnto23.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame EF70 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000007,1,,,&eid_pubcid.org=594322fa-f6a2-4300-8529-316a7fb2181c%5E1&rf=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.domain=turnto23.com&tg_i.page=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.pbadslot=%2F65889844%2Fron01_728x90h_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=148972090a2086f6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90h_desktop&slots=1&rand=0.3730710384532774
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
05a8722d8af14333da9e347609d0da4fccd426d7b1d95aff5438f6aab8e3743c

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame EF70 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=530274199045409&correlator=1962721299920892&eid=31078932%2C31077693&output=ldjh&gdfp_req=1&vrg=202310180101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=5&didk=1238102905&sfv=1-0-40&eri=1&sc=1&cookie=ID%3De50e849b35181897-22f4cb2b01e300fb%3AT%3D1698119454%3ART%3D1698119456%3AS%3DALNI_Mb5gUuI9aS6qK2x-t47jw9hNBFWDA&gpic=UID%3D00000ca185f196c1%3AT%3D1698119454%3ART%3D1698119454%3AS%3DALNI_MZ3lXs6HWnz-gMYNjwKFORAKht3QA&abxe=1&dt=1698119457367&lmt=1698112257&adxs=436&adys=1839&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=4&ucis=izvefqyfrc4e&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fwww.turnto23.com%2F&ref=https%3A%2F%2Fwww.turnto23.com%2F&top=https%3A%2F%2Fwww.turnto23.com%2F&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&ga_vid=1990415797.1698119454&ga_sid=1698119457&ga_hid=2120292015&ga_fc=true&dlt=1698119454556&idt=792&prev_scp=Domain%3Dturnto23.com%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.12%26hb_adid_rubicon%3D1851c7cabe6854b2%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.12%26hb_adid%3D1851c7cabe6854b2%26hb_bidder%3Drubicon&adks=1332890142&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
64c73f049b7d49f2715f3edbdc4ef2669656e5d00d16be6dff168d3cf004549d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11790
x-xss-protection
0
google-lineitem-id
6152679810
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138412693516
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
c
prebid.a-mo.net/a/ Frame EE06 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Tue, 24 Oct 2023 03:50:56 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.turnto23.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
prebid
ib.adnxs.com/ut/v3/ Frame EE06 		146 B
995 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
95575c175ad5b021221fb3be3719748e2cb58a60dbbfabb4f89c324d80790050
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
an-x-request-uuid
c258ce1e-fd63-445f-97e5-10ffd1ab55b4
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.140; 178.162.209.140; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
146
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame EE06 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.turnto23.com
pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame EE06 		25 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 New York, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
c3cf05f4830378f974572f8d74ae5230ef4c7724b2d481ce4c979851c9d5f80d

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 24 Oct 2023 03:50:57 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.turnto23.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
pbjs
htlb.casalemedia.com/openrtb/ Frame EE06 		38 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7929b8452ca70d064f3d5f8f53e57cf6f740305d5b68b841198a62016db0c892

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JCvOKA9mwaknbMmVAMC9gFAyUL9eOAFZYnFCI9msS2QJF67w7aTnGLiLHvyp27Er42mkDFA87bg%2B55OCkxCxUfYZptNyQ18crBd19B3So%2BmSsB6ujWs99FLitgWKrw%2Bh9OYGmFvC"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81af4230b9f61e6a-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
translator
hbopenbid.pubmatic.com/ Frame EE06 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.turnto23.com
date
Tue, 24 Oct 2023 03:50:55 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ Frame EE06 		730 B
976 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2214467e76288e4f3e%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90h_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.turnto23.com%2F&s=aa01c169-6068-4291-819f-8734f20cd082&pv=e88b58d0-70fb-493b-8df0-9cfa1395c5b3&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22turnto23.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22turnto23.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.turnto23.com%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.88%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000007%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22594322fa-f6a2-4300-8529-316a7fb2181c%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.32 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
d557f93db0b96372feaf9f0695d65a04d5c04fb943f6a40da18d9b9708f9b5b9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-63
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
441
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame EE06 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000007,1,,,&eid_pubcid.org=594322fa-f6a2-4300-8529-316a7fb2181c%5E1&rf=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.domain=turnto23.com&tg_i.page=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.pbadslot=%2F65889844%2Fron01_728x90h_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=14633750411c2f85&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90h_desktop&slots=1&rand=0.7191742889967461
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9f6078fe481ee5c600e15b2526868053edfef57288ba4ee695a761042954d012

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame EE06 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
expires
0
ads
securepubads.g.doubleclick.net/gampad/ Frame EE06 		89 KB
41 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2815794612805761&correlator=3815873757476488&eid=31079032&output=ldjh&gdfp_req=1&vrg=202310180101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90d_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=5&didk=1238102906&sfv=1-0-40&eri=1&sc=1&cookie=ID%3De50e849b35181897-22f4cb2b01e300fb%3AT%3D1698119454%3ART%3D1698119456%3AS%3DALNI_Mb5gUuI9aS6qK2x-t47jw9hNBFWDA&gpic=UID%3D00000ca185f196c1%3AT%3D1698119454%3ART%3D1698119454%3AS%3DALNI_MZ3lXs6HWnz-gMYNjwKFORAKht3QA&abxe=1&dt=1698119457402&lmt=1698112257&adxs=436&adys=1105&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=unv482ig9lds&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fwww.turnto23.com%2F&ref=https%3A%2F%2Fwww.turnto23.com%2F&top=https%3A%2F%2Fwww.turnto23.com%2F&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&ga_vid=1990415797.1698119454&ga_sid=1698119457&ga_hid=282875182&ga_fc=true&dlt=1698119454716&idt=691&prev_scp=Domain%3Dturnto23.com%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.12%26hb_adid_rubicon%3D188e141ced572ab8%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.12%26hb_adid%3D188e141ced572ab8%26hb_bidder%3Drubicon&adks=4283511922&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079032
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e6d5caca1c24dabd22addf4ba9a5db61b4e4a825d9b847ea970b5a0370c0fc2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41965
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame EF70 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.turnto23.com
pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame EF70 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
expires
0
bid
ap.lijit.com/rtb/ Frame EF70 		25 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 New York, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
10d18a20421cb767260193f64ea689c43e37388c5d91fd5db9d8e4d5f0ed57e6

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 24 Oct 2023 03:50:57 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.turnto23.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
translator
hbopenbid.pubmatic.com/ Frame EF70 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.turnto23.com
date
Tue, 24 Oct 2023 03:50:56 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ Frame EF70 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Tue, 24 Oct 2023 03:50:56 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.turnto23.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
prebid
ib.adnxs.com/ut/v3/ Frame EF70 		145 B
994 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4a283046b2ad15dda69b1046f512568c5ab242cf5538deda5721b3931ddd8760
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
an-x-request-uuid
e192cfb1-3b73-41a0-8ddf-8eca6a717329
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.140; 178.162.209.140; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
145
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame EF70 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000007,1,,,&eid_pubcid.org=594322fa-f6a2-4300-8529-316a7fb2181c%5E1&rf=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.domain=turnto23.com&tg_i.page=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.pbadslot=%2F65889844%2Fron01_728x90i_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=1623e53c173ef388&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90i_desktop&slots=1&rand=0.7532658641102941
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
767ef338b1a984d080dd155cf253923439ffcb2c56137c0cc50c82c839d73384

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame EF70 		38 B
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f94a91ca534f0493fe40200f72b517c9b0fbcff51ef6739a45dfb7047475ce1c

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EeEf8XY4uYl0nqczKgjfqHJw%2FDhe24Mx0iJ6AUrtKTzf1t2PfOuuMZzdN2iGabGNUtHGJ14OWrdYTG1WwcPtPKTbAkIfWGbLEK8ty0SIrxh17K7YslaKdtZxTLcQKJ6GLbCTaSp4"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81af42310a161e6a-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
trinity.json
apex.go.sonobi.com/ Frame EF70 		730 B
977 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22166106011880a282%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90i_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.turnto23.com%2F&s=2b283b67-562b-44e7-9d98-11ceb2a503e9&pv=0245b9f9-5b0e-44d5-aeb3-a45e7619c3b2&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22turnto23.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22turnto23.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.turnto23.com%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.88%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000007%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22594322fa-f6a2-4300-8529-316a7fb2181c%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.32 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
965bfbe8d4dae3f3c72a93d68967ce3abbad5d4cf08787370c509db5f310414d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-63
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
442
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame EF70 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=530274199045409&correlator=2947581865863492&eid=31078932%2C31077693&output=ldjh&gdfp_req=1&vrg=202310180101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90f_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=6&didk=1238102908&sfv=1-0-40&eri=1&sc=1&cookie=ID%3De50e849b35181897-22f4cb2b01e300fb%3AT%3D1698119454%3ART%3D1698119456%3AS%3DALNI_Mb5gUuI9aS6qK2x-t47jw9hNBFWDA&gpic=UID%3D00000ca185f196c1%3AT%3D1698119454%3ART%3D1698119454%3AS%3DALNI_MZ3lXs6HWnz-gMYNjwKFORAKht3QA&abxe=1&dt=1698119457446&lmt=1698112257&adxs=436&adys=1839&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=5&ucis=tlqpmk176z7b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fwww.turnto23.com%2F&ref=https%3A%2F%2Fwww.turnto23.com%2F&top=https%3A%2F%2Fwww.turnto23.com%2F&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&ga_vid=1990415797.1698119454&ga_sid=1698119457&ga_hid=2120292015&ga_fc=true&dlt=1698119454556&idt=792&prev_scp=Domain%3Dturnto23.com%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.12%26hb_adid_rubicon%3D1967727effac0eca%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.12%26hb_adid%3D1967727effac0eca%26hb_bidder%3Drubicon&adks=3272850789&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a8a8586d0753760fd0f2e26b2506952aff385c17fbffbb8910b4086ab26a6b25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11844
x-xss-protection
0
google-lineitem-id
6152679810
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138412693537
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame EF70 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000007,1,,,&eid_pubcid.org=594322fa-f6a2-4300-8529-316a7fb2181c%5E1&rf=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.domain=turnto23.com&tg_i.page=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.pbadslot=%2F65889844%2Fron01_728x90j_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=168f25138ca9424c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90j_desktop&slots=1&rand=0.16441002874920096
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
67a0e773f82e6bf375a21248dcafa1c4c1cc1fac40ee6b1d8e503ba5e10c0f93

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame EF70 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
expires
0
translator
hbopenbid.pubmatic.com/ Frame EF70 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.turnto23.com
date
Tue, 24 Oct 2023 03:50:55 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame EF70 		38 B
496 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e939955ab34ae028af80f413cfc5a159f4aa93ecc4112b052061e381b34d6b8

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eHCQ%2Fc7a9spNkSvleFEksbx%2F6rIjeBYu5km%2FcGoiGnD4epDekHB9P%2Bv1xoVFS%2FxuHh2%2FJPUey6kqrmJv%2BJC1EepHBP4bO%2F%2BgWMLNWxlKybIBpZUO29Wxw%2B8tG4IuqPuXPOPGvZY6"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81af42312a2b1e6a-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame EF70 		146 B
995 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
74c9941d8ee42572786da8117f7ce4b45f0777a793519cf9962a3b3740290f0a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
an-x-request-uuid
f2455af2-542e-4719-bdbf-be44b789df2b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.140; 178.162.209.140; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
146
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ Frame EF70 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Tue, 24 Oct 2023 03:50:57 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.turnto23.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
unruly_prebid
targeting.unrulymedia.com/ Frame EF70 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.turnto23.com
pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ Frame EF70 		730 B
975 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221826cf5a0dcafa0b%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90j_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.turnto23.com%2F&s=a71017e3-e984-4e56-b865-96b67349a03e&pv=0245b9f9-5b0e-44d5-aeb3-a45e7619c3b2&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22turnto23.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22turnto23.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.turnto23.com%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.88%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000007%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22594322fa-f6a2-4300-8529-316a7fb2181c%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.32 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
b8e6a4476f1f8f31c688bd1a0347a87bc4fe3c057eb2bdd6d871f6331ca9ed26
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-63
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
440
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ Frame EF70 		25 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 New York, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
4e60abab8a358b1271a5c6344b03d5e09fa46b0da9abb1044043e04d7c92c100

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 24 Oct 2023 03:50:57 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.turnto23.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
ads
securepubads.g.doubleclick.net/gampad/ Frame EF70 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=530274199045409&correlator=1258675212353017&eid=31078932%2C31077693&output=ldjh&gdfp_req=1&vrg=202310180101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90g_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=7&didk=1238102911&sfv=1-0-40&eri=1&sc=1&cookie=ID%3De50e849b35181897-22f4cb2b01e300fb%3AT%3D1698119454%3ART%3D1698119456%3AS%3DALNI_Mb5gUuI9aS6qK2x-t47jw9hNBFWDA&gpic=UID%3D00000ca185f196c1%3AT%3D1698119454%3ART%3D1698119454%3AS%3DALNI_MZ3lXs6HWnz-gMYNjwKFORAKht3QA&abxe=1&dt=1698119457469&lmt=1698112257&adxs=436&adys=1839&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=6&ucis=djdngq4jdm1u&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fwww.turnto23.com%2F&ref=https%3A%2F%2Fwww.turnto23.com%2F&top=https%3A%2F%2Fwww.turnto23.com%2F&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&ga_vid=1990415797.1698119454&ga_sid=1698119457&ga_hid=2120292015&ga_fc=true&dlt=1698119454556&idt=792&prev_scp=Domain%3Dturnto23.com%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.13%26hb_adid_rubicon%3D19827c16a55821a7%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.13%26hb_adid%3D19827c16a55821a7%26hb_bidder%3Drubicon&adks=3516126248&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bf2ba01a793b6590c02f678e858ec7dfe9e5f157379cd3f0898b0ee2d68044b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11902
x-xss-protection
0
google-lineitem-id
6152678337
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138412693513
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
c
prebid.a-mo.net/a/ Frame EE06 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Tue, 24 Oct 2023 03:50:56 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.turnto23.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame EE06 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
expires
0
pbjs
htlb.casalemedia.com/openrtb/ Frame EE06 		38 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01373b57a679861d01fe2bdfddc6098c536b67b57a3fdb026fff315af05795f5

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TSQcUfWA%2BuN6%2Be6J%2FJgMtQsJG4nCVkdgz3vkSW%2B9Njt7nmoWibKHH%2BK%2BPBn%2F6vntWAR2CSg1nOKqNFLYChbujVW8anJQPUL8s%2F2JxMccTwH56yvzlnalioPPVM%2Bz%2FK%2FR7HaGkB82"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81af42314a4a1e6a-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame EE06 		146 B
995 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4e17ff7619f8f5eee97599d73b2d704bfdd201fab8449072f070a7d799c9318d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
an-x-request-uuid
39ca4f31-a06c-494c-bbb8-a90ed53e2d19
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.140; 178.162.209.140; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
146
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
trinity.json
apex.go.sonobi.com/ Frame EE06 		730 B
977 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22158026a0e4f259c2%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90i_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.turnto23.com%2F&s=ede0f489-0cb4-40bd-84b7-6ec09c04c276&pv=e88b58d0-70fb-493b-8df0-9cfa1395c5b3&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22turnto23.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22turnto23.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.turnto23.com%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.88%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000007%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22594322fa-f6a2-4300-8529-316a7fb2181c%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.32 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
97fd2139b1fe49337efeb29ced4c830213491afda12fa4b7cbcf47b4af6f584b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-63
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
442
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame EE06 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.turnto23.com
date
Tue, 24 Oct 2023 03:50:56 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/ Frame EE06 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.turnto23.com
pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame EE06 		25 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 New York, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
29394413b37164099febb0341c61e3f268237bc464bef855ee535a52b124cb19

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 24 Oct 2023 03:50:57 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.turnto23.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame EE06 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000007,1,,,&eid_pubcid.org=594322fa-f6a2-4300-8529-316a7fb2181c%5E1&rf=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.domain=turnto23.com&tg_i.page=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.pbadslot=%2F65889844%2Fron01_728x90i_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=1666f73e1e79fb79&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90i_desktop&slots=1&rand=0.11300892434551302
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
29231d9dd7dde1d907424b282b079a2c4224dc56dd2033a74941b1faea32a087

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame EE06 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2815794612805761&correlator=4346293613307104&eid=31079032&output=ldjh&gdfp_req=1&vrg=202310180101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90e_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=6&didk=1238102909&sfv=1-0-40&eri=1&sc=1&cookie=ID%3De50e849b35181897-22f4cb2b01e300fb%3AT%3D1698119454%3ART%3D1698119456%3AS%3DALNI_Mb5gUuI9aS6qK2x-t47jw9hNBFWDA&gpic=UID%3D00000ca185f196c1%3AT%3D1698119454%3ART%3D1698119454%3AS%3DALNI_MZ3lXs6HWnz-gMYNjwKFORAKht3QA&abxe=1&dt=1698119457493&lmt=1698112257&adxs=436&adys=1105&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=k6zfdzygrkp5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fwww.turnto23.com%2F&ref=https%3A%2F%2Fwww.turnto23.com%2F&top=https%3A%2F%2Fwww.turnto23.com%2F&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&ga_vid=1990415797.1698119454&ga_sid=1698119457&ga_hid=282875182&ga_fc=true&dlt=1698119454716&idt=691&prev_scp=Domain%3Dturnto23.com%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.12%26hb_adid_rubicon%3D195d15b886d87743%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.12%26hb_adid%3D195d15b886d87743%26hb_bidder%3Drubicon&adks=3085048810&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079032
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e4d42ba9c82f8ced32ad82a5e05bf5682e97d38727d14a8e22282a4a4db99088
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11834
x-xss-protection
0
google-lineitem-id
6152679810
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138412693525
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.turnto23.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.turnto23.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 24 Oct 2023 03:50:57 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.turnto23.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.turnto23.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 24 Oct 2023 03:50:57 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.turnto23.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.turnto23.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 24 Oct 2023 03:50:57 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.turnto23.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.turnto23.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 24 Oct 2023 03:50:57 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.turnto23.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.turnto23.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 24 Oct 2023 03:50:57 GMT
b-bf5d88b-a63e596d.js
tagan.adlightning.com/saambaa-scripps/ Frame 1A2B 		81 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fa89391e3469f8058741d523202cc91c8d09cd60904bb4e8b7f29cdd131e21f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 12:53:47 GMT
content-encoding
gzip
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-version-id
w2CFDfXgWToQaU2Wu4JnPbCVlMPRw.zt
x-amz-cf-pop
FRA60-P4
age
831431
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30736
x-amz-meta-git_commit
bf5d88b
last-modified
Mon, 25 Sep 2023 15:15:46 GMT
server
AmazonS3
etag
"a1617ff72fe85a663d89bf61d753aef9"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
FQjEcy1qxrvIs7D-kpUJBC5CEYciWWf7afGpb-UeEtcBoX70q6AkBw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1A2B 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:50:57 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.turnto23.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.turnto23.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 24 Oct 2023 03:50:57 GMT
bid
ap.lijit.com/rtb/ Frame EE06 		25 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 New York, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
c3d6290dae25721b75b45c294c15347b9dedc5b2a0b8c19187f55dcc2d6d1965

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 24 Oct 2023 03:50:57 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.turnto23.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
trinity.json
apex.go.sonobi.com/ Frame EE06 		730 B
977 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22170f64f7f6c0db43%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90j_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.turnto23.com%2F&s=d9cc219f-c6c0-4186-8670-57e9a2594a2e&pv=e88b58d0-70fb-493b-8df0-9cfa1395c5b3&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22turnto23.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22turnto23.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.turnto23.com%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.88%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000007%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22594322fa-f6a2-4300-8529-316a7fb2181c%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.32 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
7e3570fdba77ad3997b969b4790b921026c48792a7e68fef6cf9fb13b8e47a08
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-63
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
442
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame EE06 		146 B
994 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
ef4fbfc97004c5e9aa6e1f796d48d5198d53338795a8d799b0047736f4b0e218
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
an-x-request-uuid
117ae8b3-c18e-42d2-8ac7-eb00bad739f0
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.140; 178.162.209.140; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
146
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame EE06 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.turnto23.com
pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame EE06 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.turnto23.com
date
Tue, 24 Oct 2023 03:50:56 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame EE06 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
expires
0
c
prebid.a-mo.net/a/ Frame EE06 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Tue, 24 Oct 2023 03:50:56 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.turnto23.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
pbjs
htlb.casalemedia.com/openrtb/ Frame EE06 		38 B
489 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f8f9398d598c73603ec9d3c4882706048ee9886fa939b6fcec550f938c84128

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=psU3POb%2B%2FnnYw29z%2FMGQB06cnN%2B2QZv0UgMspfDbKo3F1tX0cqc9LuKp3WUVIuTjgvr%2Btrx2LUZ5K8JQzp2Yhd7DN6dfd6DGdYektKUKS5ljh3g8wl3FKrxXWsPo1LQkcMvXyTUv"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81af42326b191e6a-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame EE06 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000007,1,,,&eid_pubcid.org=594322fa-f6a2-4300-8529-316a7fb2181c%5E1&rf=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.domain=turnto23.com&tg_i.page=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.pbadslot=%2F65889844%2Fron01_728x90j_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=1849d3434c918a63&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90j_desktop&slots=1&rand=0.17363766027733885
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e1fbf2cab1af2eba0753d58d64b126f2df82199bdcd509d636670ec77eea1e44

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
b-bf5d88b-a63e596d.js
tagan.adlightning.com/saambaa-scripps/ Frame FBB1 		81 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fa89391e3469f8058741d523202cc91c8d09cd60904bb4e8b7f29cdd131e21f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 12:53:47 GMT
content-encoding
gzip
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-version-id
w2CFDfXgWToQaU2Wu4JnPbCVlMPRw.zt
x-amz-cf-pop
FRA60-P4
age
831431
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30736
x-amz-meta-git_commit
bf5d88b
last-modified
Mon, 25 Sep 2023 15:15:46 GMT
server
AmazonS3
etag
"a1617ff72fe85a663d89bf61d753aef9"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
pTej9x9n-ARNow5DE7WV9RvNVIZs4oWLs_ZRRSFpFnWQCIov34kmBg==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FBB1 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:50:57 GMT
b-bf5d88b-a63e596d.js
tagan.adlightning.com/saambaa-scripps/ Frame 0E65 		81 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fa89391e3469f8058741d523202cc91c8d09cd60904bb4e8b7f29cdd131e21f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 12:53:47 GMT
content-encoding
gzip
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-version-id
w2CFDfXgWToQaU2Wu4JnPbCVlMPRw.zt
x-amz-cf-pop
FRA60-P4
age
831431
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30736
x-amz-meta-git_commit
bf5d88b
last-modified
Mon, 25 Sep 2023 15:15:46 GMT
server
AmazonS3
etag
"a1617ff72fe85a663d89bf61d753aef9"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
FQWhq0D5YVYTWYdtNE9RMmdIW38bh7WWMJvMDQC-sfaoXW5_weRsuw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0E65 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:50:57 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame EF70 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=530274199045409&correlator=1194473311113401&eid=31078932%2C31077693&output=ldjh&gdfp_req=1&vrg=202310180101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90e_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=8&didk=1238102909&sfv=1-0-40&eri=1&sc=1&cookie=ID%3De50e849b35181897-22f4cb2b01e300fb%3AT%3D1698119454%3ART%3D1698119456%3AS%3DALNI_Mb5gUuI9aS6qK2x-t47jw9hNBFWDA&gpic=UID%3D00000ca185f196c1%3AT%3D1698119454%3ART%3D1698119454%3AS%3DALNI_MZ3lXs6HWnz-gMYNjwKFORAKht3QA&abxe=1&dt=1698119457891&lmt=1698112257&adxs=436&adys=1839&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=7&ucis=yd1435dmp2ey&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fwww.turnto23.com%2F&ref=https%3A%2F%2Fwww.turnto23.com%2F&top=https%3A%2F%2Fwww.turnto23.com%2F&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=AOrYGsmhIzktVEyvnEKGLh3RDVF9s7GcXmP8hUsQhJdvrnmXALqxAEEtgfM2C7iCjDHba0Qst_rPRpjt5ZGaRBlmmCMig-u6fxdrwiE%2CAOrYGskUQUIRfiPj7iYC9y-VbeJMQ1cpleo9DploVX6IgfqQLth_UBst8KBSLwyu-CCSXE_pzYynOFSLqEQVMYlViWJFgOT9&ga_vid=1990415797.1698119454&ga_sid=1698119457&ga_hid=2120292015&ga_fc=true&dlt=1698119454556&idt=792&prev_scp=Domain%3Dturnto23.com%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D728x90%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D1939f753ea07df86%26hb_bidder_appnexus%3Dappnexus%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.12%26hb_adid_rubicon%3D199fdcb792881b51%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.12%26hb_adid%3D199fdcb792881b51%26hb_bidder%3Drubicon&adks=3085048810&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7dee068051d9028f97d358b012ed88228a947a62a77049cd16fd2b1922f5a30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:58 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11863
x-xss-protection
0
google-lineitem-id
6152679810
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138412693210
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame EE06 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2815794612805761&correlator=2586484802994440&eid=31079032&output=ldjh&gdfp_req=1&vrg=202310180101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90g_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=7&didk=1238102911&sfv=1-0-40&eri=1&sc=1&cookie=ID%3De50e849b35181897-22f4cb2b01e300fb%3AT%3D1698119454%3ART%3D1698119456%3AS%3DALNI_Mb5gUuI9aS6qK2x-t47jw9hNBFWDA&gpic=UID%3D00000ca185f196c1%3AT%3D1698119454%3ART%3D1698119454%3AS%3DALNI_MZ3lXs6HWnz-gMYNjwKFORAKht3QA&abxe=1&dt=1698119457906&lmt=1698112257&adxs=436&adys=1105&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=smv47us71wzy&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fwww.turnto23.com%2F&ref=https%3A%2F%2Fwww.turnto23.com%2F&top=https%3A%2F%2Fwww.turnto23.com%2F&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=AOrYGsklRZbHWlOIzMta_6M43uNNQgzValeUS9-c13Ayjvd3yPpeoFCJHY42cWMhaNY7iqFhvnEyUnQqNirEOfEW9H_aPtHy&ga_vid=1990415797.1698119454&ga_sid=1698119457&ga_hid=282875182&ga_fc=true&dlt=1698119454716&idt=691&prev_scp=Domain%3Dturnto23.com%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.20%26hb_adid_rubicon%3D199e047a4515b44f%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.20%26hb_adid%3D199e047a4515b44f%26hb_bidder%3Drubicon&adks=3516126248&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079032
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4d70dd26bcbf3b83519d6bfba8fde8a5311b41b14981ac0c21daf04937c09d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:58 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11863
x-xss-protection
0
google-lineitem-id
6152679822
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138412693198
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
b-bf5d88b-a63e596d.js
tagan.adlightning.com/saambaa-scripps/ Frame 4EEE 		81 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fa89391e3469f8058741d523202cc91c8d09cd60904bb4e8b7f29cdd131e21f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 12:53:47 GMT
content-encoding
gzip
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-version-id
w2CFDfXgWToQaU2Wu4JnPbCVlMPRw.zt
x-amz-cf-pop
FRA60-P4
age
831431
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30736
x-amz-meta-git_commit
bf5d88b
last-modified
Mon, 25 Sep 2023 15:15:46 GMT
server
AmazonS3
etag
"a1617ff72fe85a663d89bf61d753aef9"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Blu1rxi-xbocLBOK7w5mWW6rUhN-O1fjAkzWHgqgCvefCeIkIif80Q==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4EEE 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:50:57 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame EE06 		89 KB
41 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2815794612805761&correlator=1531452371355446&eid=31079032&output=ldjh&gdfp_req=1&vrg=202310180101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90f_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=8&didk=1238102908&sfv=1-0-40&eri=1&sc=1&cookie=ID%3De50e849b35181897-22f4cb2b01e300fb%3AT%3D1698119454%3ART%3D1698119456%3AS%3DALNI_Mb5gUuI9aS6qK2x-t47jw9hNBFWDA&gpic=UID%3D00000ca185f196c1%3AT%3D1698119454%3ART%3D1698119454%3AS%3DALNI_MZ3lXs6HWnz-gMYNjwKFORAKht3QA&abxe=1&dt=1698119457970&lmt=1698112257&adxs=436&adys=1105&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=qnplq73ij1xf&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fwww.turnto23.com%2F&ref=https%3A%2F%2Fwww.turnto23.com%2F&top=https%3A%2F%2Fwww.turnto23.com%2F&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=AOrYGsl0nSuC-kiwvujVks3IGAtOBFyJp-rSXwzIMUB8FJ1H3jQ-yWL9J0ExGM538gyUAs43FMLRbVPVvLlvpX1DN4SaKnzg%2CAOrYGsklRZbHWlOIzMta_6M43uNNQgzValeUS9-c13Ayjvd3yPpeoFCJHY42cWMhaNY7iqFhvnEyUnQqNirEOfEW9H_aPtHy&ga_vid=1990415797.1698119454&ga_sid=1698119457&ga_hid=282875182&ga_fc=true&dlt=1698119454716&idt=691&prev_scp=Domain%3Dturnto23.com%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.12%26hb_adid_rubicon%3D1978cf5363accbdb%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.12%26hb_adid%3D1978cf5363accbdb%26hb_bidder%3Drubicon&adks=3272850789&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079032
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c695827d38a6c6edfc182a5555a22867c9af10102dfde215972387b50c70ea01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42088
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
b-bf5d88b-a63e596d.js
tagan.adlightning.com/saambaa-scripps/ Frame 455F 		81 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fa89391e3469f8058741d523202cc91c8d09cd60904bb4e8b7f29cdd131e21f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 12:53:47 GMT
content-encoding
gzip
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-version-id
w2CFDfXgWToQaU2Wu4JnPbCVlMPRw.zt
x-amz-cf-pop
FRA60-P4
age
831432
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30736
x-amz-meta-git_commit
bf5d88b
last-modified
Mon, 25 Sep 2023 15:15:46 GMT
server
AmazonS3
etag
"a1617ff72fe85a663d89bf61d753aef9"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
b7WliyU6mMT0PgfZsL_DI0vL3bauWa9pZcKZ4yZzyuN0QgLPqY5EDw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 455F 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:50:58 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame EE06 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvQOG3IlyUnENjZbH31zZH4fTcw_cFe-YIL7-GwqPkNzRMy2ilfml80gh1fqYOxE8lhvIceKpX2PRfNAIm_g1LE_rN68lY6JxLOK3iim4LD_6vgl3fqt6m_Pmj2pKFF&sig=Cg0ArKJSzJDAGstXRPb6EAE&id=lidar2&mcvt=1352&p=1106,436,1196,1164&mtos=1352,1352,1352,1352,1352&tos=1352,0,0,0,0&v=20231023&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3989627229&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698119454716&rpt=1964&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F29C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 03:50:57 GMT
expires
Wed, 23 Oct 2024 03:50:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 1A2B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssHUF9xgQreJsI3f2d8NmZ3JRWCu06u-aPlKuuu880CYj70a8uX3mZmikYaXy3qWpFwA1X2BEtrGUIfIUAjJdzokljHA59Jbu32Goa-rLgEHSmZtKoIr-zkSgN46v7_XaxvTRlst3oFgepfjY9uk4s2bvCiSb_9tMsw87HC9izrsDX9PlNdXtblCWCYu2iPkxW1LghuR27jqwkPTyNzFCfaJoGT6X4ab-2MZfZhgHL9toCWkGnedaTdE8EofhZzwghb-EksnYJjOqR-oMm3YkDNFM25jRdiZEhFJBMKyK-Cw9KDTcjBOnwQY4TnqBmIgGbeIV-x2zkqC6ZeZI3Q3lGgf-4&sai=AMfl-YS5LAWyrfv1Ryk6m1exH0S175p0tuLwCzA_aQnSKl0rn4k6Oa-FEvX-HXGAyf3_sSDapzpU-g7hT7urQ2fsajebRytjQ_Npm2qzPEfCJN3BvfHhompwF4Wl-8OL0lU&sig=Cg0ArKJSzHBZkH2pMo7LEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5F05 		261 B
125 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNW_vRy65imeUP7vc65vA0eesdgPlOxflawl43GTDKHHksPBALugqYCDolM97DfbnhXf2ZAOF2rFtpg59ptSeTh4RK7nsGKEOgAW8MkvHDifG2VUOC9zIHauaiwGMHowhFgE9WosAuRAR9s5kptCqUdNe0pWFyDz7Cb2WHeAYb1ByiYdXyE
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
102
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 03:50:58 GMT
expires
Tue, 24 Oct 2023 03:50:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 1A2B 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:50:58 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A2B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-COAkGNVfeG0bKLTX216j_uUUciuGB7eptVOnMyuQJMTRPApTCzUtuWaI8OhYd_HbDRvO3eE73fylangzi1gGQ-r5YvSR3Ryl9MJWK__J_nBkouaaE
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A2B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13230136029907047842&x=8&ct=2
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4e1762e9-2010-46be-8e75-e11f1f7ab329
beacon-ams3.rubiconproject.com/beacon/d/ Frame 1A2B 		43 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/4e1762e9-2010-46be-8e75-e11f1f7ab329?oo=0&accountId=24022&siteId=410000&zoneId=2299328&sizeId=2&e=6A1E40E384DA563B80FF0CDA557D7D370F339D08903E93223474C8C796ED696D96DF7CCC443016D587F0ED8534DFAB6D6256DD5F6373094854B89BC49509F046FBA2AFD252A020D0AF386182E885AEF763A9E31559342199A9B446F3E8C66BC0C28CFC97C83B84577F03976CC39807FB029A406262C3F14330E095F7FF31454B2605645952F601786D7F19C3937D34BAA8959092A85FF89374BD99DCD88C1811835353AA0B050F4988A5A8B356C2CFF77DEA10DAA10AFEEBE82A954C1004678A
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::57 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:58 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame FBB1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstoCLCawWqM_TXEgFzveXxJcpv9U8n9rIELl9WTbZM13zbXyjtdwwBfpuhDwu8mPdaa7EGVpvbT8RRhwOM874C2cxLEQZPIzgri_86Awvmv-_uPL5WXMmi4jKlj3sgdEAiHW1EBUHSPXoXDHq18qZQP-e_iPupJEK8PcJdR1r_ASRwE2ZGAxHf_D5xlRjuhgxNVja6GKgdxhuoAFnJM3YLpyejBOiYa-DdPfr4OAp-LFuxAJ825vcXyAB7VfnS34Wg2BPZUQ-Gsmjlxbxn9MAAW-NeZ2ZqYLxdlwiKh4iCwnbTiUm3ulmJOkIVD3AXjTLPEVPs4H2I9BwpbcT0HP1VMZkM&sai=AMfl-YSFPQixoaJBLqzYKpirQA_4VCUBYgvETqoD-aQiAnFq5HjVuOi2AbW4xy7_hOnmo81GubmVVNi-OM1EaVGyyuIXN_ssEq-Mmyw83d-9kTuTFG7Kf0beDgSza66GbcM&sig=Cg0ArKJSzLBqpsKM7O91EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 993E 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNW7jbA6MaJgp1mM79DU_ip711lUDUdQK9cxzudTWj0oPaDAE3YkhZCZE6QwZ1YwMrJgWPfD1lZXIF5q-MBj228kP4dZpYX1VfVuPowq1ysiKCKeMJ2i0HUDAozRJL5rDp0teeV5h0ZMMa77ZdBZM_z083jOM9AHB4heoQNkYXzbV1D1VTA
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 03:50:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame FBB1 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:50:58 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FBB1 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CFrVhmLR3lf91Lss8jskyew0yVYrh3WhICJIxjXBb1W5fq3-7VihdyTJnwYDiGUOlE01ei2HMGgKwLFxYX2lfpSLvUBKhT-14csZVAXrA8blWsXIQ
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FBB1 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5503406133038051305&x=8&ct=2
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ced7276e-da8b-41db-b649-43cc84d0998b
beacon-ams3.rubiconproject.com/beacon/d/ Frame FBB1 		43 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/ced7276e-da8b-41db-b649-43cc84d0998b?oo=0&accountId=24022&siteId=410000&zoneId=2299328&sizeId=2&e=6A1E40E384DA563B5C861424A752C04EF2A7C4C5C06DB39AFC58D6182446662739EF656306ADEEB497453FCF6C7809B70D4DB7A26C7F9E6B24622879644CC305CD07115C55D110BAAF386182E885AEF763A9E31559342199A9B446F3E8C66BC0C28CFC97C83B84574FF0E057640AA492029A406262C3F14330E095F7FF31454B2605645952F60178CD47CED9C1AF9DE89161FA6446D5DDA79C3CA527C7ECB32DAA6E3EEB884F63020A6ED56AD2C0D266D6042AD6D2B9E132E82A954C1004678A
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::57 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0E65 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvGQHfMC29qUEVfxlAfcpzGN9M_39_2P-glwudi7GQ8PuExDcALZ0iLadqsA2xj4o2PLq2RGWJIz8bkbN0DmpMFnt1RGB7m6c3MaGoPToyegpq4Z6eVBLpc55KZ_5zwoyMKyhzR32lntwH-4YoiOJKR1RE5hNR4vyFYmtiXCpjlsQVsz09cMJgf3VEsq0w0zpVLSzcm3GMG_jKa3PcvmQCKYBqe2D0ukX234gD4i0uRxtfsDVs3TrPSVn1Aw8snKHmZKStDf0QnzMZuINb2cB2CLae68WmwDFTwETB-3vUsbCl2FyYjO9TEk2sV1MogyaJvFAk9GFv01oplIs_FTLPSRQ&sai=AMfl-YTkOuHtJweTI7v8gy97men3QrV8qC0-mgP2B-eY_Vw-9TZSiby3lg91mLOL7LwgNbfRWcmd3XvdysEFv2I4ZL578ZK87wcT97MTVY-W3Gegj0lmeBnze-5wjgi0f4c&sig=Cg0ArKJSzL6yuaDfNG9LEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame A340 		552 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNWooYYBwITSZFUXinDUOOJ5ULFVeZh_IvZDgV5a8MuOdYkzpjKi0DyyTpjPE5WpSW74hhLig5zu7ArSLVWqIuJbvarm4dtmpN5VC9ZdyvX23HyF5Ka1aqdq6eJGF6SJ45KC3y-rJf1I54ByyP3X_uUY6d3LytkdCzFUuXkHWiJcAzSac_Q
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3dad89bd01783443195a892365b91096da2f6ebb36b2169ab32af37344c82f1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 03:50:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 0E65 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:50:58 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0E65 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B0etJL7YE0bRFDw45j6HJJ6FIQEY3MYcNV53IwvGz4JaBZcHPLLpeMk1G5aTkPXhPdNuWqTLWuOYAO-Yl1PMOKbi9Vzr6Tb3OyZ7E1oKZxn2Meju8
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0E65 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3043535032308745043&x=8&ct=2
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
95f9a624-683d-467d-8697-6b87868b0f0c
beacon-ams3.rubiconproject.com/beacon/d/ Frame 0E65 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/95f9a624-683d-467d-8697-6b87868b0f0c?oo=0&accountId=24022&siteId=410000&zoneId=2299328&sizeId=2&e=6A1E40E384DA563BC2128659801A32A391E5DA1DF24219F6A921BB0264E00DBD57BF7B43597D7E637CB73556C59636790D4DB7A26C7F9E6B6FB6DC3ED19F3AC0CD07115C55D110BAAF386182E885AEF763A9E31559342199A9B446F3E8C66BC0D81A9E4D5B5029363F29475F5A53C970029A406262C3F14330E095F7FF31454B2605645952F601784F200AF73E78AF62E12223EECEA242A2987A411267AD4EE13E0E2C743C685D5498CAF31C279C98EB84F348D8DE152031E82A954C1004678A
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::57 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:58 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame EE06 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2815794612805761&correlator=97639665927392&eid=31079032&output=ldjh&gdfp_req=1&vrg=202310180101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90h_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=9&didk=1238102910&sfv=1-0-40&eri=1&sc=1&cookie=ID%3De50e849b35181897-22f4cb2b01e300fb%3AT%3D1698119454%3ART%3D1698119456%3AS%3DALNI_Mb5gUuI9aS6qK2x-t47jw9hNBFWDA&gpic=UID%3D00000ca185f196c1%3AT%3D1698119454%3ART%3D1698119454%3AS%3DALNI_MZ3lXs6HWnz-gMYNjwKFORAKht3QA&abxe=1&dt=1698119458726&lmt=1698112258&adxs=436&adys=1105&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=2nyqpk2cmdyn&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fwww.turnto23.com%2F&ref=https%3A%2F%2Fwww.turnto23.com%2F&top=https%3A%2F%2Fwww.turnto23.com%2F&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=AOrYGsl0nSuC-kiwvujVks3IGAtOBFyJp-rSXwzIMUB8FJ1H3jQ-yWL9J0ExGM538gyUAs43FMLRbVPVvLlvpX1DN4SaKnzg%2CAOrYGsklRZbHWlOIzMta_6M43uNNQgzValeUS9-c13Ayjvd3yPpeoFCJHY42cWMhaNY7iqFhvnEyUnQqNirEOfEW9H_aPtHy&ga_vid=1990415797.1698119454&ga_sid=1698119457&ga_hid=282875182&ga_fc=true&dlt=1698119454716&idt=691&prev_scp=Domain%3Dturnto23.com%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.19%26hb_adid_rubicon%3D20010977aca40313%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.19%26hb_adid%3D20010977aca40313%26hb_bidder%3Drubicon&adks=2445953488&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079032
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4bb6825bb9ade42b3c147046b41c932bc4428f5c11bd5b969a5ffeeef1608c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:58 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11839
x-xss-protection
0
google-lineitem-id
5111853568
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138274875292
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame EE06 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2815794612805761&correlator=4457489073498214&eid=31079032&output=ldjh&gdfp_req=1&vrg=202310180101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90i_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=10&didk=1238102849&sfv=1-0-40&eri=1&sc=1&cookie=ID%3De50e849b35181897-22f4cb2b01e300fb%3AT%3D1698119454%3ART%3D1698119456%3AS%3DALNI_Mb5gUuI9aS6qK2x-t47jw9hNBFWDA&gpic=UID%3D00000ca185f196c1%3AT%3D1698119454%3ART%3D1698119454%3AS%3DALNI_MZ3lXs6HWnz-gMYNjwKFORAKht3QA&abxe=1&dt=1698119458741&lmt=1698112258&adxs=436&adys=1105&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=d7ue14qe3e8l&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fwww.turnto23.com%2F&ref=https%3A%2F%2Fwww.turnto23.com%2F&top=https%3A%2F%2Fwww.turnto23.com%2F&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=AOrYGsl0nSuC-kiwvujVks3IGAtOBFyJp-rSXwzIMUB8FJ1H3jQ-yWL9J0ExGM538gyUAs43FMLRbVPVvLlvpX1DN4SaKnzg%2CAOrYGsklRZbHWlOIzMta_6M43uNNQgzValeUS9-c13Ayjvd3yPpeoFCJHY42cWMhaNY7iqFhvnEyUnQqNirEOfEW9H_aPtHy&ga_vid=1990415797.1698119454&ga_sid=1698119457&ga_hid=282875182&ga_fc=true&dlt=1698119454716&idt=691&prev_scp=Domain%3Dturnto23.com%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.12%26hb_adid_rubicon%3D201348ab911a14ae%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.12%26hb_adid%3D201348ab911a14ae%26hb_bidder%3Drubicon&adks=2059224439&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079032
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
90d629f01c261744b95b2638388846bec8943090e04de2e9a53dd0c54c63e146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:58 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11804
x-xss-protection
0
google-lineitem-id
6152679810
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138412693240
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame EE06 		89 KB
41 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2815794612805761&correlator=2801595837265800&eid=31079032&output=ldjh&gdfp_req=1&vrg=202310180101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90j_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=11&didk=1238102848&sfv=1-0-40&eri=1&sc=1&cookie=ID%3De50e849b35181897-22f4cb2b01e300fb%3AT%3D1698119454%3ART%3D1698119456%3AS%3DALNI_Mb5gUuI9aS6qK2x-t47jw9hNBFWDA&gpic=UID%3D00000ca185f196c1%3AT%3D1698119454%3ART%3D1698119454%3AS%3DALNI_MZ3lXs6HWnz-gMYNjwKFORAKht3QA&abxe=1&dt=1698119458756&lmt=1698112258&adxs=436&adys=1105&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=pjuiswi3a2y&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fwww.turnto23.com%2F&ref=https%3A%2F%2Fwww.turnto23.com%2F&top=https%3A%2F%2Fwww.turnto23.com%2F&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=AOrYGsl0nSuC-kiwvujVks3IGAtOBFyJp-rSXwzIMUB8FJ1H3jQ-yWL9J0ExGM538gyUAs43FMLRbVPVvLlvpX1DN4SaKnzg%2CAOrYGsklRZbHWlOIzMta_6M43uNNQgzValeUS9-c13Ayjvd3yPpeoFCJHY42cWMhaNY7iqFhvnEyUnQqNirEOfEW9H_aPtHy&ga_vid=1990415797.1698119454&ga_sid=1698119457&ga_hid=282875182&ga_fc=true&dlt=1698119454716&idt=691&prev_scp=Domain%3Dturnto23.com%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.12%26hb_adid_rubicon%3D2027b9fea4aff01d%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.12%26hb_adid%3D2027b9fea4aff01d%26hb_bidder%3Drubicon&adks=1601445237&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079032
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
457ff80d1a72a33a8c018f63f4b38f40f6b2987148e512c0f554a711357927d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42043
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4EEE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWGhnRWSqBzR-hRmme5wELURe4eMeGzoeSwYcABEJaO_MjJSaRAw8vpL_ykXqORWA88GbXO2zWHxOHPeK9AWWaNhgXVcFnDVstYJepOcHvXFBNm772VCeAO7s65B0ILmUej1ACTWAYS-7Gug6tlbzeBfwR9Vm-ygDfAJwLIbnXt3p0DW9FnC4617sga8w4lUz0xKiCMKTTMHcFZ-9yG5QCYpcZ4QcRHEbX8rRo7oOD119HmRtIRlfgWtGqjOPwoTIs1W9sJneBSkWvBCpJrqiPxQOjWX4y6EPjQha9rsv7dpod-3wnbXk_J_Y60TAcr76aKqRYIB_LaUCbWyFWRDRk&sai=AMfl-YQUO4J2CEfoQWb4GJ5c7X3UlBSR7VJ9TG6wXwzNtIJv9a7foW2CKDzyDu5IEo8nCg3ipYVDPhxvNJaCwx-ILOrv0NdC0wlQohF0lRLCaFi-px96rgIpm_f5FeBLYNY&sig=Cg0ArKJSzKggqsuWRcXkEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 72B3 		676 B
287 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNUV2ZOub46kklzPXFbq0nBl47oM7eZNb3H7hLwRyySvArsb1w3wBbN294oClqbquhFQAb5ihBTk7zfHGtEqAZP0V4R76yOq5F8s0A52oPE67sTBxie_-GEpGNwnpuDXuBn8AW85sW5KXFtcYwI2KP9zl5VfZXc-Q5IVbJU7EdNeJPt3fpw
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e744a66257c7c975261db63da2cc0b344ff2a82621849aea8c8c7019337df51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
267
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 03:50:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 4EEE 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:50:58 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4EEE 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BGClKcER-jKKeYH5dklg8BQNuH0oISlkUx2kdXvzFFT9jX_DKqwYh6Gh4I3wZTwaqSCk-2lMCVdRWxiYAASsakQmrBjswQl2lSRkNbI_6wYt7W8T0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4EEE 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=375779578854838066&x=8&ct=2
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
e586909a-bc4b-4306-85c0-2e0f7ecb107b
beacon-ams3.rubiconproject.com/beacon/d/ Frame 4EEE 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/e586909a-bc4b-4306-85c0-2e0f7ecb107b?oo=0&accountId=24022&siteId=410000&zoneId=2299328&sizeId=2&e=6A1E40E384DA563BF6738C7280B35D03A25C9CFD847E18A6A079C76785ED6F173B8BF6B9D564EFB3B08FAC087A3ED0246256DD5F6373094833CDE2DC55F59600CD07115C55D110BAAF386182E885AEF763A9E31559342199A9B446F3E8C66BC0D81A9E4D5B5029366CBF5414B628AE4D029A406262C3F14330E095F7FF31454B2605645952F60178B4265DB783B58FE404FAEDCA8B743F83A9AEDC1D64EAAD9A7A27BF73BE9AE91086474FFD715DA9CC8C5510936C342108E82A954C1004678A
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::57 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:57 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
g_pbto
1x1.a-mo.net/hbx/ Frame EF70 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&ts=1698119458948&eid=2005df59788d42f6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.38.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-38-36.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:59 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
ads
securepubads.g.doubleclick.net/gampad/ Frame EF70 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=530274199045409&correlator=1556112866067589&eid=31078932%2C31077693&output=ldjh&gdfp_req=1&vrg=202310180101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90h_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=9&didk=1238102910&sfv=1-0-40&eri=1&sc=1&cookie=ID%3De50e849b35181897-22f4cb2b01e300fb%3AT%3D1698119454%3ART%3D1698119456%3AS%3DALNI_Mb5gUuI9aS6qK2x-t47jw9hNBFWDA&gpic=UID%3D00000ca185f196c1%3AT%3D1698119454%3ART%3D1698119454%3AS%3DALNI_MZ3lXs6HWnz-gMYNjwKFORAKht3QA&abxe=1&dt=1698119458952&lmt=1698112258&adxs=436&adys=1839&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=8&ucis=fniz8jcxxyz6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fwww.turnto23.com%2F&ref=https%3A%2F%2Fwww.turnto23.com%2F&top=https%3A%2F%2Fwww.turnto23.com%2F&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=AOrYGslufZY1wrz3ZXLvFax1q5z-SY9AJfhmI30K0jqn34x5rXcWedJL2aXzBRjW4VptdVO5zbkcmS2ZnhCm7fxlPlUB4fn-%2CAOrYGsmhIzktVEyvnEKGLh3RDVF9s7GcXmP8hUsQhJdvrnmXALqxAEEtgfM2C7iCjDHba0Qst_rPRpjt5ZGaRBlmmCMig-u6fxdrwiE%2CAOrYGskUQUIRfiPj7iYC9y-VbeJMQ1cpleo9DploVX6IgfqQLth_UBst8KBSLwyu-CCSXE_pzYynOFSLqEQVMYlViWJFgOT9&ga_vid=1990415797.1698119454&ga_sid=1698119457&ga_hid=2120292015&ga_fc=true&dlt=1698119454556&idt=792&prev_scp=Domain%3Dturnto23.com&adks=2445953488&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f8dee6979634e4ace26d138fcb53d849bd5be1d4fe4da43b0aeb9dd34afdcaac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11800
x-xss-protection
0
google-lineitem-id
6110887587
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138404649566
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame EF70 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=530274199045409&correlator=4126752080407616&eid=31078932%2C31077693&output=ldjh&gdfp_req=1&vrg=202310180101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90i_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=10&didk=1238102849&sfv=1-0-40&eri=1&sc=1&cookie=ID%3De50e849b35181897-22f4cb2b01e300fb%3AT%3D1698119454%3ART%3D1698119456%3AS%3DALNI_Mb5gUuI9aS6qK2x-t47jw9hNBFWDA&gpic=UID%3D00000ca185f196c1%3AT%3D1698119454%3ART%3D1698119454%3AS%3DALNI_MZ3lXs6HWnz-gMYNjwKFORAKht3QA&abxe=1&dt=1698119458972&lmt=1698112258&adxs=436&adys=1839&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=9&ucis=5kiq6lwqzhnu&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fwww.turnto23.com%2F&ref=https%3A%2F%2Fwww.turnto23.com%2F&top=https%3A%2F%2Fwww.turnto23.com%2F&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=AOrYGslufZY1wrz3ZXLvFax1q5z-SY9AJfhmI30K0jqn34x5rXcWedJL2aXzBRjW4VptdVO5zbkcmS2ZnhCm7fxlPlUB4fn-%2CAOrYGsmhIzktVEyvnEKGLh3RDVF9s7GcXmP8hUsQhJdvrnmXALqxAEEtgfM2C7iCjDHba0Qst_rPRpjt5ZGaRBlmmCMig-u6fxdrwiE%2CAOrYGskUQUIRfiPj7iYC9y-VbeJMQ1cpleo9DploVX6IgfqQLth_UBst8KBSLwyu-CCSXE_pzYynOFSLqEQVMYlViWJFgOT9&ga_vid=1990415797.1698119454&ga_sid=1698119457&ga_hid=2120292015&ga_fc=true&dlt=1698119454556&idt=792&prev_scp=Domain%3Dturnto23.com%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.20%26hb_adid_rubicon%3D202dabe2d6dc6b5d%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.20%26hb_adid%3D202dabe2d6dc6b5d%26hb_bidder%3Drubicon&adks=2059224439&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
15b170eaf61d40ee24896f230cf8d3926a7e9bd7e1d9f18ad2b61221fc3ba81a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11870
x-xss-protection
0
google-lineitem-id
5111852809
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138274588176
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
g_pbto
1x1.a-mo.net/hbx/ Frame EF70 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&ts=1698119458979&eid=20476b4d81c8b5c8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.38.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-38-36.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:59 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
ads
securepubads.g.doubleclick.net/gampad/ Frame EF70 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=530274199045409&correlator=1079569112074120&eid=31078932%2C31077693&output=ldjh&gdfp_req=1&vrg=202310180101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90j_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=11&didk=1238102848&sfv=1-0-40&eri=1&sc=1&cookie=ID%3De50e849b35181897-22f4cb2b01e300fb%3AT%3D1698119454%3ART%3D1698119456%3AS%3DALNI_Mb5gUuI9aS6qK2x-t47jw9hNBFWDA&gpic=UID%3D00000ca185f196c1%3AT%3D1698119454%3ART%3D1698119454%3AS%3DALNI_MZ3lXs6HWnz-gMYNjwKFORAKht3QA&abxe=1&dt=1698119458984&lmt=1698112258&adxs=436&adys=1839&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=10&ucis=invppyf2n3lo&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fwww.turnto23.com%2F&ref=https%3A%2F%2Fwww.turnto23.com%2F&top=https%3A%2F%2Fwww.turnto23.com%2F&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=AOrYGslufZY1wrz3ZXLvFax1q5z-SY9AJfhmI30K0jqn34x5rXcWedJL2aXzBRjW4VptdVO5zbkcmS2ZnhCm7fxlPlUB4fn-%2CAOrYGsmhIzktVEyvnEKGLh3RDVF9s7GcXmP8hUsQhJdvrnmXALqxAEEtgfM2C7iCjDHba0Qst_rPRpjt5ZGaRBlmmCMig-u6fxdrwiE%2CAOrYGskUQUIRfiPj7iYC9y-VbeJMQ1cpleo9DploVX6IgfqQLth_UBst8KBSLwyu-CCSXE_pzYynOFSLqEQVMYlViWJFgOT9&ga_vid=1990415797.1698119454&ga_sid=1698119457&ga_hid=2120292015&ga_fc=true&dlt=1698119454556&idt=792&prev_scp=Domain%3Dturnto23.com%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.12%26hb_adid_rubicon%3D20345ac867c0ff99%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.12%26hb_adid%3D20345ac867c0ff99%26hb_bidder%3Drubicon&adks=1601445237&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f017ac797c7bdfa849b6054add58c84b3719ef2c042fac29b749d416025a0039
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11906
x-xss-protection
0
google-lineitem-id
6152679810
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138412693231
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
putRecords
prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/putRecords?encoded=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.33.9.22 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-9-22.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
POST
Origin
https://www.turnto23.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
date
Tue, 24 Oct 2023 03:50:59 GMT
x-amz-apigw-id
NSbNlHVRPHcEXkw=
x-amzn-requestid
9fe64a35-fad9-4eb2-a80a-7ddb9e6e44d0
putRecords
prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/ 		146 B
375 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/putRecords?encoded=true
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.33.9.22 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-9-22.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
749b2c6db09136fdda87a7ac242097b2d0c84051d3bff242f295cbeaa23af8c6

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
x-api-key
79db72eb0b5c7255afa54a253df24fb4a5ac916bf40b51c730df8850aa5665ca
Content-Type
application/json

Response headers

date
Tue, 24 Oct 2023 03:50:59 GMT
x-amzn-trace-id
Root=1-65373f23-524df243226d30dd4539ce7a
x-amzn-requestid
dc21d171-abc8-4972-83de-13cb404f2671
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
NSbNnG9FvHcEX6Q=
content-length
146
sodar
pagead2.googlesyndication.com/pagead/ Frame EF70 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231019&jk=530274199045409&bg=!3d6l3pHNAAaMkNwkrJA7ADQBe5WfOL79tzfGkvlKhrM_iw0kqRus-PZKa5QZXukW4iqFDeph0ip2_3QZANTBQvvl2dBvAgAAAZVSAAAAA2gBBwoAZu1TnvI1LzQKnhAa0oRJzyE7UPzLG2eoWQ286ZVe1gICekorvzWtVrDDLEtGc9C_18pjFvHw7sMOW1ZSw8ha9qcmlcuvmx9zqdiEwFviwSaYuHt-mU23Z7QCYwV_urXoi1SjOibTgZkC1Ow7uFl1uacaskheb9klfycof69-3acWLt4p9nyGe0NGyhSjrG4S7duXZJd5X4sOUzAzmxZQVoHQS8UUXr81yZ4lWRp1HNxwZW97s1FVWOM_ubjJyG4adOMsLqfmISYIezoY1qz8TObTryR_dQzhghnFRrt048c5cWwsA13I4xaJ55PqC4RANfpU_24wnXj8O6TaNuAJ9hJFUYD34_V5rVT9SBj_OrGxOTkRKPRMQ2mUvk81PtKROrJE6bZEmY7XpS8vnZWJ27zcLz_cTG5LxJrpIh3cS_m5k0NUu6STcErSwjKYAAu2kjJOxNJBRP8FqNwKAgut6X7oprOsfUNiCjkZGZ352msYdsE0zxDa8TIy90twsigDmqKVfbt2FQ-i_W2emCx_gr7Q73yRIxQ2BcrIZL8dDZ3PxyQ1gx6VOTk0gJzdPJfxUZBWUlSoX6txwLKW0mxSqeH7U9FRC-Ems-Hzu1T0w1vdAYsoucUE4NldLna4iIzouli9slJSB4ZTk6an8zZs9qt4DKFkORnAxOw59bZKnvbEsEeCxHo1TXyWTN6djXK9RifL-CgnnOXffd-y687WJD9TQE7__SmivksF2kAdRfn4-MDb00yjfOZB0nV3y1zhYd69ClF1faL9QQwBfl4Qpm29Lec7cD0caDsxUYqD3jKSzWmtjg98BXIrYN0i6GhV2rH3sNLooWqxE0o4mFfmmaMNQuIWD6LzUPmCgpERV9--Nbt1FoguRovTC8ijPVDviVh3dAd6acMkL-p0Y-akClWf3YeZJge8ihlqxFBm71blZFbz6fCKbsM-RaIK3o6WAVQJ-rZjXzAWGq4jGj3FILsZAb4PekEU6w9CsPunYSXnyTgieytnuQy-p6fxH3mY-ForSEwF21aF29Pf8-LABOaC8fmCAkhzMcYz90GfhH-37xZzjFL11Hc4RuZm1cogxfD-qbpratAVX2lk1Yg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 455F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuRQ4CyYZKZTF4j7FYgLVPayKV4JohuaeoTmZTl9jsj2zGGF0Yk8gfkPQiYdf8J--qE9yUOMS4ytHhv80nvKho4RhiUiZ8JBlimDa3XpeaV07D1Xc4B46shayKVV7KjDkFWRLBA642DKFQ-_ecqmIfHyy3ZPiaA8wiiQmK1YEsVGukORJjAZQs90CZPqs4jcF6MMLsfmZFJKrcCSk8P7s0BGkwq18RKfE9CWBAbbkJsz8R39gqCbRwddVCo2MhXlXFLbn-If2WXXab9TR3F2lID4IE5U8FUx4LD5Lc14jGy6IQeMVn_5Yuq3Mcjubgoq5Yvm5J1QmaPAFdlgEbaM0uLc7DK5yX2s7cgx6_4ZfW7L86VMQ8hSzf5&sai=AMfl-YTRxGBONBKoU9baQYJgA4Ue9gUn40T7XVlyyw5kazwStfbVMJL48ELXPrpxO__WZh2uZNe2NfC9f9oRuzIQYrNZCJLumvFDRfJCF-GLWtj5uIDbkGsYEJoJU8eY3ao&sig=Cg0ArKJSzJzvumlwXmx0EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4487 		466 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNXDr2_lwWvbzZAygpWWHC0wUFl9jPdUwIWjpYDRzsw6-KmdzPPBImPSrYlh-oS_tVziRZ1fxmaOARwCP04r6Bzay2rGF8ExR4xAVr03mK5yYZ1fKf2s8K663STXUWIkt8HUmn6qlV-plsWTrzZAqViYEL1a1nSO_9cEmPRsNk4bFZarxNw
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 03:50:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 455F 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:50:59 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 455F 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CjNhGXvXjKVMvRlA9MMOYKL_7eh8l_5JnwFblpc7MU1scQSYqsGESWk9JgHYy274V00smWrA2hvpY5L5wiwiGc01fZ8fY85ChFQvZVKG3nyqac_pY
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 455F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9861377568991816673&x=8&ct=2
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5465ab3c-a5b1-4309-8c89-b8e0b599662c
beacon-ams3.rubiconproject.com/beacon/d/ Frame 455F 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/5465ab3c-a5b1-4309-8c89-b8e0b599662c?oo=0&accountId=24022&siteId=410000&zoneId=2299328&sizeId=2&e=6A1E40E384DA563B4C73C246686C9E99263306507D513772BAA42491BC1A2BA189C2F1BC6A29DF1AF211F53D0CDF356DDCFC19BA47F6673C3A15189CB8487C9BCD07115C55D110BAAF386182E885AEF763A9E31559342199A9B446F3E8C66BC0C28CFC97C83B84577F03976CC39807FB029A406262C3F14330E095F7FF31454B2605645952F60178AF5F3CB42861EEBEBA4C1540D48D383113D1898AE02DC2A807BD529A7B13FF80FF3087E69767995739A0D09125893F2BE82A954C1004678A
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::57 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:58 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
m
ad.yieldlab.net/ Frame 5F05
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEFaJ-vAEOFzfe2TSh7aiVVY&google_cver=1
0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEFaJ-vAEOFzfe2TSh7aiVVY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNW_vRy65imeUP7vc65vA0eesdgPlOxflawl43GTDKHHksPBALugqYCDolM97DfbnhXf2ZAOF2rFtpg59ptSeTh4RK7nsGKEOgAW8MkvHDifG2VUOC9zIHauaiwGMHowhFgE9WosAuRAR9s5kptCqUdNe0pWFyDz7Cb2WHeAYb1ByiYdXyE
Protocol
HTTP/1.1
Server
23.35.237.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-75.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 24 Oct 2023 03:50:59 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Mon, 23 Oct 2023 03:50:59 GMT

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEFaJ-vAEOFzfe2TSh7aiVVY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.adform.net/ Frame 5F05
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEOd9ip1yI1dTNs1W6P29KEg&google_cver=1&adform_v=1
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEOd9ip1yI1dTNs1W6P29KEg&google_cver=1&adform_v=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNW_vRy65imeUP7vc65vA0eesdgPlOxflawl43GTDKHHksPBALugqYCDolM97DfbnhXf2ZAOF2rFtpg59ptSeTh4RK7nsGKEOgAW8MkvHDifG2VUOC9zIHauaiwGMHowhFgE9WosAuRAR9s5kptCqUdNe0pWFyDz7Cb2WHeAYb1ByiYdXyE
Protocol
H2
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:59 GMT
last-modified
Mon, 14 Nov 2022 09:52:50 GMT
server
nginx
accept-ranges
bytes
etag
"63720ff2-2b"
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEOd9ip1yI1dTNs1W6P29KEg&google_cver=1&adform_v=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
312
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 993E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHry_3yFxYopnrbmnIexs78&google_cver=1
43 B
728 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHry_3yFxYopnrbmnIexs78&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNW7jbA6MaJgp1mM79DU_ip711lUDUdQK9cxzudTWj0oPaDAE3YkhZCZE6QwZ1YwMrJgWPfD1lZXIF5q-MBj228kP4dZpYX1VfVuPowq1ysiKCKeMJ2i0HUDAozRJL5rDp0teeV5h0ZMMa77ZdBZM_z083jOM9AHB4heoQNkYXzbV1D1VTA
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1uA4ctk1RWfPDSlJebAcpy4n1KB7ZC35JqMyZ69wo4MS913aoKBGLYuXHReOOo7KahFEcoMUurLnfty7XwTaU53%2BReWJIO9aPY%2B6yliQO3EDs2yxcuGPCYyCy6rcnVUFnnbDaEEUCV1Nlw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81af423cca421e6a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHry_3yFxYopnrbmnIexs78&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 993E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTc-IyL251t0GCIZaPF.ywAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHry_3yFxYopnrbmnIexs78&google_cver=1&google_hm=2
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHry_3yFxYopnrbmnIexs78&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNW7jbA6MaJgp1mM79DU_ip711lUDUdQK9cxzudTWj0oPaDAE3YkhZCZE6QwZ1YwMrJgWPfD1lZXIF5q-MBj228kP4dZpYX1VfVuPowq1ysiKCKeMJ2i0HUDAozRJL5rDp0teeV5h0ZMMa77ZdBZM_z083jOM9AHB4heoQNkYXzbV1D1VTA
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qLJU7wEraDveAPNwFNQGibTfhM%2BJKCuwm66HYy5NtJfkXu0RHmUq3oC8zKgRICssHawrCjSCfW0aws0DchImC6kYSYMwHC46ZeJ1%2Bu5JaAM%2F6vqMIsBBGSnjZYkX6f8euS1g2aZYK0iQbA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81af423d6ab71e6a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHry_3yFxYopnrbmnIexs78&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 993E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOvIP4qJ9Zh76fleK5OPY6w&google_cver=1
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEOvIP4qJ9Zh76fleK5OPY6w&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNW7jbA6MaJgp1mM79DU_ip711lUDUdQK9cxzudTWj0oPaDAE3YkhZCZE6QwZ1YwMrJgWPfD1lZXIF5q-MBj228kP4dZpYX1VfVuPowq1ysiKCKeMJ2i0HUDAozRJL5rDp0teeV5h0ZMMa77ZdBZM_z083jOM9AHB4heoQNkYXzbV1D1VTA
Protocol
H2
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:59 GMT
an-x-request-uuid
62420b3b-0f74-4537-b06b-8abdf5bd8561
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.140; 178.162.209.140; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEOvIP4qJ9Zh76fleK5OPY6w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 993E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDMxMjc5MDk0MDk1NDIwMTgwNw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDMxMjc5MDk0MDk1NDIwMTgwNw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNW7jbA6MaJgp1mM79DU_ip711lUDUdQK9cxzudTWj0oPaDAE3YkhZCZE6QwZ1YwMrJgWPfD1lZXIF5q-MBj228kP4dZpYX1VfVuPowq1ysiKCKeMJ2i0HUDAozRJL5rDp0teeV5h0ZMMa77ZdBZM_z083jOM9AHB4heoQNkYXzbV1D1VTA
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:59 GMT
an-x-request-uuid
02dcd35e-bed6-44dd-9752-4f3bbe42834e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDMxMjc5MDk0MDk1NDIwMTgwNw%3D%3D
x-proxy-origin
178.162.209.140; 178.162.209.140; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
container.html
0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 96DA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 03:50:57 GMT
expires
Wed, 23 Oct 2024 03:50:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
b-bf5d88b-a63e596d.js
tagan.adlightning.com/saambaa-scripps/ Frame 1D4D 		81 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fa89391e3469f8058741d523202cc91c8d09cd60904bb4e8b7f29cdd131e21f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 12:53:47 GMT
content-encoding
gzip
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-version-id
w2CFDfXgWToQaU2Wu4JnPbCVlMPRw.zt
x-amz-cf-pop
FRA60-P4
age
831433
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30736
x-amz-meta-git_commit
bf5d88b
last-modified
Mon, 25 Sep 2023 15:15:46 GMT
server
AmazonS3
etag
"a1617ff72fe85a663d89bf61d753aef9"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
cpbF6-qDXH--OKOPtLsUNPndMsYawpLLMjeXwouKr8MbB6Jib0I9AA==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1D4D 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:50:59 GMT
tap.php
pixel.rubiconproject.com/ Frame A340
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_dbm
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFBWIhDdNLfzBGxUt1CALa4&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFBWIhDdNLfzBGxUt1CALa4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNWooYYBwITSZFUXinDUOOJ5ULFVeZh_IvZDgV5a8MuOdYkzpjKi0DyyTpjPE5WpSW74hhLig5zu7ArSLVWqIuJbvarm4dtmpN5VC9ZdyvX23HyF5Ka1aqdq6eJGF6SJ45KC3y-rJf1I54ByyP3X_uUY6d3LytkdCzFUuXkHWiJcAzSac_Q
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFBWIhDdNLfzBGxUt1CALa4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A340
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGRkYmI1ZThiNzBiOTljOGJiOGJhZjllZGZhZmRmNTUwODhiNWQzYw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGRkYmI1ZThiNzBiOTljOGJiOGJhZjllZGZhZmRmNTUwODhiNWQzYw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNWooYYBwITSZFUXinDUOOJ5ULFVeZh_IvZDgV5a8MuOdYkzpjKi0DyyTpjPE5WpSW74hhLig5zu7ArSLVWqIuJbvarm4dtmpN5VC9ZdyvX23HyF5Ka1aqdq6eJGF6SJ45KC3y-rJf1I54ByyP3X_uUY6d3LytkdCzFUuXkHWiJcAzSac_Q
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGRkYmI1ZThiNzBiOTljOGJiOGJhZjllZGZhZmRmNTUwODhiNWQzYw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sd
us-u.openx.net/w/1.0/ Frame A340
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPE8qBMKVlbW-amzTkXMxFo&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPE8qBMKVlbW-amzTkXMxFo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNWooYYBwITSZFUXinDUOOJ5ULFVeZh_IvZDgV5a8MuOdYkzpjKi0DyyTpjPE5WpSW74hhLig5zu7ArSLVWqIuJbvarm4dtmpN5VC9ZdyvX23HyF5Ka1aqdq6eJGF6SJ45KC3y-rJf1I54ByyP3X_uUY6d3LytkdCzFUuXkHWiJcAzSac_Q
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:59 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPE8qBMKVlbW-amzTkXMxFo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame A340 		43 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNWooYYBwITSZFUXinDUOOJ5ULFVeZh_IvZDgV5a8MuOdYkzpjKi0DyyTpjPE5WpSW74hhLig5zu7ArSLVWqIuJbvarm4dtmpN5VC9ZdyvX23HyF5Ka1aqdq6eJGF6SJ45KC3y-rJf1I54ByyP3X_uUY6d3LytkdCzFUuXkHWiJcAzSac_Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:59 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
b-bf5d88b-a63e596d.js
tagan.adlightning.com/saambaa-scripps/ Frame 2E72 		81 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fa89391e3469f8058741d523202cc91c8d09cd60904bb4e8b7f29cdd131e21f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 12:53:47 GMT
content-encoding
gzip
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-version-id
w2CFDfXgWToQaU2Wu4JnPbCVlMPRw.zt
x-amz-cf-pop
FRA60-P4
age
831433
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30736
x-amz-meta-git_commit
bf5d88b
last-modified
Mon, 25 Sep 2023 15:15:46 GMT
server
AmazonS3
etag
"a1617ff72fe85a663d89bf61d753aef9"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
5BVdwJpgpAFDN6LfXVGfHL-huDqvF_KbeySembgdKrXXzFb2gJesIw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2E72 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:50:59 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 72B3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_dbm
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&piggybackCookie=CAESEMM2ygb3xgPTw8YWHmYyhBg&google_cver=1
42 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&piggybackCookie=CAESEMM2ygb3xgPTw8YWHmYyhBg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNUV2ZOub46kklzPXFbq0nBl47oM7eZNb3H7hLwRyySvArsb1w3wBbN294oClqbquhFQAb5ihBTk7zfHGtEqAZP0V4R76yOq5F8s0A52oPE67sTBxie_-GEpGNwnpuDXuBn8AW85sW5KXFtcYwI2KP9zl5VfZXc-Q5IVbJU7EdNeJPt3fpw
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 24 Oct 2023 03:50:57 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&piggybackCookie=CAESEMM2ygb3xgPTw8YWHmYyhBg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
350
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 72B3 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&p=360&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpubmatic%26google_hm%3D%23%23B64_PM_UID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNUV2ZOub46kklzPXFbq0nBl47oM7eZNb3H7hLwRyySvArsb1w3wBbN294oClqbquhFQAb5ihBTk7zfHGtEqAZP0V4R76yOq5F8s0A52oPE67sTBxie_-GEpGNwnpuDXuBn8AW85sW5KXFtcYwI2KP9zl5VfZXc-Q5IVbJU7EdNeJPt3fpw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 24 Oct 2023 03:50:57 GMT
content-length
0
content-type
text/html; charset=UTF-8
um
sync.teads.tv/ Frame 72B3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEAfMykLHKgNyCG_3UP8AKz4&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEAfMykLHKgNyCG_3UP8AKz4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNUV2ZOub46kklzPXFbq0nBl47oM7eZNb3H7hLwRyySvArsb1w3wBbN294oClqbquhFQAb5ihBTk7zfHGtEqAZP0V4R76yOq5F8s0A52oPE67sTBxie_-GEpGNwnpuDXuBn8AW85sW5KXFtcYwI2KP9zl5VfZXc-Q5IVbJU7EdNeJPt3fpw
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires
Tue, 24 Oct 2023 03:50:59 GMT
pragma
no-cache
date
Tue, 24 Oct 2023 03:50:59 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEAfMykLHKgNyCG_3UP8AKz4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 72B3 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNUV2ZOub46kklzPXFbq0nBl47oM7eZNb3H7hLwRyySvArsb1w3wBbN294oClqbquhFQAb5ihBTk7zfHGtEqAZP0V4R76yOq5F8s0A52oPE67sTBxie_-GEpGNwnpuDXuBn8AW85sW5KXFtcYwI2KP9zl5VfZXc-Q5IVbJU7EdNeJPt3fpw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires
Tue, 24 Oct 2023 03:50:59 GMT
pragma
no-cache
date
Tue, 24 Oct 2023 03:50:59 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
b-bf5d88b-a63e596d.js
tagan.adlightning.com/saambaa-scripps/ Frame 4DB5 		81 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fa89391e3469f8058741d523202cc91c8d09cd60904bb4e8b7f29cdd131e21f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 12:53:47 GMT
content-encoding
gzip
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-version-id
w2CFDfXgWToQaU2Wu4JnPbCVlMPRw.zt
x-amz-cf-pop
FRA60-P4
age
831433
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30736
x-amz-meta-git_commit
bf5d88b
last-modified
Mon, 25 Sep 2023 15:15:46 GMT
server
AmazonS3
etag
"a1617ff72fe85a663d89bf61d753aef9"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
fO-o0uUQXXC7ATJB2HwJ5xlzrJedCArZHNh72-vKG-fwau5zQ7uzVA==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4DB5 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:50:59 GMT
b-bf5d88b-a63e596d.js
tagan.adlightning.com/saambaa-scripps/ Frame 77F2 		81 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fa89391e3469f8058741d523202cc91c8d09cd60904bb4e8b7f29cdd131e21f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 12:53:47 GMT
content-encoding
gzip
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-version-id
w2CFDfXgWToQaU2Wu4JnPbCVlMPRw.zt
x-amz-cf-pop
FRA60-P4
age
831433
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30736
x-amz-meta-git_commit
bf5d88b
last-modified
Mon, 25 Sep 2023 15:15:46 GMT
server
AmazonS3
etag
"a1617ff72fe85a663d89bf61d753aef9"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
0mVyxfqEP4vn6cR-fzkREB8vdrIuoX7Cskm9fCT8E66z31gjOvRE9g==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 77F2 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:50:59 GMT
b-bf5d88b-a63e596d.js
tagan.adlightning.com/saambaa-scripps/ Frame 2684 		81 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fa89391e3469f8058741d523202cc91c8d09cd60904bb4e8b7f29cdd131e21f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 12:53:47 GMT
content-encoding
gzip
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-version-id
w2CFDfXgWToQaU2Wu4JnPbCVlMPRw.zt
x-amz-cf-pop
FRA60-P4
age
831433
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30736
x-amz-meta-git_commit
bf5d88b
last-modified
Mon, 25 Sep 2023 15:15:46 GMT
server
AmazonS3
etag
"a1617ff72fe85a663d89bf61d753aef9"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
7ZzxiiF3OAeFT0TxnA-_mYQooF7bkwh-r2JlDKvFQvS7A5ZQhd9g0w==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2684 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:50:59 GMT
b-bf5d88b-a63e596d.js
tagan.adlightning.com/saambaa-scripps/ Frame E1B0 		81 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fa89391e3469f8058741d523202cc91c8d09cd60904bb4e8b7f29cdd131e21f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 12:53:47 GMT
content-encoding
gzip
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-version-id
w2CFDfXgWToQaU2Wu4JnPbCVlMPRw.zt
x-amz-cf-pop
FRA60-P4
age
831433
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30736
x-amz-meta-git_commit
bf5d88b
last-modified
Mon, 25 Sep 2023 15:15:46 GMT
server
AmazonS3
etag
"a1617ff72fe85a663d89bf61d753aef9"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
hbaDZwrrJG1tx21ZevuiwTEto3nu95Hf_LOhZswTJW0j6V6zHVbzug==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E1B0 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:50:59 GMT
bl-34df212-412faea5.js
tagan.adlightning.com/saambaa-scripps/ Frame F29C 		68 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-scripps/bl-34df212-412faea5.js
Requested by
Host: 0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com
URL: https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c849c8c65be44de422c18eea1d8d2ede23aefd848e8ca38632f8e0baf46409c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 23:01:34 GMT
content-encoding
gzip
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-version-id
JECc_4XSiYcqR.0QHH4.ZXrT7dd89F3e
x-amz-cf-pop
FRA60-P4
age
17366
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29189
x-amz-meta-git_commit
34df212
last-modified
Mon, 23 Oct 2023 23:00:53 GMT
server
AmazonS3
etag
"61dcdd6c21fb71c028a03b5e5ff6aa09"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
eLenvYWPb-HUi7b5NPAb_qQyMjbBYAQyj89ptATrXJF_5wBFalfjBA==
b-bf5d88b-a63e596d.js
tagan.adlightning.com/saambaa-scripps/ Frame F29C 		81 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Requested by
Host: 0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com
URL: https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fa89391e3469f8058741d523202cc91c8d09cd60904bb4e8b7f29cdd131e21f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 12:53:47 GMT
content-encoding
gzip
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-version-id
w2CFDfXgWToQaU2Wu4JnPbCVlMPRw.zt
x-amz-cf-pop
FRA60-P4
age
831433
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30736
x-amz-meta-git_commit
bf5d88b
last-modified
Mon, 25 Sep 2023 15:15:46 GMT
server
AmazonS3
etag
"a1617ff72fe85a663d89bf61d753aef9"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
_ngvcb6Q9XrBQJ4SRjXg3i4w4ANaftl7B8tZO-EZfH-zuILLd1dFUA==
gen_204
pagead2.googlesyndication.com/pagead/ Frame F29C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A1YqHnVBkLPdA3EeZXm3dcsirDATmLYiAS0xPOwgyFnGNTJ9KKKw_E150SujPIt5XfYHLiZ4mGq18VEBGs1Va2HYg3qloaIBU6DizV8iNzI5xCoCg
Requested by
Host: 0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com
URL: https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame F29C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js
Requested by
Host: 0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com
URL: https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:32:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
37137
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:32:05 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame F29C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com
URL: https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 00:02:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
13705
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8427
x-xss-protection
0
server
cafe
etag
8504628880869859743
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 00:02:34 GMT
l
www.google.com/ads/measurement/ Frame F29C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTWgQLsdr36bjkVHXQq5rblN3UmjzB6giOTeBwGqpL1GrwmmGwQ6m_3yQhB6eL6m2uL0_1K
Requested by
Host: 0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com
URL: https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F29C 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com
URL: https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:50:59 GMT
container.html
0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 68C0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 03:50:57 GMT
expires
Wed, 23 Oct 2024 03:50:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
envelope
lexicon.33across.com/v1/ 		49 B
251 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0013300001kkGx1AAE&gdpr=0&src=pbjs&ver=8.17.0&coppa=0
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 24 Oct 2023 03:50:59 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
async_usersync.html
acdn.adnxs.com/dmp/ Frame E6B8 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 24 Oct 2023 03:50:59 GMT
ETag
"623de86a-cf34"
Expires
Wed, 25 Oct 2023 03:51:01 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
2000248.html
sync.serverbid.com/ss/ Frame 81C7 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.serverbid.com/ss/2000248.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:f600:1b:fdeb:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d3d907f085c583d85855a86d3f8de41001fb2ec083636f488bf4d57030ac30c7

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
72334
content-encoding
gzip
content-type
text/html
date
Mon, 23 Oct 2023 13:22:28 GMT
etag
W/"ecfe9c39e59bdce899c66ea1cfb9313b"
last-modified
Mon, 16 Oct 2023 18:47:04 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
x-amz-cf-id
glyahktiLpdyo8jQE07rxv5g71Kc8sEJPF-L1EvEeAY46nKtH7FbCA==
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
sync
eb2.3lift.com/ Frame 1FC8 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Tue, 24 Oct 2023 03:50:59 GMT
/
ssc-cms.33across.com/ps/ Frame 4EA2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dSDWpmByur67OuaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&gpp=&gpp_sid=
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP015 /
Resource Hash

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Tue, 24 Oct 2023 03:50:59 GMT
server
33XP015
x-33x-status
2000208
usync.html
eus.rubiconproject.com/ Frame E850 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 24 Oct 2023 03:50:59 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
pd
ewscripps-d.openx.net/w/1.0/ Frame 4514 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ewscripps-d.openx.net/w/1.0/pd
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 24 Oct 2023 03:50:59 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A2B 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5832951580908&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A2B 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5832951580908&version=m202309260101&ct=2&x=8&cor=13230136029907048000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 1A2B 		82 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B9Qz2ORqN4Hsd-IitRTp2sjv-w4BbBsrFvEGa8VCBPNVMa1wV52UcD86NlGjOl2pKrD8QHYiGjYtwHyRQ8TTYl6R96NmmmTA7SADwnIIJOP7AQZ2qiPHks0o9ZfrFpLXIr2--15ZDlsYDRS4gdm_a5-BEBvvQwjzLH-44XoWTV06W46v0&cry=1&dbm_d=AKAmf-AvahLtHCAD56w1aDlzO7MBcCcqQWhO4ayTp9hvwBbXSdzyn6ORk1Tt-XOJTIq8_ri0HvPmC9pm96oMNZP0CT9OI0DkJtymB-2upWAvX6WbGepJGkUEfs4Xdt7UrjlBMbLONK1TLdgQLi3CtCcsUCksuAhoj2Nlv5gbhac1l3hZNJkqRz_1q_zQfWTBjOfEzyHCtZWStmFHUuGyJrGm8Iof8gob_wYf_u-lNWNZCoHJKdWPTx9Zqu9kusbWmEyKNflbK2vZh4r92AZrvLSTH4Z8z93_pPggXbL-bMEFyu98e9RL6uxTk53HAHGh-Lx6UBOcGo6xqL4sQxQtCeOehTUl_WW72fXMgLxjp00rkbWaEvHfsfkYBhBKt4V6HPIXGfcohPUHyG1poIyw1-kvsR2XUqj-ke6dIQ1ZwRVeBOyoNME2-HSFnwQi8GFYHtMgr9Df28iUcKYo_Frihqnz2rR4WvhmRCd8Oe52cmg-8AxJrSVNOCj5Aktnl5dC6WqrHB6oyPGfE7-sMYwzV_AdhVZ0ZwjIx8Q-W6xPGfftXH0YbuYm8xPOadoohOeru2v6q9pZdp2rXKlFj4M_mHUt_9OiG0yiTPKsHz15uuFCq_n6uztLtwngUHihhDdY6iQdHpuNYr83ZZr73VaGWid4ja6aDT-jaeoMUKDNRZqyFOLSYXCmLCcYpZNKSE6EGknrxlGA6s3dR0iXgtb6aUtoVcIWH2S-SRQgDBjPu6IJeViilWa8-KE5Ybf5OQs834_SQm6Q-FsyYxc1KqLmukk__9two69uqN_Y7OM7La_nNaAvGNBcJKDkVwR355s1E7Na0ZskvdkNcMSobSVd3rFvBJlsl20Du39aCDwKlxpOy8XnERK8hzEp0SNusppQgXygcd7ZLrqtxK5P7XF-YhvRZN2uBmLEU01ib7WSsVR0Ffy_0DWBfAKjZh9U7jiMtu0u710yAUKJx6az68xzurPnBoI3zNUGzNolx_45HhqBB_H3c6XOitjM6Mh_5iK_hvO8utzTCDR3iMIgX9a7WB4n-Um-mqnYr_vNWERzjtbZ-qIyqZYpuPOfUNZj9p9CzSaG3vtTwecVnSjt3l5UQaR7fihVRJ5mJCJJ4usoCWLrj-t2-c1ppcAB3tlruLXeYIu6VRXvDeZ_OPfRVJWaeOW5YcRhGQqVU73s92paw0VNu-GcVFKcLbRL6n64fsJaOiC9MWBgUGPIcbz9YW0P5jMlfFXwGKvbgcKka-8o471xlRX1KKgNczvI6mzRBoojtiITAgwoXNT9mS0JnJ4HRq5cTjFPgsBNS3yLANSnLbLN2D1yPnOGD1WqmK3rnurGmi11RCJ90flmFPEeOLf4EnrFN6QwqdZPwizQymId3vTjUZaq8CeX9Ep9GgA_9th_7klCzLGL54AaYoBTuosU3_OsnrMFl21ZhU5_sfs9H0M4yhlZoKiP9dHOHWigsMmJUwuqiBXEfaT-Od0402gX7z_DBuCjbpDVY8p_d2MSPZ1v1XumKPpJyuNFY4WsGDX8sUlDpzA2nxKee_PlWU4DTNuE0vU4hLKmBWBB_mYpk8pORP9kKedkWGKE4wK12jTBE40zaZ9IqnfaV86TRaHDhlqwFX6LhejTnFEFJnQz0CptkVzrL4rhn30JbBSL_oO-DeqqFLy3GZkfcJNjX1BJ-9GFM1YLc8yXUcOfdoNuRXknzldGoAh-E6ug1B04K4_pxt5n9LvstxjwGNK05NrRhS8dawKYue0nQtDoBtVky7OTYJIBvJxF7C_jgZ-pFZtxNCpADiuShCxT_EIeaNRN4tCS08iCIucj0xSvbsAF5fhgQ8kOp0dMolTlROLBbQ7XRujtLMf63v-ZVAyanUqT8Xy9b3hzZoBUUUnrzCWUZ2qJx0jjIuYvr6btYh5ZDmuXqD6rafXXU1311OjhFjJMdXJG55dGdpV488CbcHU-ojlc6ROe-U98iygdjMF6gxX-ajkXcHf5PYM3xuvFmbLa8b_m8vnELtfYYIClOcfVA2JdPmsF4IJiBZYGR7FFkk4arGYf4LRNTfP7otWZsKJYiMsfi6soMeIAUNRczw8XoNDs4ugNiym6pq5T_3HMTSWrtKDTD3I4QVYjItx2gIegOFwCFFY2LJc_KpJ2ojaPKw2TIgAhiMEDN8wyx8T96MKkRqyIfq79EB-C9TZwwTwSZbcd-45fUwG2QpC_NLo58yUN8Zzip-TR3oN8N0fM_PLyz0o_ox3gkRnhyriIMC0EVqQRZ1XmBycnspVgLl2jWPNb1phX9c0zENcE6-yqWqg-vpo2mEfLC6jLCkbssKC6ArghF9QNX0Szki8kr1xTKsHCQymyZ_lo6uLQNZzR5ZJ6Kgk18Qq4HeQzO2hODTjWKORfu8uEdWbI9wKj8FVkG5C9-9yhULGYUKupNh81v0NZToSczz_wZQHg3qytMwOm_wjo9chXBDDpaOBR0TAEuQsquUQzCOJlwny-LKaDeRUyl8EhJY_5MrCJyhYxgnz4KmJfRUjK74n4ufAiq5alaQbM0bUW_pq_8PF0pCQV7ukEXUhZIKRc1U_4v5l2dYzDvpL2w3xh5WehZ1ugXEMvHk0AmryPMZgQCPo77R0ETiDAPkLK2vCQ9GgpYfqqYBI2Q88XVx7Fup9yvZ0gdsaBSyuOh1faERs8IsnAbYtS_Pk1JoZ_txVuUVMxtZp7Rz_y4TjrdsaPPCgLeNCui8fN3hsESXAZdY9Aj_0vQhQy445BNyjN7C2A2FdyKv66HpnXt3dZ3tgfQHjeMdmgwJb-J9WOCLPIsgjuYp-Aq_yAV5QICKaSQOhLbJU016HHi-M65QwWwyahUnScZibMeXu5lN28V7tZBT2yogSTIeWqB06gwkW660PuQ6gA8qX0OeZN2VWf-I0-h7RdwMbkp4nU0K-dJS5scsezWBs3as-j2S_tEa0k-RPw4H9JQSPXVl8VOnqo8EyNhi354CgQdw0o6tbyizqqVSSf2aO07keEuOr5A_YNpdt02pEmUpGMSxAovMiQBr29XhHmvkaEwlSgOtKVWq_bB8XFDEqylsEKJokPEjR2fmToiP5Z-vvyHGaM1VpRCPJWVhF-3olZ0IAay1EN4SuRqE-pSw3xuSFO3aRLq6exRICAtja27J3jgieHA_I2sjXvp1k48EKBj395DKVC71Q1bOVZWqs1Tdn_dwzTIm-S6snGVjfUpE3pLzKlMgFLRnnwZaRkGrr4C2pKzLU21Hd8DttcobQJ6fomYRmruoKwI1Y_1y-47Mox3s4LkLSfDi6UlthETQ8izElo58hy0rSVdKFbRHezkeec_3l6VQeTEZ4aJJhWZmApT1UCLpsVNNBivS00FZ0X0_EyJ_2RQNtmMvDYfxR5qfwet2pvqfu4VfE8PN-KGUtdlqDLZdTVra9i8u6xAneHw5Nkqs0YomvHlpDUXY5rruELQzXemrG9vPDDrHdAuNJFjziv15LvYXY75NAvo6_kSkQfZPrAT_F9j8Hs-DX2UEXuJO89rJ4Y-kihJor-TB_hlb_4OzolDTheuPmte62YNsaa5ujS5IkMCXdCwn9lo1JkSIGQUvv1dMyP966hyh1Gl-N1-JaWCbuo-5sV_m9HLtvuMRmvXDbWu-B2kY6UIbUb1qnEbWpDulosIu6GxhZuCiSoa31aIGhj99MIlkGyl8Bvmas5MnnpZp3FNk1usJfVW2D9WQ-D5zG8QEth8Dn-ilI2acpZCmxHTz50A2abML4YCGTRdUELzw-teQny66ndc-al28rDnKFzy6owXsLJJaA4RcXRG2r69GbWu6pImkvwV7A_eeAKtjRxlf55nkVZU_CTXOdD7hPicoDLAri-sveKDezSo9q9illmbTuOZLx1Bu0EG6dhvk75Bh0bOfaCrvJyyqFWL7L27jFY_k47ldTdHwHOht-BHeWYFXTq8Q40s1lj4xxatCwikjB-2_BxfVlGWB8Y-7Amm8xUQP8QpTDEHR0lVbKS-4IKx3aooegb4LM_VOCtPBtELfFfpNvzG3UqIAozp1D-5h-PZFuLXEPk6wSgfCem7gh_a091K5H3GMW-xLjDjDmiTu8&pr=8%3AB81EEFB6E78C638E&cid=CAQSMgDICaaNz3oYdXmwzRj7pHJemBfj4_JYNpVyn9nlCRXvgzXGJfdEuEm5174R7BcDIobkGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.turnto23.com%2F&ds=l&xdt=0&iif=1&cor=13230136029907048000&adk=3361789619&idt=49&cac=0&dtd=68
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5fb78e256d772838cf30e04c5cd827081063b22cc516b553ad8e2c4efec5b84c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38801
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FBB1 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7209319307527&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FBB1 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7209319307527&version=m202309260101&ct=2&x=8&cor=5503406133038051000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame FBB1 		82 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BHNsGMtuaeK6OR1olcm5eT2zGpZHJuDjC31Ac-FoUmHqJVxBqhcX1EtitGtRH7XOTGdwn2YCfBmFpQSHDoFp-KdbXb9WbxTgAiPjbZBkM6FbF5JjWHbnX0PW_ptgro2qnVAKqUmslltysIbEEG_By0OP5DdaVAZDcKS0ICcdjowwe5Kj8&cry=1&dbm_d=AKAmf-C4z8waspbkyCzfHJbt1KmV6Z2pkksH4eEEgHdJI-VAAtTxCbXq9Lda_kNxE4_P0ceZmkLVV_WMv-SWHLtOE7Qacn7KsolhBvckPtAGIGB48YCx4bQwUb2dZKp5o9mCREOpX24tw8XP5hNCbpLbKJRKKr59i-enIFQ6UFJ5FoIBchmCGQeQkCboRmLb2oIq-tBRV9V-UkJhkO-pq4mj1Z4KoGKObnirocNbhetKUvb0ZHHaG4pl5BOTMeM1e3sZ6Ha4LKKrLndsqMmwdTK6Y0dK8k8VUOIyXtDGIfLxPavGdt6azJD-RF549z9lIhQ0qsADpgTMv74eKEnnHUUbF6kLP7dr4ibcbx4TEHoJB-_FWLgEZNEMzgcert7hTLAsKT572TMS2FU6lCDQf4mlIYr6hJOCf5UzbHamJ2TrF4k1CKwku9rUgWkqgNK8O1bKd9RbSQEDKjJbBupDWpzv0fK36zQXZAkxgxmhU_MikxS1V-qvr0iXQS15ik_QYkwmZEPmGXB5VAyNoWZUcWq8y4U7wvc7oXMd72VCiyAUIlnoMFot6Lyc1RNgvOihHJXHsncXwd1fy0T8tsRMPFSrnZyygEbQYvqWW2UpnrVb93ecS9tCAIksmfZr36zP3cxbMuo9AIRRLqW68XaELpJlGWGBoUIWDwqzhDX58_ClhvFXGuCXAZOGeRVfdYA_PVyIuAjHSanA9BRdfSVULKAqHaraIvRHHV8nBAG2XSRDQCSPovdqUU5y2f2OIftjFZ9JV2BWuLHcG891vhWUqrIaNIRKyPEARi-ioAyn1tSrWY2Ln5qS9e9oqG7le75rFfpNf0prDQM-hPolPc7ozJetEqWLKDGrPuRJeLcga64buAzcykpp8aAxo0nZsUF7B1lJHQaJFtIqPURvaBWyXlJrgNjxzPE7J9wcyUEr64nndnBbdRkFFQYME4BEYWXn8OsaloVkMplNf7f94miH1rGsPYuCvzKgfU5XpEKD20_S_aMbOaYZ7GFjdw8qHjMXIXZ4M_X6Wyt-Jwo_0Fv9fThta8Hd2ZM-Vrj3kfhoPKgV2jm4efDJ61VZ70w5GKiZiyVmyQ5eJu8K6PN-jyDrcvBpaFfWIAateMmpwKE09ihe1XvC7TuT9ON4eHkGRDlwPuTlC0uV38-sB38IXQwqKwVD8gphMlZWa59EW0IvH8EnoMyXw8Iq5VWA0asdUTULO_fPCkiNq8S22rFstEvhnEM2FecXfK0aXf-1FrNjcIy3qJMoU-rlpHUXO43r31SnbdE_lr5mbRJbxX632szmeRYir4asGqR63QQd0fYyWP5P66zzRJBTpTGul5v0thdloFeBO89ixnMqSkKvvZ4tE3aEtKkN0wXHoWZOP0eXt66wFGCQqR-w6LyaxhGxjB_7-HDiYtiYosUm7_zeZnw8lVypjn9do38S_R2m_o7ygU8iSuxUIdVL5R0LIRsx94lG2gkRmdxbICh2bsdgqvUY9AUz_exy7F-PRl8VsJ37jWO9DS_a8wmWVJmZoFB5S9J8YwUWlvV7kF9QGfUUalUDRknB1Ysu-nIMi6lQQiB41eZlltbFTGTJOXpd0Bj6GdeygO60HYr0oWEsmzzpBx5nzOPciWODXuGZcqx9mHVL6op2Px6vOeGmj05oXtNJUMliMv-vu1uwR6SdygvOWV0wwsRiSc76ut2Xee2JprRATf4MinCLWs-WcbzuRBpHMJ7g7IkX7iaGJ-qO9McZZidBMpLXOhXPw8g6CZp2BymGyiuxbHzxlTY118VHTSrhsUUceHnCIMnERA3Xm8y-7DT6VQlCJKl2xuzx66hGvFuiLmB_4xqFjOxQpSGw2UCa8CCMR0HPP60RXm_-0CLGaSLUZuh_XU0IB9Pt6124L4ME9mv2NWM6lJE32giwRO73rVWtgM8CPnB8prJbPOJrhX8cKdK-3XUXrNz_4l0yBjBD7JzaUAcBDiwZLU6QIShR1q2e4z4WcC4ZPXnPML2Q55m85RpDc4Be_YkUMgsk_GnoHO9ywn8O_C5E3Q4c7vGC7fhBBFdpeJp4D9OQbWSiDq6wUY9T8Rkz35CwkAlN2cABvxFv3Kd8v1xAoNbzIJdzuMNzaWCEuHIXHxaefXGAEt3OB4-FNFWdye-QkWO_R3ZIHX793wsbDCTpTe3SmZr8A7N7qtfJgENWK0K4wZcH8btdgCGTRQLIFt7s9biFlgQEC0wQIJFSK4UdJhYgfJb0qj5_AxhaRlskA3GV8_awl0orNmHDindwW9aim4vu6G7dOHKc8kxxw7aNWFMq8AdyAP10WkBv1rmbEokXn7hOpI8_PPvZXevOtRIyANwHLJzm3XbpdPtlYqfB12Tck_1ZZ7kiIte_Y6Mhhc2t06fwEzgyC1YJqcuYH4XjsWfC4blfUov3tT4PKrNZz0HRvFwktRWD6kQg2dHTKx7kJsoLCTSRMfRHe6cJes-k6_DzKWI6cNajupyqh4r9BRCSDm4TwwrtsbJ6gIK0n6tTZQGB92uzdxB_jA6suQ6YykDGQcsXyDuXpaBnNKg9iLvDdNqR8teQsEt-pSNLy1TFCIqvznKXzBkevOcB6yiNo_qQKefRzo2Ec6_d8225lv7sM8m_33bf6fQKvfwOAwW6C-I3IrddOaCI9fIuhCI_Cj1hefFBzV5X1HleBbUG2wXwfnZFa4oWB6rEjfJ4KYS3mUt-oCXGsjwsq1E-6UZlsjhcDZ9GllCoR0YoCjt54JML0luFC9G_AN7pf1M9rg3GXTXLmHVUTX7YFfgPBT1qsivJ4JYCYpLQs5B9DHbp02lJEQN2fd6rfvGeGN_f3P-3FhRTuva_gHoNe4Id_6GCjm0VWOruG827jRSBqttbdL8eGsgDTtYX7-TqK92AhG82NP7xRi_ze1H-eg7su8_oufsnyrcbx1nB8k5nfcvvgb5rWTW-cpOYt7lLZ-8PqbdB_kajZuHpskhpPj--g4iG3r3prHFzM90elkDqGGlodP4Rh8QYYridfMiFGNwwiBbEBZsQmc3gIrkxOLDM4N74Zp0Kk9zx9dPNfRRBRhKmEz76KofXjZ5U1x5iI97vLTtXBaoD_5opsAVNab8AL4QS-0kA432cDodZqoUc-SX-0xhVL4hsgtDrqRLENjmg49Helo5LtwmWNRaGTcsqCrQLMFAndYbKmOUTxCOV7dp60_ob6qSUsD9XSIUu_qg6HOKbUZ9rRneHx0cDNKhOlY0Lascx8Dd9Q91XDL3UsdRBkaSjiaXuAts2eKPrrKBEdpx8_PtOXxsX1tgXEEYYP5qgdvlWmlelHLy1_rWNEDXp4NOQ4kOFuJkXsW4dY1g87a8R-AfXvAy2z1eKvuprXzd65IoIx1waAFV7jYg2KnAQGyyQCkw-JlTNEPU8wKOX2s0g8l37HCUrAF4gQKtWhVtcaGLA7XXfC-eMwPOnkIpv_3K8peG2hgCv-hEPhOC4xaLhdx4QqARxFunbqqZFFkgV0mn2YLfwPhTXlqvsS57IdbebjgC4Ca0xSkdrcwpbQDIgmUCQNb2oD_rLCiiWZ_L6vlJPdOH-8HyyDmBjcvi9rDVft0eqfYYHMAkKhnMAbKvaK0JiN67aOwAp1sP9mB7XJNP2492IXNmtD0TdfcWXjm-hLQr7viVsyuEMlcOAKhkZLVHKpbLFQ0y_c0qh64fZJVXhOc6VgXGyQ3V5_N8_9aMi9lgWNIPWZrFxJjUHhFOGTHzfKxOBlXCIuuhKiZAYvsXhTdkDvx1Rpqe3rUza8JUJIWx9UnQQun9u5VPSY2nb95veN0k-IWnG9rpRytqRKj6EqDq7B21BKCCzhxPECceE22n-AMeuWUYVcPl699OScIYZJeIkMlnVgcU4Z0qyo2fA6ptDJkPkwfLt9SuTkoWkzp8tdkhHiPWGb0ryFWPLT5HhuULSArEQ9bTcfw-DtSpGNDgrs9moAk57xXxLrnXSdQL2K4vQEEHpqRzzyaMNtIR5mEEYeqo2nBvGozR6N1CRBNJg5Lnk9x0hCic1SypgtNcM5Bhi7hM1vIZmpbJWmXfFYcQ1wZap_NtqZeVSBltFnF2pGQKieRMFojLkV08&pr=8%3ADBA739E3E3D229F6&cid=CAQSMgDICaaNaI5o_XRPPSB1b7m5ewwAaqua2-AUHir8qmEXZTpUtnyJtcaiXm4nmV9fF8ZeGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.turnto23.com%2F&ds=l&xdt=0&iif=1&cor=5503406133038051000&adk=1144569087&idt=36&cac=0&dtd=4
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e8eac1eb92b88942efbb9a7962a998865b586a494fb3ce518f3102724bcf6359
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38877
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/ Frame 4487
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGYtUGUZosZtaZybN59RtWk&google_cver=1
0
0
partner
sync.search.spotxchange.com/ Frame 4487 		0
0
sync
ups.analytics.yahoo.com/ups/58269/ Frame 4487 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNXDr2_lwWvbzZAygpWWHC0wUFl9jPdUwIWjpYDRzsw6-KmdzPPBImPSrYlh-oS_tVziRZ1fxmaOARwCP04r6Bzay2rGF8ExR4xAVr03mK5yYZ1fKf2s8K663STXUWIkt8HUmn6qlV-plsWTrzZAqViYEL1a1nSO_9cEmPRsNk4bFZarxNw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:59 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4EEE 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=176633105076&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4EEE 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=176633105076&version=m202309260101&ct=2&x=8&cor=375779578854838100
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 4EEE 		82 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B_tRSsq9jK6LdGHN84tav72XyJAA6CqCnxSNTPpvcCe34tpspgn1PciD-ioxzN2Lcv_er-l_IeHSMsB8hauEDLY6-PItZDdHht1_5P1kEXPY-Wnp7EjH6Bp2N0f8xXeatflnHcY05kMRKX2k_gC6OQtcM8XXG6riATFSB8g93U1xNG7vM&cry=1&dbm_d=AKAmf-Bf_URee9qMj0va7H2I68c6YjiaVriBaZmjcSNjQ_fUMfGCLiDhvorQH3jybNo6KKTavtYfbmrjijTJhkEdDD9diBIzxRXG8LZC5AQfluVRsADKVZAw13NQzbNU3OXB7no6RQot-_rQ_WRKJHPvKDEcS1b1QZ9iT0k-0t3cX46iX_kRDy1Bv5C4YDP-JMo7NFYKlWZ2tz4Du7tV--3UkdmiqiAW2sURwnIYQ5WOYQhHWS7cUJ2mTSFV1fhwTsFy1ZH_5EkYjdcrjIh6HvC1BNt0FIOD0zUdk5UG3-WSKcnszDLaa9o1_3aYHDr9lI84yGbdNcehdNqQzgfqhS3Elkh0wDlw6k-p04tWIeZRObTfKMhFPn1s8yspnA2hHSEDCL9OIhP6d_-OHhNMyqV5AI_m2lgWtnBJ6pFfYKndnqcSTHU6enFHR4LmmRcd2bSMFz-Z43rsgCUNoljV0JRwKMoksCnN5QtT5IZTeuW8aILHq5x8XJWoTnIW0jbY_HoXZAt6aZSRtJtzrQmVOMMnY4Pj9vD7T_yUVfnlHX9WflPZt5e1XwKf6AabSd348qdOEvWcDuSHOBWdVNl-4wOyA1TlYsFc5DnY99BqwLQ1xbEk0uGDclW1RsKP1LWQipW8Z0qxbtt8-b4EXgiQiim30YHJZ3yHeC_KvCQoRFGUwE-FE56rcdoS0wlmpjkb-aGIwTDj7vx5mhNapXJeWukr5NGI-MMa-Up0SAjyw_RCwTzxJLZiQSvCI_j_LCfwbH-V1W_wu_6zI_zK_9FTmpGDI5XowKldgu9uyL2G3vqNBO_16BTJlo2mMOuEq6vbQ3R2Mwi1qlbDXURppBoWNC76IxNPYIN9bi9S-KBjRAaCJbZnRUS_V6hYWoOBagKSQC2pm6FpVG9af_KDbyvcP23dconsMasHmq8T4Kte5KxB_zcKLIGnvzzmahVyGkPzNYut941LTvbfQJuJt4OkkfZygTrtLI1wcG3qO3L-dpLh2BQ8jfrPSlXGzZJ-xFhEKk2szyTBRbFc5QAQuYebaIvfCarZBxmZSBRnRUhr_0IoSJbVBdEkmyHziZUEgQhZLvtCsVVus5Dv8X0xYnvttVbnBVp09DHPI5H-MMkGFHESs2PgJOYhIa9vKnon7y3uqCWQoal4hHQlkM-7kaDr6NZQEX6RyI3vLxcIopAlli06xZUqkfTYDphZULJ1t1s-yTEVgEpV1YnYwQCzSAPg0rJzAUUyA32I5A-AlsHHcWQMIkXDhxHPCzn00KSAb3vUAD6mpC2UHM7rvFkldrhooqY7Npd9mfcTJ_LGRKjPYW-VLtswAOPWAZ3ckmxy4UyptHuegzznmV7PsQZJDPpncDivASKY7-O2in55aFeHhb4M7r1K7rxqCPDZgtQ_NjUkemGVbLlEj0tyEco1WQKTYqhyzN78gdEH488II1mf1YnucJAV3GNJdINOjDorBJdppAyPoLv0o21bMu1OkykowaUJz20dN_90aK1cWqAXdhgxL5y6OT6yj9tQRy3cSvLX6BjyYv7f-KrbsIFaW-fV27KsjzuPsnM83PupZhVGU7ao59aTkup-0zJR6xHN1LTE3Z5VZZWM7gD_XH9ziddRSsD4bsLW0W6TsFiAea3SlJK8qOojwa_QILy1lInR7Pz8HzDxmaAgG8f2pz42wdQ-c19j1F60cVcjs9As54tZDfUQ6qcaO_xOiOZzK1BWdDMNj-jNwm9v_1f2dyBtrMXQsYhO3wmySEgYjkhOlWCuj5dBrtdqrFz3G2HRg_Mxz_9_hY-HhsWICO6CSND5eVaGn6Jb8_YOSWJck_E-LBvxRAdF1ohPVCS7HY4jagvwHQ3eUCxyvNFv_yp-ffkHZDRgZIjBFnVYmKo4N6j5AKXgwW3fwkoFCneeccplLDrGu8iMZbZSozqPgOOfjPT2K7pM6siejea2YcwHrmY7qZ_N5TlNCvAAbPWmZ1R3MpK7bCVC2NsGr8xmG_ZMPiwLW0pOvBSaxpMIIiLgnZ4vIrozL8XNaCkCQ_4OBCpU1dL2HnGmDtoT82zWeuJ3qaTPuHNu2DS5G2RewS55SW-83yC45z8MXHTFt7I5p0j_YSn62jYKQACLWQJYGcDmg9-JxgFCdidsCPc9hpwh5_-51tZVukhEQIsFLzclZJb2R_JMD6j4asD3vgxL-jMseCsyphipCcZ8BfIHGwk5fOaR7wXF235rrQVA36tusXXt2qWcksYtgFbKo9FtHOCsWVuetJZuRYCBi3KIero5fKITAufCbdVeVpeUhLTLUu3P2_xXRJJuWt4rkBXTHCZDBibqm1rT8DWXDJNs_vkzeXGrWfYL3kM_zzQodDToNDEmvwHoDiCDuaEgKjvmscOaRoV5KF8uvKndkQEty6oL-AhkutR8ss8KDDHbUnfCAIRKRbX8kcGUa-lqgJdncxnfy_EKvkar1wv8Kml35JhEg7diEtBB83Z4WwDqf2wKq_0OA3PhE7AdhuIkuQxX46-Hh0TWg4HCBYlt-MNTgCZomQ8_wzRXMf1yS13ZRU3omUIJyzwVwkUwXzdul1KKHO3BRDbyNkdbkHIrviA2h5lxZ1BjRs1fWy0mjO1EQ2bEyL1DDRJl8Z0QnbYAf8sNEyLLPncqKrodWZ6m5CQwsL9SqKlOhXPeZuw1oYaI5-wnvVfcEbKsklvQ7tGyPZSJUyKHoxy4jnjgDzO30HMGsCPgexg18fQe6rVni-VZQdd1kQCrkcXtHLgicMZynhbkb_54p4j35AjZeo6yUo23U_eKKvSON-o8GuEOBh2jNcqxdgiT_7-VjWjNeX4MSlqnazo8zv3k-KLQ9y3snNx4Rtp2XooUfbJ1QOuxzUG4nYdQ4xUEtwr-24l9shUd6Kp-R2NtigHi40g4cnqBpvqEZf_7A-J5ur6ZZzNxKAfIPrs7Qvj5RF5WPHvVv2LW4HuFyaeJL9lnlTjd_rgbPHq9JveOejrIeoe41bZcClEarrNsQLjZ2h8lEz6leWFbiR46VZe_M8i-06iUS2RhFNy0ZDbf3jXr9otetS0IYKV8IMdTLjB-dSqmQYM3bMhXKcEXpWhsKKUHMAVxGqo31w68D2adfyou_Daf1vWCJ_ZfmW7_IsIkeN7RAka9BZfqZSWSFZqPAVqOjacVak-oCFzA-1HqrO68xFptGJrcqShez8_tHaVBrwSEsk9JCHWEx9yhN587wm2W87rzDrChwCWXt0iDoiHu-7fJ5VhcP7egbeTfKGqht6uATWCvGQELgO_-Svd7g6rwgxJEB0bgc8GRTqgPO2ewTuNb0G_mLfLq52RpFNjw_dQc8RB0zzw8Q4_sgJsApmxaFjuWoNkU0dKwBENdTDfb2Tjwf03OawKOtYTH36xnhKJjJSVHdncutiBBAFmguon9usi93f18YQ0yaNnkqMDWahn86XNVqCliNFqDBz1H2iutg1xTvA83UsteK3-EkwW9PO2bMh_gGuoK9RgC0Izyo0MtpWbAAG5qeXh5RACCzEXHRsWbcD8AYyj5M18IgQ7wBNL5zRJ2bhmG5eMEZ_EyiP1lrVed8sFZI2xSeeXu82YZRasFwZeGUKU0__CwR9JjaFW6QPhImyMJgP3-ArxMc3X6gJ0mYBvqBnPM4AjFv2JFncUxjVY61BVOlNblWMr0i71OOqO0W_PrptggHtTd2b5U0jE5fzAUoHApeSIhibbTYEaQSWTbFvNq-X9Z-aTp3HGezYDgGyENLeSu-Db0pCo-CxvO4dzuAS1BGO-dSFAnWdrRyADXF0Q2jfnPUqP0j3DknksmVqOE3aMotIcpSSPPFsrnyfJAq3-NnWHEjldg3uakDVd4bP3Vu73kSKFtTPnZB6U466olyp2wBvNJbEiiMvdLnV6ZNsIfWTxqmM8MIugFhbv1_j3kJV2_kO3riXPpacdWsdM-wYhs5TXenC-MxzePlVzy5rGHR1Mc8L_PRQQJzEmGDmr6QSi4pTTL2l247r4sVCQaVqwfLqMFLmDf0q5O5IXFfqspRfu5ukJjIx1uWm7fEEtDWGt7&pr=8%3A06461963C725935E&cid=CAQSMgDICaaNl31dSTQrllJaIL8dxZZ6pSHdyORCyLJyUNrkYtc683o2ltzhfosL6kTV5L3jGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.turnto23.com%2F&ds=l&xdt=0&iif=1&cor=375779578854838100&adk=1583589131&idt=47&cac=0&dtd=4
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f1004316d3edd7ab11d861d36950e2bbf09e6814c127c5afa91289f6afcb564
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38863
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame EE06 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231017&jk=2815794612805761&bg=!UVKlUh3NAAbDUgby41I7ADQBe5WfOM5h9CrA5QBvnP1u0mm6-78hk93iGiRrs_AhOpD1oyt4qPpdcf4v6escrvMHphgtAgAAAkRSAAAAAmgBBwoAECWbUbKDclQChTONzAkPYaWZAtWpGKkAmJRWLLAOMp0eUsPoiJd5WYep_zHnWl8unH46pIfDMXjajIuCOTOt7ZT4FswwagxTIV5AQAamzftlE-yGxt9LCvf0_ze8Kfzcg2_z0ASEvejRxA8wh5j5FAVsfxdTQkd_4vLpXM_9qG8ZxiEJI1RZ2uur5WyCuToET2iAmoQVNfEWKcsPdM9jL0jfOv7S03hbrtIWNC-41PiK9fsyTqPRgwei_mc_g3jVUvP8u4h8-IAALfdQsZPl1txtEOQpanmnPXPyENE2tM0hY-CqMj8QbnNRJ61xVt53qP1THxuqzm4ufwmWch46E9lbj1BZqjl6wIq7K7IsTluQXRgZsgmtR2HcTflVmFkT4WYfHTSYdIHGgDO8Fbs2SIili866fUlNxGEMaIU6Ha5FsejKZrNNgNTM3eYNfR2ttcm4u8niyeGdGqZZw_vMX-08MB9RABF3EZMJpHbALLLIJHijc4mbdJESlBs6xZt2KUwtCxitgh1N_JxsNROjtgL4Pzh-8FOHzxSAjYzkDK3NzJaWLc-xgOUiVVS0_JROszYpq8pVvu5v6HwgX5e6PJ3_xZBVOBvFYX2MQjjEKYLo0oSmy8TwzlV7xkOQ0Vi5QWqsabVlBcTtZ7b3MpBlDiDawpcQZ2k-4vRgwGh0-B6DkbS9Z5_FHzOayNJ0VyzrfeHFm56lBdGwbQQ9oYCmvD2RoVAkSd_wyB02IGxjWWiotB2D-EujyRPX0yIn8RJZjZi7rfI7xOSxh3_qPJSRsMlR-VR-rfjhqr7Vk_MuWXXw2nXawg8ZLhCunZ34yfMf9fGAcmw0_qkg-PXmI9r1FPoa7_U8bb9QmwLOCIyNTpBE2EUdNhdKjQL8qjmiSrwtIP2ig9vVusgMt8PukVH4Ixfk5b68wxMtqk4lvor1KsE5nzWGXNWR6aqQJq0jFB6IJfvtP8QAO1mRuYgPruGBdM2Vgz6_pB2H7Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
b-bf5d88b-a63e596d.js
tagan.adlightning.com/saambaa-scripps/ Frame 0E9A 		81 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fa89391e3469f8058741d523202cc91c8d09cd60904bb4e8b7f29cdd131e21f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 12:53:47 GMT
content-encoding
gzip
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-version-id
w2CFDfXgWToQaU2Wu4JnPbCVlMPRw.zt
x-amz-cf-pop
FRA60-P4
age
831433
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30736
x-amz-meta-git_commit
bf5d88b
last-modified
Mon, 25 Sep 2023 15:15:46 GMT
server
AmazonS3
etag
"a1617ff72fe85a663d89bf61d753aef9"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
fVpWWwpViO3p7osNKCKs0AyMOM7z1g13i_qQwJ7vMv1zKd-uzkdUug==
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 0E9A 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c5ed686ee3d8cdad13ff57ddf44eaf3909252a9886da09ab45bf9d2c2991fdbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9656
x-xss-protection
0
server
cafe
etag
10702006824595321874
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:50:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0E9A 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:50:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:50:59 GMT
usync.js
eus.rubiconproject.com/ Frame E850 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f4c0870e7f0d953d864c90b9a23f0d3374b658a9bdf11b12942e4931ca774722

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 03:50:59 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Oct 2023 15:57:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=43601
Connection
keep-alive
Content-Length
11097
Expires
Tue, 24 Oct 2023 15:57:40 GMT
register2.php
synchrobox.adswizz.com/ Frame 81C7 		589 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://synchrobox.adswizz.com/register2.php
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.19.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-19-90.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d9aceb453edb794717e62d202798d06fc04ce1aba49136c61e2d733180119ce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Access-Control-Allow-Methods
GET, HEAD, OPTIONS, POST, PUT
P3P
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Access-Control-Allow-Origin
*
content-type
text/javascript
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
Content-Length
589
SynchroClient2.js
cdn.adswizz.com/adswizz/js/ Frame 81C7 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adswizz.com/adswizz/js/SynchroClient2.js
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc3a0e2e935e1287780338713472a6ab77cfddcd82259c9d6bb4317de0d93898

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 21:14:56 GMT
via
1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
last-modified
Tue, 15 Sep 2020 06:28:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
23765
etag
"3a38a4c45e3aa46a58e390f0b0baebfd"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9187
x-amz-cf-id
gw1VoKzcwMAFcDO0aobQZPWkmeO7HpbCZudBdnRzjTIIy-VetFk99g==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 455F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6940974560246&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 455F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6940974560246&version=m202309260101&ct=2&x=8&cor=9861377568991816000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 455F 		82 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D0meliWpYEmy6vz5-LQXJSfCCrtwIDK0t57kM7zS-IyxG4F_tTCrc6Ze7Z_rl8Ry1_gbBFqpuWbbcjTgP11GU7pxjo7JgKRLpL2axQFhWrkAaCjR7RlmIM9qfDVaB58kIytOaRZ7o59UCQBIuNZz3nv1EwkOQKwCOzdF3BojIWB3fcnDY&cry=1&dbm_d=AKAmf-AE28pR0REW6Z9Vj45qXyXMdvGKHFDV2WAQ5F4v6O98xYzzE5ytb9_oUAzJ65M5i0RXc2tYHrojOfvkYtjUoPY7YIIoEMyRn7UOr-nFv_KMcCd2y0h0bOr6jFh57lm82asB_SDEfDFS1u2c4Zkdx01a0SwfkFtFUo2dwi3x32LTnUM3amyR194H9z7stSw0CZW5Zdd1Gqf9FIvcsrPjcYZ5PziiAeojBouztFnccNI1nN1eWK-_I3a-BCzm9HfS7s8nLqZpvTpSe5FVUJQRktwR6_KB3imKU4ZZiyGyjEzcYxSopJgPmZeMv5uW7vVmk5Ohegms3qIO2ECYOSEP95vVzC_O-ZWBxYeYBN6BJk5i-v-d4KZ9Jwjtn9lMcctjJuwEynvVej5HJoUf-AwHeKdx5UCTTXpO0WU4otY8v1RvdVKyQEDQ42woIQyucOf028RYZgz9WllXB5JkjdtmTGsioJqrEGfMPBWFzv_AHDj5RSKyBBeeC-43EW_ZZ2wGqwujxeLFJSuD0as7ZjMFaW4FhQrxyQH1lvKFhEWlwMpndChSHRZ5CZCDjle_Gg5m0MqMXClcsqCiDrNruOEZHU0d8z-hqY26H1g0o4qwnmYbjpl-Wy6kNy3_ywpGkZzejc4t5FIp4CFg0VlOMlwBUXZyZDnnrkGZhBp8nkL15Wp2i-V40S4nH2npGzDoyF-QN7zGsGtNkNE6yxwVClpqMxTpv7F17FB2fEs8QGUtOrifY-tAyEWl_6J6zQEYRKWUXOzJf1iKRezpPm7kQbLpWqDJFISFPSK8tpd9i9kFuK4aOCJK4N5cAeaZSrmS-PrnHVWPtMyvXf6EfJQ6BRw203CEhBAYCGqgwuBGQbWSjHdGSjZoGCGeH50hvTDyaZeDUdysq-4ecjmhvpmg19ItweOymfrH0aGwWdJubfVe-NuP7mqKRz49Yh1-Deb7pODI6zOrnTxQ2Rgz3TeW61M3BIE2m-b5UbEBpy4pbdpUI-JI59b20EJWNdUsO4fBacOkc0C9zPWvO4ymdfQVtxKfkPNRX15A7fTqTEeoI7OX11W42TOs4AlpZZD0kqGq8Q377Mf2MEGJl3IScVTxu9zKsBHBfiUShprYreoXfEpZllZMralZDecl5AFyehtNS4LejKCGpS2MU9hm1lsTVF3K29hDnJ94BvBW9fhTg1oSzdn3oot29jUlpyJOmjmaNXAK7ygrfwU2Zj3qP17f7JH887lREur7ddUshTD_7LJqsrqcwMoRmbzafNRi6cMhGzIkl5Vyq3YqX0Ryrh3bOfBmV-q_w-2R38S0r9EiDrGDpaxE8JEMKsRQuyaj0s8mKlBXAYWfV7QdMUgTgccFQoGdFOfunZToVqMPduKfPfNcHBalUN1E-ZL4oyNIpAwSrrxzdVIq12H7mt6OxpxlSwUewDCHPlLzGz7m7SduFDeWOw0Jo_O4RhMV88zMPAS1mz3ceajUBt0IbW9rzeNduGycI4oGm8PMebduD0zX-TcpU8vA8rZpwzQFdxC44-yVAhQO75TT9qL6Rr-QmkkgVGoALjU2bAcvKzpSIsq3Ypd0gMlzL1-_ka_QSgc2S30c6EwmOmiqpDkI0U7YkTm7cM9AESaQHeXTLkQTxuoNXPkP6Z9C96FVyMVgU_eySEZQIo9VxfBauiROy9Y2tvcw8faK3znevwzWX_1WMDi59DqUhJl3nt5OhFwzD16y8YP3NdttKh_IhXBARK9sBD2fqb99KJrdHtOTHsqxWY2I0hQwMKhR6VsaICZUXIlXsSGeD7HtZy7G8LfVg97dlo0ZhX6OaeUHkYf69324LirCuV4QA1A-xcqvkz80xyQB8IVaCfuRxbnlAC_9b0LEhKoyRI4yj8JUzSZV1KxD8aeRGcN8e_b1s4mgde8eQx4Wc-SuwKQ08jP67DvPbzRJlFiNyIt1hHvEV0g7y8h8CG-PvmN6QjCkvY05i5Y1ajDVWP8j1kY-UBU8wTJnHyd3jsZu_MvYH1PpJQzAigjxYtfn9j5HV_EzQKtwr_7demAiK666sFI0Z1YYsuVQR5Kr6LzZAEH428IrLkWVGkYSfC-ByDS9Pj0I8dE8uG8qXMGOhYiWPuGLJOV_fIgnp-XXV6evmfmZV0aX0JtBwwYw8UR7zl3LMLyyPyZFtomgmTxOstDQhg02N0sX1Abi3hSR6VJ48aae_liIYi642ky8fSXhLFBdBucXhdW7ZXsDEGAkXou5wmV6Ay1amh06ocyk-vbcx6Cu2fx2xwKqp41NDxnBSIFxxu5s7U49_drWM5WVeB_Awyvu5E0Rlx6I3aI4HbukYZO8s0YRLAScItsKPITiJRPKipi1cSH5wbdiTc7swYZSQa1ZbDIB6RUxF5GS1U6WRXhzCHXFPkmsrIyQLsaKZU5Cn2bbNkHpnNULwdvAjICTHRXNrJvtOZXh9dzf4kfVXsyUqf6wyjrZfSFh1du3cp1rUzB9atf0IwOf53e3JpKIsYeFAOVIbBIy6OSc3K92jv8kHIj1WTsCzRnw7n9wZ3KKOA41gKBTlILrCd20mcSINLR9foJGVUSuGhVgcP8jGcSCaAfEQrUrwazg7c7h0CubdcE7ytpZOeSbSyw5cqg7Ikf3yHraZFWD96hqhxLw4vsi77m5jgMMMQ0qXV4w09pjyRnVtb5isSCIi6yDQbhBt59Yzw3OLaV4v1OYNnc9hvjepwFAy5FN4u8nE8ot_avoItlLb9JNijBPDXkyzGhL2GCA8YT8dZsgEXWfUEK5cLEXYmKu1uLOsNtXMbElB2so4TBp6p2ksRQXjIZKnUSQ8iSuqDo7Pl1qTXqpuY7E_gp-j2C0-wW7dJ-JOtPkSl-fXr7Tp46wJWGp2wz9EpMu0H5trbOFWa5Pliyw7jnLt-14LagsWMZe6LQYwkQ_2IWU39VflrZv69sEV-QNxhxLTkAM-8xwECEvRiK2xpujRHPwV-qyxnV4qGxF7HUeVhJZ0xMYbS_rBRzBK6sUQQVvsKQe3RhZKr20TQVZS16ZXjS7bKAGUyWZyz0wsRwNV1v48miExT0G8ndIWBcdhRdZuF7DT4J_oKfAytugg58cCV4olIAKs6OQG4kG9oyGgEhUbnmCHFOl_nG06wtwdLujVa-ECXMIbWz5d4XjIhPhocUQl8WuQYgGaEDH4fjzVeFz0hdKd7RxL3OSO4riPnThOOTxMYbAYOgdbrjqfUd2anatmGYIisUGYQFR9pweN8auYeq-G7BpoXmCkPrLZ2Mbzh1hwWbuAUkOrz5wpU42KvKzbzfHYmcPa0S7mkW4JqgLs_RjmWUz1MWahdR5PP4xo84enHi8qwYrMQka1Hv2KKWjE474gR-dULZOz0AwVQ5qEuLuYKt3MjLRZqRnI4jqz8RtGkUFW42Ctb-lyNle2d2-57AWjvoUdTyMSbdHrXZUq9JtZE7Yx-kOMyQ8wqO7HnXHHDGZ9ws1X6-iSSH7Ow_ZraVORp2LZI02FBdq_VwCWz9pzztZOsBp0iHkogsXuUcxrFkM4PPd3FmJusDuVUqvlmMy_MDmXq4mF2voWWVQGzB1_MJf2HLGP0lrBNYZGRbtc_IcdFOZXwXAebOCLTF0oxGJh_XRtmn4G2zv-MylGwtUTbvdr-9zc0-sdfg2uz2svQqwWMgHCDb685PqsdEGnQuhZdYUU6qDLxt-gsSQILik9e_YyaG4wpVIE3am9MaXPjsysgYHgmUS_zROd03TNfxWGOB5FbFRoUxkbzxRaFE4dJjMARJQbaOr4e4T-qp1h5kBwqW-29EnmmRVLZ75uRM2Ug_RZDB65htcs8ItAr2DhEQChVtyYmwex6jAY8zGPl1kifKdtrpzpWePMwkItgtYA3KxISc9D1q1wlvhYNSjSL-kQdpNZ9-JrFYLGd9Mrr83TWAOGjHLcre2RDtmPwuz8IGll3BAtQUwrtQWLOIOpe333zx-vF-oCDnCdNVe-veg6CbYkmvpySIW49HUTakmoYeTpSZf-yuJlIjW-WOPUtYBCZFYunJhWge93WiJcEdYAgdb5u6qxYqU62CwCfunDFuiapjA-HoXBHLsTw9qA7zpH3Y&pr=8%3AB81EEFB6E78C638E&cid=CAQSMgDICaaNVba4VwVODudQnyVk9pTlgs8YgZ5oJiNyaLZJgqN7bfBDOImfPnaXHxSZ-jsUGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.turnto23.com%2F&ds=l&xdt=0&iif=1&cor=9861377568991816000&adk=2579977134&idt=56&cac=0&dtd=4
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bb64e52d744ced96df76e20f4ad9c25003d98b79d55e0f28cfe818569c53637c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38665
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bl-34df212-412faea5.js
tagan.adlightning.com/saambaa-scripps/ Frame 96DA 		68 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-scripps/bl-34df212-412faea5.js
Requested by
Host: 0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com
URL: https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c849c8c65be44de422c18eea1d8d2ede23aefd848e8ca38632f8e0baf46409c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 23:01:34 GMT
content-encoding
gzip
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-version-id
JECc_4XSiYcqR.0QHH4.ZXrT7dd89F3e
x-amz-cf-pop
FRA60-P4
age
17366
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29189
x-amz-meta-git_commit
34df212
last-modified
Mon, 23 Oct 2023 23:00:53 GMT
server
AmazonS3
etag
"61dcdd6c21fb71c028a03b5e5ff6aa09"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
7Jr7fQHezMgE66b3rI4oCgZpiRPA4e3ysVwQQNjOGCNIw_HA9XUnaQ==
b-bf5d88b-a63e596d.js
tagan.adlightning.com/saambaa-scripps/ Frame 96DA 		81 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Requested by
Host: 0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com
URL: https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fa89391e3469f8058741d523202cc91c8d09cd60904bb4e8b7f29cdd131e21f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 12:53:47 GMT
content-encoding
gzip
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-version-id
w2CFDfXgWToQaU2Wu4JnPbCVlMPRw.zt
x-amz-cf-pop
FRA60-P4
age
831433
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30736
x-amz-meta-git_commit
bf5d88b
last-modified
Mon, 25 Sep 2023 15:15:46 GMT
server
AmazonS3
etag
"a1617ff72fe85a663d89bf61d753aef9"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
IxEjVFC0BUTZY0WogqhdIaeBC58_JTinI_DCB6YnEc-Gh1CAsLZEoQ==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 96DA 		42 B
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ADTPXv0-xGjSChJHy4IsxJ55zJeKvgyd8irAhBWlnpcMSMLEZpWyJ-B97fFc6KGQm3ljgQjHmZsW6FEnb2AtZWTlm_va5PwqL_mK0KHTtMiHl2YdY
Requested by
Host: 0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com
URL: https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231019/r20110914/client/ Frame 96DA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231019/r20110914/client/window_focus_fy2021.js
Requested by
Host: 0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com
URL: https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:02:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
38939
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:02:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231019/r20110914/client/ Frame 96DA 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231019/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com
URL: https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:02:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
38936
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:02:03 GMT
l
www.google.com/ads/measurement/ Frame 96DA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRFNNdDHGTgR3VFSWy6DFZxQK5oQQfd02szxY24yTp7NlOyOZW8CP53YWMJ1qkkYwnBD72a
Requested by
Host: 0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com
URL: https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 96DA 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com
URL: https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:51:00 GMT
b-bf5d88b-a63e596d.js
tagan.adlightning.com/saambaa-scripps/ Frame ED94 		81 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fa89391e3469f8058741d523202cc91c8d09cd60904bb4e8b7f29cdd131e21f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 12:53:47 GMT
content-encoding
gzip
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-version-id
w2CFDfXgWToQaU2Wu4JnPbCVlMPRw.zt
x-amz-cf-pop
FRA60-P4
age
831434
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30736
x-amz-meta-git_commit
bf5d88b
last-modified
Mon, 25 Sep 2023 15:15:46 GMT
server
AmazonS3
etag
"a1617ff72fe85a663d89bf61d753aef9"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
SM2EIRqFofJ-899cQas_TlKvYbX7M0N81-R7kqhTFEV56GTZFhgJMw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ED94 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:51:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1D4D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstIsTTqiOkpPISSt2AeAOlb5xrgvp6jJd_mZGkJhAY0IhVdkr1kwj42qQpDlj80qh2RHhbDMQD0NjZXv6_S7jGeue1YMDf9CkxczJWdxso2KFexRW03KVCdrsaLlDvF_yLCk6FBDWCIPDYJpGocKeEsHlwrZR0Hhv9OwlBF3LGEB8YGOKrMUCuFhqAWxj27-n_GVoxJhDVPNgQKSgs25go8S9kMcDH1gxghif-OLn4tO2Gqfj5VyMLDQ3rhJ_JWPqg19yA26qvs1Xoq0zYjpT5lwzX7m2SV3tx-mKn14qQG0nEkBL0r-1Ys3e9MdTjhiDFcM_qZ6g8O3ueRal31e7GlDw&sai=AMfl-YQE0AjcdKy7TzC3mwWryq0Y6VvFcpMsUKRg3UbCHD1zInCT252qDKH81fTDrMen9y2V65XEIc5szhJjkaWRkZvxqiAHMJ7c18iMxCE5BAJN4CJcqolKFfYVG5M8EsE&sig=Cg0ArKJSzADdvE8OIuwyEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4967 		323 B
145 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNWvIXRt2ChVR2JC0dh30gPXiHk4-ltgFO8WQDo2MyrZkJlrHKRCMVwh2R9y38mDCt_We3qtjpPFh1oRx1SjCVjwx48doJsPUApnczzCKVP3S-rBH6M8AQqHOCSnVYYW25GM_f0BNlXY-NS04e9ZzkoQlHbLTciXA3OS6S5rVQCm0pRoRb8
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
10dedceab30b8ec091e300bd2bc3245a32436f71923d3a9cfd26b2195a98d64f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
125
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 03:51:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 1D4D 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:51:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1D4D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ChTWQcrdgWjwdPyKwSKRJ2b0pD3kp__Sf4OUcxINVUGd_HTz01EFkosdBCVaZCs-_dGaU3nIBun-iyc23jdB7Txq36xjMGTh657Xic9XNC2C4t8QU
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1D4D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11655676908132453027&x=8&ct=2
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
982c2059-90d9-47f0-83eb-e18ceb23aa4c
beacon-ams3.rubiconproject.com/beacon/d/ Frame 1D4D 		43 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/982c2059-90d9-47f0-83eb-e18ceb23aa4c?oo=0&accountId=24022&siteId=410000&zoneId=2299328&sizeId=2&e=6A1E40E384DA563BB1FBC8B6FFD1DA22BAC47658784A88F32AAE128C4FC573965F8536DB0CFB289DD40D4C0E8DBD730C9F0BE1F8337FD75DA2188414B5EBAF9A3EE49CFD9CD7A33CB1CCDCB62963C87851C859FBFEAA0DA1968EEF56B3EF0A185533E6F27F739796FB0EE206448403C62B308EC93DCA036D7B447C6F8AF87FC54E6FC96756E5E5716335CDB2D05EADCCE1E520D943626377BA73140DB14B7AD0D0FE51AEEA27C22FB222574687346590F83C9849BA37B16ACDA10306204D320B
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::57 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:00 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0E65 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8780588734937&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0E65 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8780588734937&version=m202309260101&ct=2&x=8&cor=3043535032308745000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 0E65 		83 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DV6u11eKLrXio_qCDt1SpxHgfIrhBRL0jSTajQK-R5uWzgI1CPorWQ3_RQ-i_73zivZ8XzB94DuUE1CwKqbSRy68QD3zO3SjkHsbtzPU9jeA0qhAO7k7OXKHoyrj1K5ZCs5FCunsbSy9n-DagHH-Qltm0QoveehjXvmdqbp_s8mdZLWbM&cry=1&dbm_d=AKAmf-BNlP0XPLEAW4yS-OYl3qCWLHXUjhBNLAX6B8Fl22SQc7JWlCb3-lj8QW5DssLqvwwW0N3bGtE85HxF0gIbL1vIMe9EoZjt2d97NhjJbXf77E7XCam56SDRTCIcdTvln9nCoOhZbGPlRIH_z0Zmq6RxgCRWZNnTp9RlJH9FTqVXtr8Ki1W3wz46iRijtQ-pvUAiRxZ4TWmnld5u0FEtzwqF7pof3CziZTHHOD3m8z2C6srYv5HtrckeCHEF3BoxO-3OHdIBHataC2zo0IKjX0r-zO8x3Hn76698wQA4q94_zyMfsYhYx7E01kyeaCNdOfHUKXbRS1gvV5iy2iq81sSbr9wZTqVbF5MxpZ3Z3wy7U7uVcqMx-AUWIJZsT4okzH8JRAiLhoy-vPxRzRfKbESoDpTIOABWOyo5zZ5iro90QeGl_q9Uk2-c_Yhp3KFMmcf5IFGKneHI2Va6djG5Klp8NE4XrmIr9y4NocfE4_t13HLIJi9GZsN6Dr49weYYFdAbRJc-nfV-nyxdu0eq4r09n18VkjKBvVAFBtocwokQwSa5bJVypfdKTz-H1g2iI9ONDA27BjCq28zaRhNVA-1MLQunmTKjx6ReXOngCb_IWXDJMzrRlTdb0fsLiZnjzrdTnlmCfbH8YidbtitRi4-_7qFDt__7HUslFEOj_vB9t1DmW2NPk8oWVgZel6Sn9qq9RwRxTbRf9-hlTD3VlcyjHNz6s3qahM7l395l1z9768C0lxSzEqnIjudZ3FOTPU66IKKq156SsbEs7gr7uKsaAMoVaz1d6c-vh_2pIDchMa4XHAYP_NhZCgpfpK1OeJ7xTSmxZ9sM9yU-whuEKeG1Qp-RmEsiSDtxM2esTjX0km9dlYNrFQ-ieV1fs14ejnRvfDE7KBWPHdRvxW_cRKclMUXZFl--AAstDpvMJw36J0TbzIjUWrX0V1ZXqX4XPxLA4-YXBegxjUrMcIdDtlrRlo8Wk-HRnoQRAf-nZwJS2q3GJLZBi8D4FU8dORQyisbzeVHAk_6OpsgAVCV1ULM6zggfq_bBLCCsJxrw6HBf9wXwompLmsy94FVdPwaFxRQc-z5wP9viby1fpWKnzEABFq_lOhs5b8U5anYWM9HPUBXURgz7iQ6ZKjPbpARQaXaBD2t3SMygmTJGKlkQ9Vq_DtpKIk4DIeKCKotfeZ9ocdDUYw6NLZBZludknRXSlTew4ICz6wFX0Z8orNsdGcCzPhfjqFScQkY8glCI02FyFanaFe0dbkQC_JRSWz9EOAX2RK8NeG1c7NtqI8da_OH_pUtm4wgvGXTFt1lLVPrFcc4s50MhRkPMKfSgr9SiR8e2rLy1wDtZNGUrnWq3m1fb4ud9Zoesccgl8KPA6XdRZ9nyoUuSyrJnlqhYGXAaUvOqARRUNRaS1jPIrVhY_9eJKYelK-VMYWfRCTByBr6SmZfCSfEwUGDexh4D8sXI5QpNbyErJMQNjF_TNBX6mq0ZU1chpesaqPTKYI63WyfogxEKTQnp1uWSFR0J2jBeFPyzbYeDZl7gYzMZkZNCL2Mc68HCkAWgH6j9Zb0wBJ-dR2PmWjz6bKCYk1Jhc0UkpAJaFf5g07rqZPfba4SvhcqfecmfzadunMTHueaSM5VDN7QNfGnjT4rGMT-CCDzYqJUrFs-VXhVZu-z42d3EZYFK7eI1G1TnZy87DxdvPaYBCF3XSCFxpqNjlsktE6PNvltJPuocIs5yA6MiZE1QHZfKUADJenoVGN-r8iv4ZnGxr0LWLi511PlQ39dubOkVtbHON_rUsv1uI4bcZDMn8Eaz5Jda_yFQORfYXg-U-keYvOZNgTjAIFd22JGoMUp5UWTPcLYhqW0YRyPEp6CCjy98Fh0opbiEtdSek83KbxcM4LbKWcCCEYemIbRl8gz_s_5yeJ8s7UXQX2BGNA0N8Cm1UT5RcWlFrSDgnICFMbnjgNKH3l4pkx9VJfXDT9PKwUwssl-9ZLufXKI5ydWKis8YQwVtqDZkLDE06_6de5-8Q0lcMxJ7sCfe_uyqDAKfNTB4y2TBOg3h2QpeXmS1DCnZmJ2EuRX3w3KyBcHDDJM_4tUPQIxm7P3ixtS0Bukf-NV1B6iZXH8eHlSQf5LmnK_-B1zTN7HEzQUqHiLWPnRmVfX10T45NXMgqEgWacNnfuj19LQAK7abdEAMEXw9CYjSoEioECHgaKeYi3nBsgQFR3PqAWr0EWG_jlp-tVFDvtkM5UWlM-SM06s2tiE_CWAvbTNtBtYOwB7FwQ2VRLEC2qU5xgsEGSWawMpUwUhnRBKhsn9FPQt5kXIzzcwQBbhOBE1KYIZijulx72I8AUeRFIQKOcWTPQ3QFRqpiSJVrk5wkky5O4U5eZCsYK3dkRFK6GsPYTIR4I5TV5xSDXwLhBDhkLc-oO5m-UgtlKpU6pKkhcQnLOIbA-twQk8w-L8HUVR0aDWdRRlV2pBF4KHr73-RjLd2F0Wgi-deyeoec83BIhcfY_VOrzVUXxyu3QcJHs2JrXnoji24uzXwMiKigW9dy5Cnjda7NDeEFnkvFZyiOY4xNSafD8XqAa4Kxvhg92vIrg5LbDO6ykGCddGeIB5hfGAwf6C78QruBYEO1jeE5pQeLXFjFjM9A_PkduwmYSenoiDe1UvJtHqP_U85hAP6a9jQ-vtcpnDOJJviMqfb7tjrZH5H-WZu7Y7434ljFmwuuJKvcXZvAQ0TYacTXnvGy2-PFpCELuIdSndPD1RHW_ReTB9Z9sKdGvcpN0L0xBg9fR38Ie3QAwpZyfg-LCCPKdSwaHnZHXuFlwSyNlBX4a3jT1UJEkinV5nqLfS_0Zx9JSEysoQQ2p5CXwlX0VZ8JHYEPjsSwVd_zsgu03j0Ccij_kbdNmq_LeyHJtTHGqqJZ_qWjil8DtvSgwShJeMYOsqTceKl0LvTfum51IRl4JVjB96m378wY0HfrN3zrG5rlsLw-76be3wt7VkJXBzgv1Mo28-00d-NZoHnhmIgZWdqztqdcxWgdNz9QUBz0NAOJIxk86Vrg5BrDcxgiy_hPStsZZMgvLwqFOJFuUIU02Ia3EONSnZpIduDtrLZRY5SLvjGkYAXuF2piO94On2DTG51SfAayduaIYC_hSY4FumRgKj2SEls5U0UOeG0IpQNaY6OxjmZ4BJvFtxd5c1crdc6s6vUql0GhF6oLQo7SaBbpa-94aUa9dSXyhPOnfw3HteHN1hAfH6j2asy23vx4UJCfPRvlHOgYVkO5-FWR2JPkqiZcrhSHmWzKWednDLSv0ZMmJnNlItubOfCyKoadHde0k4L8BbFDTJr82UXfMjGvsSANJU_KJ-7xuCtLVj3tFoIaVfDrx68FIRRiHmQWJ0761_Uv56jny5LfRrJfhJdYTcpSfuSliKZ02-xiK4-TJ3frVVko-6-4ALrJGf8rx_bwAJdp6YSxX6pqzYENE_NxzVUqcmbxdU0Xd0Zc5LSUikqcuXIoXS_5XhXgvHEnQuwLdXH44NBahJglXEURkDRGHi-tyHEW7Bq-5EqErP-UBwcm37lICL2_tOUIZyzlnSUI7G_4gAGXem6lKAtOIJanAgo-8uwUXHjsqh19StEuYtKJmWs3DMXJTN8t3-VYoys6fNpwN-uFac4thKsFBB9v_OawvmoTRgQ3V0T71Y0ent8iAxjEOKWF4T72lYRcxoQCianASYwFQhLxJ0ezgS5LFknbCqhkV9ja0tyxteEcShGP3gGcTMt2UNYeNlogKX-SqtefOcYyi4sGzvBEQETT7Q848Bbh9CF_7xuGGC_jiQhuzVJh_tCpfzs_mv6kJQ5GqDuS-Jxk6bPDa67InBk8Vk5JsLCXvq_7b4YJ8lljjSPUvV6IArjCaFMmYoluj78e3Mg2_ireIFpJeiUstOxu7Qv3Y_OmLVZlwpSWehyDn3AI8Xyalf6mia_NL8RTXyxx7VYMvJN9L9q1X63YgZK7dD_iEin4Y2VnQu8i6kYSvSBuY7eIoxru_vGVr3Z367F9s8rQOaS9VRxO0jpwvNSuaIQvWIhmOuJD0UOZcBMDQ-0sgWptfF5N7ZgtgNBpJg&pr=8%3A64FCAFD2068D1809&cid=CAQSMgDICaaNNB08FhbBxiKShFNVF4fYDT7r3Am-dzkI2ouyO7Rh2AW5JSUZmxPfSN9kfQqoGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.turnto23.com%2F&ds=l&xdt=0&iif=1&cor=3043535032308745000&adk=1772745514&idt=36&cac=0&dtd=4
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f0169dfe222e3e29775854b42c9efa04fc76395b736f006b7e3633f326418e48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38992
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2E72 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJFxWaJBNoG5e7Wxrav5SRN5Ke0xcdaut-teFfUkFVwByhciQUZXQ_2Roh0ZF2xA_zAUTjogim88ZH9qQCqiI15UpvszdMGowp3aLfNKd8i7saIELYf49YZPXbNr8sfNYWVTzWkTQvvBnxB4royBcrXymnK8i3i-0DCZqhssURF0QvP8sRf4CtSKlH9j9MIaj0sc-8F9KUzn9ouJKgR6uOAaIQt-H8BsKHCkXom84Jbs29nlYAM4TRBVhupKLo_CVGKYbQDHFI-pIU1UENpg0iGfF8ZhV8cR5RVbTEXiVAtyK6sp9g7_a0cHrqZDyM-OgwdSLePgJ4b1Il6g5T2ObD&sai=AMfl-YTJUO_h24qLCarmj_VAXv_PbnZbLkbCVFqr8IcVzZEQQoK6bEZ-qt3GmARIMnajoWzjaSlW-misN3EmXSyeqbG7cS1PH9uniCMsV8aHVfn8hdu9SDrPopTCrv5QG6E&sig=Cg0ArKJSzMgg7qow5TKZEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame B1B7 		408 B
183 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNVZABvKUrbbqu_nS9qjV2MPBI_wB73GmF67OuxESQ7EzGdwgh4No6Syug4D97rOzBSXhZX83Q5u03v0uxcuYjaYZCBQ1HFPq4aRkTkvOAw2fdvCBRdTGxXgqmFB5FmYpkSO5cBCqulrxO5FJJDGgLLvBPz8ZAwqi_TauolEj9O2rgnCayk
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9470137342ec088b7c020fe717274cc62469b3da3043ee7811f97fb63b474b86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
163
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 03:51:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 2E72 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:51:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2E72 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AMwXQ3u-23FU9EtbkuI4guxxuFpukn8oBF5bQnNxK3Rxgje0nNJkM--SZO6TTMd38UGJODf-Zcip8JdZGm4F4qmf_AL8h2xDGH1McLSVbASauyTkU
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2E72 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15529575471000766681&x=8&ct=2
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
8f0020a8-b28c-4ad3-9d9a-14bf050c423e
beacon-ams3.rubiconproject.com/beacon/d/ Frame 2E72 		43 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/8f0020a8-b28c-4ad3-9d9a-14bf050c423e?oo=0&accountId=24022&siteId=410000&zoneId=2299328&sizeId=2&e=6A1E40E384DA563BA76C2C54F73667855F5F5F134B5B9D3AA66EA22AE2E5151641AF739368E254A875CAF3357866360B197C4E3B90446B89D68519A683F73863B4DE6766A0651CC4DC937872C4869837CD84002D5C7967B9CFC868790529086AE82E2CF9239F8272E59A7A5CB4F69A881685EE102E46A4520DFA770CC32F2D5E69A8906358651F3385FD3346A83B2C58277F796EF3C7B25089151AE82C2EDDE103A9F4BCAD5FECFC0FADB1C25BBBE5ECBCE09ED129E3CD83
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::57 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:50:59 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4DB5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv2z5nkNn2W1uIaV5f7ONxuIoLaYo2nzo5cqRydIh-L0vk_f6y5QP2YGiN7A5fnF3ZtylpFw7tewT9iI0yMZzbRmxC4KXopSH__VO6jMBV8rb71p87O5p7X84Dc3yy8tHn1Aqq5sk8deP3ZCpP-lax6iezVUbhkDLG51AxYqyB0E6PksYlLXkInggyef0TbvWXVL48tfoJWMORyLNhBec_Pt0PU61KFHjEtAQz82RAl1nhHao5uoq0rkVqeA9bEkQvpZGcv-MmlMn3Pq2ka6vzXhIT-jTuieCdPCCIPrJe1niUrgW8yLK0JLUeAZXp9ae5pF-lZb-LORMTRp-0l40wLC8fK67TYO8mtbwIiuXydcEGYXp4zeB0&sai=AMfl-YQer-RD7Zc0QW6hU53AF3y4JR7p_Vta2pnh-aypxmAVTsg87pG1TtL3Kd_kg8nbg6NRPV-IYzkCORrQznSR_D3AhfXHw1iX2ZtfQmT5KkZrdejSsZ7yd2G6i9Q9hF4&sig=Cg0ArKJSzKSq9_npME3kEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2F3F 		502 B
240 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNV-vd68UxBdS7mh4WqUrQdlQb_pjsfsilq9kcRyCWa_SHvLkEfV1zIpd-VUs43aF0Ypwddop_TVAAbtvxTPHAZ-98mEAjgFE_9UsIbd_J-x1guKQ6xvq_cR6d2LWWwnrxbjnbAuq398Cjl-j0ci5mXEEt3n_MTXtuwz1lhdC99F5kR0g-s
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7bc6fef827aa7f88d62e98cfd829fb47732fad974b68bfc79716d492fe1bb4c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
220
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 03:51:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 4DB5 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:51:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4DB5 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D5gp691hEP-lL1EfNH2mGIJMSdH3DCmNLo_lr0qf0nH-w-KXaVNTUwKzG4fpZf9bKUQQoWSIdGN-J_EkL-OrfB3cAxzl-Ub2gYa6AQgmPQwpTPr3Q
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4DB5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12463689764663804639&x=8&ct=2
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0b9e432e-fb64-486b-9d66-5384ec597da6
beacon-ams3.rubiconproject.com/beacon/d/ Frame 4DB5 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/0b9e432e-fb64-486b-9d66-5384ec597da6?oo=0&accountId=24022&siteId=410000&zoneId=2299328&sizeId=2&e=6A1E40E384DA563B653C6A35FA7E1584DAB4A52F136C179E92F0992DC43B3475EA2C43168DF2D8AB2B58A5FE7C0FE441FE5D718BBE08EF1C8C2B8B80D9819B6AFBA2AFD252A020D0AF386182E885AEF763A9E31559342199A9B446F3E8C66BC0D81A9E4D5B5029366CBF5414B628AE4D029A406262C3F14330E095F7FF31454B2605645952F6017830C8273902F62C10B765C2C42736896ADE7D71FDCBB214FC239696BE2A3ED0CC026E88795AC92CA9784F27DD30058769E82A954C1004678A
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::57 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:00 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 77F2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZ7VWWAJBHyiIN76FbOXOKS7jB8Qxy-ViUyWfaKDocD8lMNRJWewakzUnQPncj13tuVeEXD0zBMph-Kx0nj2rDRRPZH8EQSvxoB9v15i1lh3LuSVffCb98VmBWKHRAtfgTNu4CJAWu4rqSVQX7yFQ1j8MgO1v6i1po6iV_pjF1TQsgKlLd5p2F_UA8Ckn_YfQdgpJFrROvtGFBitCpBsrg2vvwJ-oyWe_2pi1Dy7CL1piyZ0lFxnfmpN1TyppJ0qppT8uiHwbp2QZJlYC0NyeM0xWxvoWu4xkptEv3rOPuuUgaCxta6h0BssubzjDji9eA3UEY39Dk7h7V639-7C35RKROJeBuENUhDLAFYJWvbzYhhXxukxjr&sai=AMfl-YT5dJxyyQqjwnnbUH77l508BNtN1EcwFk9Kc0rKEFJMDqYhqsYWiUi72jkPmyzGIlTx03LoDlJTUOQKBC9Pxd3iFKw8hM59CXXJBEPsbWskKJvyKQcrUk4tBp0Odts&sig=Cg0ArKJSzD9mUOR4k_NBEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 3490 		343 B
144 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNXsSLpIQ4-f9nMH0RB9EQr7WWib8Tx50w0q90XwFzxYFnfPTITaAEyYF4cGHuu8UqZRMmRgE1wlQlMnhZ2ZYk705MFE2rew5LXgvjf9P0BZ8fR0YFTBN6wXevlSLPkvIJWugZpmSxT1ISIkZnKHGDwBS5U4D3qSbryFeAZDAqFkJpgrMjw
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d39cf2be5da67babea72be0a4d9c469654951692c49f888bbfd5925b532e99e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
124
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 03:51:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 77F2 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:51:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 77F2 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BlXDHskYxltGydOuRExqQyHZDzS5MXnQZcliOea2q8GeRwaAmsIM6UR3u8xT9gEmnypdLRxMQVtlOWWUelwWUkiLgWA2B3dYK8UzZzKq-kAVHyO1c
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 77F2 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17959620350274381107&x=8&ct=2
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1042a037-68f7-4fb9-a1eb-6f39bea1e868
beacon-ams3.rubiconproject.com/beacon/d/ Frame 77F2 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/1042a037-68f7-4fb9-a1eb-6f39bea1e868?oo=0&accountId=24022&siteId=410000&zoneId=2299328&sizeId=2&e=6A1E40E384DA563B5FDEDEA1CB8D69B9344E89D87BE416304C7F198E9C8CE195C6E8BC426E5A143F02E07F8A64294944FE5D718BBE08EF1CACBC5DF3879BE558FBA2AFD252A020D0AF386182E885AEF763A9E31559342199A9B446F3E8C66BC0D81A9E4D5B5029366CBF5414B628AE4D029A406262C3F14330E095F7FF31454B2605645952F601780F84C67AD9117190B0A62FE88BC2514AD291104A69FB3A366FC71CF7DEE0AE0D53FC3E8B9821C28A1093E082F0E7A592E82A954C1004678A
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::57 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:00 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2684 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss3wadoIR_lJsoBP9MT4axlFl9Uh5FyeMmNxQGAH_SvX3U1-UHziH2j6tfxISyoxuEVi2mH3WG0oYfwyUPLo8HJwMvLcA34XECFopx2-0b1zdqh_LLQ2PDHYktRas6MuF3iInoPnNfd0aKLnINXqpvSYgMGYOZlCSNXHebrKod3MLtTOT3_YtG9OXWs_iFoaGfwunPK25nRQiFmdffpLQAUXgKXWsUScNlPAT9hliH3Kj9OIdTsNExpwrYyRZeFESM9VEGeFDSzMJIgVLsbbrC0vkL7W3S6yAeeaNRF0rc4lFlpZP_LjZZEEki-6QBU_BxXGYjYf62-gulSfmd8XQ_yDHIg6FepswRq6jib_lJsFJ7WmPGn3hU&sai=AMfl-YTRlcuXAlWS7pO2MuYkZUlIQHvRgf99ArPMYQSZzHmy5YuIzbnDdwof0dnAbWXNPsWzYr8VicvvIwCMWPqGdXWXegYJCAhbEnoeZYpFJXhdDUT--fyxOrKQvSfI27E&sig=Cg0ArKJSzFKv7YzQqcWoEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 39BE 		449 B
211 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNWkkLN4FWa_7PjaxuT4SRJhbm31TOgTpUDsEP2YIhkdIH11cJWJJVspaxxcWQ_xD_YvCyaQZtyMX9j-OpbFlXXudzJeEGas1cOiyGFWEnAOCKmWszOJlv8qDYWXiFPnRtyj7cf7zlnpw2EtpuRBEA20hsKpRziKf4v4PxYI70Jc1ZY5c6U
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d6a772fe86729d7d99b1692833b687b97a06a887cbbee6156f51a9a869b2e54a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
191
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 03:51:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 2684 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:51:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2684 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A7sedFjxEXJZORq2Zwg2uMckbfICi7UirDqmIIuSG9uyBN7KP3inntNN57ClTkMFdDd7zkXM0mWpfxyl1G6fcjkQ_tNw26PjCHyhntyaThTfXlo38
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2684 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2186202321780296578&x=8&ct=2
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
53db5893-159f-4927-b1ba-1d7ca6436b2b
beacon-ams3.rubiconproject.com/beacon/d/ Frame 2684 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/53db5893-159f-4927-b1ba-1d7ca6436b2b?oo=0&accountId=24022&siteId=410000&zoneId=2299328&sizeId=2&e=6A1E40E384DA563BCD2A79532F8A79E841F63C001B5D7ED868B07483D8A2859FA9B1ABD65A8C1C3214C9E310F3212A717A3220A15E3EC91D23C0AA74CE276DDBFBA2AFD252A020D0AF386182E885AEF763A9E31559342199A9B446F3E8C66BC0D81A9E4D5B5029366CBF5414B628AE4D029A406262C3F14330E095F7FF31454B2605645952F6017896E36820C162E0CC533A485A55672BAE3E1FAB55883FE1F3DA88443A2B075C007351856ACF7216DD43DB3785AC1945E2E82A954C1004678A
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::57 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:00 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E1B0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsscu1OMe5jImmFnQ8LTSlZ3FwvOA6lfypkjzgAU14pjRe_gCJOapmd577NorlIMM2X66amnHtaBk6ceGRa3bD1tn_5qiDumB0PQJycfvVpqOOe6uNwgKogAF1vPjlS1-2w86c9Djsxid0q8W9QolGyziTdlJPx28QEjYksyj41btfXpDfkKidemxw6B8_GczwCXZxHEuI4Cve_DutJ46EGtE0ciWx6Fu4FLF0jOsBooIIXcp3e1G69lUagZ5D6V8psq6JtVPi9Fr3DKVlq5a6EY2iOZBELlSs9zg4Q_s7_nqgN4XuajcEVPu8E5Fbl7Q4a3naa2VkNgxMwrWpINPXfvvoaoBwVat3QhlErf8qpuVgBpkQWnajPN&sai=AMfl-YQLzCL7R7doU58qemBqV5wt4OCKO42zACJT7d_0G7QNtKToZGxPNcjBY87a3PyM2yLPdZhs5IeED_cseNj9_oXDS0FA9MaUHUDMZZ6NNIWLQSPy5vypfwMLYVHKgfA&sig=Cg0ArKJSzM6Xu_bNdNqEEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 56BC 		463 B
226 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNWKSRJRBy6hufmBfgAHHWaemfWlIs3Z2YgbXGaQpVYBEHD3njXO6Sb0S7ichEHsrAB5mTVtkNNo8iEeRgv9xJkQ2N5a00lAaplbNBhw8XTFSrPn_zKbQhzHRIfnMCztX2_z98Hnc0hTu_w_C_YjEhzdZ8KRjs4RMafq9XDtItDElxX7Ljo
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0064db9e5d0aeccfe5eb38efeadcc649e5b7cea349e97f2965efff6c59300a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
206
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 03:51:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame E1B0 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:51:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E1B0 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DcOnze9lpfZumz_jW4FYUE23rF8RPWeSaf79b5XqIJNm9KZmrZ4Wlvc7yTjkKP6vNQG08nF5whuAmPyerCRLhymW9RQ6rhiB_XtgXgsCLdiz8iPSY
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E1B0 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15606813723318068065&x=8&ct=2
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
01653a9d-af19-4259-bbf9-606b7576d822
beacon-ams3.rubiconproject.com/beacon/d/ Frame E1B0 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/01653a9d-af19-4259-bbf9-606b7576d822?oo=0&accountId=24022&siteId=410000&zoneId=2299328&sizeId=2&e=6A1E40E384DA563BD8FB001A514C4F29656F8B3575669240A64389CD083F87CE2A4C6EA9F8AEB9F9D3E7ED1FA2D191CCB8B520C669668569968E6A64F790FE473EE49CFD9CD7A33CB1CCDCB62963C87851C859FBFEAA0DA1968EEF56B3EF0A187AD3105CEAD413D45F15E3FE0DA7DEE12B308EC93DCA036D7B447C6F8AF87FC54E6FC96756E5E5710D8735EF871140B0E4F17E351FB379F2D87BECD7845456F6398CFDFCA12F2E43949C30257E7446C41A58D3B07D41AAA6CDA10306204D320B
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::57 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:00 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
bl-34df212-412faea5.js
tagan.adlightning.com/saambaa-scripps/ Frame 68C0 		68 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-scripps/bl-34df212-412faea5.js
Requested by
Host: 0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com
URL: https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c849c8c65be44de422c18eea1d8d2ede23aefd848e8ca38632f8e0baf46409c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 23:01:34 GMT
content-encoding
gzip
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-version-id
JECc_4XSiYcqR.0QHH4.ZXrT7dd89F3e
x-amz-cf-pop
FRA60-P4
age
17368
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29189
x-amz-meta-git_commit
34df212
last-modified
Mon, 23 Oct 2023 23:00:53 GMT
server
AmazonS3
etag
"61dcdd6c21fb71c028a03b5e5ff6aa09"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
if8nK5XxC_tWrGIMtTpj8HOEu1304nOTzgIn-vnfOuhwKfM_TgCGaA==
b-bf5d88b-a63e596d.js
tagan.adlightning.com/saambaa-scripps/ Frame 68C0 		81 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Requested by
Host: 0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com
URL: https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fa89391e3469f8058741d523202cc91c8d09cd60904bb4e8b7f29cdd131e21f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 12:53:47 GMT
content-encoding
gzip
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-version-id
w2CFDfXgWToQaU2Wu4JnPbCVlMPRw.zt
x-amz-cf-pop
FRA60-P4
age
831435
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30736
x-amz-meta-git_commit
bf5d88b
last-modified
Mon, 25 Sep 2023 15:15:46 GMT
server
AmazonS3
etag
"a1617ff72fe85a663d89bf61d753aef9"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
2_8TT-YjBVVrAPi9bIEA9UDA3xLiCU5Gdm-GliAO-fwI7uMxQDNQdA==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 68C0 		42 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CNSkx0p9XVRfwLprk3OOdbtalX1JAdbRz4tYJaGgtQnkemcKzk3gOy4MUZRsILxAv526c8_w2F1aCSrFVug1RYieYs2eUmvWG_CCFbdTLQLu9X-iY
Requested by
Host: 0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com
URL: https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 68C0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js
Requested by
Host: 0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com
URL: https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:32:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
37139
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:32:05 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 68C0 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com
URL: https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 00:02:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
13707
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8427
x-xss-protection
0
server
cafe
etag
8504628880869859743
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 00:02:34 GMT
l
www.google.com/ads/measurement/ Frame 68C0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSMU3jy9ZW0Lc9culit4cy9iDjZMknqBpoA9hN4Mt9zTJx88QAwSBYnGlt2sdK-eIdjmQOC
Requested by
Host: 0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com
URL: https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 68C0 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com
URL: https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:51:01 GMT
async_usersync
ib.adnxs.com/ Frame E6B8 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:01 GMT
an-x-request-uuid
70afe24b-fb45-4c56-bf6c-571846292e34
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.140; 178.162.209.140; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CC92 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=74596
content-encoding
gzip
content-length
5606
content-type
text/html
date
Tue, 24 Oct 2023 03:51:01 GMT
expires
Wed, 25 Oct 2023 00:34:17 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 8B12 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=6c68086c0c61793&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
rid
match.adsrvr.org/track/ Frame 81C7 		63 B
424 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
58e40f90d32455d12bbd9436095975e22e109e390271f1e2f8180c3b9bf04140

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:01 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://sync.serverbid.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Thu, 23 Nov 2023 03:51:01 GMT
pbs.gif
sync.colossusssp.com/ Frame 81C7 		0
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.colossusssp.com/pbs.gif?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5974%26spui%3D%26dpui%3D%5BUID%5D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.240.155.108 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 03:51:01 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Connection
keep-alive
Content-Type
text/plain
pixel
ap.lijit.com/ Frame 81C7 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 New York, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 24 Oct 2023 03:51:01 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
usersync
x.serverbid.com/ Frame 81C7
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%...
  • https://x.serverbid.com/usersync?gpp=&gpp_sid=&ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=ZTc-IyL251t0GCIZaPF.ywAA%263365
35 B
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?gpp=&gpp_sid=&ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=ZTc-IyL251t0GCIZaPF.ywAA%263365
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:01 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eIkHzNLDzmMolivsKfuOw3vLEvTTE1jPvn%2FdGoRb2bgdUuu%2F8YmvhjXhWOBEHMh4alqVvJ47NJYB%2F8ywjRxC6PcaCXFwpa6s1%2BI25GbyS12118OyHDbh8j89j0QDJFohbvGrj8bteQ3hpw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://x.serverbid.com/usersync?gpp=&gpp_sid=&ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=ZTc-IyL251t0GCIZaPF.ywAA%263365
cache-control
no-cache
cf-ray
81af4248680b91de-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
usersync
x.serverbid.com/ Frame 81C7
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=4312790940954201807
35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=4312790940954201807
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:01 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:01 GMT
an-x-request-uuid
9298ac81-eab6-43ff-a45b-8d288f464dad
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=4312790940954201807
x-proxy-origin
178.162.209.140; 178.162.209.140; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usa
sync.go.sonobi.com/ Frame 81C7 		0
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.66 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:01 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-63
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
b-bf5d88b-a63e596d.js
tagan.adlightning.com/saambaa-scripps/ Frame 0B31 		81 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fa89391e3469f8058741d523202cc91c8d09cd60904bb4e8b7f29cdd131e21f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 12:53:47 GMT
content-encoding
gzip
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-version-id
w2CFDfXgWToQaU2Wu4JnPbCVlMPRw.zt
x-amz-cf-pop
FRA60-P4
age
831435
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30736
x-amz-meta-git_commit
bf5d88b
last-modified
Mon, 25 Sep 2023 15:15:46 GMT
server
AmazonS3
etag
"a1617ff72fe85a663d89bf61d753aef9"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
ZmO3ifzuo3JS39od65mbxajaWshsGwN8nmuLdz8oyEh3TC9J0cujfA==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0B31 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:51:01 GMT
container.html
0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3BE4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 03:50:57 GMT
expires
Wed, 23 Oct 2024 03:50:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
b-bf5d88b-a63e596d.js
tagan.adlightning.com/saambaa-scripps/ Frame 39B4 		81 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fa89391e3469f8058741d523202cc91c8d09cd60904bb4e8b7f29cdd131e21f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 12:53:47 GMT
content-encoding
gzip
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-version-id
w2CFDfXgWToQaU2Wu4JnPbCVlMPRw.zt
x-amz-cf-pop
FRA60-P4
age
831435
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30736
x-amz-meta-git_commit
bf5d88b
last-modified
Mon, 25 Sep 2023 15:15:46 GMT
server
AmazonS3
etag
"a1617ff72fe85a663d89bf61d753aef9"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
KSNIUWxMugS2-a13naxpfhkYWwjfSjmTc0ep2Lbxk-YL09Pe-icKBQ==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 39B4 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:51:01 GMT
b-bf5d88b-a63e596d.js
tagan.adlightning.com/saambaa-scripps/ Frame E6EC 		81 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fa89391e3469f8058741d523202cc91c8d09cd60904bb4e8b7f29cdd131e21f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 12:53:47 GMT
content-encoding
gzip
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-version-id
w2CFDfXgWToQaU2Wu4JnPbCVlMPRw.zt
x-amz-cf-pop
FRA60-P4
age
831435
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30736
x-amz-meta-git_commit
bf5d88b
last-modified
Mon, 25 Sep 2023 15:15:46 GMT
server
AmazonS3
etag
"a1617ff72fe85a663d89bf61d753aef9"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
UQhkwGFLoVOaFni5RHg3e0SRuhcnXETsS259HOAsc7Dv734Pxxq71w==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E6EC 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:51:01 GMT
demconf.jpg
dpm.demdex.net/ Frame 4967
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEDFnMTb9pMfzBakzApHCgaE&google_cver=1
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=771&dpuuid=CAESEDFnMTb9pMfzBakzApHCgaE&google_cver=1
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=771&dpuuid=CAESEDFnMTb9pMfzBakzApHCgaE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNWvIXRt2ChVR2JC0dh30gPXiHk4-ltgFO8WQDo2MyrZkJlrHKRCMVwh2R9y38mDCt_We3qtjpPFh1oRx1SjCVjwx48doJsPUApnczzCKVP3S-rBH6M8AQqHOCSnVYYW25GM_f0BNlXY-NS04e9ZzkoQlHbLTciXA3OS6S5rVQCm0pRoRb8
Protocol
HTTP/1.1
Server
34.250.238.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-238-79.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v052-0119dd7b3.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
UUHhDVQyTZc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v052-00ab583a6.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
1P+gVqKhS04=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=771&dpuuid=CAESEDFnMTb9pMfzBakzApHCgaE&google_cver=1
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
xuid
eb2.3lift.com/ Frame 4967
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEE9cONnzWkBrQQurjhtJN5w&dongle=c627&google_cver=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEE9cONnzWkBrQQurjhtJN5w&dongle=c627&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNWvIXRt2ChVR2JC0dh30gPXiHk4-ltgFO8WQDo2MyrZkJlrHKRCMVwh2R9y38mDCt_We3qtjpPFh1oRx1SjCVjwx48doJsPUApnczzCKVP3S-rBH6M8AQqHOCSnVYYW25GM_f0BNlXY-NS04e9ZzkoQlHbLTciXA3OS6S5rVQCm0pRoRb8
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEE9cONnzWkBrQQurjhtJN5w&dongle=c627&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
303
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4967
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1
  • https://eb2.3lift.com/sync/google/demand?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzY3NzU0NjgwNzQxNDE2MDEzNjUxNA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzY3NzU0NjgwNzQxNDE2MDEzNjUxNA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNWvIXRt2ChVR2JC0dh30gPXiHk4-ltgFO8WQDo2MyrZkJlrHKRCMVwh2R9y38mDCt_We3qtjpPFh1oRx1SjCVjwx48doJsPUApnczzCKVP3S-rBH6M8AQqHOCSnVYYW25GM_f0BNlXY-NS04e9ZzkoQlHbLTciXA3OS6S5rVQCm0pRoRb8
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzY3NzU0NjgwNzQxNDE2MDEzNjUxNA%3D%3D
date
Tue, 24 Oct 2023 03:51:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usync.html
eus.rubiconproject.com/ Frame 195F 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 24 Oct 2023 03:51:01 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6038 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=74596
content-encoding
gzip
content-length
5606
content-type
text/html
date
Tue, 24 Oct 2023 03:51:01 GMT
expires
Wed, 25 Oct 2023 00:34:17 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9473 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 24 Oct 2023 03:51:01 GMT
ETag
"623de86a-cf34"
Expires
Wed, 25 Oct 2023 03:51:03 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 92A1 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
177
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
81af424a3e8f18b5-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 24 Oct 2023 03:51:01 GMT
expires
Tue, 24 Oct 2023 07:51:01 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
isyn
prebid.a-mo.net/ Frame FD4D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Tue, 24 Oct 2023 03:51:00 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
generic
match.adsrvr.org/track/cmf/ Frame EF70 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=8b725e5cd3&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:01 GMT
server
Kestrel
content-length
70
content-type
image/gif
rtset
bh.contextweb.com/bh/ Frame EF70
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=b50b9b83-306e-4cfb-a81e-c8ac12fa8442&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=OEpORC14UTRQSUl4UkFobFY2aU1JUQ&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESENUiPU9gZxHpr86a2WFjUas&google_cver=1
49 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESENUiPU9gZxHpr86a2WFjUas&google_cver=1
Protocol
H2
Server
208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdf9fc9cc-n525n
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESENUiPU9gZxHpr86a2WFjUas&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame EF70
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=sonobi
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=sonobi
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=7591070485493745832&ssp=sonobi
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=70&user_id=7591070485493745832&ssp=sonobi
Protocol
H2
Server
18.184.107.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-107-13.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://x.bidswitch.net/sync?dsp_id=70&user_id=7591070485493745832&ssp=sonobi
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
us.gif
sync.go.sonobi.com/ Frame EF70
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sonobi
  • https://creativecdn.com/cm-notify?pi=sonobi&tc=1
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=wXoHZ3CCVamCkjiGD42q&pi=sonobi&tc=1
49 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=wXoHZ3CCVamCkjiGD42q&pi=sonobi&tc=1
Protocol
H2
Server
69.166.1.66 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:01 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-63
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=wXoHZ3CCVamCkjiGD42q&pi=sonobi&tc=1
pragma
no-cache
date
Tue, 24 Oct 2023 03:51:01 GMT, Tue, 24 Oct 2023 03:51:01 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
us.gif
sync.go.sonobi.com/ Frame EF70
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5142336725909842241
49 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5142336725909842241
Protocol
H2
Server
69.166.1.66 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:01 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-63
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5142336725909842241
Date
Tue, 24 Oct 2023 03:51:01 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 62D2 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=74596
content-encoding
gzip
content-length
5606
content-type
text/html
date
Tue, 24 Oct 2023 03:51:01 GMT
expires
Wed, 25 Oct 2023 00:34:17 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 6964 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 24 Oct 2023 03:51:01 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 9E68 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
177
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
81af424a3e9118b5-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 24 Oct 2023 03:51:01 GMT
expires
Tue, 24 Oct 2023 07:51:01 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 61C0 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 24 Oct 2023 03:51:01 GMT
ETag
"623de86a-cf34"
Expires
Wed, 25 Oct 2023 03:51:03 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
isyn
prebid.a-mo.net/ Frame 3C46 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Tue, 24 Oct 2023 03:51:01 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
sync
x.bidswitch.net/ Frame EE06
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=baab58b2-68a4-4914-9c13-dab5bdc5ee08&google_hm=YmFhYjU4YjItNjhhNC00OTE0LTljMTMtZGFiNWJkYzVlZTA4
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEOH3NV6p9Elgu3JKQYjMlzE&google_cver=1&ssp=sonobi&bsw_param=baab58b2-68a4-4914-9c13-dab5bdc5ee08
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEOH3NV6p9Elgu3JKQYjMlzE&google_cver=1&ssp=sonobi&bsw_param=baab58b2-68a4-4914-9c13-dab5bdc5ee08
Protocol
H2
Server
18.184.107.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-107-13.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEOH3NV6p9Elgu3JKQYjMlzE&google_cver=1&ssp=sonobi&bsw_param=baab58b2-68a4-4914-9c13-dab5bdc5ee08
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
359
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/ Frame EE06
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sonobi
  • https://creativecdn.com/cm-notify?pi=sonobi&tc=1
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=wXoHZ3CCVamCkjiGD42q&pi=sonobi&tc=1
49 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=wXoHZ3CCVamCkjiGD42q&pi=sonobi&tc=1
Protocol
H2
Server
69.166.1.66 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:01 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-63
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=wXoHZ3CCVamCkjiGD42q&pi=sonobi&tc=1
pragma
no-cache
date
Tue, 24 Oct 2023 03:51:01 GMT, Tue, 24 Oct 2023 03:51:01 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame EE06 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=8b725e5cd3&gdpr=0&gdpr_consent=
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:01 GMT
server
Kestrel
content-length
70
content-type
image/gif
rtset
bh.contextweb.com/bh/ Frame EE06
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=b50b9b83-306e-4cfb-a81e-c8ac12fa8442&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=S1lyRmpSYlg0UHlpUklHUVpQMW1XQQ&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESENUiPU9gZxHpr86a2WFjUas&google_cver=1
49 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESENUiPU9gZxHpr86a2WFjUas&google_cver=1
Protocol
H2
Server
208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdf9fc9cc-n525n
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESENUiPU9gZxHpr86a2WFjUas&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/ Frame EE06
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5107433830583191578
49 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5107433830583191578
Protocol
H2
Server
69.166.1.66 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:01 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-63
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5107433830583191578
Date
Tue, 24 Oct 2023 03:51:01 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/ Frame 1A2B 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a860e393a22f7cd34a28120e6b5f9bdc433a1eeda614b995c6c22b395afcfbe6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:03:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
38852
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11591
x-xss-protection
0
server
cafe
etag
12161711247934188981
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:03:29 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/elements/html/ Frame 1A2B 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:03:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
38874
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:03:07 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 1A2B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst3hQPJ8sErfDnLQmKNRcUG5dJXeK9hS_2OwS7ZdDr0mdDVyp0ZGMmJptAjtS9w5BcxAxEYC9dKo-j1JbD9Wzfaxx6TuOCaDyzgi6km2T4C3fLRdESIpmbo2ezhG-52_QWc957-9hDloprmFLZOyH38FGfJaeeAuzlp_xx181be2cpW9NcSwwrJrl27f8rEVt13RzAN4umf8J7vzmw-5YVrqBolaP_6ETIkGRK5y45FuGvkKqcao73uwufGw2ZZbDc9Hw1NQvGZrYBWeZl_q5niAf8dgVBYEtNnElegeacvAy9QY8wZzwUPSATDTDSYQlTqGRYYZM24hK7Mf-xqgOYZZAeSdn98wzVEHj8HU688Q-gtoz8cxiar_uGm-A8QL-5THTR8RbXcP0FC911mndEIgEWExM_oGzdLGlDRxAoqausGq45f3Js2jlgMmlHSzrHLWanvZKrVCaH0UMq8IxzYeOu_IuumDP-k7sZ4EDlQbJv5f7M10Tpdh9MAwt5Kg3U0XYidCe87WmvmCeSyRmj7_Ws7MbYAhavau2U2inQsB02_5KPM-oUGPzLTjl4FSxSfOziSEJNKXmQUcDYvmchHhO979v9GLImUbJqqoN-qdPjIfPTJFNSE0XvhnqF5hYfJIVzfMbdVqhizbC1xA5-tGhYCIatM0z5K2jq26FN_ALqLo0h0LgM-vKz-m_6z1ViSN0nFS_UUs1NNdYynQIu5EXPOKvYfQfSFVXHxer3MoOsx9OczCklWkLpbax63RTS05m-VvnTn-NyjSEwaBvFk-NmNczgLrYB3zKE-oPp27UAJvOU4ojiO2_ZJBnPY4mtk3AW4tUW9J9psU5nYz3n52Jt0iBTPK0glvdDTPtwx3ex3xiyI7EMMZ7tOQwbbiYqIWS6vW6Ft86LH4ExMi179Fu-4SVCdKugliEtK6_yNLwmpjJjyAxHxQg0jZHF_-VUasUTf2eogRD8tsjM5cuzASmnEUv8v9yng7fdvquoGwzxrgmBqEppmiFWJG1DJ4sIViMzZMjbSmV3F5dnKglLPZXyn7jwCWAtbZqlZuwzcsvALP4pFkl6MQucQiBRH9WL9kyu0MqDAM7BALJF1w-Ftu8ibPYPKKByel5X5iI8pwa9Bdq6Y1OCl_Pr3QHOJVGHfOu0-Iy2RYXukFNjYtbVdOYWySO0weMXU6wX8G2AOK4ZzVuZD9CtrkuTGdpfkIBsROkldC2KcoSD6oQC9K0MpTSEdD5dYddasTRYUAUceyO4h3TEunC7ITIQzSSfIvFyYZGI9agCPC8txvwlMQvtggIyVj8-nyvWd658hmjJV0izYS4M9ooIglMSYVrFIbK8YpZJQJ4fxk_Qi5lJWtCZl0w4gZHc&sai=AMfl-YQ6EcRksYkREd8HU2lzTaDp7DRw2mWhWe-nVMGBLSB53Tl_D84SliFRVt_oLgFUXZSTGjtshOfL4-G7SwR8QOW0bf5Y4ErwfIGrfpXIRUf7TFIRZ-KcObHiVSg8Ux5QitRCBxxsBNWYZ0x0OOepwDdu7Q0nJQ9vjR7EoRWXNK_Qsm-_uTaYKhvTbs0C3CBfQc9EkSu2dUOF22f6PDxQhNrBcVJFpVGypycf0v15xXGWlVD7ArXT_Xc65OU&sig=Cg0ArKJSzJFppFVoMAnXEAE&uach_m=[UACH]&pr=8:B81EEFB6E78C638E&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=1&cisv=r20231019.24077&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 24 Oct 2023 03:51:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1A2B 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 18:02:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
467298
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 18:02:43 GMT
9107379330298137186
s0.2mdn.net/simgad/ Frame 1A2B 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/9107379330298137186?sqp=uqWu0g0HCFoQ2AVAZA&rs=AOga4qkjZPs9cpDF6G4gCnpXpWAm55yYcg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c8816be8a1ac63eb157a57740dced17c63a9affbda763c4ba35f88cf07e0bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 04:47:18 GMT
x-content-type-options
nosniff
age
428623
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16210
x-xss-protection
0
last-modified
Wed, 27 Sep 2023 14:41:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 04:47:18 GMT
usync.html
eus.rubiconproject.com/ Frame 03E7 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 24 Oct 2023 03:51:01 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1A2B 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:51:01 GMT
/
bcp.crwdcntrl.net/gmap/ Frame B1B7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=lotameddp&google_cm
  • https://bcp.crwdcntrl.net/gmap/?google_gid=CAESEL9hqgd80Qw_UoisKfjLZLs&google_cver=1
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/gmap/?google_gid=CAESEL9hqgd80Qw_UoisKfjLZLs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNVZABvKUrbbqu_nS9qjV2MPBI_wB73GmF67OuxESQ7EzGdwgh4No6Syug4D97rOzBSXhZX83Q5u03v0uxcuYjaYZCBQ1HFPq4aRkTkvOAw2fdvCBRdTGxXgqmFB5FmYpkSO5cBCqulrxO5FJJDGgLLvBPz8ZAwqi_TauolEj9O2rgnCayk
Protocol
H2
Server
54.194.163.10 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-163-10.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:01 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.3.146
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bcp.crwdcntrl.net/gmap/?google_gid=CAESEL9hqgd80Qw_UoisKfjLZLs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
285
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2981
tags.bluekai.com/site/ Frame B1B7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm
  • https://tags.bluekai.com/site/2981?id=&google_gid=CAESEGxAjvWkvh-04crx_PBWJEM&google_cver=1
62 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEGxAjvWkvh-04crx_PBWJEM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNVZABvKUrbbqu_nS9qjV2MPBI_wB73GmF67OuxESQ7EzGdwgh4No6Syug4D97rOzBSXhZX83Q5u03v0uxcuYjaYZCBQ1HFPq4aRkTkvOAw2fdvCBRdTGxXgqmFB5FmYpkSO5cBCqulrxO5FJJDGgLLvBPz8ZAwqi_TauolEj9O2rgnCayk
Protocol
H2
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Tue, 24 Oct 2023 03:51:01 GMT
content-length
62
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEGxAjvWkvh-04crx_PBWJEM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B1B7
Redirect Chain
  • https://tags.bluekai.com/site/2981?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dbluekai%26google_hm%3D%24_BK_UUID_B64
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_hm=bVhia2M5OTk5OVk5QmU1aw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_hm=bVhia2M5OTk5OVk5QmU1aw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNVZABvKUrbbqu_nS9qjV2MPBI_wB73GmF67OuxESQ7EzGdwgh4No6Syug4D97rOzBSXhZX83Q5u03v0uxcuYjaYZCBQ1HFPq4aRkTkvOAw2fdvCBRdTGxXgqmFB5FmYpkSO5cBCqulrxO5FJJDGgLLvBPz8ZAwqi_TauolEj9O2rgnCayk
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_hm=bVhia2M5OTk5OVk5QmU1aw%3D%3D
date
Tue, 24 Oct 2023 03:51:01 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
googlegdn_sync
x.dlx.addthis.com/e/ Frame 2F3F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_cm
  • https://x.dlx.addthis.com/e/googlegdn_sync?na_exid=CAESED4TDconUC2H4hvDSQZ6e7Y&google_cver=1
43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/googlegdn_sync?na_exid=CAESED4TDconUC2H4hvDSQZ6e7Y&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNV-vd68UxBdS7mh4WqUrQdlQb_pjsfsilq9kcRyCWa_SHvLkEfV1zIpd-VUs43aF0Ypwddop_TVAAbtvxTPHAZ-98mEAjgFE_9UsIbd_J-x1guKQ6xvq_cR6d2LWWwnrxbjnbAuq398Cjl-j0ci5mXEEt3n_MTXtuwz1lhdC99F5kR0g-s
Protocol
H2
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires
Tue, 24 Oct 2023 03:51:01 GMT
pragma
no-cache
date
Tue, 24 Oct 2023 03:51:01 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://x.dlx.addthis.com/e/googlegdn_sync?na_exid=CAESED4TDconUC2H4hvDSQZ6e7Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
293
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 2F3F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEKv5WLnoYRn9hrIH5vZjeKg&google_cver=1
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEKv5WLnoYRn9hrIH5vZjeKg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNV-vd68UxBdS7mh4WqUrQdlQb_pjsfsilq9kcRyCWa_SHvLkEfV1zIpd-VUs43aF0Ypwddop_TVAAbtvxTPHAZ-98mEAjgFE_9UsIbd_J-x1guKQ6xvq_cR6d2LWWwnrxbjnbAuq398Cjl-j0ci5mXEEt3n_MTXtuwz1lhdC99F5kR0g-s
Protocol
HTTP/1.1
Server
185.86.138.152 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:00 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEKv5WLnoYRn9hrIH5vZjeKg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
316
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 2F3F 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNV-vd68UxBdS7mh4WqUrQdlQb_pjsfsilq9kcRyCWa_SHvLkEfV1zIpd-VUs43aF0Ypwddop_TVAAbtvxTPHAZ-98mEAjgFE_9UsIbd_J-x1guKQ6xvq_cR6d2LWWwnrxbjnbAuq398Cjl-j0ci5mXEEt3n_MTXtuwz1lhdC99F5kR0g-s
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.152 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:00 GMT
transfer-encoding
chunked
content-type
image/gif
usermatch.gif
beacon.krxd.net/ Frame 3490
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEPs0XgYrjfOy4zxKGhwIEFE&google_cver=1
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEPs0XgYrjfOy4zxKGhwIEFE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNXsSLpIQ4-f9nMH0RB9EQr7WWib8Tx50w0q90XwFzxYFnfPTITaAEyYF4cGHuu8UqZRMmRgE1wlQlMnhZ2ZYk705MFE2rew5LXgvjf9P0BZ8fR0YFTBN6wXevlSLPkvIJWugZpmSxT1ISIkZnKHGDwBS5U4D3qSbryFeAZDAqFkJpgrMjw
Protocol
H2
Server
54.155.252.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-252-188.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-served-by
beacon-n024-dub-prod.krxd.net
date
Tue, 24 Oct 2023 03:51:01 GMT
cache-control
private, no-cache, no-store
x-request-time
D=34 t=1698119461
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEPs0XgYrjfOy4zxKGhwIEFE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
291
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
ad.360yield.com/ Frame 3490
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&dsp_callback=1&google_dbm
  • https://ad.360yield.com/match?publisher_dsp_id=55&dsp_callback=1&external_user_id=CAESEHhJI2ijo0peyNBe1EEaoiI&google_cver=1
43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=55&dsp_callback=1&external_user_id=CAESEHhJI2ijo0peyNBe1EEaoiI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNXsSLpIQ4-f9nMH0RB9EQr7WWib8Tx50w0q90XwFzxYFnfPTITaAEyYF4cGHuu8UqZRMmRgE1wlQlMnhZ2ZYk705MFE2rew5LXgvjf9P0BZ8fR0YFTBN6wXevlSLPkvIJWugZpmSxT1ISIkZnKHGDwBS5U4D3qSbryFeAZDAqFkJpgrMjw
Protocol
H2
Server
52.48.146.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-146-251.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 24 Oct 2023 03:51:01 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ad.360yield.com/match?publisher_dsp_id=55&dsp_callback=1&external_user_id=CAESEHhJI2ijo0peyNBe1EEaoiI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
55
match.360yield.com/match/ Frame 3490 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.360yield.com/match/55
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNXsSLpIQ4-f9nMH0RB9EQr7WWib8Tx50w0q90XwFzxYFnfPTITaAEyYF4cGHuu8UqZRMmRgE1wlQlMnhZ2ZYk705MFE2rew5LXgvjf9P0BZ8fR0YFTBN6wXevlSLPkvIJWugZpmSxT1ISIkZnKHGDwBS5U4D3qSbryFeAZDAqFkJpgrMjw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.48.146.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-146-251.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 24 Oct 2023 03:51:01 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 39BE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_cm
  • https://loadm.exelator.com/load/?p=204&g=001&bi=&j=0&google_gid=CAESEPCdYYxFR_gjPKWsxYotF2M&google_cver=1
  • https://loadm.exelator.com/load/?p=204&g=001&bi=&j=0&google_gid=CAESEPCdYYxFR_gjPKWsxYotF2M&google_cver=1&xl8blockcheck=1
  • https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_hm=NWQ5MmVkYmNiN2Y1YTVjNTUwYzkzNjNjYTNhOGNkMmY&
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_hm=NWQ5MmVkYmNiN2Y1YTVjNTUwYzkzNjNjYTNhOGNkMmY&
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNWkkLN4FWa_7PjaxuT4SRJhbm31TOgTpUDsEP2YIhkdIH11cJWJJVspaxxcWQ_xD_YvCyaQZtyMX9j-OpbFlXXudzJeEGas1cOiyGFWEnAOCKmWszOJlv8qDYWXiFPnRtyj7cf7zlnpw2EtpuRBEA20hsKpRziKf4v4PxYI70Jc1ZY5c6U
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 24 Oct 2023 03:51:01 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_hm=NWQ5MmVkYmNiN2Y1YTVjNTUwYzkzNjNjYTNhOGNkMmY&
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
rtset
bh.contextweb.com/bh/ Frame 39BE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_dbm
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESENUiPU9gZxHpr86a2WFjUas&google_cver=1
49 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESENUiPU9gZxHpr86a2WFjUas&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNWkkLN4FWa_7PjaxuT4SRJhbm31TOgTpUDsEP2YIhkdIH11cJWJJVspaxxcWQ_xD_YvCyaQZtyMX9j-OpbFlXXudzJeEGas1cOiyGFWEnAOCKmWszOJlv8qDYWXiFPnRtyj7cf7zlnpw2EtpuRBEA20hsKpRziKf4v4PxYI70Jc1ZY5c6U
Protocol
H2
Server
208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdf9fc9cc-n525n
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESENUiPU9gZxHpr86a2WFjUas&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 39BE
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=547259&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcontextweb%26google_hm%3D%25%25ENCRYPTED_VGUID_B64%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_hm=OFFEeGpndUxaVlFXTnI5WHdqaGJHdw&pid=547259
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_hm=OFFEeGpndUxaVlFXTnI5WHdqaGJHdw&pid=547259
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNWkkLN4FWa_7PjaxuT4SRJhbm31TOgTpUDsEP2YIhkdIH11cJWJJVspaxxcWQ_xD_YvCyaQZtyMX9j-OpbFlXXudzJeEGas1cOiyGFWEnAOCKmWszOJlv8qDYWXiFPnRtyj7cf7zlnpw2EtpuRBEA20hsKpRziKf4v4PxYI70Jc1ZY5c6U
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
location
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_hm=OFFEeGpndUxaVlFXTnI5WHdqaGJHdw&pid=547259
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdf9fc9cc-n525n
expires
-1
9107379330298137186
s0.2mdn.net/simgad/ Frame FBB1 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/9107379330298137186?sqp=uqWu0g0HCFoQ2AVAZA&rs=AOga4qkjZPs9cpDF6G4gCnpXpWAm55yYcg
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c8816be8a1ac63eb157a57740dced17c63a9affbda763c4ba35f88cf07e0bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 04:47:18 GMT
x-content-type-options
nosniff
age
428623
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16210
x-xss-protection
0
last-modified
Wed, 27 Sep 2023 14:41:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 04:47:18 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/ Frame FBB1 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a860e393a22f7cd34a28120e6b5f9bdc433a1eeda614b995c6c22b395afcfbe6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:03:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
38852
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11591
x-xss-protection
0
server
cafe
etag
12161711247934188981
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:03:29 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/elements/html/ Frame FBB1 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:03:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
38874
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:03:07 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame FBB1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv8LmZMtFO1C2PMQnlDKY8qeGGVhJXlt1egncvC3vnoaweloSnCiVgoZcFXqs8AqLnQEGlwJWqcFx4x2RAaEWE-lL8E-0rpGmHyyYoNof2BBBrdAB0TTtLucrl_m2XqOOyVqMx8Ak42x9LV-YnmbHPOXBreBnvNYLw7FAaf_6Jg-c05wASB0GJe0-xn4t3AldDcrnMLM0DtC9NpIo7kcwIUDIYj0DWD7dj6riDcJ0g-gX4aOjElbqZqnbWdJj0Le7i5SMI9qJDAPn245yGp7hciiXrNjrKzvyFMrf_zaGLNZVdFeuz1IW8VbbwPtxhn6qGZxQ3Y1dT1LekVMF3eMZtQXHNX-XADEo3AqCJRwb0BJ1MzLtWEDhdJ1PkWAQxi9-LmxBSo2DdRxrtdAmlBp0jHcgClXnjeZRB2VunyqDRQ0uHcepK-f2OANwd0J9RS-eLanbAHwlERTC7p0b6_OI_U8LSxqYzhpNvEs7nDKV29fpzXsz43CYnCiH2DYjWsP16DzxlyA3m4wbUdnWx5hnN84PcgB7-Sl348jNgC4dt6WmZrO_1r77hF-gONeEtuPrRvAedkNoOcf7A5ULHkR3Z1o1LPaPSs6gGO7U-KfJ3UCGMaDGJorrqFtPu5sdjsXMC9QoLrEl3mqkUOeAxVnTtfi7nCCsg68lk6UTRm7hmmifAIq6jUNurWOk0fNAhTe6j4V3xDBZM6tNqQzttFnmLnscw4l9FbZU9ml2MTSHKtTvZTuS2inFb3TkF9rH9T0YUU31NHwWm8Cw79RqKXgqnX9xsKN_UbE1puKw18Di8ALRROH_KFDZ4k25yDnpgjcNzlbalY8w_fFTfjmfyMW1f-9heR11mgIuxYlrSaxDOSGFtXcjfunviPRVN2tQ5sICYtOSvIRli8A2ti4H0vqVwDlFsRwSL2zTSS53ybx8TpV2xmtEf4BZyIoastsq16miDeQc_4fwMxKyJY27gVpZktbKRh4NpExreSVgP_baiNOxyp7ZhbcQlzkaeD25iddma5Zf1duE2uz6EyDDoueMXVPj4gpEdNvDEstmtq4ePZsJclsq_o03akIieUmcsmH2R6K7I5zcUba1RlIxpCP3hfcuLBl8xbKytdqr5xvIfL7g6owamF30p0sXEVrN8oWQeFFYtgSH0kxdH_rHd9kDtRBvXgk3IspB3O14nQ3TcVJZVrQVwGxsKulX96kLRRRa2OsWF5Ie7lG08h7PEejjue8qgXjgZTjR4qcWRBV2afUCCSKorcdDmTK54h9m43Ldh4myyeAa1aZvMiQBnFkiMd_gGEr29nVxO1JQJFA5-GzpVQn0OVcd4DHFa4k1uhSmi5pI2GFNHZw7ma3gL2mqHN_GHKcvc&sai=AMfl-YR9iArlFVl0P5o__fyVQUn83QbzjZZ_NELt_8NjRxtwpgLuMd83TIvSJPSifBm2l8i-YjRO3AUfN3liy9wIiliAWdTzJxjnBxhqgNXlaYTao5l3NxbHNIyRnbFgpk0THnpjK6uI_jc4zS6Hm8fSQ7bdqXxy_shBfOmXrZjwfq3a92H2_a6IdB_EcRM4AhgQ3UIutN4acYJHiVdWMVTEa2hFl9Wsj5iDzxvQBmctMj3nzOZvPtOTVMRe51Y&sig=Cg0ArKJSzJy2kDtmx6enEAE&uach_m=[UACH]&pr=8:DBA739E3E3D229F6&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231019.27211&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 24 Oct 2023 03:51:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame FBB1 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 18:02:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
467298
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 18:02:43 GMT
usync.html
eus.rubiconproject.com/ Frame A611 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 24 Oct 2023 03:51:01 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FBB1 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:51:01 GMT
9107379330298137186
s0.2mdn.net/simgad/ Frame 4EEE 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/9107379330298137186?sqp=uqWu0g0HCFoQ2AVAZA&rs=AOga4qkjZPs9cpDF6G4gCnpXpWAm55yYcg
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c8816be8a1ac63eb157a57740dced17c63a9affbda763c4ba35f88cf07e0bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 04:47:18 GMT
x-content-type-options
nosniff
age
428623
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16210
x-xss-protection
0
last-modified
Wed, 27 Sep 2023 14:41:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 04:47:18 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/ Frame 4EEE 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a860e393a22f7cd34a28120e6b5f9bdc433a1eeda614b995c6c22b395afcfbe6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:03:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
38852
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11591
x-xss-protection
0
server
cafe
etag
12161711247934188981
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:03:29 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/elements/html/ Frame 4EEE 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:03:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
38874
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:03:07 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4EEE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsveY4ppuHvXeVZFwTetCT2hFfYgMIHnPUyhH_bEEFHa3QAL-s7N9X0bdR3TN_GXcRwz0_pvFKqHWoHtZysOtXV-gWl_qGXdRL_6YUcL7HIzLimPQuU8Qe1SoP6mGJaqtaYExQWj7z_cP9Gz0pdFouD8QHQuuSqyGSTOZxWoafS4YB7SPHtOvMQUF28Uk-7QZgEXn89vYC4fERjcKaXzhss9KK6eUHnjdCdw1y43uFkpQNugzT9Yi5q8iNwbKPjaEpgJGVQ66eZRNLGMcoIlJ6C2ea3MhouXghw1hIzUU7o7JaIa0X_YhpVK5CSgxL4qOj6t1Ox8ZCmp03xHjI0UZuMS9nUXWNv9z_M1wN7_AD8Ka2T2qE4KcqpY5vuNragwhIgwfFUP92x_auo0BqGghJkqjMhQxyJU91OEWuVLEHGNBQ55FsM8zsKZg2_QriPvRl_YSyQ9oZ3fWgD2-lkDyRkzLligr4CpOjSe0Bh3qVZcFwVYP6EkxZ-lxzCxp6RZlaujWVaah4s1LbZE-52qKDoL1sNjwOj0MewlLbeZ4EnDAULe3LVZPfgiVD7JOlzHUlA0k3r8MpMV0GvkvlW-L86kM0WTDS2k25aeH99D1Uaxv-Clmu5bFX58drEUQXusQIL6BQ4J4tS6Wjs_52A182CJ9i7go3OnFmKpkQKH5jF1BX1x5dc5M0npuMp1AoKw7oJPPQMGWBW81oPy9X3WQTaVVD-d-mGN1eEVKhiwNQCeHavBuOvAPkbZeUXaWCndQpAXQekkGM0UxVtxBLCaly0clbpxRU7kzWXaR_ONimvRrNvrv66ExcMiWmW6pCr5kS_m2oYDfN0mBNROjTBlDF_OlSQLFts2R-XpbM1NzG8v2Zi7LlHdII3OxkVw7YuSZHnBr1Da8ntrgZMUr6_OTJq8N1eIxBoUBpnC0NyyMHlLwFIK6U2ypzeUBK0KOZ5BflnpyIHw6qfqDM3rW8CT-tBlaCg-32-nz6jqpl30Kx30J03UeNajVkoY5f02mKoBoUrZ4EskF8hR4lD4ywevqYyvczmPPH-Rs2zU5meUzrWsEq6Xt5Nl8rHh8JvuRF1ecfSOR0p0fXK4PplwXIjSF1gKxY2l9Hh0NnKFeQCIlS5e4kJ6fC5YXYxuRXRvzJYBm8LQmTz9tVJlXEezk7UII9qBaqyHit5Fm9ho3STwJWPVQo7VUSl7jMRCXb7nmuf2tSf0uchSX5sO0eBBDUUqBp0PLot8oSecC5lNV1GHYn7r4fhQTS0F1sFQsWGMNQe-01WhlBVexUY9IL1-eQiwIXlErx14bw2orsY90zUdePSHEdBOuX6nbpym3caqGFPJJ-iR2KCVRt3e&sai=AMfl-YRHmb720Q6uoh7k8qvEvmiQuueBYFyS08CdFRc8pSoayKp2hCs4ROw85t7wawRuG0DgPL5HW9US-FYLOMfgEgiJjAT1vFFW5C-IV6mttaKC-OQFnYN4mtd0OXibhOzLfP-4n6aAex4c9Z59gEQ-4q7VKPCy5nkK8LOi1ELdkNJrlSD7BjGT032IfWvkE0F3-f4V8OPe65u84j4DdDZVDvWjhuCpayzLfRVMCBsL91xlERhNYWciJoyhOUA&sig=Cg0ArKJSzMjOSHR8Rc-BEAE&uach_m=[UACH]&pr=8:06461963C725935E&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231019.58783&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 24 Oct 2023 03:51:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4EEE 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 18:02:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
467298
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 18:02:43 GMT
usync.html
eus.rubiconproject.com/ Frame F0E1 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 24 Oct 2023 03:51:01 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4EEE 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:51:01 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0E9A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuJs7qjUW7tAXqDhV4dxk4LTHym_se-FGgjYZIY2ysG-_IPEv26DapnRhs6nvnlTWEiOYMd3sLebCeH_D5bVw6bbLAHVEGpVD4dFlgT5ssQizDZnx3IL84sWRpLjkgblj6Zco_E1cdM9T_8S11jYd8V1KX6eCjE0u2kRME38etg8gwLJB4Av2sr4-t3q58ujfpEgAhLcd5MEjGymaKQi4-35kmxY7cNvbV-zt6V1nttDVti_jC36XoZdNqVXdnVCujWqfeSNIJ9z6AaL-3JKedSEtkIKUxv-QZzuUGjOJMOrc2b7RfIMVIE3t6B14-dPzdaMiVPEt-V17hO_iHWrL4&sai=AMfl-YS6kWscQCBW9sSjDHYDLP0YQ78vuRLShkOOY2bS-yZaoz46qOXhLjmc-GB7G7Ps9hW5YDzS2GyoF4FdZ2fNJwOUoi9AOtK51ZysTEF4wrAAfwPB6UGYfPJxFgEBcS4&sig=Cg0ArKJSzCQ146SXLGMtEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
khaos.json
token.rubiconproject.com/ Frame E850 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
Expires
0
image.sbxx
global.ib-ibi.com/ Frame 56BC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ibehavior&google_cm&pid=266&go=244276&m&google_dbm
  • https://global.ib-ibi.com/image.sbxx?pid=266&go=244276&m=&google_gid=CAESEAzCfzB_OTDJZw0mk0H1t80&google_cver=1
0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://global.ib-ibi.com/image.sbxx?pid=266&go=244276&m=&google_gid=CAESEAzCfzB_OTDJZw0mk0H1t80&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNWKSRJRBy6hufmBfgAHHWaemfWlIs3Z2YgbXGaQpVYBEHD3njXO6Sb0S7ichEHsrAB5mTVtkNNo8iEeRgv9xJkQ2N5a00lAaplbNBhw8XTFSrPn_zKbQhzHRIfnMCztX2_z98Hnc0hTu_w_C_YjEhzdZ8KRjs4RMafq9XDtItDElxX7Ljo
Protocol
HTTP/1.0
Server
216.46.185.183 Denver, United States, ASN13649 (ASN-FLEXENTIAL, US),
Reverse DNS
Software
BigIP /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Connection
close
Content-Length
0
Server
BigIP

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://global.ib-ibi.com/image.sbxx?pid=266&go=244276&m=&google_gid=CAESEAzCfzB_OTDJZw0mk0H1t80&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
323
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
RX-ad3b9d34-cd6c-4e64-bc76-55434edc65f1-003
sync.targeting.unrulymedia.com/csync/ Frame 56BC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=unruly_dbm&google_cm
  • https://usermatch.targeting.unrulymedia.com/usermatch/google/CAESEKet9HT4qv-BHqejd-oQf6s?google_cver=1
  • https://sync.1rx.io/usersync/google/CAESEKet9HT4qv-BHqejd-oQf6s?google_cver=1
  • https://sync.1rx.io/usersync/google/CAESEKet9HT4qv-BHqejd-oQf6s?zcc=1&cb=1698119462220
  • https://sync.targeting.unrulymedia.com/csync/RX-ad3b9d34-cd6c-4e64-bc76-55434edc65f1-003
43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-ad3b9d34-cd6c-4e64-bc76-55434edc65f1-003
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNWKSRJRBy6hufmBfgAHHWaemfWlIs3Z2YgbXGaQpVYBEHD3njXO6Sb0S7ichEHsrAB5mTVtkNNo8iEeRgv9xJkQ2N5a00lAaplbNBhw8XTFSrPn_zKbQhzHRIfnMCztX2_z98Hnc0hTu_w_C_YjEhzdZ8KRjs4RMafq9XDtItDElxX7Ljo
Protocol
H2
Server
46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:02 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-ad3b9d34-cd6c-4e64-bc76-55434edc65f1-003
pragma
no-cache
date
Tue, 24 Oct 2023 03:51:02 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 56BC
Redirect Chain
  • https://sync.1rx.io/usersync/google/0?dspret=1&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dunruly_dbm%26google_hm%3D%5BRX_UUID_B64_BIN%5D
  • https://sync.targeting.unrulymedia.com/csync/RX-ad3b9d34-cd6c-4e64-bc76-55434edc65f1-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dunruly_dbm%26google_hm%3DA607nTTNbE5kvHZVQ07...
  • https://cm.g.doubleclick.net/pixel?google_nid=unruly_dbm&google_hm=A607nTTNbE5kvHZVQ07cZfE
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=unruly_dbm&google_hm=A607nTTNbE5kvHZVQ07cZfE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNWKSRJRBy6hufmBfgAHHWaemfWlIs3Z2YgbXGaQpVYBEHD3njXO6Sb0S7ichEHsrAB5mTVtkNNo8iEeRgv9xJkQ2N5a00lAaplbNBhw8XTFSrPn_zKbQhzHRIfnMCztX2_z98Hnc0hTu_w_C_YjEhzdZ8KRjs4RMafq9XDtItDElxX7Ljo
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=unruly_dbm&google_hm=A607nTTNbE5kvHZVQ07cZfE
date
Tue, 24 Oct 2023 03:51:02 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXad3b9d34cd6c4e64bc7655434edc65f1003
content-type
text/html
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/ Frame 455F 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a860e393a22f7cd34a28120e6b5f9bdc433a1eeda614b995c6c22b395afcfbe6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:03:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
38852
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11591
x-xss-protection
0
server
cafe
etag
12161711247934188981
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:03:29 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/elements/html/ Frame 455F 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:03:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
38874
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:03:07 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 455F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssc7K9BvO3fi0D24XbLHL11VmPXXKWBBxlboHe-eq9TzYVQ-RAz8QG9ikDCCZrApLYNHWLWYVlnSb9IrQEivb_sjQKzbL0opuAfo1pqdugubN5oYQzgRlbgOCSLk8I3GvFX21fJSQp7weLzJgxs8UEa9R0ZQoS0lQ0P_vnVrfsdJYla9YxQL9IUahy1gBpt6yOAMXqwXgnp0YhDrGkhY3MA_tgvjM5Fk5afPPtFKz1WxlnyLAITrh5ow8-PwtovrdXu717OVaeE5T-g5s_Z6MCqnJfFipKFy6sy_GO7JtS_C6GxZR0qjJrHtx6_saaU9JhHczVmo5YEkMuVZJ8VzNmulbUcZe4xGsTfQHD7t2S-NSTlYLlYtWS86JHpQlkYv9zvFcgOEbGUYQp0pvEsfc5as6REAZzY2GMvqOuk403qQ_ZrG6qqHYwo9VM_vHtc2r1Y8Oy1EPoBe5xMBxw0PzWP_zIodF2aAv6lsO4SsY5hNysvlHw5vTktn-i41fgbbC6Yz5dcjVPBiRVCUysxwYTmW5qRuZLHJmbUxoXmyIBMECDdTCuvAso5aN0IAv9HYWPVPWhd2r6w5-qWW_tsfu0F8Ha9pBWmeVjEO1tq7NMeN9_uPjOaA8pcjZa9fVdPUYnq9G4QQCAkXtpmILpTn5nzfqULzjAsXDd9lcCAMNZsjBM9SEun1FjOtmf7wwHOKNIVP94jMKvOgXub56fJv78_2x-GpBOVBM2TOBA0mtbFuWNO4Li-e4eCq9sW3xoxUxJsTwT8Pq75HThNGEuaQWrXJxenbtq0Z3hUYu7p_sV2Nyp7XfoW-bvIf_9WHhWtTRJOTOKRVGu-4CG2KH7EXSmjrIHdXgzbponGuwf0O432Byz1Zs7fQIzwoqyiHXPKx0UW_G5LSoT5_iL88pXVb0ssG6uH5dlSPJAFOP5qP6W3n50egFjt9QDebknIa3_T0cf6mxZv5HMQGizzw1333OzV7vOkzlx4UIRspGmOQrhfhBOoe-MESZJaGAlAqfASggwCCtTFHuY-W_UG55TW0TpPyZ1uVB1l3T2uNWDjGK-6_dIyOOqsp_p4kjVrWcNjIPBahZj-b2mVxoiR5srgimlQ16lnUjRKIkjYJNKFGdhIcYKDFLvxzSJXUAbSYZrtRiGMwdYT_4D7sTpYn48cTXIsCWX6CEg0ISxFTtHmDeki6C7L-VQMk2_EphxOUqdhN__N0rMGAJ3eI6t6pbuN5wnVWT0NoTEsVaM7DmF-2bNoyhl-YqAmvMukYbCufPTlkVzcPVMl_5Mttjqhrq8LziLhhBZUSHS4d2A7ZahRACf12q1SVbjLL9QmhgjfW3RNct6gpIYxDMzZInLHteH5uDfvjs6JiF5Q_A&sai=AMfl-YQBnAYRM8O0uDWTWNXyfYXjVEhRWnTEhx8ab99KG2IL0aZ5YigAc_VBIiWlukk4ReMoHFkSXNfwdFppS51dRFVrxTe8Fk54-UeK_drEgnhz46IeNFxNsPnxGKuB7aA4c9_9JHpVm1nlZJNdsEIG5q2b5OqbhKItr2SHAzvp22HDCf8hK3SxQ2c0bkLO8boWxCqGZ-FfGGe89KGFNgKZr6RZ371eXJmXTbw3RaiUSe6oh3J3MEnll765kJw&sig=Cg0ArKJSzK12gD93kicEEAE&uach_m=[UACH]&pr=8:B81EEFB6E78C638E&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231019.59875&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 24 Oct 2023 03:51:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 455F 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 18:02:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
467298
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 18:02:43 GMT
9107379330298137186
s0.2mdn.net/simgad/ Frame 455F 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/9107379330298137186?sqp=uqWu0g0HCFoQ2AVAZA&rs=AOga4qkjZPs9cpDF6G4gCnpXpWAm55yYcg
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c8816be8a1ac63eb157a57740dced17c63a9affbda763c4ba35f88cf07e0bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 04:47:18 GMT
x-content-type-options
nosniff
age
428623
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16210
x-xss-protection
0
last-modified
Wed, 27 Sep 2023 14:41:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 04:47:18 GMT
usync.html
eus.rubiconproject.com/ Frame 0B46 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 24 Oct 2023 03:51:01 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 455F 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:51:01 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame ED94 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuhAs9NYUdVgOE37u22jS3ccSmKFv8SscCkWpaaB7RXYEALVaFBYrsJQDWE3vk2RsacGd4_2YYdPkYjSOotxKB4cF28BHbs1SJyN33xTlHWRYSDamESFTMusZwotJuNWYlWnM-ZOaK-_H5sSyvv2wQPZYYYDNA3d3JGV5nWZ0LHxU55mVs3rxNFJad_6sRU9Ky0Td4g9y27Gh8RBXda2w4HGMWKXHevmfMpxqperONPAxE_hBaJxSsGwm4d-dn0-mE0pZk9nmt3en7r8jNe1e5DDJjB4QhW-wAS37DJ9Njvi7AGTh3aGUglkLCr3mtMKrqBMpIv7EZRhzZwm7QCvwzQ6Mg&sai=AMfl-YTB3s-Bvl17wvefXfE5o9o_gvdcJoKriY9f8rAaMmwHkErFK20IA_38UiYuHHBVnAFBm_Ji23YJYeYwqalVpqcLtTjhnPkRLO0rvqfr9TAh0KDEVwQpElsGhQVIKpw&sig=Cg0ArKJSzDt_hkgTUBcuEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6231 		140 B
108 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNUUE35yhomTjPhw9Dtzmlj0gZXRjtykYaqvRyDNkRIuE8CTQ7h2Dyi7eoJR7kyE2cLUu-weJZpCl64gVwv508cH4Wd8Ui3HxF1HHpEcxS_Ne23uLlYJ5TJw4kzeLojc1iBg3TP_9yJiXT3eE70IZNObIhh6ZOV-m1xOk8BhxkE1VIliCQo
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
888e57daefbcf74c9f7c76ed6788084384f79b31e76f50bc6bd5eca7fa25fceb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
88
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 03:51:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame ED94 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:51:02 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame ED94 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BQqTSGPWsdkgSWPAoXzP7Z9l4xfKzO0NAnybVo30fl1yDaYabxnt_Qtws7zLWie0WzawlRlda394JL0hnN4QkDyWCQsvojx48bmqL8xkPWmv1ec-w
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame ED94 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14548409949965713568&x=8&ct=2
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
38542cd3-f93d-4715-89e1-ac8dfd76b1dd
beacon-ams3.rubiconproject.com/beacon/d/ Frame ED94 		43 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/38542cd3-f93d-4715-89e1-ac8dfd76b1dd?oo=0&accountId=24022&siteId=410000&zoneId=2299328&sizeId=2&e=6A1E40E384DA563B9D3261EF9B0705A567BC53759A5B68AC6640B98F1F2C5366E46EAD087632BC4AB171FB42D02947B3B8B520C6696685695877E239FE276C75FBA2AFD252A020D0AF386182E885AEF763A9E31559342199A9B446F3E8C66BC0C28CFC97C83B84577F03976CC39807FB029A406262C3F14330E095F7FF31454B2605645952F60178EA95BA44B9BBD821246C6A5A324E3F30A42FA7EC55AB7E783CDFF17E6A2CA2E38E47CEC827F59CECE7B943A07418AA50E82A954C1004678A
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::57 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:01 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1D4D 		0
21 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=455201739899&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1D4D 		0
21 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=455201739899&version=m202309260101&ct=2&x=8&cor=11655676908132452000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 1D4D 		82 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ds9JcUUqfmSa-0eYgk0_s1ztAgDv2mLL_ghgX92JF7A7weADuoPT6gxgqgkKI6MfZVULt_X0jERNq55MBzpBbUBjQA9XWlVY-Gi3AuToikBKfCzhvRiFc1Uv2Nl2aOIXgUYNpPOCrVkPI95gfkk3WD_RRIHzPe-vAl5oYM1gNk1-qtEt8&cry=1&dbm_d=AKAmf-DVMz-F3fe1AsO9DmCYgePq1_Er5tR7ZTrEcfRWG0gM5TNaXewJLbUzFg_Sw8x9fBTHMuOCMIheU4-y92rlxky3kJx0fiKEeaDMiK5FQIAcuSEi_ETFOQVABMjmLB6nQ5YAZTmtolrt5qHTe9u5KUM_qmIMSfLWHSUEqYWCx4klRuB5H7Cs79IIj5woU7bmp52IrKQzfzGkt7043QkhilJ5Q4WOz3pbPPU8AG3Axo6IqXjIi6Gj2TDREy9LKCizPHIgrw_t-F_cefVoLqnO22hw68VnDtPU8EGPHo2MXvJkdeAoKSv5IyqmxNATn39Jx5eKL1hVfbqd4Ov30qTYo93wxU6gWlX2r5MEwa6T36ciJuatN-Gk7ybMEeJAkCcIo6iW_Y_NUyGTg6Ta-A_eTyrN--Ssa3FkIybz04FkFVv4_B5_t5LSB_Xx8fiIXds-hrD0HEfbYO2WQoLm0N3VAUclPrsaW2glOrK_ciyLGQCgLBOAlUywU7YcZE1dmh4mryRQLNQKNLXXMCUgKYxD3rFBseqnsTcc9eNRIXJ3deo-xs1ysQFPT7JL4makZJflgpoUOGZ2-9Gi8q0JaAdXL8AYfMeHEqWDm7UIBZccJ2t1Heh0CDxK9FdUOCWw-dru4FXR-AX1MBobGdSP_YEIjFZfqDcajgJEfFyeJ4tK5ORsYSBeA8QlSdwQjLMqronr4LC4xXmyM9EnuUWYvjrFM55kqL2gMgn3i6U2di1Hviv1BYwDpxEEc-7Ga7DgPADdRgP9ZPNQj3ebxqDU9rI-pxBQtQWuz3QvynnDYOseu7hL7-nOK18n4iMGDjsUTWzevbkOmoO1fgwuBmPwfUEOsGz6dG2svfG2p-_mCOLOx8RsaOFTVA67MOZK9S_CtUb2Krl9YeLKZG-wflc0ZCvQ9Wq5iShbZ8CLf9ZlDMIGO_oxbH3TXoycUdDqeaICm214lRZHeOGDEijQtR-wm6Sua22MYjIufNFweB8VaKtNeBetRpZYRNr6XfNuZX_qwAtobQcn6vrcm-4lOwsOvo-bIy46lG7fdTiu7LGc3BatQCWIHmXSFSzYDrGTByYptWDmVd0vNJK5o-fLL79lDpkKD70e6ah6FQRYb1kS0CfGL1bkcPe8MCBQM2eqgCEApXJGdhRu-EyVlNsFT7-zF_WK7x0q-RNMBP5jI5kGhgH-a7svbhtUljtHBCa-rUugZmG7_9OVE7144_A14Z0aJxDrF_32Do4k3aZwMMcdzVuaJhdzFgju18zyvImbWcqrjsDXZYXiD8Cpp05ftsINVxarU_1SWdCyIL1J2-AVi-YxCalA8Ys5QjTa5SlkNAlciJLgtYo5j8fMYO-rPImZCSMiH1shd6gzecoJ9w2kn-A4Dna6WCktaWcJQwAbqUmXUms78e-EUBDC6n_0Axl5TpVQb9FveiW-8RHCgGqZy6ceieuHThjOqitnQxrdl59ZPcrNnz2VHcfHVBUnbOqeebB2i1HtAk95DkKmDdeZeRcE9kyPTGNjKkQbJU-Uod6Ks3F0_Oe-p0pvZ6sR3eycgbBqts47DKHWyd4m9QgY0a6Qfc4UyBsWlpuUoSSBZV8XU5efyolEuIOAFYqECWujCFeMi-8FLvZwMpblwboHjEUAXUs9uibDgJ_w-g_hHoSEwu17Qu9-KVYp_vPEp_wpm9qwfAPycOEHSRrJfmeUmDEm7GAyj8s0gDHIVQkxAtDd1OzK9iVgPwixXNuqQ44X3O4U_L3EeWNGDob-BievciTdtA3f4ck6uN4l1o_JLn-7yAxt-NB3gUpB_qN3GtR0Kcyxg4gnzjnZB-rxATabJ8WXgorN21Z13MgxH7dMgcAEuuYS0S0w9YgsEjN88V-mbVm04Hjggxz0dqNkCTGT5PqExmKWUtEwYM2RQ3VENbSQb1PVAPR5feExbJay3uIjVQwiDNC984yiBzWX_logU1E2JuzwLhDonMW6hVjXGUjQM3wueVwzSJhYSyGH4rq7feTijIjiJNlgiCp-02phESA0Y_MRuxMBYlDa7tHHeAf0WE_XBuAI0At7I8X837bQ87MLlCh4fLYzC5yeFC0IoP8KUkTXvacRwVtYQoEbaYGLDUij8AG19TsBNg0HEVxujpzke-xeu0sXN4U8Gwz3AB36a_UpzYvOCawG8BpwKRGF3j7Mhg6w2xRUZyPJz2K08-cEJmJxw4T8LVtPmKap9pm4bY8pW6vRMza_pDkpjT9Qh0plaHQpOj5jEE9UQPljjJnSCYpOUvnZipti8bzMrsPX_lKz2kO20pycNFyhV3oZcXxhY9b0bAVfi4pOdK45fOU4T6gKxVLpPcqsb52yhhvhec_TNFp8vKbNY6dUUU7xaPBLt88WyZYlzgQR4H130Aw-eGw_VsAU-XMTQiZq5qZ6rQ5dJ00w7VVZeGdNAIgMh1XtcPUgitxN0gvxcnv5OzNejk6EJYff6i2Cmscm9MeQN-4yw_aE9iER36W9S8umynJSUwizNZytS61UOd9YWPJUG1vIzXaSfdcMcKaJCbEP9_aQov3pkUPcz5y-ro60ho4ZbOOuTBNPUd6BPkWF7y_8PlGTiF0k6ckFGeoyZH2KWGA14j_M6fWm4kZEGWc1jNpTTuDjqgnZbTN3aE_IsCEYpzjdv-mi9e2dXZwQh9_M0iDSCmvCc36QVFSytv2o-eu0Pu1OPWGLA-grkeC61w09TYeo7_S5pUVp1KGjUeqo3XXKUOV0p30_3kWO9gS8ReaBS9LCl2jkvf_V4bWPOw8eqni1Sqacrvu_z_087u8j5oYr5Jdoll5TkAbl7Z88gsomCmSi3QwPOmBTmm_0REg6jyK1qesI5zd4Pqyfk7VHyBkbIPxPLjGHc1JPIPkYM0gfRbRf72HaBugWiaJy0DAUaf2C6IAgYVhllZHqWfwqLkqUrlVYcgdp0qgmEG4SMhGWbfXghs3I8MIPhAAXso7EJvCMoD7akNOhtibh9g1-L0bJYzVgk9db8hhaSz-6L8cXWYRqq7l4AV5mbDZnKENX1-ZK7AZfpRIFA2i3r7s_qweNZbTDJLUnoqkwRSSxk_PLcER1BURoMZBR5gnOX7sNoavXrQTiHs5Gjp2EO80RsntJCvJEfQaHj1X0xGADCvElpsj5Co8-C1_90W1t53fVr8qBCOP5ArYt-WRAjfF64oi2KzeczZJWratRoHdl9z4i08qhObquZ_a_1mIQB4akVhyi6FCvgqU04apVFlHR2K1bCYfznFJyGCkstOAiRZk3i6PkFhXZSdtG6i6CP19iLWhzvY_pkUwfL5hwAcBGb4qcP_CJ2uTcl0DpO2cQO19ozvlEJiqSVjl1HFvw_m11ryFLD6Hg3UGVcLAGwMwoP6YHN98-LycniucZRKvW-H9K0Tt42nfyJXcovPyOFa2JnqGYXzWmxFyBDEJ_X6IqzF5ze99avCr6BzJDQRZ-VlLadpAiBFBZwSn4sUeehwCcHyVIPrtuzumNZZDWUW3l7r8JT1Fe0Ickc5-OBUyv7ufAHKB0vJ22hg2CX21qK6wFG9Tf4JpOk92jHRozGbPLxeu9yBSE2BWxdNYI22MAOt9AVnXJErvXbBkVWMxsrMVPHEdGWocTZ7alsz8z_qa7A0VLGmsT3zoR6g5j2Dv1CYJi8WL0l3xyKhjBYFPa1-rxJKQeaaccnD38CL7QbV6yqk-wRJX56EQLsMy3tJnTSM5tTepXMAS-N2psv5M5uLvuU8HTFBVGS5WiGQvAVJ7gLfUEKoGtSEUZKaP_7ygbdxIB5A3SNoPVTppDutgnTX_YHap7wvJuDajCSXuXnWn7VpanpBE8aifadPX1dIKpn2Yqy8oErHV99vyAGM4mifMI-UqkhFXZ-X4ShMKfWlS76C9aBikXEAtSH4YsSxp0QDBXA0VcZ3pAZZric3sbBCaM3f4XiQ5p9xKURJyeBVEB-1Vt-k8tLdSLQYh8fCPyEEn7AGgCTl_2bBXOoRfCKFygwpuaUV9t9wJPpfEgAoYjHtzU3WFswSA&pr=8%3A6FBEF3275985A762&cid=CAQSMgDICaaNuKAcaVohOJmyY9P_GVwZP7hZg3_iC9M1OJtGq0sQdDmmr_qmM3osYoBXuCTDGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.turnto23.com%2F&ds=l&xdt=0&iif=1&cor=11655676908132452000&adk=2856228691&idt=44&cac=0&dtd=99
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4379d7377b4e9430d36b6ec053a6d1a9e136f6d861e3a3549884b541db15c6cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38482
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
9107379330298137186
s0.2mdn.net/simgad/ Frame 0E65 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/9107379330298137186?sqp=uqWu0g0HCFoQ2AVAZA&rs=AOga4qkjZPs9cpDF6G4gCnpXpWAm55yYcg
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c8816be8a1ac63eb157a57740dced17c63a9affbda763c4ba35f88cf07e0bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 04:47:18 GMT
x-content-type-options
nosniff
age
428624
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16210
x-xss-protection
0
last-modified
Wed, 27 Sep 2023 14:41:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 04:47:18 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/ Frame 0E65 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a860e393a22f7cd34a28120e6b5f9bdc433a1eeda614b995c6c22b395afcfbe6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:08:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
34936
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11591
x-xss-protection
0
server
cafe
etag
12161711247934188981
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 18:08:46 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/ Frame 0E65 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:08:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
34981
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 18:08:01 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 0E65 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsurhW3st92uQSg71setatIujqWs2yQtdJf2RzZfgSPWxpDL-peYOfFa-ZokX5c0aMqx991pKoJqfX_RlWPqgu_TXyKLniVOF08YNMNyJkplH-eYjcFH3fbHxCEIHQ1JL_xwqKoFAsqupY5uri7uWP-OJuUuri3oknoyjDT8mf9UaZWQ4n3BFpdChf3h0x6ojNoT9CKcNiItVxoJNJErRLNrj3ulJEC4zN-xLWqPLyId38zREAk8jZZB67YGqvZKVeEMDYVM__svSwznS2Bij1t03uA-cbRfyYqMBJIpunfDqN9qjpvwuoGWv3yoNNHX2Wie-8vt4qQPBFt2Z5bjOc516pUuVlFlnJadfNwzDiH5L3OkLRSpy7R5TZMbHprGNWmuhhUc_A0VjL60JVKPdH_cnv_wQt-ePST7Fw8YU7ItD5ZCA6zrJcOpI5MPPRvr5EgTApI2h2v4pj0bmIvpmobwIFdn1IAkN1L4J9SGVgOD_cusmw-p9_95KizZv2XZsJYjQM0v9JPJT3QQpV2V2Bh_rCl7ItQKvP3qWvG28ARwYgPgPeoTVBodsrFQd9jIREz4-nnGBsMgod3sZyUVN-XPnX-Ie7A2lOTdk8A4J0ARBbst8QLsh7iL498afVeWKzTFByUhgasBahZKPUCNt3XGszrb7JAK5yMJLxwlQMUqLasYGRmiw9oOtvzEjn_SdCU6v7EOqWaQ77gdJ7gQknA1ri3CiU3c3H2xsM1pleIbR6MZAdgljw6018UACKR0uTlDQbcegxBS_57Y1Kju5fE08vyinItN8lNb2e20pQJY2n8mJdXzWj9bx4KQH-9j66p1IOW1UPw_AOntTFVSx45wOm7htYYj169HAnXzK6_i_Y5YSxB40X8mvgXtoFbYfhGxkxUxt8aiPm_xzFCNfDlH75jf17UcMhhcLhZAbAvsu-WraG2m6lbbnsy34FVHi01E1AREQ9-iItejnB8SCB_ZU-5lRVxuJWAAnm-kyQ_I_t8w6cI0NfU9UPRcBfOjxnbYgEj6HxLd68VfdiR0smtnaaAj2e9-TlZHKIETYEB0EeksV419HafaZ2itJLiWW6pujTfjGI0eYwCBWtZaMImQM0PdXudbjdkOz3J_zGsfGv9nNBS1F509YYXp0OAClwRmpreOB4QE1dyJDrP_NG9v0BAbJJx_cEn0Ge7c30pHI3RwTyOO_Dh6dpMZ8OhgK7MeiLrIpsasidPGOUHOLLNTZ50FB1-leSGN27FSQ5RFXX2mCIt3gafMYuUquu_4kqYsUAPjRS-X-5_pkrPBr_IHAYD16jfDcQymxkPwQj3aS6HjfYZuCJPvReOrYJ1CCD6kz233uY-QpLJKokjvwl1fhoJQe8djEw&sai=AMfl-YRDsuJcdP-DMPJkQ9C1RXwhAH0j0pughHZ9tIiCSMt9On5dwsNWuVep80ZcYk_UG963VezLsun9xXGZkoJyyk4GW7nX8A3BRvv2GoxUfK1TG5p-VyI54UDp_ZSODmJJCgdcFttCUIpyL9qrpGKX_X0vfDBPGn7EtdfO-Tf-08ErdH_bLpyWvX6W9xhBn6zs0ckxLrCl_YDBjzY3UVzUBYhl_0vQY6Ec9Gjr_XIe1yalMCoAUoSog-ni2Rs&sig=Cg0ArKJSzBh6d4d5Cg28EAE&uach_m=[UACH]&pr=8:64FCAFD2068D1809&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231017.74281&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 24 Oct 2023 03:51:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 0E65 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 18:02:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
467299
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 18:02:43 GMT
usync.html
eus.rubiconproject.com/ Frame 2BCD 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 24 Oct 2023 03:51:02 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0E65 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:51:02 GMT
usync.js
eus.rubiconproject.com/ Frame 195F 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f4c0870e7f0d953d864c90b9a23f0d3374b658a9bdf11b12942e4931ca774722

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 03:51:02 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Oct 2023 15:57:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=43598
Connection
keep-alive
Content-Length
11097
Expires
Tue, 24 Oct 2023 15:57:40 GMT
usync.js
eus.rubiconproject.com/ Frame 6964 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f4c0870e7f0d953d864c90b9a23f0d3374b658a9bdf11b12942e4931ca774722

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 03:51:02 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Oct 2023 15:57:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=43598
Connection
keep-alive
Content-Length
11097
Expires
Tue, 24 Oct 2023 15:57:40 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1A2B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuG2RTlRBFJAg2XB5upnwdT-ah1OhY2UF8kZ5neAZvBzP_p5aMcfeZ6-typ9GJKGMpt7heJ096Nej4kfugIZ2jOmikYc8k2iDt0xWKEpduoIgNIxWjIpU1I71n073GJNGY5LANFyROem8_GzGRLEIQfBFxf0UTA0nZ5XIdOgsQyApXEGrxdUGucLLg6biGtaRgYaP8jFpNSqaljHV71TsjXodcWVSXd5pX5XjXi84SQkYEbwResgr15NxYClnnj2P5_swAA2uJU-aoUuOCR5EeN7nx2NzR9GpFgiQVeNSKl6v6udyLcjWw2Spyb0r9kM3SJha3DoRiFMslqdC9xp-QRI622bQ&sai=AMfl-YTdILoR47-qj7ogN0FLp9cAKqqC44Nup89ujEXkEzt15Vu2wrpH4Rf3C3jFTUSXgeLpMePgtmvLzHJPz5gBjMK4F2kBdZR0Br1kA--IUE0Zza6FFpdV-gJSsm-9tW0&sig=Cg0ArKJSzHCiBwbMhRlvEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 24 Oct 2023 03:51:02 GMT
usync.js
eus.rubiconproject.com/ Frame 03E7 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f4c0870e7f0d953d864c90b9a23f0d3374b658a9bdf11b12942e4931ca774722

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 03:51:02 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Oct 2023 15:57:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=43598
Connection
keep-alive
Content-Length
11097
Expires
Tue, 24 Oct 2023 15:57:40 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2E72 		0
21 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6676699722949&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2E72 		0
21 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6676699722949&version=m202309260101&ct=2&x=8&cor=15529575471000766000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 2E72 		82 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DLWuBv-ijz1Snvc2_9dKjUmu_o5yAFYhziEXitjmoD9U9z-MMVzkk1s-A9VnnKlirleqgPCpNCRho5xJ6BoLGruRPWHhrZEZodsvd9GpU-YDZqJYG8qOQpp-PjT2K5ysKFuqXOyB6YjYJUhuBM0-8G5AiZKINvdK7fN9r3X7sBYbQ7aL0&cry=1&dbm_d=AKAmf-DoXoWzrpqfkUe2-tejKzI1IfSlMRa2HPGCWbOLHkyU2Fn-J4-eNq4j1xp5fc51AzpYEw73VyupiGKYex9ZEV9Uv2nNbx7UCAvdTl9MxCMN2KYE1DkAHMBXFWGLDVThOQ7SvHDDF_BLDSakx-LcQBli8T_5OHALZ4v2uC1xeOIjlTllhP_4pvlR982dXM6oDA3L2nDUhWrJGkimWqixavdNGdQMnHyGuCct9fFR_xIf2zv2YdNH-pTv0aYChkND5AxPX4rq0_doSehYjJshBswPNKenvBFAlnjONgBux-VuZoSsz4u6Xtl4Fs0jWkXKZxwnmhjz_stVUpcHLySR9Fmz5CgBdTBRdGgLYo0ept6SSLos3GaWbsFcFbxDMY1JfChMFbat5zwBsDeU0fIC30V2dgBf3PutUtKAkcvLAQB2Xw8W_utRrFR61OSCroqXSIMDTKkb_9a9riFJ7lQLepJFCPH5qP6yYtl2-7sEpFt2Zv2vN9j5yIxTMJY8aVz9YnYWCxOtY-go3m4IJNWySMjtg4JfdXwFToX42LjcaqNFVzSahaQjYaP8kp8Da74uG3dWVzafHpkar7IGtCWuFQu1L9U69Pry9_lUzmKOSOj8uantAblYMFkDGgTcByJgJs8wgmSs4l2nGw9xEGQC-ztXN_6ZAxvs_z2NyOUyCUbI4mloTqk01Pc25gvUzS-5w3Xb3sCCcX6D7xckfbZGZlwGWilPeXqHT2i4UGxjWzZ4KEqBla5HMViPCaJrCmDmJdUQJFNda_7ZKfzbFCbf6hpx3RF1JAyjDM_CNixBwUGfGSR2DjfsjtBgMh92svUxG3DrnAcO-9slyKzqHyHUfb80sD2xxucvHZjUuMEGEvuNOX-5FJmZlsKYD3Y3CsOvbYBsKdmIayK5EAAIjHiJbC3eXxlN6BTZPBl42-xkb49kTSH5pg4DIzehETjpdZ0oMe3aRcPDmGO9UsT3Y0_OKMEhMWoFgHSsst0N52ZTFlREeMibLNouRZh8xRaQRifjtLmQ8jUvddyQ2C8Xep6ISDtK7_4sGcCbtch0BA9Nu067bQNeHZCQu5UdTtbYS6w7e4rzHk_d0T-jyMMaXeONZDpP_mLYrvKefEyMIToPSrI4pl0PjbixnplD15oPQYM2Njx75U5IgH3qxPc2NvyhQ6CHxIzitMTb-AVJbXDaPunTePy1ip5q2XWHYLpq5j2i5axJRkCp_nbZ2wJCsY6uiJ-msMP_93xsOmA1AsIFo0U7s0zFp-RoFtL4TcJmYfkTuOSREwKs9zpu-Kyr-wfH7Mei0qoieWyf6vheDowxyVm8C4_ghujYr5wRGwsCylZUo8Pyj1SJPVphy_cb-XJdjgH42UB1DzX-wWIbjlfsBqRFJw0AIVyeqYyJA06Ym-hYnYuxPWx2BuK8S33vlQmxqHAdr3eLtd276XB7DxAOOqcf4KIw4zuUtLv6VY6FFJc2FJoaQki51_9OL-jTiZAFQxMWdqKqywrEkDtZ3lh8iqYRzzAIm2hAU9jNkSHrfsVZGzPx_jAkpDgJTK_xhh3mRe_g2h5YgiamxRxpWjQual9pqdKckEm6FkVXkoEXxrg_OWJgXrvwCMr5TPEDbJg9ZZqUPy58FqKaZJivKZb5mHeNZ2_zRCj79uR_OvOSOdN1WZZlENc3hC5Xn6NsWaoYLhbrYb1rv64xK0ikkoThR1ZNP4ulcU6KbU6Do87GrQuW7Q7I0IKru6dVufhsfbxx9SH0PvBWZKO3llVM8c4_FMpIwt3GO12C45Fd3MP0XAux2iIh5LiU2hj3ZIPm6clnrFPw4yaJPRiTsiPuaIrhnu76H18Fzsx3rUa6dikJP076l_I9MbXAIVvhwLl_yIs76p1Rnmn2aVzyQmkiWx1-1lmIQsmpCTjQ_r2XgKp3FYfQ2JV9mfS04SgtcCps2Dc3YsMuyXnrMa-6dlsRSCd8esvHURVnmVVysnr4P9_XbQ_ovsvXmKJcmHf6a1y2Ddf2mN5RicwgtebDbLEDglscukbsQcyFOzOxOfy2LZBVxuW1EDuFQl06s_pvGQOCMI3R01alaFd8IG0OKL0ln6NQ4D2domqPTLSq_9qcXkatoMboq0OBOu4D6zvUEIQ3zk7H6u53xydby-9hbqMOdt1vAwNBTzgyYDef5ucZadfkL2b7G8bVsezPpqNXcJu0p3jqX95ktzi3Ju1625_pbZlqrhAOpht-0DyIFRyjDjWeNd1yV4crvFYTofJ9MlJaoZHzDxbQs591In6Uwc_d0UtmVTA9hEoC1fMa3GHkrN7QqCoiFZ0_CU97dfVpqtbNxghNuKvpuD-yRuNE8oe0S5ji2c2Az_RjUHgE8dCEo3V6jkY1H-FOV9aW3JkZHTeAz40G_ezMpaT4FHQdsmgkSMolOlZwFcz1my7KRtRdtajXicrU2HnvN0tnaNPvMgHn2ljsee4_qn_Bwu6hFQ8LMt9HT_c5e0y0wHFi2gm-O1tNDnJ7wcDPFvXOh2Mx9x5Y1Al2WlDCuE0vV_ddZvOIe9ijVzhRrzHDS6NZc_Rej9ORxxEsU02c7t6SsyIXS2l3bF_6Ozxa-0dBXal9M8pV-FtTy57rqCzR5DJJ8uq4QMkTG-G79wf-gVuxy6vveQfDYAj-vW3Wd0ZCMnf9_6_-VX4nNqbWALTGD02tzEFgIcd1xDzRNLL7wXvlp0kmlwhtEYc7fsUcIcQG2UzN4I503tBqiwvrNqWf3lqLuZaQbnCSoDxZySYUxIRX3E9xiURIFh-1vzu8RxQGIBwLD2vqnCzz0g8WLF02extOGHuQ2_f4IEkb01WVniOkWSIc1NAvNQU16_Xp273XELv3wEouMOhMhCSvBVEx8rCknU2AvaRFeVQDD3DZMuVKz1MQ3kDdYoggsKawxjcxtgYxIK2kKgJd0jUTc67Y6CQ_Y0uET2M07GRB9GMOwNA001MvnZ3ieUn_342bU42Fn5o_ZRZCijCfbWOFPOrY0ZbR6Cq9KzHgdqH_-Y0jik_26cMBVyklOgqi3NQWYqE8sVud43f-BAlquDMB6vp_QpmstRnueiJoB-6tm6H9QiKxkjMqPcCGmi96_7ztiOyxcr_zC8g-L__zDdvfFPhDuIC28V2Nsa3rifDoo6bp0S6yczU26EzS9fr2HCUBDEE3Bj6azso0yvZGmczHtyHm0SJNYCYlJL7jd3jeAts4hlCZxgOfSWXCpqYuoA-ywwWNxrdCtNQ-fH8-62M9zmbZanlp7ghUT_ZrcNAQYAwjBU9uwX3u83tfHPXh0ttYhmEKanGIxE2bwJZVAQWPzbMjjKdKiyoJcCam97982qdhXGJ0jf-Wpx5KyHGDeNz-QJQW19RbpE2Dm1IU_sij67-eXHn-b6c4Ar4p9gCZENKHiBQTtV5qfVKUuayi1cU9pwa8wPC6PF13uAiVefJ0zk7d_snS3Ilo8W0xorPcAomeCUV1kkvCCdoh1COAx2_BtkTtSYoj53LWTZ4R65OzYU2q2XkeOU0UcYFmQHmVVOnJ7MK_WEfnDFwtZotNV7XUafqRduyFBuoWC5_BmuyZnigaClFleNf8VarXTAtz09axR9xkYV3d7hAcurEteJCktWatx1CopkbuYxghoVXvUte55XYVuMg0JDyUAzTgZELvYg61UjDD4j7TVpaTSi2N_3-Ui-yXux6hDC4ytqxvo1ne_DxsHK3i9twDohWNd1uyMNM_GR7rc95mZMmD_6Na0kCdf59yISQIYOUMb091FbbWrt7Qn0pDyWOcPG5DC8XL22hHmnB0eK19WvUCr0FU4139e_piAmocyqfx4y5qdtRjgvbYgQkhg_QBDwJ9XRBBNXrndwGDMbm4gfLMKcKg8lRmwO2lvR0KGqGz-2HB1iV-je95PcfxmSW6peREYVvHC5gyd1XNCQlL68pBYGTT40Yr-GjvexciUnWB-ERMw0qdLOH4yT0QpQgVEOmkZAH2MNQxwTk8rZcN-dWXcSrFlsYPV95r4dZAQ-bmAQfn4VWT5xkj5g5HZwggj4flo3UiHWN4aWW7rezhsZrPSVRqQlaFgGoK1E3z28Gmlqo7VweXT4Y&pr=8%3A06461963C725935E&cid=CAQSMgDICaaNWvNQutVBssIgAwBgpAybljYcVIX6XWjojfwwgRyFnrPhtHssHEanYND6TY8AGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.turnto23.com%2F&ds=l&xdt=0&iif=1&cor=15529575471000766000&adk=2507927557&idt=34&cac=0&dtd=10
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6e7f6500e0a80125abfba8a5806a14e2d9fc938afd3fe93f66ea6da6aaffe267
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38862
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4DB5 		0
21 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6776923609184&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4DB5 		0
21 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6776923609184&version=m202309260101&ct=2&x=8&cor=12463689764663804000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 4DB5 		82 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cm9MtVdRZdNFu5zeRMbE5bm4mBgBTtdC4x1xisNV7v6lI-XwqOFWTPQMn1TxC7qW8eUDH44sSHqGxtieNCGIa8St8fvJzg45HKohuNrqFdxku6rGMn1GaY8z_TZS3y9SysA3qjOkiOXNd4cvlyl9JXyuHVkyg_VSM7f6hZfRvdzOHIehg&cry=1&dbm_d=AKAmf-Db2ywjWgjW1pry4vKbc-BDrV5MYS3ya2IukOKMiyOsIND6of2-0cBfVyjl1uRiy84k_4pAln653uBblG-kJrwuj42uBmqdnAo5Ql8d_tVONSeMixoAnJP_8Ok7zwVyKsq5S1ncc-QJX3PBxMIQ7KlpnOWDDVxxy0lL5wFFzcardR4rzq2P4nuU1Kf-g2rAKzTM_vKotChxuSh8eK3G23CYzGTsQsmOxvBr9mRulH2h6aBmhRN-JbQ_P9joemPpB1Iro3tT_r0JP7rxbgLmz_PPcZmLgD5cipN74xI9HaIuNE-v8Kxjgf-0wCtkz0jlEwgocy7Kyfya10WBMa2orE4a8y3c0LG_gfkUvmKhE4ZTseVToy-AmEWKlPMBZsD31yiFcJYYlRVvezBu-gT5Yk2UT1_3af6Vxf5LCi5toGKVuZZPpjpevi8xUiMpBCQ1KL7jpz3DvlsoFO9ptjAYpiWo_y8XGEVoQ3kZHVnaKcdgwizMfYPtNcxVuvFyw7E5zB7DUEXHXMACTuN0hmZKQFDWKUCZFaGOGoMq-F2-K9xgPmoZCHUKjNPvh1bDEDoHRB_I1hbp4Gk6HyLRdDjeezDIjRme6ob2YLiu3qK4T53TcnOdBlwt1rMgoScMc7f2BvXCXeJ_ZdkNymBkScScX_E8FRx_Rtt04cmbSet2t-OgD5MIVppz8-Nr0AqQ6HqedD7PvoRqU04sqsqBcADJUj2CHeZl3Iwu4x5ScE_E0wb6bgvDQ3adI2TRs01zHnSoE1rmP5a6M0OgS6lBPUa_TGrLoG6m22TA510hPg1LtaN0eAyq8GvXoQVhu8Xz1ZaGL_3SqvgGX_eItltey8teyo4ux5fAAtVoehxq5-sCPF4lFFX4pwhGuJyGRxy5XX6dv43uR1l3G722VYjRGHgI6Nwyzpm-y6sfMyJeczY2ZWjz5O39fRV49-q0_vbPuDF3gvsM65-UehiU4gigb2q_ADEj3VA0vMwSJhK25AcLCUGMRzD2UG3yYMXPcyT7BoDL-NQCLHfxneeXJzEbH0KRyXeIFwxmFXJfDNWDt-cNhxhUUEHloH03VZbxNbWtOY-9xDCgZ0OU2fG7uApTUSOM6VtRLZ2xywAkndEt-d2BbcpZIkBWDrx4GjbgKxLZgB8YPBK25Q7bOIJb13tanUZ6eMkdbLouQ6mjMXv69IBgkrZqhv70VR-VCJnRit-0vRnRvPISr6aiGOXvxepgHAlFYzvmO10nkr-HvFiFrlWRLqjCv0ntgWNVxg8WIYl3J66aprETNskqFCifP11Cctlvrd8GnAi_qqpSJxE22roGAMahBrGvkOtCt1O2yBT8luyOlgAloEZZV5pGRZEgKYCL_lJ2JhUTH3KcrXgVHOoL96TKb6R1885yWrVSJJ1nJM6biTFF1JCrXmK8J9trUhqH7IDz92i7HWM1ayWs8hUel8ufGbNwXMoYpjDRFR5V2kZFEJr3Ws6mUPkj2T7tA2FbbuvSfUZqZXqmuAmD9UD2HB3mm6Krqha28z7reoNUUf69a50_V4axVPlGJqqAScT1vq1hfqmnqLMRve_AkMwPH2smyvDy2thc5bGmGXbXSH9DDcAh6INq72nyXQX__QsEhyESvorSF45bbEIVaoOzEMEkoKZS2-bHg4brmussYjjywMRRvX9ARkeU7KXGnG77aC4OMou4qNEJCpvE82y--EccZspzgHfgqRYwfv9JeiPU5wtofbWofrHRMIdGqVvIox4Jp7rospAMxWvugQ4FGbO5JXea7E1DY-wCUlGvNViu_TkxZPrTEw4GzMx3Os3rMXERbiPYdXyw5JRIqUfidUuZe8JNH37QaJzuoERc897dO59Mu2tOC0DL5h-ekCr-AxwEZXfV98DGxT8Jvv4L1KW9nQqyBR6Di8Y5oETGzoKqPCetNoBdt7v5vuE95NBdOz7HcXoG6aC138l7b7Aoz0koS4PCfQ09Y-rCbMsaWis3AqGNwdex2opaVCgqYOyvLNIcTxKZPDTlAfUx9_NBVTm_YFwYJ7x1bX38iONUtSpS2LTQOY9xRPCBzQy-Nhv-ll1z5wzzBGWGN7ehRBcKDABRR52hUbH4v3vTYA1fQbnazdVBAKSllwvlaNcDZ7iV9hahCM_8Y5ttojzdAel1ECD600S4wv2sPt20wI4jEfQRoqEmfPoyLowRgoKs-EeIg4RhWDcOnFyl-K9tLtoSL7T5ZN1R6J8AtWurOWxQhjuuVZoGxKoCxFnZJrHS1AGnuE4c8UjkuvMwyS90ZMtZDE5XNQ6Du2hsBcDRuT_HqAdWogvKHQUyZL02dBpbhqG37KSaSozp29Z77ZLyQJ9M51XJVglCiv-0U9qG8Ys___aAC1GuXSaAxalDPkNjTCGPWTKRK44K6SBNW4obwWz4E3U-0ankdxX4_8MqWDHpx2gO7-jBvK7y7F7YImPrhRML8HTF3vMPqqp4oqpglf8MSxWSi0jyR_wvqlkzFcW6Qb_iDT8oCQagvdmJZfBXoGTJDePRWB592WOLMFSS7fedsDOOpnzvR4rWw1LETDIAUgBQ6HKrc66quijmORWQkBKVunzpzd1_xeU-NjZ7i4SkfoHC5x7kO33x0dnpdhNBbsLMP_SE8u5Huz9WtowPfkiwLYjf1cYfJbxVuvf86YMeovAanlHUkpqdTgPAuxqbszDvP4Hd3d1OYGPsNzvF_TXrVcWfv08XkZCCe5i8eA-l0HoU3H8s7b3kQ_Lt43KdiK2kI3sf5Q36QPoKdin98BDeeDiIpCMCKD43H0afYZ-zCkYE6xIUDVx2GtiW9KNQqdNcSz8WZ6hmTDl44kwqAdEcAWiIcSKLkjL-a-7mHJV3D4W5IzAZORZTzIvGtKMjCFhG-p1lfi_sJ78SbWGcJMyVBYHZVI3mMmN2TM2JmDQ9fz-2yIEJ9ShQjZ31LhFlBBTwUWkhczLJP13OVfX23BuEvrFb-YCi9g85YJw0QGeSMLyzLKPjW9UvSlAgV1F3nj_tXT80kF3vNva-cuhsckOCf41MVo7UVz0kKAVQNUYUwXD924fIjxc4CBR9LG7lqn3-5MjL18zz25fPvDv9s0kngqF61rgK7JE36J2v0SVgMPsMozLM2kQ2nxsJHd4utdlj6Cn_PGtfgK_6ebhlqBtCeDp3Nv9XCwmaCeqK3igeOpcjqGnJ1lmLYa2msgBajbQfamSqme32qFCfKYfqyq_fx2jwEWjOEgsn-e_oeT_aAIN_RNKuXjl8G5rigKm1Ce6tFEaxY40AdheXDANt1c2FVgEZ8dfmAhGsI7p5a7rCfybwzRG8GBOh-rwm2-0fBeaYpVVjQIcSRf3HgOXGeLDE8sTVGJAoNbTd0ERMhTF7XmDURnTRz3j5lTnI6-gXYQppHiSWTO6vc8hLEbg1hF-H8q2vfFcLGZqqXmCIE1cuCAxdm9rNBrc2h4wJf-ArzUjweN-koX-XLj_dD3m9M_-1tU_zSkCZ7k9DoqUCVNwhkE9yOy2hFw1pjEKUpk2J4AxAka6n7jxU9sJZfsvI9d4F9LgbcURKkWAjSlBmxhvnRJACQYatqhXC_OwhYvEEL-BSlPWchLRStUacIb7HdXaavl5MeATCDzisND9Nd5MyyhvyyBdD1T54-DpHUfFZX2_HN3AoH8EJhvoE-Gx6C-bKJmz5HsmqQa-QhyGTUn7eFZp4V9OBKlgW7eazXDyNrD5lVNa10pN1OHMwWiY6oyGmXBWB7dwBYPMT-eJEaMjNWw3rdYQJo1cOrl0H_7rSu8Lh3IcNgQJWfbGEGCYDLjJIEW5blNBE3pzrv3WE1vRjkgKZWP_Ss42clZmf3i5ua0JEZ6ZMmc-eJGEbr5wkENMlaUKjyhUgt9vcHPc2l7Ndx1eWuEMPKP3xHuOHvtRISAVJe_NmkJxUV22TibDatqfwfCC-29jwTCqxP9FZwNUifafXfI61zelK0_dxwnwWE7HLlT5ZsFhvXJiJ9fJkH0q6S_qySLfkT96sM59MS5N3Yp0qqTEniq4&pr=8%3A06461963C725935E&cid=CAQSMgDICaaNqGbOzlOpIiaMWmfB8qnmBT4B_m3qHrfBFauTJqfS9-DD72hiGjFC3gOr4x_GGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.turnto23.com%2F&ds=l&xdt=0&iif=1&cor=12463689764663804000&adk=3042459577&idt=38&cac=0&dtd=4
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1bb97e7a17078cd4f9571c1a65c5c1e526fc5ed28590076a429eb369d994a615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38667
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 77F2 		0
21 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6486128038221&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 77F2 		0
21 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6486128038221&version=m202309260101&ct=2&x=8&cor=17959620350274382000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 77F2 		83 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bd_SWG7Zu3Rjp2rbzQVws6Z0zF-7f980Gvt8cWrcgykOOOHHuXAg7mp4shUojnzjHhDaQo4maNT510xP-BYbhHXJaYGotjCksIAqdyGqunKAwEEi4WFK2P3O9rlJZh3RqTFE5-XPP4DcfoPLhQM5p2dgHUfeUv2H5UzmJfMRpSJGX791A&cry=1&dbm_d=AKAmf-D0WthyRFj61gQLSsxZkFats9v-sm7QTn6lXJwf0JrDJXgK3IRiVHph2p9VMVJV45juFuOnxTjJixBDEuoSa4guirWDP23UemUm-HN_SkB_kbU9ClVclg2Fvv00EjFItuoYAcXMmFBMSQs108DhAYITbxTZQ0XSkFdoDLaaoSE7HhqwhwoiuVo9id8g03HqPLleP6p0ghRsrWFs-R4JAf7hviOlEixY02Gs-df_3-W0kl5BDQG3tLs1B6X0diP2Lu6O27BJvPXn_5CmjwFdbVgk2BQZoJliHnsxAZgvk43pfHDcPpcgTbrrTl7qUkFWxBtCYa1XP8cVI2e7LAny47y8OtIp_WWsORQJDTyUeljAjn5iqcySjj703kVniradpktt2LBiQpfmyclgl4bEOOsTVdFndPbAvIcogQbWn0JZKB6QsNHU9bzOADtcSXDxpojWcE8Eyd3daRPxidUfh8fJKPlh-yM3sEx0Q02mijP7XUC7eTZVWkAWHvKEqFcXtMOfptLGvPV7kORl-eYQllq0MXQCQS1zxy_UK_E4MjUXj6o-uKqiWOxdrU-PlXfkCen3cTOqCRVuqBauhsClIE3Q5kYKkfkw5uRS8dMyI2MmCRLZ-KwmM6ODP-qRpn-EzO62uFCH3XB5nXHZ8FLnla_x_EqmtX64doH4opwcov8EEx0enfrGc18cV9mxCBjx11qqk4kZuWcaTM7s1x3glLionajd_aHJTTB2BGwAbtZVjuPecoWQMURzcANxD4-XADizZlAaiBBuTn-wzc_2XvAM9jBqYrrrvxh5ZFIi1_Jp8ak9XMISnp1RySomQr05OvRrSMtOz2BjQoCuKtOaXFoaj4BUdvaYMGAnfUE01XJUONV3T5ql7wKPODduMtfnzg1AnzIrZ841jWVKB2XuVc0MpXBQRSidlc0wJzL7T8JkBfjPVPTdBD1tTmlMUOwFQ-Rq2EMnhdL04-n-Ugs0x_79JozkqmlupMQZCWvmF6dOUuXhRvNsYBoS05ChJi_CIsJR-HfSgutCjhaz3FmsLdyFyNBoL7LiE2t066KQIQcjCR67B7-mowSRpw3kJK9gjd10lb2bM10YCnhfB_TE0LkFrKMeYFOcd9koqx15Fvg2zBa9YcSwGi4UxrwHbqaFCNU0m23LhGlU0AFp-oXKG4dVNZCXeOXDWFF_Xd4BUkl81Mzs3vK4fyhdokHZLSaAgsAThq-2wjkvMLZgU6dXtD9Sqv8nYwWaIUTKfLFcWAL57sykAkaV2sstjLx22rsU2I-SAvDP2prDqk0OkYAatME6qIMOiTYhLr9OiBNRORvqoh_0bJulgCZEgbfy9YbijjGKD4nl3KT88ksfeufz2A9NszWmVzhky_xKx3GiqcohYhrcwQogb3GWST4ZZZ69gqyCxtjxflS8MzFmTRqz-6_eBtNR6RYyyBUNx7UwWtrzB5N_nTf2EjW13ew1tFNra7BbGU_jZ1GmEZaToOGImVNHLll6pw7vRiOGwuU8Wx3xsCwrQNnQ66bLVt_-tX36lbBt16_uRNiwa6gZmtKuj1lDlO262YHyZqwanMc5H4VYG24unCu-vnANBwqwlc2N4ici69vQqDRdsWPBneOGi0n6iNbGuqqWNYdRp-9SQDcOTQ9Q_OAgFSfEuTV4lNJPsgrnrr7auE5wFQ2ncS-zryrzfCgrwwJbi7YbQ68lTb96hh3D-KH1tywEH-B_Dqa8bM0QzCf5-PE7hPG7NjPL9-Rv4oM8e4Xf7hT-ZquP0fS1WS9t--7-nYE6hRLr1DwtT14rYcqGEuWWmgEBYv_iSIVfx7w8taJhIqFRvagSj3UdOjO6HRjlJfZmRxHwlVb038kQa16MnE-FDgzqFqpVhXTjIVzjndFtcX905yv93mAS13wa9qYrHd9JPLOwf5DE__2X-eEwABrpKkzKnzQ9QyeaUXo8zxPPQN6555qkZsiJzfbti0LmG_U587xeZ3ZLiiSbv8N1ywpxxpy15jwnh6SXbjJLZzENF8_RCkyZ7op8uFflK6SAR7Wn6kPZexqA17KVoseCnwKkkzxt6gKD0vyEibc0GA5WmY-_JA9XW8qaLYV61OuVJ_W3EzllcPShRoULXEOif7fa1zCm0S22Rpn3gkW3giHFMlHS70T6U7Pw0arsNJGr9LM4zP3EcvzmYCb57JXvee2RzKE8viPthSK4lw-rxvMhernzdzuRD-MmeYTruDEE07ZWdlqhlZMZjEw6RWsjW-9NkAqeDHEY1UoZ0l38kvOKEB7pI3W7i2NmoEWGi1FX4nZjHtqi732gkPFYC4sg2FtCRSSDJmbP_vFCwzozIBC83O01hiLRZYszqDoeV4WOM6AgfjsCZnWUCLVuXSaJ6jyfeSvElRRIHdKuYV6boJFxjA1zRg9aoFE1c267PHbysAGuICJvr2rstKE_QVzdmZnl_p4fUXyfatuJwuRfRWlG46c13jtKQjGV1gfZXXvIxBbG6W-M0u-AiSqZsjsPCblq5t1eUXf3aFWXFnE8ZT_s8zeJLLyBWPkdNFCalFnI818Iha3nPSQVN4dsF6dWtPCweNsECiwCakUXT2gV2DNh4MKxnlr-gqKaUK5ItSEv8tyT9hsXUumnrb7PwDwh8g1RC5Fmotk2KOpZF8dhOAPg9XwqhIadoOFFRHTCSmSXgs8f-LkSHkaxoE_8crCn_bXjdJBoZQbmGEFAylDZf3wsx0AsiCW1ZwLAvM0PRw4Uu9_7M3VoyIZ61m37nW2GCJUaR-eNvKuZjLWZWL0lbKZ8pO2St10U5jXnXGpKSrsQHGYq0kJkNEOJqwn5oy0qmpRrytYxgFWXqsYMCrCU9RLEKtsfJ2d5CCpHgMsttS7xv6Z4Ysel0JNum1vbvC67OyHXIiNJay42elUvmwWzV0Lx9lHM9B5QmEhnA5wNAjSUJ2K3wjEYPQ1fwG6Fx1qNOAZuYKbBuv4_SqzodXOO7dquUodzgm4yavxfI9HrWah0ExabN07rrCI-J6i1G_BvnJldBZtisvRreXbaL4uyv-cAZFdFLkOwQy_lIsTl4NnZFmKmEoVJcG7Hb_LXI9xIItbgyaxdLz6R-0WBDE_J4LGoHp1F_ID_h0kxrapSXuHHWltKoALBzch1QaCV6MYgZhhj3l-aeNK39euifs_9iwPGOFUXsBivD9uNsTGjymOPyPMw76uOIPARHsi5_hPaKD7NnPsC8z2SDuAcCyBmTzArhJHYEYC3yJt1S9hSKtI2hMgHsQP0Kq8lMz4w5jVaXxxE1_j0rT28uk5Bw1os8tslD2YM7CDvmsyjutQQCOz330MU0r53WJLnCanh4KZYK_9e0BXzCaD6H0DirpiT79BYYrBQMbxdgHH-uoDjh7FKKj7RGG4vVPvePorJqiziWmfVUJjdFU_c-vaEoINFaspqguVYqSeuiozDsYAzy_1pjWxS3gKIUUXjTxK2rwU_cuAak86j7N6xP5JkcEsIVYyqL4VklKtVds5ST26CUeOO9zDAAfIngTTHO3cUnUqzkjGennVLNz_9x7WwhGlO9-BBK9DTn43s8ea4kUOyjX2quKG5ucbe_zhjHk88E6Ton_FzoBokdI1iXLQgUl0RlU3cSsu4sD5rKiEmJYtv_XW142uv4_rBiwo9Ejgh6JS0Bv95nAThyvdS5nkqmHEezdX9zcB1Xbfz-FqP_8saf9_5TGNMLWeN4Sqo0cYaBIuhW0pZXlhn_GP2HWIwddmNdE9YNiJJhpGj6IrPDYAvHydlFKeQZeLaNXePnRU3nMfdajgt-Pq2OMIyRqMPQ_NAQt7E1loSBsPARl5k9X5c5gjnU71xA0tlueEmhkGvEiP5Xbv1WbXgqhevfle0AZXt-YUyEbx3tdQ2jiZorjNzI6qHAFYOwYU0zZfjvNwkhwDK6mopYTMyAN6lFNEhPKY4iaOy_3Z8n9cuZJcWGsDrvui1K6a7M0OBeY-l1RCq6PqyIipRVcRoFdzhuGnJP82ydQbExvYqiNyh0S4_DJf7GQvgp8wh2y-hugYGaCDbErUcqKCxbGB58FvNnfksB9uJ9wclVqb3A4sx2LLUhp6hrvI&pr=8%3A06461963C725935E&cid=CAQSMgDICaaNsfZ0AxILRfbvQQjFDU3EoRdD9y0kSjTXjTXJkFY1nQLaAekX6NpmHW8rNwXbGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.turnto23.com%2F&ds=l&xdt=0&iif=1&cor=17959620350274382000&adk=1864557551&idt=47&cac=0&dtd=4
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c6028b6ed7b16c37d07c00d841ce55e1cbe3bd6697e3c4e710cb3e1bc0ea1443
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38970
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5D28 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNU8ueg2K63YWa8Z3_qaTRX2lNpjvX0qOG6MifEEDlpiTMJvdju4nctInEGi7bPcB5LcyaBYFu6aVv8_SFyt49-yDYBERg
Requested by
Host: 0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com
URL: https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 03:51:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
9107379330298137186
s0.2mdn.net/simgad/ Frame F29C 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/9107379330298137186?sqp=uqWu0g0HCFoQ2AVAZA&rs=AOga4qkjZPs9cpDF6G4gCnpXpWAm55yYcg
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c8816be8a1ac63eb157a57740dced17c63a9affbda763c4ba35f88cf07e0bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 04:47:18 GMT
x-content-type-options
nosniff
age
428624
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16210
x-xss-protection
0
last-modified
Wed, 27 Sep 2023 14:41:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 04:47:18 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/ Frame F29C 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/abg_lite_fy2021.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:15:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
2140
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9137
x-xss-protection
0
server
cafe
etag
5200559654007170660
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 03:15:22 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/ Frame F29C 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:15:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
2140
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 03:15:22 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame F29C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstrQYsqnCDKpk7nTNJ2FwKJcT5d6YIxrF4gsfx12nOfq8rhDd4AV6dNbcVMtP3jey5M3uI3vIiF37SV0mFEitVJeJ5dA-nP3e8y5OCS7r2RpSgaLnA9DqD85daX9ugv3MC1Tlm4WAegVdVsT93uzdDMF3HJkQcyeNbCb82zRRfRFEpmlPxiVBVl8qoJkqmVL-A--mDOBn4IQaGVNSmFDwEIt6o0PhYq1JP8lkIltyuV4PPsdBLBU5m2HiKHMgCFMmQUuq3D33YT6rP1HIfe2h9_8g0zPOzNZT8XcJ3X4U5KyJtxqxuIxjPQrEa44FaJN4SxvIDQvp1L80QWIZnN-9nz4nSvrwrz-2xbKMfFxgmeqbMGie0ofYRTBrHMS_XPeXy35LSpNv-PwzuSPNhJMo5rojKqVo5dm8HxDx7Gj460gJbR2OhFfPiYJolA5zvF1ehAN5rlpKnYwkmAUXiiNu7cMXcKnwyN9d0p5hBr-51QWOKtNpYTJUrSBiOeU-ImUXqTOthS4EkdxCOcezjQ3EZ8LkB2Gf_ImYnWSYg6H3ChD0eM4z0IucFk5Yioxj4yfKsQdn0h3f3mm3k8nNxf8tos30QndXivpmw6yQGrpCZKd0AcGFsiLiQt0LyFnKM8IN834la1aiYSGpyEevmu8ofuy97Zh9LLOMUn4SLQJkiYt4OT-xt9jWgUGaxJH462ERtZ6EebWbH2cQbSOrxCX9l4nOs4Lj3KLEG1aTBCA_7vcu932A1dc-eUkdXPYLHf9OWK16FB9glmOEPqT9pcs1dfudq-MrFbhpG6uWP-Cr399GJGFzRcMlVX6b2mTlPL9ut1Jt118szPmhuz-LooiEpT0_BKw99ufw1SdihTpT-G0pl8mJwHTSJFGy5zaDIY4mJINB6_5QxFIl4q_6gjxDLhIxbTHw-DtAT69gD9XsEiS2pPCUNlaJF8q21CorAcLFM0u4fEeEWBa-iTH1jVQjxYGnZoVox95Q5xQtm-_YmHLbuX_XaC2EgkQY9Wxzp0emGVkyUpvD_QVUWuJoqT1PzSEvnbdeqID3VB-WXFTmkUaP4u-cs-1sBICZnmg9daUgNhTf85Vx2OFp2o_Apj08cxla8yvPSMPEdLJIF5ZwAwaKrmVLy2yRypnJbKc8GPvvvySQYVHhR5nKk8BJkiB81OiZ1x4Ev68-z1o26HxUbbngfW4SF4q5Agj36W3EaGylbIqBSH-UOdiH9honU29aJCSsnXAB6Fm5LpXNpcKvVQsm4sR2qT1kqozn8IQypPvTtLRsRwRXcEiyxQDMXPyGX5xtesbjxusHx2PZrVY3Km1OqJWCYQV84TNkrNKCuIlVc7V7Rnm2Ml9Q1YEI8hsw77zVep9tEa_8wvRjVDZofQHi5dj25eBu25WFIOU8PTHpDGHIY&sai=AMfl-YTxAMB-KkhLF1o4X08n-XQRIy4u5g4Bw69o_-s5APzO_oyoqSS26WKdPcBW40c4jedjHSxDXhQ3F6-J5c4Hj7z-C0-W0tQpEqqON7nuy1LKh0XHHknRDm3D41Oz4q2CN3SjSzeUqEhe7Y_4-EMW6GpHZw5NFFBD-Aw_dPcg66wO6uRszUmWSD9yf3BmamqokG0id_8-Cvrbnh8i8dxuEqtY-Wz_aIlQKrosfTqRCioBMeSKvRTNHTWZsta_XgQDULtnJIiLkSYzVNsrG-opxk8imuuHgltqS3KdGc9-DBdnvYOLDqwtODOoP5mq4f0kZbLAAE3KW8653w7eYreDaKnvFU96lrPlmGerg1sBeIKGngiQ0MBqKhNQuJjf5NR_6-IOo0U0SUhr2mk&sig=Cg0ArKJSzBnyQgj2VeUHEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231017.01074&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 24 Oct 2023 03:51:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F29C 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 18:02:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
467299
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 18:02:43 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2684 		0
21 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=469139480244&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2684 		0
21 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=469139480244&version=m202309260101&ct=2&x=8&cor=2186202321780296700
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 2684 		82 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DAkUkcnRPyOVfEaoJ2W3XBGYUU2J4Ce6d_JaEbgqDhRPEvNQllqewDFt88yM9k89p-ZhVNqfQgrFfjldP3iP1ZvvT9Cx5lygOJuZ87ILe-txPjizBG0K-6Pwpvmq8jgNRLayvo4dbqgFNnebDIRmGYLoXqf9qba15jGJrBQL3u9rkhZTc&cry=1&dbm_d=AKAmf-AEvvTjWU-ou2f1a3lPdWzD1haVdZkwKOsrNky7n7N574T_saQKtx8fcZClLwH30bsRc7ycg_6IPSg2mI3EDQVKS7fJYVmm6XuseeVob2IFxifJ4IKp3xbWlFvfrMkMJYuwCxTeBMv09XxTXKsY-lkR9NnVKvD7xVZqfLz3KUrVe0x6s5q6LQZ_UI-5k8_N1ARrz1r1YId963RjDOjR_PlsiHpJF5rfuwe5OPtYV9dXloNX4wN3drgWyifjY9lvSlsVfG2dPhFY0b6JyXqKKDgjQInftewy6C_GlDnAtS-2C5U3WStRLU76LhVWfuKmxoi8qw1bkJivqx83IvctkRnXnyTudZaF8R_EsH0DC9PXmnEdTwmu1GTsbe3BGIByvkax5U4sSoYOx5MlVzfRSlqmAfCQlhXn9ElrUWBmj1r6I51xRrxemSMa-RLfuPzFBzcRRX8Q1LtPAyGfuYko5grL_CoX3SZlKlqJK2R8mfUrRIoxwMoSBOIPq-YLC8uoYCAUVI-yFDx4JvCO0YYSsgD2DSbSrPDVAQBD3aUnl_7ObeeaN_MNzw8sKhpNJHgd3raGKQvjIS-cucU48I0YU9Ej8qCW5jIA-gr_Cs_Z-Z5AbNlHwOkGpShcbMzxlPzPEEw-iiajiwGrn6iOalDj15Uc9t6wlEuT6uSrZDfvX5PSdej8QabllJ_j88ZFtWki2BcS5-3Zg4IJJm4dS8ZvOecTvk4kbdBcAO1LB9TMjPDRxoP91LC3YrWcjiV-f-Xz9dOPxxYVt0w6dd2oR7oUKpYACUVc5QT22zJsWsRTFEW07HO0omnegOtdDFAsgyg-IiNXMaUPKtTWPaY7wfU8lEMBzeguKfygCNqYmNNa6iJLCWRcOWmQres2Ux5vueV5hy8Fo35Lbu9E83aE0rpKirWmoNq3Kxdfx08GN69JtFmsxg_nhlor3bUxVyuETeE9dw7kp-78-NY2Lch3zhwCXI34X-17P8RxB-BB11_I43MRZNVxC9ga4gK7mtHZkXXXVoC2bfeoNQxU80kkOu3N8mLln-9x5Vaf5jg_5-azlTyO3IXLtgfqYePenPY5MuOY0bH_mCLNPS8D807m_9-ej8ZtfNgzjwjOv5-5kGyvBUBpFCCn7T47JaZeqdkdMgzI39LrYhwmqVU_TwOjm-MGfazLDS1Q7KpykQ_s6rXMYlV32WNC69JKUyz4zANgz4MQv9SuH-UYrmUQrYMRYOsuawlZBCwOWoJQgcUrglsYaOYdW_MHcim_NHunMLL5OYRcA1-DDXzv7AFGhdA8RvFxYJGnxmvs1_h2TBe4avDOmN-ztj4D1dhOAfYLVTn3Z94fJZdBcbrJfbTn8SW5XUXVf_jBiWeUb8UcOeCivQaFMfDN7ggqukVsV3Ghk_VZmOfJ-HAtDON_tPHNDpAS1S4m5kPy0-mKi9Lc25sfa8YmLLaAMZoWpCUfVmmQErG_04OPLb7YGGTsgxeYLFlZLdrt9dfuLJAAS9sDKOVJw53nShwkW6LGrc03fQOtZcP2UhBhCzwsQ5SaAkvjcBJ4UCTaAiVhHK9ifW8Dk4G-EqRxIYZVE40NYuh5e9VOtSdlsOOFnwvL2hESlyqiMDyzO7mCUOcDMLaa8nDJC0oxDfVeit9X91hTGM6nXSygSQTBkcyTHHF10X4QkGGFWnGeJBbO2f6_DfpM8qPXsu64x3KgG7jM8Qi1Vy8o3MmI6wOZ4X6eGztrGe2K7tYzpyfrTmW_1TRjdnIy2NSuKC-68-fUWvmfZ8UHnJ8gQw3meMg8CdGVRGdfXy85Wv4K9wjBDwavKoXfyAVmuH_a9rVnZDcQEe8PpN10-GLoTCJp_xw0QQI1SLywpzi9DWbI_bJFas9U4ICxqhuQvKdaihsbxP_fBNWq9MIqZANvzgmAC4C14XkRuEFCs4MkQBFDHmTXpo5AtnvONZqrFPFSskAcEIBLWHVbq9r5kcfepTZwvZR-pYlQdW1u3m7ddF9mmjAndt4w67ZIlRu851hHEsHHLfcSIRpEVO7PzrnyQR-KhgltqsE0wvokW8xgPF3E-8LviFwsgCboae118cXxkegbaY03pLtjlx-7_RMQoYvTKIvIYNPJHeiuPQVAWtiMmM_bL46Di-o2lj3hU9URUNsvpwXsbsEDSWW9qbaocZDRgcRMSYeET37d0u-cOYc6P9VAAxDlIw-VM1abVGYXzaZ39CVN3-JY2NNyhAwLJ6LuAaLvQk5LRzvhHwV5UI-3uLIOw1X89rbZ_e1Cw8rk8EoLy2JcxawbyhSzMkARr76bwiHB25iknkhfRb4CrGN9x_Yhp0N65nJdvylLwXpBXpnaF3paYeCOQ4OfvOshMzFpQsaixKUPj-QnopLRYo9jNOK3E9GUlaFKsb7uIrW-lkDRL5g_hjko_BKKxBEPNOGyqcO69LGm1glYDtx8u5Gqg1oXrfEPRXicCpO5MbDbUsLTtlNKG1v_wkrzv66t1oeygL-OuaM5AlHyfFOzuF8xvepSXdjxerf4077Q7f1RJnYkudMbDKlmKZSuUViNJUd3fZgS8r5Y2Uplm9RcyM7nyn1GN3EEbIIEh3kAXaVznyJWJ9_7dHv1HsOePsRUbSvWYODYH_g6vO3-VbJ52jLXP7dXnT0TnIzgVSDeCJYEv6jLBZ4fnY7fWl-QTy5OlUfp3oWw_9WPOg1Fxbob1pjVj82HqmHZblfKgiVnsjVoIzi1qS_quxDmKfutozGUNEQ4yvSAsxUnK-PSWT-CfSBntZqVQ80be9jpo0rK2-zzcVsXpx0SMZ-L9nSRn_Oj-0jwrSXFygcE_uvxG3AdUTUL9cgkk3etJfxWgr464wt03QYCj2p3mPdJgr7huyoPKCub0oqtsiRC3phZv2QpBGG21IdUEDH_eADmi0ssKPGA1XfQs5k_86sdl0CK4HjLExl1Y_5tn2ncmLjw-1dzbciOifzIT-YIE_0hrPm3M0SKNweauU7fTrAbNW8qTcB6XVSDWcBr-iVLkmZ6cdLDbbUkO5dZ5IHXExDWIonpracVfryhNoVzj9o4H5rM0--hjL2rvbZ-jKBpxfB5XXp_y-wxm3_MM9H5Mc4AlSX3NyrmVlHHwms26Has0xm1f7cSXDUY8VEH9_7EnqFqo1KSXa4AM1LtIwo-dNXVDuBPLQq-7Z4ecRFjbvlYmyK4JXddpcfjaNTMqKHDnbCi_utqm1r7i-2pM1Clc3aRcQLPi82rsVBTHmQ5CRXKfJos3s4JX8mNHmu40Agg0QboOa_107vnwMHxHaPtGev21bw4zsJeGU38l3qY2BzJ4ltWXipbHtgWA-6Ydlnqaot7I8n0vRWM7zOd3j-G0dO0FnXP4W8DVFIpkohKf_NUHyK4rTknILmlx_skGrkI1_SEebZSnWOD_MCip1Ij3JqbaBhCwlr27WzD-IfLkjtcneDJWchoC1un0jrIobrD7r45LPaiuixQg080JYA7AihzRw4haMYWqsi-xE5xBvhdZm72-9DeQZJb96DMhxBxBpTGIeoHMQ0F-QKPLuaCo2VirdU4G95JEII5_v5BGEMwuznTYJnicZeG8sQVq9x6Z4gQbrunQpARvrDA1E_T4QBCR2wyrqn-i07KhKRKbPbXLkwicOSKjBh-nKRQ1x8ckJPR46nPpbIYRIWO3uwoMgIczruybCsEF6SzqvoKBI95OpHsFEBVeCio2rA29Cytm8FztTid_7Lq13FqHnw0Tk6QMxnOrJCD9fz05WUukSM-LmJbpgkiYrUZWOP0ev_yfdu_9-tJIL295GpepsskhmM7_V3guLVj0Rd6QN0foXp0NRziWTCcNlVCt1bC7EVEd9GHpn1YfNBecZYWZSi2S10FJFgcJI9KJbb2rXRUsoTLq2ZeKEUi9hULt_r8O6FFDtox94JJ50yPufAn5p0We4BB7M9ESPPHkf1qAAyL7oqaj6c0_i7SCLaeALAqlxm5teo6C77ICFVDqkJYmvlFpMBAJ-Sc6I7Dwlm3blOnEHxDOTYTMC0&pr=8%3A06461963C725935E&cid=CAQSMgDICaaNDF0nltF9UkaR_w40F-2nX8Ocq10qgrhSBlNlRjrvGgfCzR1iYb6IFjGkYlQHGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.turnto23.com%2F&ds=l&xdt=0&iif=1&cor=2186202321780296700&adk=336307537&idt=33&cac=0&dtd=5
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7c557df42e75b26d527f8c8d5ce9181f0f3048f1c84abcbf8d6014954aa70d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38775
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame FBB1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstt5hBKCgzeYCunNVwX2EB2dtCbzSrWj4_yLhBZ0CdTnbQ81Ot8_PkdxaRAgP6U7WkfjqXF5tzE1Lk-1Y-JDgzVybeYAqjDEfZKJoMRLYYA0vG7PkiNEqxsW9X_cHcZFeP88yx6Kvo5bK7r8DGADVGZ3z7wmuQ_8hwHaSIiGh6GdHpXpnKgCNnbaDwQF6FmASxKTZrd8UK20zcmxlpd8-9zBHi_WwqktDf8SFHROE85X157fWyfZfbF9GoxJsRNq0fmcNrtFJvpPrj0Lvnyc8KYIINeChDUQyGkItcBZkx-bf24LGL3sVscFsac_-onXU9KuyrV7TGZGoHVKEje0w8SrXKBMg&sai=AMfl-YSWtZTWTGvfkcIx-8uF8mQDu9oHE6cVNyPFkCu_gdEMQGo2lVCK6Pfiqw31YwilBAzmPYp3fIZgbPfywpU7BPAw726e7iH7B85OXiRuZhNu8AHe5NG7jNcRLZ4F-uM&sig=Cg0ArKJSzMa0s8-3s3zLEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 24 Oct 2023 03:51:02 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 1A2B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst3hQPJ8sErfDnLQmKNRcUG5dJXeK9hS_2OwS7ZdDr0mdDVyp0ZGMmJptAjtS9w5BcxAxEYC9dKo-j1JbD9Wzfaxx6TuOCaDyzgi6km2T4C3fLRdESIpmbo2ezhG-52_QWc957-9hDloprmFLZOyH38FGfJaeeAuzlp_xx181be2cpW9NcSwwrJrl27f8rEVt13RzAN4umf8J7vzmw-5YVrqBolaP_6ETIkGRK5y45FuGvkKqcao73uwufGw2ZZbDc9Hw1NQvGZrYBWeZl_q5niAf8dgVBYEtNnElegeacvAy9QY8wZzwUPSATDTDSYQlTqGRYYZM24hK7Mf-xqgOYZZAeSdn98wzVEHj8HU688Q-gtoz8cxiar_uGm-A8QL-5THTR8RbXcP0FC911mndEIgEWExM_oGzdLGlDRxAoqausGq45f3Js2jlgMmlHSzrHLWanvZKrVCaH0UMq8IxzYeOu_IuumDP-k7sZ4EDlQbJv5f7M10Tpdh9MAwt5Kg3U0XYidCe87WmvmCeSyRmj7_Ws7MbYAhavau2U2inQsB02_5KPM-oUGPzLTjl4FSxSfOziSEJNKXmQUcDYvmchHhO979v9GLImUbJqqoN-qdPjIfPTJFNSE0XvhnqF5hYfJIVzfMbdVqhizbC1xA5-tGhYCIatM0z5K2jq26FN_ALqLo0h0LgM-vKz-m_6z1ViSN0nFS_UUs1NNdYynQIu5EXPOKvYfQfSFVXHxer3MoOsx9OczCklWkLpbax63RTS05m-VvnTn-NyjSEwaBvFk-NmNczgLrYB3zKE-oPp27UAJvOU4ojiO2_ZJBnPY4mtk3AW4tUW9J9psU5nYz3n52Jt0iBTPK0glvdDTPtwx3ex3xiyI7EMMZ7tOQwbbiYqIWS6vW6Ft86LH4ExMi179Fu-4SVCdKugliEtK6_yNLwmpjJjyAxHxQg0jZHF_-VUasUTf2eogRD8tsjM5cuzASmnEUv8v9yng7fdvquoGwzxrgmBqEppmiFWJG1DJ4sIViMzZMjbSmV3F5dnKglLPZXyn7jwCWAtbZqlZuwzcsvALP4pFkl6MQucQiBRH9WL9kyu0MqDAM7BALJF1w-Ftu8ibPYPKKByel5X5iI8pwa9Bdq6Y1OCl_Pr3QHOJVGHfOu0-Iy2RYXukFNjYtbVdOYWySO0weMXU6wX8G2AOK4ZzVuZD9CtrkuTGdpfkIBsROkldC2KcoSD6oQC9K0MpTSEdD5dYddasTRYUAUceyO4h3TEunC7ITIQzSSfIvFyYZGI9agCPC8txvwlMQvtggIyVj8-nyvWd658hmjJV0izYS4M9ooIglMSYVrFIbK8YpZJQJ4fxk_Qi5lJWtCZl0w4gZHc&sai=AMfl-YQ6EcRksYkREd8HU2lzTaDp7DRw2mWhWe-nVMGBLSB53Tl_D84SliFRVt_oLgFUXZSTGjtshOfL4-G7SwR8QOW0bf5Y4ErwfIGrfpXIRUf7TFIRZ-KcObHiVSg8Ux5QitRCBxxsBNWYZ0x0OOepwDdu7Q0nJQ9vjR7EoRWXNK_Qsm-_uTaYKhvTbs0C3CBfQc9EkSu2dUOF22f6PDxQhNrBcVJFpVGypycf0v15xXGWlVD7ArXT_Xc65OU&sig=Cg0ArKJSzJFppFVoMAnXEAE&uach_m=[UACH]&pr=8:B81EEFB6E78C638E&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1350&vt=11&dtpt=1348&dett=2&cstd=1&cisv=r20231019.24077&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame FBB1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv8LmZMtFO1C2PMQnlDKY8qeGGVhJXlt1egncvC3vnoaweloSnCiVgoZcFXqs8AqLnQEGlwJWqcFx4x2RAaEWE-lL8E-0rpGmHyyYoNof2BBBrdAB0TTtLucrl_m2XqOOyVqMx8Ak42x9LV-YnmbHPOXBreBnvNYLw7FAaf_6Jg-c05wASB0GJe0-xn4t3AldDcrnMLM0DtC9NpIo7kcwIUDIYj0DWD7dj6riDcJ0g-gX4aOjElbqZqnbWdJj0Le7i5SMI9qJDAPn245yGp7hciiXrNjrKzvyFMrf_zaGLNZVdFeuz1IW8VbbwPtxhn6qGZxQ3Y1dT1LekVMF3eMZtQXHNX-XADEo3AqCJRwb0BJ1MzLtWEDhdJ1PkWAQxi9-LmxBSo2DdRxrtdAmlBp0jHcgClXnjeZRB2VunyqDRQ0uHcepK-f2OANwd0J9RS-eLanbAHwlERTC7p0b6_OI_U8LSxqYzhpNvEs7nDKV29fpzXsz43CYnCiH2DYjWsP16DzxlyA3m4wbUdnWx5hnN84PcgB7-Sl348jNgC4dt6WmZrO_1r77hF-gONeEtuPrRvAedkNoOcf7A5ULHkR3Z1o1LPaPSs6gGO7U-KfJ3UCGMaDGJorrqFtPu5sdjsXMC9QoLrEl3mqkUOeAxVnTtfi7nCCsg68lk6UTRm7hmmifAIq6jUNurWOk0fNAhTe6j4V3xDBZM6tNqQzttFnmLnscw4l9FbZU9ml2MTSHKtTvZTuS2inFb3TkF9rH9T0YUU31NHwWm8Cw79RqKXgqnX9xsKN_UbE1puKw18Di8ALRROH_KFDZ4k25yDnpgjcNzlbalY8w_fFTfjmfyMW1f-9heR11mgIuxYlrSaxDOSGFtXcjfunviPRVN2tQ5sICYtOSvIRli8A2ti4H0vqVwDlFsRwSL2zTSS53ybx8TpV2xmtEf4BZyIoastsq16miDeQc_4fwMxKyJY27gVpZktbKRh4NpExreSVgP_baiNOxyp7ZhbcQlzkaeD25iddma5Zf1duE2uz6EyDDoueMXVPj4gpEdNvDEstmtq4ePZsJclsq_o03akIieUmcsmH2R6K7I5zcUba1RlIxpCP3hfcuLBl8xbKytdqr5xvIfL7g6owamF30p0sXEVrN8oWQeFFYtgSH0kxdH_rHd9kDtRBvXgk3IspB3O14nQ3TcVJZVrQVwGxsKulX96kLRRRa2OsWF5Ie7lG08h7PEejjue8qgXjgZTjR4qcWRBV2afUCCSKorcdDmTK54h9m43Ldh4myyeAa1aZvMiQBnFkiMd_gGEr29nVxO1JQJFA5-GzpVQn0OVcd4DHFa4k1uhSmi5pI2GFNHZw7ma3gL2mqHN_GHKcvc&sai=AMfl-YR9iArlFVl0P5o__fyVQUn83QbzjZZ_NELt_8NjRxtwpgLuMd83TIvSJPSifBm2l8i-YjRO3AUfN3liy9wIiliAWdTzJxjnBxhqgNXlaYTao5l3NxbHNIyRnbFgpk0THnpjK6uI_jc4zS6Hm8fSQ7bdqXxy_shBfOmXrZjwfq3a92H2_a6IdB_EcRM4AhgQ3UIutN4acYJHiVdWMVTEa2hFl9Wsj5iDzxvQBmctMj3nzOZvPtOTVMRe51Y&sig=Cg0ArKJSzJy2kDtmx6enEAE&uach_m=[UACH]&pr=8:DBA739E3E3D229F6&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1252&vt=11&dtpt=1250&dett=2&cstd=0&cisv=r20231019.27211&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame A611 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f4c0870e7f0d953d864c90b9a23f0d3374b658a9bdf11b12942e4931ca774722

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 03:51:02 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Oct 2023 15:57:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=43598
Connection
keep-alive
Content-Length
11097
Expires
Tue, 24 Oct 2023 15:57:40 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4EEE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXHOE0nyf4s_bn--9En6WlHQTIFC0gGnvoL0ufjWatdx3q9C7DYcFFJC3--NDL3Sj9M7IhM4wfWP9XicEfWhb7dUYcGJlH-WotxnSKz1X8Qd2jViynCHZCmZeCl2vCNblrGIibAuhJbOAaCt34WmIzoempEBL9Vucs0W80mrfkcmZ-003DZZahDK3gsi_OMNoWRgQb8WlLlVo7Joho6yg5vO6vPYmZMyjEWN460EA5AAetUjMyv4x6ThBMLHZfpdYc6Qys3VcvW4tbnnp1mA7fhN_1mstbgc4K8LTnxJpqtpG5hXURohbFKCUk_SZfB91QFxihV103-2V9maelWg94MG0&sai=AMfl-YT3asZDA715oF0f6Flx1VC7U42NRvmZ3Rgd5noOgnoL_p5pFm_DfGMpybN74pHVZH592i0dNHO83P4w5qfbiP5XPGTCrZ4ayNMaaJ7NEmcwKQSQ52shVERQ_9kaoPs&sig=Cg0ArKJSzEptw3g5zZbyEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 24 Oct 2023 03:51:02 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4EEE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsveY4ppuHvXeVZFwTetCT2hFfYgMIHnPUyhH_bEEFHa3QAL-s7N9X0bdR3TN_GXcRwz0_pvFKqHWoHtZysOtXV-gWl_qGXdRL_6YUcL7HIzLimPQuU8Qe1SoP6mGJaqtaYExQWj7z_cP9Gz0pdFouD8QHQuuSqyGSTOZxWoafS4YB7SPHtOvMQUF28Uk-7QZgEXn89vYC4fERjcKaXzhss9KK6eUHnjdCdw1y43uFkpQNugzT9Yi5q8iNwbKPjaEpgJGVQ66eZRNLGMcoIlJ6C2ea3MhouXghw1hIzUU7o7JaIa0X_YhpVK5CSgxL4qOj6t1Ox8ZCmp03xHjI0UZuMS9nUXWNv9z_M1wN7_AD8Ka2T2qE4KcqpY5vuNragwhIgwfFUP92x_auo0BqGghJkqjMhQxyJU91OEWuVLEHGNBQ55FsM8zsKZg2_QriPvRl_YSyQ9oZ3fWgD2-lkDyRkzLligr4CpOjSe0Bh3qVZcFwVYP6EkxZ-lxzCxp6RZlaujWVaah4s1LbZE-52qKDoL1sNjwOj0MewlLbeZ4EnDAULe3LVZPfgiVD7JOlzHUlA0k3r8MpMV0GvkvlW-L86kM0WTDS2k25aeH99D1Uaxv-Clmu5bFX58drEUQXusQIL6BQ4J4tS6Wjs_52A182CJ9i7go3OnFmKpkQKH5jF1BX1x5dc5M0npuMp1AoKw7oJPPQMGWBW81oPy9X3WQTaVVD-d-mGN1eEVKhiwNQCeHavBuOvAPkbZeUXaWCndQpAXQekkGM0UxVtxBLCaly0clbpxRU7kzWXaR_ONimvRrNvrv66ExcMiWmW6pCr5kS_m2oYDfN0mBNROjTBlDF_OlSQLFts2R-XpbM1NzG8v2Zi7LlHdII3OxkVw7YuSZHnBr1Da8ntrgZMUr6_OTJq8N1eIxBoUBpnC0NyyMHlLwFIK6U2ypzeUBK0KOZ5BflnpyIHw6qfqDM3rW8CT-tBlaCg-32-nz6jqpl30Kx30J03UeNajVkoY5f02mKoBoUrZ4EskF8hR4lD4ywevqYyvczmPPH-Rs2zU5meUzrWsEq6Xt5Nl8rHh8JvuRF1ecfSOR0p0fXK4PplwXIjSF1gKxY2l9Hh0NnKFeQCIlS5e4kJ6fC5YXYxuRXRvzJYBm8LQmTz9tVJlXEezk7UII9qBaqyHit5Fm9ho3STwJWPVQo7VUSl7jMRCXb7nmuf2tSf0uchSX5sO0eBBDUUqBp0PLot8oSecC5lNV1GHYn7r4fhQTS0F1sFQsWGMNQe-01WhlBVexUY9IL1-eQiwIXlErx14bw2orsY90zUdePSHEdBOuX6nbpym3caqGFPJJ-iR2KCVRt3e&sai=AMfl-YRHmb720Q6uoh7k8qvEvmiQuueBYFyS08CdFRc8pSoayKp2hCs4ROw85t7wawRuG0DgPL5HW9US-FYLOMfgEgiJjAT1vFFW5C-IV6mttaKC-OQFnYN4mtd0OXibhOzLfP-4n6aAex4c9Z59gEQ-4q7VKPCy5nkK8LOi1ELdkNJrlSD7BjGT032IfWvkE0F3-f4V8OPe65u84j4DdDZVDvWjhuCpayzLfRVMCBsL91xlERhNYWciJoyhOUA&sig=Cg0ArKJSzMjOSHR8Rc-BEAE&uach_m=[UACH]&pr=8:06461963C725935E&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1265&vt=11&dtpt=1263&dett=2&cstd=0&cisv=r20231019.58783&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame F0E1 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f4c0870e7f0d953d864c90b9a23f0d3374b658a9bdf11b12942e4931ca774722

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 03:51:02 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Oct 2023 15:57:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=43598
Connection
keep-alive
Content-Length
11097
Expires
Tue, 24 Oct 2023 15:57:40 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame CC92 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=97355398&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c40f050992d1b74a6eea96b22a569c57351f29172417a25eb370493c51d0950b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 24 Oct 2023 03:51:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
view
securepubads.g.doubleclick.net/pcs/ Frame 0B31 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu65znZaaJjG0R-4VT2-U1BYAbeyFHi1hP8QJ1NZAyyCMVSh5XgQWCeWC7gmRSWkOX8tYy0qxAjlSpZWknvFI9LerfeWROX4rhBIMRA0QnUL9KQwYiGnCXT8-ByNd-CCcn7SdHebJ9oGC7aJDfH31v-fIyg4jN38y_eKh0jnFOhw4U8aNdwpHY1_IuH7JYQ5ygV0lcXhRZh-0lqFJY5APiW4SiVyB7vsC5atcwNQZjHhG-6KgqgfZWuXttDRBe4UEXZfVp4SHat7YjVviBzvSiZnQjvODqOty9NVQEaFUpvRh3gadaJ8QjGMdbC6VM94Fo0Ec4RcJWGrwb2Ab5FUqVlIw&sai=AMfl-YRNXKJRK6sarNFGoAvID1_2B5KXleDJ2f1dM88g3kObQHMPE5XLm1AD-uUGrTegv_qKxXkpyTRnLGmFMoluH3eouxaLyUQ8sRpT7-PG8TFMA5A-Ohkq9Dr-OgWOdcc&sig=Cg0ArKJSzFMAismXG_ZrEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 64F3 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNU4pjE01UVtV6wHpSVY2CBIPAwxyobxfw0rlaHNpyDUu-WphsSSnw7oWKQOxJzvsUKOURMwODVnkMm18bYyXHH_BXuUxmRHUcMghwyuTvL8H_LfHauwXbUPBg4mZ5QEmSWnoTZnI0l2-a1zusxm89OUUovnx8X1nCiOYrgpLuoBGOfDWbk
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 03:51:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 0B31 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:51:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B31 		42 B
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BYQEdst5YSqcsAwDgy5SKyAONlJUACmCUgRKJDBJaRcMjL16jDcPgLZyOw10AxoP0VfwKy4yMu03FE_GOQ3DqGB8v7Wcmky6b4b9kuNmZpDvYSK3o
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B31 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12340453833877359694&x=8&ct=2
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6a622ba2-1353-4a69-97b0-6ec5fe385ffd
beacon-ams3.rubiconproject.com/beacon/d/ Frame 0B31 		43 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/6a622ba2-1353-4a69-97b0-6ec5fe385ffd?oo=0&accountId=24022&siteId=410000&zoneId=2299328&sizeId=2&e=6A1E40E384DA563BFA12232EDE43ED813AD0EAE1EAFB6FA3FF2C22DF4A257D099F212D20E6A6720DFC1CF78FB14AA2F92A9D87F51C581AC81E27210FA18209589F56AD0ECAA0E277DC937872C4869837CD84002D5C7967B9CFC868790529086AE82E2CF9239F8272E59A7A5CB4F69A881685EE102E46A4520DFA770CC32F2D5E69A8906358651F33FE5A7CF241102914E8A93483FA39003D38A48800A58C0BE80211BD99700D7A95D14B3AE8DD4465BA43EA2EADC9CA8767
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::57 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:02 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E1B0 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4582536648446&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E1B0 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4582536648446&version=m202309260101&ct=2&x=8&cor=15606813723318067000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame E1B0 		82 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DJiB11UqfF6-rJ7JzzXuYijqcBpN6scPEV_wDmDa8Kh7fcT7FbWi6UQz6MfKIs9JeH_n7qEptPLfwG1RBT-PPjmBGc34P4w0a2klDtvFNB1o7jJBCHbzVk7fo4o53fvy8Ljv0CmTsQsxN4Y7NS0hUTlk0q-rL39LtrUi9l7uI6vRf0NkE&cry=1&dbm_d=AKAmf-A1uaTZFyeCzDBafVyIhohe3DOedyMKZfIpW07FUKJUoyKMOgDqmvmH7_ymteR0xsiNSIEXmaRst7Y95UyoOtGKnApojcGz2syZDhL57vjw2wcn1c4Kwyfg9LtjTGXtX2TsSy-HGVyGcnaA6yEfH7Tec623nGZ1avrQWQs4wTn2tRe4zhcyooTbS36jSkqW9DwyffgUB8GPFynC69ZD59bRKK7iROKKfJV6Xj-prikhGO8Mij3of8mafTQDyBoRJ_Tuwua7tOYmIiG6lmcv_2n6USi5-KkFYVNxDnn65twIHzwMhHMURXZ2doVdqvtYJPbqSIjHMmiLpgd5ZyTpynsyR3BVBycFc29v0QWDW9m9B7rTlNGACseriuwe-pJJUwWy39QFGbrQ4EIT2IW4r67tqYF1mVec5XOo_Lq-mSorWs7bd459fZr5hxWOMK_wI_BOo3FkA4SojMS4IQHnOOQ8yATyxsYoOTYwRFwfyIKqQ_Eh6JZPJrQXsJVzXgmeG7hjgXeA4L2G_JLL4VOitrQz0RZO3V8zy9pVMjY4o3P1QKDFBampoQex-iXQRxzOvP1YMsVG9ZuQPd62XC5PgTBbpPylAVbtGw2MjERDfFbJe0VF8u9gzt-s6nm2GOpRQOQcCwfvicy_Fu-Kod01tQzXOsPjTPQ_rVIm2dd-Np8zeanDHzWuSWCUNd64wS0y_0JUFJvUJym2wHKH8B_mPjWS7Cnp4iPQiirFGepz1neNZZa9_e41RBKtyAkx0anaHBeZNpi8ljum_52HasY1wcUmB0CoDmc2xilikX1LzwCeLlHEYk7sXho71NAkgcoGy3RCF3a5ZlAeQj3VtsrJw4MWv3nUVlHaLYIaTMf-ngT-BF88LsTa-hWL-W6aFBbR5RIRKXM70w-7LhDgHsewJfCUdlGXYaHAZeE5mkJ1Qk6aD-qZ5jrnSe_XDONoS7xfMhdxk9Ca6dEcNdm8aEyhJT6Q1J9sVOM9tIkKDFqTCdkY7ybQy2EZI1U394UIV79O5l3AfElcxczpWOaWADmXGjzvhWKg0NOvuzqHimsuU-ctuQ4bYHSan-ZJ4vYHglxjoHWmNdPL6vRzFX-Bfwpn7scwq_w38l91YLVpsor3ZJk_lNK-r571FsG4YhPPDMaCnl2TghyrG5VlaJKT7nYP34uS5Og9MTFbPXrk4sHneeT9oDATRq9GA51_vGNdYGicc2g_fbXrmTkA92f6Pp0_-mrJi_wC7j4fVsiZhVk4lQIg6_m_UUCS4ElOCSJqGganvbqXqJxxKRuXdybEjjRa1tUh4bBrUn6bxW_IkBinEcbJX3tTRrjM6v5PJu_xdk_mkuI3ptDRZiDpQXhVnqyLW-1Hs1E2NlC7TFyqQjY6_bBD6FSwfz_lYaZLcWyP5FGJpq_Jxe1RQvDBIdus1Dy55XsA55f1Q2hsT62FaWmB1OcYWV74-zDady4R_ygz_JuBji9L8yW0Vdq8uGPpfANF448yqTItAdG7EVfu-PGtXISzNt_9VVPVBMOzhYCDxfWJCUC0kVx6jZZ0ULTUzvSkL9jKlWvas2lr5W9pWwwkwiXtCIIl8s_8LFGYLxMNemDxAxol-6HPd_6okwVKW17yg3GwHPHDedGzPQRNmKuhDqNI4uPy9tn4NmCCMkMUxwWeFa7TqxPhRuZqm6YoVPoh5ImvZF0-SxTaTv9OLgxRb3QTmAgahHpK435o3PxSCzEA--8wV7JbxaGb9KQ-12XrmT32AMSVWsHVV-qgRk9CxBfmQQrOdDtg2y9kYnfz10t7JMrMg4I861X9HTAXswiAOjo8Gv7KoQF9R4zfNJMXl8m7ktE4ZCjvb3J0EbzyoqR0hduRpcRxN8ITxdvEoonZsn7Uf3iT3Sgcvtl9HcPmwhpeZNJjsMa4CAlbDbvydct7EYFwUDyMXBBmkh82rm7ttIQupbY9dixE7y9_wVYcxVIMbVNUjCmm4_riYb4efLabGHb7wVM1eOGInmqrRS1Wkh8lpBXeCSG6ikEyc7JOKKaIujpF5qGRdkib5zI4C8oQdzNFmAubWlZNfSUX9we3hnPWAb2BzrxfPCsOv69VcRI-URATnxGO0KCf6WgUu3M7OMoOmQcog1GdawLlLSJ8f87EPjKKsfmrJRYxJBwe8eqb98UrUNvRwYrf7Ibcm4gDBviEd4jwL12jzdLuNkH1pcyTbz0K3mAdsDH7TIGZfuoLC23_AmRjG_eYKBujbTq2xvwGJuT6jtfC74LvcxmsGxR7RmyWgO2X5GNn3fgzl39PMbQYiJrdLIS_9Oobcr6VuloLNS6WGNYRiiQhFBCaureZOa9sYJn1zlxHBpv0-9f2ZmYbEXHXYDxd-hMbK00cmiFrNolxcAtTrACsQXOw4Fip-dQoHv9fj7-l-45GFPhtfSLjGhTfPawNX0h4pK2rnrcVKTsAf6UZtnLETcoNXAQRY_oHwEgt3WSYI5fGR9qSkVvE0hqGbM9S5wwGfskH1UFUGyQn4WJwCGWebjX7FRPWCoiLHCwJOMCskIT9br45KjwKsoG9GmtEcVUz_lykfC7vEglK2LOPTkvHLOAdxFiO9Eylj9H9EwCJlAh5lBVLhCd3HJenFjOvOLRxUhMkoTHdcmy8VeSkKiArmtf8Pt-Fyr2X2PhVG4PuPNQreWTovOM_bRhtp3SNPJIyRg2LfkVoB_nhvlrrcC6g8rVcytGCwx1x6K04IDlsEBxPKj9OhIiIlb7XDro61Ydadm2zoHc_DVfJ4vkStDJgUQQeGogrRebQ0baSzS-DIXZHnZfGLpLp_Bm5_T5InhEv63BLru0Y79j_wdva8FwyDylhcg-Znl6JdSsZbhn90kc14kA5ovq72wBerMhM61Mtt-m6fJgu-rRx1wAqUSI-0gIac8HcN5PSisg3xv-eqaMbaOPie6gEGMPV5OAdYQzaprxuNS13qRI5IgEJuFt4bM-s5HJWPFa9RuIS7NVb1dlxI2rQnrpaOQIcQ80Z7hAb66N4MXiY1jDriguAnhKmXHJxXkFtK_eRV-zfsJNY-G3KliYDGXpJ8CRSrrhyZxl6AsCxsliDpDQ44ZAvOvWjZR6vs0u1x24v90e9bKRInt8rIejIPQjtM9lzQHwGsVbc-YFfgZ-Qzmvjberfl3abOsYH5uZyHtiAaJdKtLhuLAVUlNUI53gxUg4RtQ6dza7CPnaErkdQgHYCVKv954-75lqJCwOodviYHtfgCVM7w6WT4OL2Yc9KvRrt9ySrUogjg3JG7J9GDQi2XajC8aM0FvKyy4yicSkeVm_sW1VlCGHNtPZSExUfCWItdvtmLISZYbMtlWiYZj-xouw55cJevHQR4teQKK2wTuNRzyG1G5beDC5y8Kl3Jj_KhH6vl2hqr_fAtcbmNXSRWTn-dm_L6EcqBPm9PJnLZEnJdJ-yt9hUXBpRp9NkB5V5MPRzxhZG6I6Kz9c8Rua4AKcx8V2O2AkG-F1p3vQNep6MW9g2w1MAisw_ix4tFvyC5Y0FdssSEQa3YurIo3iDPfntHo2VCNsKlRz9w_mIfUpNTGZgzMeed3NHaqLUGAQZJFYibM4j45QqQLFO7SKSZX-AIkxY5Y6oVjC4Pik9bjjGf4z5osjuxCLe_uSY8YGJ55RKiTVzHT_BK7LOP9dOIgyo2d0VKCj6-_DbzwHgjDU8YBM7yJSZ11JLx1rkxcafCiBKt-7fva2ntaN-MshmEzUv6UrzRxkLzJ8nM5lsaJzeBBMt-ODkoQwa2t2vHXzakRZX4E2idbCco_iAqvF5pCiK_FNvXSpRr8jIcqoTl9AAhczAC48mx-_EC0J8k8ne8uhzpNDnB8VnIbEhmVHsssl_srlS1ESPJA3RbSD3NviJPNRpa-5UvOsb0iRQzGYNY6Y3XEt00MTv75Ld6tw8lspBIHRT4QAAnWsUk8oOin6ll4C_T_mtZbR9MZT6dLuCOiqu3Xf1DGyXQ-ygoHT6y9w--rd3jk1U5SZbDU4Qz280qswSgdUW6ezvNAKZJkQ&pr=8%3AB81EEFB6E78C638E&cid=CAQSMgDICaaNSNIgQHVo4KNBNaDWGhHxFbQq0s_OZRkGSJPn4q6bUBTthbmBnnoFDHa8ifVqGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.turnto23.com%2F&ds=l&xdt=0&iif=1&cor=15606813723318067000&adk=3848484338&idt=51&cac=0&dtd=3
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f5a74379cf7b6d7ed63784c9239e20e0817c6a25ccb3179e8f5ab566f25fb25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38864
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bl-34df212-412faea5.js
tagan.adlightning.com/saambaa-scripps/ Frame 3BE4 		68 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-scripps/bl-34df212-412faea5.js
Requested by
Host: 0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com
URL: https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c849c8c65be44de422c18eea1d8d2ede23aefd848e8ca38632f8e0baf46409c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 23:01:34 GMT
content-encoding
gzip
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-version-id
JECc_4XSiYcqR.0QHH4.ZXrT7dd89F3e
x-amz-cf-pop
FRA60-P4
age
17370
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29189
x-amz-meta-git_commit
34df212
last-modified
Mon, 23 Oct 2023 23:00:53 GMT
server
AmazonS3
etag
"61dcdd6c21fb71c028a03b5e5ff6aa09"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
8IIog-lslB3ZvPuhsbcNFoTghIRdJ-AFzYlsATqlilgh7wD5XRHrUg==
b-bf5d88b-a63e596d.js
tagan.adlightning.com/saambaa-scripps/ Frame 3BE4 		81 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Requested by
Host: 0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com
URL: https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fa89391e3469f8058741d523202cc91c8d09cd60904bb4e8b7f29cdd131e21f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 12:53:47 GMT
content-encoding
gzip
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-version-id
w2CFDfXgWToQaU2Wu4JnPbCVlMPRw.zt
x-amz-cf-pop
FRA60-P4
age
831437
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30736
x-amz-meta-git_commit
bf5d88b
last-modified
Mon, 25 Sep 2023 15:15:46 GMT
server
AmazonS3
etag
"a1617ff72fe85a663d89bf61d753aef9"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
wi0Z2f0-5ZI5PGmaALsvpchXymNBDhV8vLtkOlNe5_sSpU5COXRprw==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3BE4 		42 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ARfS5cD8g1aIepcxc4DNAWEDssxknCmQ5zmzVcr3SvxBW5HrjBOYoP2jddRCzwgY3qIEs3r8iK2q4LL6_R2rE-roLmDf5cvirmzXYXqSXA6kaDyoU
Requested by
Host: 0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com
URL: https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231019/r20110914/client/ Frame 3BE4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231019/r20110914/client/window_focus_fy2021.js
Requested by
Host: 0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com
URL: https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:02:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
38941
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:02:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231019/r20110914/client/ Frame 3BE4 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231019/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com
URL: https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:02:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
38940
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:02:03 GMT
l
www.google.com/ads/measurement/ Frame 3BE4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRAjaMeNlc6S6jt-JHDN1oCyeh3fmdUMCKS25j8EUqDxLMvnxe2qnXC5l-x1RoxDFiAi0Wr
Requested by
Host: 0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com
URL: https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3BE4 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com
URL: https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:51:03 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 39B4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvWmo_btTTxA-2S6I9AiUS7YN9V64rOcqZmZvkaIk9li13VnYuYejdNxip8x0y4jXgZmCcXRkJ8iXYdgWo2ABvzY_aBAFSHJMjKT0fUIQL9iVA-yqRnVuMGsr_yVS3KsTgRO9jPvgP1TUFfkX9YEq1BfY7zFzslpU6IodulTLDZBPLjEACDSZjnL5l5rG2VCjOlFFBWpu7C_zp29vl6PvoHIOIMM10Im13xanD9FnlAX2DmQDfCOOuetlkqLS-Eh4FxFK42siiQC-71tY5x4HgDAWuYA_qgDqpdfsn9xvh6Y9mY4uqvVtLHljXAlLl2QttuGF4U-iwsFRZZF_j2y8UvouI&sai=AMfl-YQP40laTYckyOdL778ili0b495FHd4IDSFmBNKkuSPtSys2EkguhNDlAkP80dK1L3OyS-7MyN8V-lRKBF9CV4Sdrhv2ZK3EmcMiT9DrOHRFIB5BEYaV49I4MeMdqbY&sig=Cg0ArKJSzKWvQpIA0ETfEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0794 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNW08YnO7vEsGjdzvvJ4OuJWxOJFkWh2TSUmrA2hbpWJCkyGKKFBsq25IzMwTnKUPfQFO0LWAtpJ1iBRqPcHYu_mZA7A1NSqSn2NlmOLBhm8bd5UYLHISJIgVDTjzwkivEPLEoBo_XlR7VloMwtIF1T13PLHXDqUlNa7Y-pEiFjzstQqadI
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 03:51:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 39B4 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:51:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 39B4 		42 B
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DWKxgz0UVjKCuw6zy05I1NNt9_MGIxlML7THD4ze9_j7Hrcj_AwSbr64FXznxUiOHA3O-iRGM7maZZx0Cq4BmjvF5_IlkLnqzbzAoo-e6bOn0cAaQ
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 39B4 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17131007077545944089&x=8&ct=2
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
04344547-acf3-4198-992b-a7f5299780f6
beacon-ams3.rubiconproject.com/beacon/d/ Frame 39B4 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/04344547-acf3-4198-992b-a7f5299780f6?oo=0&accountId=24022&siteId=410000&zoneId=2299328&sizeId=2&e=6A1E40E384DA563BF01301F080D08B9299DF99F4E5CEF98B72D8DA96B6C728B846D898A683CB39193AE5DFC4DBAECEA6347417BE7FFEFA4DD2E9E09D99645ED39F56AD0ECAA0E277DC937872C4869837CD84002D5C7967B9CFC868790529086ACFDA043AEA34EC80C60F6E802AF85A0D1685EE102E46A4520DFA770CC32F2D5E69A8906358651F335EE4E0EE2E9D935854B891CDB2C01E3566CA635342DC5C1F6716DB4D168B5BF140EC932A766E1900CE83465A05E93B6D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::57 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:02 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 455F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssPsZwCelGo-K9dG5cJNmsoKMwPo-QgCAxBqTD4uETn6F8wE8ZenwrkzNh3yOxbKoeENBfBeD7JcY_86MM138rU_Ju3L3N7j-VwoLTO07REVrHwrSdf89s8MS2MYbk9OaRi_eyZ_KYuGweNBXxUTXn-L-dbtuPmDYQDlRGl7UduQpZeDRGdUg_GOZ7Yw--NE6dV8Sosq5hTYM4AtouH8XHJBOMCUvzaAx8biPTBjXaB4Yy8wvjts_ZM4Mf0pvv-2IVqbdRYDHqkukP52-fWlwBhuSawLzbXY5X3hKyNy2B4iSn8zPXIT1WB3oUNc6T7YWorsEYEghWhzWr_rd-5YGzECg3DxI7rp_UYO_8Novme3Uv8Hdl4eo7zsP4&sai=AMfl-YSxUmth9WezBVdXu_3ILfUdAyMGiJXdjvtZ0i6mSN8zvtblgsVoACciPz_mJOMy67Si5qIyk9K6XudAiwfGypPQRRk71l84s40NvOVYrSFV-uzMHikXGZE-071mPVQ&sig=Cg0ArKJSzOed6aOCoLowEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 24 Oct 2023 03:51:03 GMT
usync.js
eus.rubiconproject.com/ Frame 0B46 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f4c0870e7f0d953d864c90b9a23f0d3374b658a9bdf11b12942e4931ca774722

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 03:51:03 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Oct 2023 15:57:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=43597
Connection
keep-alive
Content-Length
11097
Expires
Tue, 24 Oct 2023 15:57:40 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 455F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssc7K9BvO3fi0D24XbLHL11VmPXXKWBBxlboHe-eq9TzYVQ-RAz8QG9ikDCCZrApLYNHWLWYVlnSb9IrQEivb_sjQKzbL0opuAfo1pqdugubN5oYQzgRlbgOCSLk8I3GvFX21fJSQp7weLzJgxs8UEa9R0ZQoS0lQ0P_vnVrfsdJYla9YxQL9IUahy1gBpt6yOAMXqwXgnp0YhDrGkhY3MA_tgvjM5Fk5afPPtFKz1WxlnyLAITrh5ow8-PwtovrdXu717OVaeE5T-g5s_Z6MCqnJfFipKFy6sy_GO7JtS_C6GxZR0qjJrHtx6_saaU9JhHczVmo5YEkMuVZJ8VzNmulbUcZe4xGsTfQHD7t2S-NSTlYLlYtWS86JHpQlkYv9zvFcgOEbGUYQp0pvEsfc5as6REAZzY2GMvqOuk403qQ_ZrG6qqHYwo9VM_vHtc2r1Y8Oy1EPoBe5xMBxw0PzWP_zIodF2aAv6lsO4SsY5hNysvlHw5vTktn-i41fgbbC6Yz5dcjVPBiRVCUysxwYTmW5qRuZLHJmbUxoXmyIBMECDdTCuvAso5aN0IAv9HYWPVPWhd2r6w5-qWW_tsfu0F8Ha9pBWmeVjEO1tq7NMeN9_uPjOaA8pcjZa9fVdPUYnq9G4QQCAkXtpmILpTn5nzfqULzjAsXDd9lcCAMNZsjBM9SEun1FjOtmf7wwHOKNIVP94jMKvOgXub56fJv78_2x-GpBOVBM2TOBA0mtbFuWNO4Li-e4eCq9sW3xoxUxJsTwT8Pq75HThNGEuaQWrXJxenbtq0Z3hUYu7p_sV2Nyp7XfoW-bvIf_9WHhWtTRJOTOKRVGu-4CG2KH7EXSmjrIHdXgzbponGuwf0O432Byz1Zs7fQIzwoqyiHXPKx0UW_G5LSoT5_iL88pXVb0ssG6uH5dlSPJAFOP5qP6W3n50egFjt9QDebknIa3_T0cf6mxZv5HMQGizzw1333OzV7vOkzlx4UIRspGmOQrhfhBOoe-MESZJaGAlAqfASggwCCtTFHuY-W_UG55TW0TpPyZ1uVB1l3T2uNWDjGK-6_dIyOOqsp_p4kjVrWcNjIPBahZj-b2mVxoiR5srgimlQ16lnUjRKIkjYJNKFGdhIcYKDFLvxzSJXUAbSYZrtRiGMwdYT_4D7sTpYn48cTXIsCWX6CEg0ISxFTtHmDeki6C7L-VQMk2_EphxOUqdhN__N0rMGAJ3eI6t6pbuN5wnVWT0NoTEsVaM7DmF-2bNoyhl-YqAmvMukYbCufPTlkVzcPVMl_5Mttjqhrq8LziLhhBZUSHS4d2A7ZahRACf12q1SVbjLL9QmhgjfW3RNct6gpIYxDMzZInLHteH5uDfvjs6JiF5Q_A&sai=AMfl-YQBnAYRM8O0uDWTWNXyfYXjVEhRWnTEhx8ab99KG2IL0aZ5YigAc_VBIiWlukk4ReMoHFkSXNfwdFppS51dRFVrxTe8Fk54-UeK_drEgnhz46IeNFxNsPnxGKuB7aA4c9_9JHpVm1nlZJNdsEIG5q2b5OqbhKItr2SHAzvp22HDCf8hK3SxQ2c0bkLO8boWxCqGZ-FfGGe89KGFNgKZr6RZ371eXJmXTbw3RaiUSe6oh3J3MEnll765kJw&sig=Cg0ArKJSzK12gD93kicEEAE&uach_m=[UACH]&pr=8:B81EEFB6E78C638E&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1484&vt=11&dtpt=1482&dett=2&cstd=0&cisv=r20231019.59875&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
async_usersync
ib.adnxs.com/ Frame E6B8 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:03 GMT
an-x-request-uuid
2e939d7a-db90-4747-b042-4f072237cfdf
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.140; 178.162.209.140; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E6EC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstj1byFj4fpgj3jhIGAswn0kaiZV6wI1q8RrNuaxNgG8MhOgPM6mKibAgigd38mE0gUGGlK7WfTtuDDI0k1cUtqetW2Pv45sEQ8jtjZG2usgoV0EHlsu4-yar4LmWMJ1XXstGUISkgEyi2EexosPfyvBs5TLklqPc0U5KBoEoCpv5fAqQzsUFjhuw_BTpfXBqilCNnSKZPJmmBoH7SxLAb78iNUSHBPABiYA_WVUCTw6UteSKBB0AaPh02UbDaQsrC_93bd2YOYrVzVqj5JlQe3JWJtEFyOpaQ3ykoIIY5rGNZ_6sgdOuUPpxTSC2YGEHLkd2x3_-SLFfrJ-NCgLZOrzMDOQIYD-zpQNMQXQm7dkJw5iAEKR4U&sai=AMfl-YSmv4215oLtWhIC09m7hGvoxkBKmqJBQFre42MRT2GKCVYE1eh4si2YaK0b5Q9YHN46k6rT8VOf2fcFVK_0-ert-qAh-r0VcrL1ASvA1Il5HCXRbgWPOJCbS0PK5YY&sig=Cg0ArKJSzPGV8zhnOyFXEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame C252 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNXHI5SKIQeqyIwS7a7t8htScNAqT3jqqGaMqwuQQxI1_RWJuikkjHe72hozDYE0yVXZAErqYQ7UO2eXDld4y1ZBi2Y64zo_YvaZtqR4b4PEbfj7Je2oJAbhFqzz8iRrNYEK31adcB7_JE2S6_XEjfJHFBHU-49ZDCwERJLRtM129U5F8QU
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 03:51:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame E6EC 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:51:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E6EC 		42 B
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B8nvZxCl-jzwsQ2RY73MYQUPfZQUu-Tzmi7JJPprYDsIcqi7pZoOVCBHkJAfo0SUorph6KVEinfs4i8JHu8GsFtBD5E2pPOmMt01SMmovpUUFX3V8
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E6EC 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4641653291700689644&x=8&ct=2
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
405ee457-366f-45f5-8f3c-793fd73d0086
beacon-ams3.rubiconproject.com/beacon/d/ Frame E6EC 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/405ee457-366f-45f5-8f3c-793fd73d0086?oo=0&accountId=24022&siteId=410000&zoneId=2299328&sizeId=2&e=6A1E40E384DA563BEE4E505DA16E07B67DBB4812A15320386909A113CF146DB705DB2B59734D45BEE181384C56FCAC8EB61CFF852C439E7F2E9D7814A6DBA5379F56AD0ECAA0E277DC937872C4869837CD84002D5C7967B9CFC868790529086AE82E2CF9239F82720C92744A099B7A761685EE102E46A4520DFA770CC32F2D5E69A8906358651F3374A8E86C17033BD7EA01B89C4E2A3B70D29890D0023FB505CC1E6D662E01313BDC58339258DEA0A162310D86F96D1631
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::57 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:02 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
g.pixel
aa.agkn.com/adscores/ Frame 6231
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=9303729787&google_cm
  • https://aa.agkn.com/adscores/g.pixel?sid=9212305768&google_gid=CAESEHZAoSu4FtEg1DMDFryAk2I&google_cver=1
43 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212305768&google_gid=CAESEHZAoSu4FtEg1DMDFryAk2I&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNUUE35yhomTjPhw9Dtzmlj0gZXRjtykYaqvRyDNkRIuE8CTQ7h2Dyi7eoJR7kyE2cLUu-weJZpCl64gVwv508cH4Wd8Ui3HxF1HHpEcxS_Ne23uLlYJ5TJw4kzeLojc1iBg3TP_9yJiXT3eE70IZNObIhh6ZOV-m1xOk8BhxkE1VIliCQo
Protocol
H2
Server
52.30.88.129 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-88-129.eu-west-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:03 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://aa.agkn.com/adscores/g.pixel?sid=9212305768&google_gid=CAESEHZAoSu4FtEg1DMDFryAk2I&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
309
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0E65 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstKx9j0hK88zFyCLQx-xpEAfiCEcPSCGaPGiHaWEFl8k5ZCMDygyn89hF0c3OLJaVmCNVG3ExpIgoEF6m0cNC88wDAc_c8Bl0pHLwvC6yyfKpWic6AYjP2de4Ysm8o27dNDpe8NvjOzvdmQjJoBgB16UKxxT9BFZKsocDatZy-tzOTubOVL2xMM3Uy1mC4tqWKlpaKldMf52h6XaZTZcXQ85jQ8xMcSfX0SlGz6wRmzVRC5lLeconvslxR_VJ7J3RVKw9xTQsCUgWi2D8F8oDg68s3Q7_Jk6J38VI00pxigpQ_ULV0ZTDE-iv__qv2TQnYasGARpy49Rgtm2kTZ35-p0Hym&sai=AMfl-YSkDRjXerStlCJGbho89KXnUnLQtYMX7CFIYuLVu7jTGhnCMPH2fgkayR41UgQEOlbrOpBHyOqwspHdAYiRBeHnhVhhTxDt-Eo4QgQHvtrcmRSr5ON3krCyXBch1yQ&sig=Cg0ArKJSzLQdQ4S_MWN6EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 24 Oct 2023 03:51:03 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 0E65 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsurhW3st92uQSg71setatIujqWs2yQtdJf2RzZfgSPWxpDL-peYOfFa-ZokX5c0aMqx991pKoJqfX_RlWPqgu_TXyKLniVOF08YNMNyJkplH-eYjcFH3fbHxCEIHQ1JL_xwqKoFAsqupY5uri7uWP-OJuUuri3oknoyjDT8mf9UaZWQ4n3BFpdChf3h0x6ojNoT9CKcNiItVxoJNJErRLNrj3ulJEC4zN-xLWqPLyId38zREAk8jZZB67YGqvZKVeEMDYVM__svSwznS2Bij1t03uA-cbRfyYqMBJIpunfDqN9qjpvwuoGWv3yoNNHX2Wie-8vt4qQPBFt2Z5bjOc516pUuVlFlnJadfNwzDiH5L3OkLRSpy7R5TZMbHprGNWmuhhUc_A0VjL60JVKPdH_cnv_wQt-ePST7Fw8YU7ItD5ZCA6zrJcOpI5MPPRvr5EgTApI2h2v4pj0bmIvpmobwIFdn1IAkN1L4J9SGVgOD_cusmw-p9_95KizZv2XZsJYjQM0v9JPJT3QQpV2V2Bh_rCl7ItQKvP3qWvG28ARwYgPgPeoTVBodsrFQd9jIREz4-nnGBsMgod3sZyUVN-XPnX-Ie7A2lOTdk8A4J0ARBbst8QLsh7iL498afVeWKzTFByUhgasBahZKPUCNt3XGszrb7JAK5yMJLxwlQMUqLasYGRmiw9oOtvzEjn_SdCU6v7EOqWaQ77gdJ7gQknA1ri3CiU3c3H2xsM1pleIbR6MZAdgljw6018UACKR0uTlDQbcegxBS_57Y1Kju5fE08vyinItN8lNb2e20pQJY2n8mJdXzWj9bx4KQH-9j66p1IOW1UPw_AOntTFVSx45wOm7htYYj169HAnXzK6_i_Y5YSxB40X8mvgXtoFbYfhGxkxUxt8aiPm_xzFCNfDlH75jf17UcMhhcLhZAbAvsu-WraG2m6lbbnsy34FVHi01E1AREQ9-iItejnB8SCB_ZU-5lRVxuJWAAnm-kyQ_I_t8w6cI0NfU9UPRcBfOjxnbYgEj6HxLd68VfdiR0smtnaaAj2e9-TlZHKIETYEB0EeksV419HafaZ2itJLiWW6pujTfjGI0eYwCBWtZaMImQM0PdXudbjdkOz3J_zGsfGv9nNBS1F509YYXp0OAClwRmpreOB4QE1dyJDrP_NG9v0BAbJJx_cEn0Ge7c30pHI3RwTyOO_Dh6dpMZ8OhgK7MeiLrIpsasidPGOUHOLLNTZ50FB1-leSGN27FSQ5RFXX2mCIt3gafMYuUquu_4kqYsUAPjRS-X-5_pkrPBr_IHAYD16jfDcQymxkPwQj3aS6HjfYZuCJPvReOrYJ1CCD6kz233uY-QpLJKokjvwl1fhoJQe8djEw&sai=AMfl-YRDsuJcdP-DMPJkQ9C1RXwhAH0j0pughHZ9tIiCSMt9On5dwsNWuVep80ZcYk_UG963VezLsun9xXGZkoJyyk4GW7nX8A3BRvv2GoxUfK1TG5p-VyI54UDp_ZSODmJJCgdcFttCUIpyL9qrpGKX_X0vfDBPGn7EtdfO-Tf-08ErdH_bLpyWvX6W9xhBn6zs0ckxLrCl_YDBjzY3UVzUBYhl_0vQY6Ec9Gjr_XIe1yalMCoAUoSog-ni2Rs&sig=Cg0ArKJSzBh6d4d5Cg28EAE&uach_m=[UACH]&pr=8:64FCAFD2068D1809&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1360&vt=11&dtpt=1358&dett=2&cstd=0&cisv=r20231017.74281&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame 2BCD 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f4c0870e7f0d953d864c90b9a23f0d3374b658a9bdf11b12942e4931ca774722

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 03:51:03 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Oct 2023 15:57:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=43597
Connection
keep-alive
Content-Length
11097
Expires
Tue, 24 Oct 2023 15:57:40 GMT
async_usersync
ib.adnxs.com/ Frame 9473 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:03 GMT
an-x-request-uuid
a410c8e7-153c-4702-bf10-c6216305e553
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.140; 178.162.209.140; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 61C0 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:03 GMT
an-x-request-uuid
d81a2631-a974-42f2-802b-f837f17a9b34
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.140; 178.162.209.140; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 0FD1 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turnto23.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0af5ba49c246189c5abea60a5256b8f6d127a6dc99bbefcd023d55a001fba28

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
81af42585ee71e6a-FRA
content-encoding
br
content-type
text/html
date
Tue, 24 Oct 2023 03:51:03 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9xbKiuY6U6%2F5hjLXhA3gTxyHtbD54qwlqf%2BSuOZKDlO1TIob21g8e5nexYW38bLogq07uNUzWGY9FbWNP0asofx%2FBsb8PSZnbNZWTyVPBUE9FWVCAk1H%2F2AfHMrsPKj0RNDLqjJp5UIXFw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 711E 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turnto23.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
634acd03d4524cd05257f188176f6fba111f59525f41fc9e39f619e9c397d379

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
81af42585ee91e6a-FRA
content-encoding
br
content-type
text/html
date
Tue, 24 Oct 2023 03:51:03 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MnkXAZZgzMArvUY50ixeAEcycfR3LTIhPoyMeMAk4a17xCJpsrQY1fBORIFFN2%2BQc3ly58%2B1Ozffti4jeeWXZFcjznaoV%2F7IejF%2BGipqWXJlIRxibGv1CzqkcoTgg8%2BuwZJKOmN5g%2F0jPg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
truncated
/ Frame F29C 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
979e532e35e71f553e589410fe5368811c447c321e8396eb538ac29d9871a9a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame F29C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstrQYsqnCDKpk7nTNJ2FwKJcT5d6YIxrF4gsfx12nOfq8rhDd4AV6dNbcVMtP3jey5M3uI3vIiF37SV0mFEitVJeJ5dA-nP3e8y5OCS7r2RpSgaLnA9DqD85daX9ugv3MC1Tlm4WAegVdVsT93uzdDMF3HJkQcyeNbCb82zRRfRFEpmlPxiVBVl8qoJkqmVL-A--mDOBn4IQaGVNSmFDwEIt6o0PhYq1JP8lkIltyuV4PPsdBLBU5m2HiKHMgCFMmQUuq3D33YT6rP1HIfe2h9_8g0zPOzNZT8XcJ3X4U5KyJtxqxuIxjPQrEa44FaJN4SxvIDQvp1L80QWIZnN-9nz4nSvrwrz-2xbKMfFxgmeqbMGie0ofYRTBrHMS_XPeXy35LSpNv-PwzuSPNhJMo5rojKqVo5dm8HxDx7Gj460gJbR2OhFfPiYJolA5zvF1ehAN5rlpKnYwkmAUXiiNu7cMXcKnwyN9d0p5hBr-51QWOKtNpYTJUrSBiOeU-ImUXqTOthS4EkdxCOcezjQ3EZ8LkB2Gf_ImYnWSYg6H3ChD0eM4z0IucFk5Yioxj4yfKsQdn0h3f3mm3k8nNxf8tos30QndXivpmw6yQGrpCZKd0AcGFsiLiQt0LyFnKM8IN834la1aiYSGpyEevmu8ofuy97Zh9LLOMUn4SLQJkiYt4OT-xt9jWgUGaxJH462ERtZ6EebWbH2cQbSOrxCX9l4nOs4Lj3KLEG1aTBCA_7vcu932A1dc-eUkdXPYLHf9OWK16FB9glmOEPqT9pcs1dfudq-MrFbhpG6uWP-Cr399GJGFzRcMlVX6b2mTlPL9ut1Jt118szPmhuz-LooiEpT0_BKw99ufw1SdihTpT-G0pl8mJwHTSJFGy5zaDIY4mJINB6_5QxFIl4q_6gjxDLhIxbTHw-DtAT69gD9XsEiS2pPCUNlaJF8q21CorAcLFM0u4fEeEWBa-iTH1jVQjxYGnZoVox95Q5xQtm-_YmHLbuX_XaC2EgkQY9Wxzp0emGVkyUpvD_QVUWuJoqT1PzSEvnbdeqID3VB-WXFTmkUaP4u-cs-1sBICZnmg9daUgNhTf85Vx2OFp2o_Apj08cxla8yvPSMPEdLJIF5ZwAwaKrmVLy2yRypnJbKc8GPvvvySQYVHhR5nKk8BJkiB81OiZ1x4Ev68-z1o26HxUbbngfW4SF4q5Agj36W3EaGylbIqBSH-UOdiH9honU29aJCSsnXAB6Fm5LpXNpcKvVQsm4sR2qT1kqozn8IQypPvTtLRsRwRXcEiyxQDMXPyGX5xtesbjxusHx2PZrVY3Km1OqJWCYQV84TNkrNKCuIlVc7V7Rnm2Ml9Q1YEI8hsw77zVep9tEa_8wvRjVDZofQHi5dj25eBu25WFIOU8PTHpDGHIY&sai=AMfl-YTxAMB-KkhLF1o4X08n-XQRIy4u5g4Bw69o_-s5APzO_oyoqSS26WKdPcBW40c4jedjHSxDXhQ3F6-J5c4Hj7z-C0-W0tQpEqqON7nuy1LKh0XHHknRDm3D41Oz4q2CN3SjSzeUqEhe7Y_4-EMW6GpHZw5NFFBD-Aw_dPcg66wO6uRszUmWSD9yf3BmamqokG0id_8-Cvrbnh8i8dxuEqtY-Wz_aIlQKrosfTqRCioBMeSKvRTNHTWZsta_XgQDULtnJIiLkSYzVNsrG-opxk8imuuHgltqS3KdGc9-DBdnvYOLDqwtODOoP5mq4f0kZbLAAE3KW8653w7eYreDaKnvFU96lrPlmGerg1sBeIKGngiQ0MBqKhNQuJjf5NR_6-IOo0U0SUhr2mk&sig=Cg0ArKJSzBnyQgj2VeUHEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1000&vt=11&dtpt=998&dett=2&cstd=0&cisv=r20231017.01074&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 0E9A 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d06d6b8bda421af8b2b7df9243b562fc90acbe758dfa3503552f91cc774c09cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51131
x-xss-protection
0
server
cafe
etag
5660797174598024382
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:51:03 GMT
truncated
/ Frame 0E9A 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8af03eb0348ebd3b30432805d57b69fed1cfd2da6135f1dbd0c425fa496f395b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
pixel
googleads.g.doubleclick.net/xbbe/ Frame 61D5 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNWdDit01XBuNsP4nHQT_lEX4VuydzDRQEcjUcDnr2BcfSCsou6RP0y-bQbzrkQv7ubHkE2RAZ67NDIhBieoXci56NxnWQ
Requested by
Host: 0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com
URL: https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 03:51:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
9107379330298137186
s0.2mdn.net/simgad/ Frame 96DA 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/9107379330298137186?sqp=uqWu0g0HCFoQ2AVAZA&rs=AOga4qkjZPs9cpDF6G4gCnpXpWAm55yYcg
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c8816be8a1ac63eb157a57740dced17c63a9affbda763c4ba35f88cf07e0bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 04:47:18 GMT
x-content-type-options
nosniff
age
428626
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16210
x-xss-protection
0
last-modified
Wed, 27 Sep 2023 14:41:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 04:47:18 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/ Frame 96DA 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/abg_lite_fy2021.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:06:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
38670
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9137
x-xss-protection
0
server
cafe
etag
5200559654007170660
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:06:34 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/elements/html/ Frame 96DA 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:27:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
37416
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:27:28 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 96DA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvVTd7loC7iydU2ZU1-sl9l6rKe-pobwYoIOyjhD0qs5BDyxmijv01BxRFZnxLZXIVwnpjDaeR-fy1TfW2yfAMeVX_xJQ9mguFkvvF-iVzf7gZ0FuvWeRsMmwD6rloKIWgbxOM1g4XAt7-Nt6HKQ-jaCO1bdwYMnIji-dYD_Mr2G0Qf1vKhk9ZCk2Gn6Hr01YdGqzQIyMIz_wefwLrkcpeEgYb87rhZWB_nUONNXNIBpkGA6TRrbFHZnhWGvVX7AMBFOYHxqugoK6J9QDG4CAyCgPUShIOVEcDc-n_eygvEEt8jN214zcZ2T3I6XH6jiwpCcxcyi9bd9D4PNoTXvXmKrI0K-JK3KLdrovRDaUfji3FnpY4s4ZUxGQUdH_0h6fNMCKr78BPB0BP9nmuXVTK3rIp4BXTR2DYHEUcdvK5Ss9g2zzGyZGRJEc2n16b1PC_PwijhLyXa_imB9UhhFnFgM4-FZUMWR6gGvPWRHHxfFcdWy1HziFdtkRYbdFUZYKkgspmRo99E1yO4rTgXeGocKIwJwZiHu2doZk0GFUJuJiJdEDb3AYvG3HzOoZ6X_CNS9YOSbE2GRJvqRI0QWJRFpeILW7ELfVF9eqiluc8ViaZYnKV5e-RFFRdOblIUYozy8G1zGREblJjd4sGjXh-NJ8easjknYQLZWO1mWM30-qGYi6AjtibW5udrjQN89osAtQdaNQrqgMhLr1bLxluflo3CfN7ikWSCOtCQZMyIEVyQxc2ucVBvXLrGvJcKPkrx4XxGayNwAOPa9Eq9cD4Bz4gxG3X-PfIwvp6z9AYOpotMqt-nSAwCUzoHOU3-AYst1PadQCXYjinC6_htzIac2AMWpYZBIP7rv81PlA_TDsFx8_nOW-hHBq2GxfveReBnz_DfvcvhoO68BR1pF_TyeYigeOTCSz9iPYN8j2e-C87ITP6OETgEy2ev0Iy8LeNkjFpIijwvo0DrlW1nXwBnER9jcBlQEbuqCSAJYHpQEn45eqsYd7HDWAx6PnyuVMH9cLMZimrJq2JvYPMtpaxEryb0i-QMhdGLB5mm4igL1OVjTwzSwdA5r2Ta0LynrgmBJMZC63MpWDQM5KQ8VmOSDFFVwAVIIqsGx9HOYtWd0uEG42CWZ5i54Xz7HCUd0_onWArHp2caHXC1F0BIQovm21yR5oEb-wxfuevLCWeJnfXxShUg4Vol9X5rX0aUW1MuINsIxgsA-2xFsE3MCrjm4TPIUpsADwuJ103iDr0rgFbGPd4f5sxpwnrJHGNtp9nkSTN454lp0A_oOu9O8Ldc4MsVo1pNcdcOJw9xmbONzhTgZP6jwUgQk6jht68orytFCod1oo7e5PTmkyjxhdFDdbgqlUQd89gc74-mkqBb4K-MdXyvhRBVYHjFbg&sai=AMfl-YQregDCc2pkLcKlFo6hGScrkK32ainXugjP49h5ComywM9zkaQC91q43AHpxZvGvGbbM8mah6nx9nUCMfxM13pD_pc3Tb-RR_NQOt-_0YhLT5j9PZjF7LNPnJ2kQX2LAnIwxHB-HbFaNRFIp4Z1ffUJvCUgAVsCzHzxMdHouf3yfTwdipJDDW-A0YRC_1UFG2yAB2jX8kEoLgqil5632rLK-2ic6_CCZAGkYGEN1AEC-rpN8HlDdnZnekR7SmQsqmKJrx458ASB1qwPxdFkOQU5M4SDBRhrKbW0-vNJbhmho9jQxMuGvxbGi1X0qrbkpvCHG2kUyvtTMTPmAG_Y8vY_TckoLM18y1pKOqRWKS5YeknCM_2jpdN7Fv7jNsDUhXo8XLLdWZxjhscvWFsOw7gyC3Ab&sig=Cg0ArKJSzAWZ2i0lI30jEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231019.40401&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 24 Oct 2023 03:51:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 96DA 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 18:02:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
467301
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 18:02:43 GMT
_track
www.turnto23.com/ 		0
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.turnto23.com/_track
Requested by
Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000018b-3ea5-d7be-a9fb-beb78de10000/_resource/analytics/bsp-analytics.min.3d492319d8b084de04ab3a208c32f0b5.gz.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-90.fra60.r.cloudfront.net
Software
N/A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://cms.scrippsdigital.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Content-Security-Policy
frame-ancestors 'self' https://cms.scrippsdigital.com
Date
Tue, 24 Oct 2023 03:51:03 GMT
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Via
1.1 c2bfbd57ba266fad66928f7d9fe2f1c6.cloudfront.net (CloudFront)
Server
N/A
X-Amz-Cf-Pop
FRA60-P5
X-Cache
Miss from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
vIUYvO05V9jE1C8QZ1dYr8JaOk7YuadfLL2wShdqXtTbfE2y36jwVA==
ibs:dpid=175765&dpuuid=967d9e7d9eab0c72f798203d184fe677
dpm.demdex.net/ Frame 81C7
Redirect Chain
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D
  • https://dpm.demdex.net/ibs:dpid=175765&dpuuid=967d9e7d9eab0c72f798203d184fe677
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=175765&dpuuid=967d9e7d9eab0c72f798203d184fe677
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol
HTTP/1.1
Server
34.250.238.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-238-79.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v052-0d06ec124.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
MqUgMf7dQuw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date
Tue, 24 Oct 2023 03:51:03 GMT
X-Clacks-Overhead
GNU Terry Pratchett
X-Adswizz-request-id
e0c9ec90-1fce-4b3b-975e-97b8f3ec5951
Instance-id
i-0193e149836be3d4c
Location
https://dpm.demdex.net/ibs:dpid=175765&dpuuid=967d9e7d9eab0c72f798203d184fe677
Connection
keep-alive
Content-Length
0
X-Application-Context
application:production
afr.php
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame 5C05 		402 B
977 B 		Document
General
Check archive.org
Download Go to
Full URL
https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Requested by
Host: cdn.adswizz.com
URL: https://cdn.adswizz.com/adswizz/js/SynchroClient2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.59.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-59-251.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e317d72184f175517e5c71273b70cc53d88e1bf4887e3fac1c1c7e448f83b323

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Charset
utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
402
Content-Type
text/html
Date
Tue, 24 Oct 2023 03:51:03 GMT
Instance-id
i-095aff49804e16dfa
P3P
policyref="synchroscript.adswizz.com/docs/adswizz_adserver.htm", CP="CUR OUR NAV INT IND"
X-AdsWizz-Banner-Status-Code
-1
X-Adswizz-request-id
b7694e39-fb7a-4f90-b2d3-ed761c7bc204
X-Application-Context
application:production
X-Clacks-Overhead
GNU Terry Pratchett
gen_204
pagead2.googlesyndication.com/pagead/ Frame ED94 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7242666621001&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame ED94 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7242666621001&version=m202309260101&ct=2&x=8&cor=14548409949965713000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame ED94 		82 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D0cXaQmdMLYxkL9KEIVAl6FrOp-okmOuvwIjwbSI0T2Hu2ZgFti1jJmC-NwOrZCnpZq0hXF7zCY0OHeOGJNGjcFkXcTmb57Yb59i3Hr1Wh7xYpRiyOvvH_-8MRq57PEDXiaMzju5Zi1xu7iBvoIT71DxgZ60nPPQ_HiS_Q1Y1r4ZCWLPk&cry=1&dbm_d=AKAmf-AuAhC6mV3Tjx3GD6LFMdLfFKNowhzpDRpuDGB2iJkITBOBN75NCcW-1pB4KXNtUSU7SViHkB2pSKtMK4QpViq8eJa43HN_0zTQ_BRNu1r7RRBECkhJOflIlD_SdLIKLDF12K50GkC7YN4Bco00Ok8_3Fie-otrdlhuH730icKKqKeXGx5u2x6QoHfBFH7QuST253NW5ZbcA0c9CIDONF9eNkf2GrjF1XAsGyXBkAAlv9-CNLUCk0w3vktKvpbXo0ThByqk-zsLmaxoJStbfYTmhb8dGhUprbLAUH6ovoAOcN84HNiQ9TXztzsUzxpEX6nLkywDhaWtTxlapRBiod2wIExpvl3oUAMyiMHpSMQBXi2hwL-NYfN3s-s7UkC4vr-4lQhxJwyq5N35GJrgKTJd6W00_3W3y2YH5cX7F2PdAGAeRKwBV30Qy5DqHVb710LuQo73xRulzFeR5P2M5LEGbt-uhPowpBHaXnNB2eq9CRyARYHY5t285b2-LZp0ev5jyiHmmORyXC95h3G526m55W2FfwooXrwBmcAVMmQXpd19ncmLOc4HujsajStcGf3punfJHspkO7VQESYczBfGCXaZlCXKFvfF-h2zedQfbAANGjjppK31BHPcNklBpUtrQostyaSrEzmD9cctRbU5u_xVlMxCpW6fAVCYKlmHICVYW0c217fbbtEt_0Au1lIBK7VfZ-oLSz3USwwiES3MZjmb6PLBOI6DdmSfGLlWFEgUNh34TYIMbdEceCNUwOS4XpPWOnbkKQu4llLLg-nUyQGswkR83MOGeIyvuUiujvZ3jKe2hEugqsPGO7pICkhPVQ43gUklHFKklerzQ1vvi_UAiBg3C0IPhpRbs5iuExwhoOmQJuvsxBookmIuxE4yhiDlKwez--008ltkCfOCtk39PpSwUcZ3_WHojyqw6eIxC-fIk8LLfBcoDmnAezh_kns2HAqrIgR9IisFnXksNbyACGRsDmR1ArsDioGlp5VGgp7YTgYfYqeywepfhWRI57geilfDE5EhbvISVHv-HZ3ZNX9JLvq-_LyQ1z4JnFY9Z12UJE_SWNqwjq9IjP6h73XYkfcnt3Tsz7BVJUi67aOiNAqtvypjFCWCX8WO-Lg4FgQD74bmruPDaCGnB2qb22ln5nlI01LLDXTsZAuzdjkYEcs_OenUgwVDOZNkEcXlJodOoAdROrp5vjQFVeIhqoK5wSv91yBGO_vjAyPDkCygCb_SFr7kltLM5BiuBKkndr5LVHIKHSiK40aCZXgZCQvUERbk0BG5JsNwV9sTI_FD9YbyTj-Fh_-WmxM-TWKviFqiVFYvnu1B8lQGzbHYoeJRY8LVp-whofUoITfLzVBnVLysAfiw9vz0fPmBLH7PbLjAgILeYdZ7htoEa-6Y-Yjv0B0xU5Tlm6PCsMi4_U3hJ-n023LSBXzwfcE7YG_izT7QshNMt6XJZ9vt8j5nCVfKhZfgeI6d8NCeJd5dkTLzc6j6EGJLBN60Q8V8JoJYjjcGu-7UWpMXoxZdEsM7nKZxaycJD0fHbAYkBjXMOq_fL7hojU6IMDhKTe9SrLsY9bMj5nX5CsZvtSsb9mIXlRxXqAIk6pCEL0vP8F395N9z-l78b0WyM6ass5ymb69e9OQIzAMUHXQmHmsNtvbSaBb4dpfHHH9HGe2ImJyb_N8VlfqZl-BtGD3uNxwmNbTdL6F7KqrMAH2rXMR9aTDWzxgbODYqnIqRnIJEXprMtDpLitCLxafClaXn0iNQptPbLXErpjMPgJPhGY6fzU_GjrfNoX_2lqU-e6wkCJ3QcI9twCFvfmxdK64Ok5VUGqt0eu7Oqkv3vkwW3e4uPOVMRQdZ9d2yEJssA9IV_3H0mJEJq_HM1M7Zh_jIjOm82IPGvTCwOwFy-R-m00Y6aHWrQrbtaYPju3KGjhbhCfg_TVbngo_4SnipP045zNesXmMQ_ifuPSsZWorx0dCkbVBqSWB8n-sIge7xcR6_CrveSMScPoJ_V8fz-hRQ84a6DAKWvZ4Q81RZUFBYhdFSjV11_hNwzVPgswrEkniRbCbfMYa38yKX-lgEYae5WCrKbONXaJGiV9uRr67CTmzyB2Wvq_46zGww5oH02zFj-p6Wipr83RWWt2JLN1GwvaGVZEhem46hLgzdAtcYuHQCyFzHs4WaFqpSPBok6Wx-2Yu3lYd0RcfgplMQMvL0QnRFlIwE5usbB8omDZ4LnWSbIiCcqNAX8xYiQqzDDB8LKTLM4_17d51nBw3uKqLL6hdIgl8YySDJukB2vVeafxOD81nVsBQt_0FBKcuUDSlGLYC4-aDA5-OtFu4SUc79AvXl_MdNZPF6DQvYbHEBwTW65NooWxD6FS8kcn-kvamCYrmTZssY30jufGkb3sFgnlIEPPGV96qcqqtR5Oev180s7xixxDzryZ-Ubnypta5JTnx7RKWz2RX_AngFTt4-PdbgyK_F9DiXxmWEitgKudLVo-W3PZkjsgII3N4paH_v3TMCPGRQke0FdQNJ81QFUxpFISl14ELIDXYSdV3QoR44FN6JQlnq48UwJdPngEjrcnfTKzWy5LUmt70xfUwW9ieoqe-UvzXW4O5gTmbNkxe7yZ9L8xYjYxsZIVJhrjIhF-pgOnXT83PvDAIhGa9TnA1uFyDzS9rDJFG5pEDymC6BfDiPH-n7wWjSk3-XV8dRm5zgJTfhb0IiLSzVWC6OdmyL2Geb4FaQOFiW26iZswxi_K_2_9Yg_aGzqU0oP6XqqImdKP-mG0OuLg6l2IrD-M1knUCSuqp8jvHs3I9iW9fsbLF8upkIq7mlZRglig_FXA4qXOzkGacTE60NPfWob_ADwu_1K5CeBkbhpAml9UYIr48_hpp9cZ2youaX6RDEdtXbHBd4OCwmh5K9fgVutNR-wiLGMlMlC8Jv86Yky85YExa6n0YiLySjOEdOaocqReqOuOlKAOg0_GIGTCMFxwFdPwaYb571T9uLswcbwPnuRP-UxJnuCjILvlwMWtdAciTqjQ8iViNmmv8oc63ArFEyawn4OwaRtA045dzdqUOVb-NuguVCctb5s1SjHliHdcffoeG7Gdyg_m5linuCNw0TV9k9kx4XPVYy7U7hRxIio1MBBJyH6p3jc6ILIZT5hIo6FB7Jg_iYCzS-OwO6hsIGsdc3OCXEYDzoZ2-UfOoQOlbLgR9shgHjzqsWfHZb_IkMRrSIV7SlnrUatv3ahXhFu7RSk6k36qB55Bf3EgOt4fXBkugagkD0gIGIrqPHhK70Hui8xz3rpa1ThXNmMeCUMfoLF5Akdhur7dzIrKBE6zQtgx0FrFMQgzee1zm6bqyccvt5In5ZCHXS7PgdiX49eA3o9NvP7-FkILLKpBdJRJV0JcANLkyMq29SYEdoePuQ8QOZy07CEZEHis4li6FjJOX9hp2QzKO4EpzSdQ41y2IpT6PT4c-uco9mhTN48t-Ur18xLvIgsZsjf4gJ-i4EG4dGQeiZ82bETEL77yI1TkW2cwVbY_uF179xb4CDdaUM_EWQlrB6rvpOTdDPyW0dGh75OrLmKJzP80QcPU2SD-icfln-xHJy-n6IkplHjrGKmo2obDCPhN8bu3IcrDnKgeIRERBg_g1l18ljRW7Mc7S7HCYVC-cBOgF0SKMQ5FvdQLreRUOxMY9ru7ZrpNOdX4RFJTlb3Bntqe-MnGBeqDTnqmU_WFarpRC6W1nfFhwxTaWDrkqQHG7oGzlUOss5-LSTKIMjPTC7XohudZTP7dfkqDHhj_CFCex7MGOQdQ0Ddu9P8RQm00qnNEh7WzdK7eCoSLki0QsIEwG99TMgm72l1IWhPzNt_tRj1hK8aO4UWxL-mufc8x9h8U7Usj_625IUcYI18a1oiOBinHdPw7gmgcJjYEKJ3uHAqfyZ-NeKERg-49GCkG47e7hJ5HwRDp8lAWWzJGnDOquCkZ2mtFSMLiS61KBbAF8KLp9h29jnqyktGbEWV6BZZq41PA3Z-905GYI&pr=8%3AB81EEFB6E78C638E&cid=CAQSMgDICaaNCpSpjFkAz9GAczcJMqJBJ2VUzjGooYF-On_J3DtRDwL6U-J-dEHLrSiWIVFmGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.turnto23.com%2F&ds=l&xdt=0&iif=1&cor=14548409949965713000&adk=2833232780&idt=53&cac=0&dtd=23
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dabe1dd37970f8b88069aceddf2cac01c99680734fc9ed61f18400e1d24dc7a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38709
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
9107379330298137186
s0.2mdn.net/simgad/ Frame 1D4D 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/9107379330298137186?sqp=uqWu0g0HCFoQ2AVAZA&rs=AOga4qkjZPs9cpDF6G4gCnpXpWAm55yYcg
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c8816be8a1ac63eb157a57740dced17c63a9affbda763c4ba35f88cf07e0bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 04:47:18 GMT
x-content-type-options
nosniff
age
428626
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16210
x-xss-protection
0
last-modified
Wed, 27 Sep 2023 14:41:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 04:47:18 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/ Frame 1D4D 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a860e393a22f7cd34a28120e6b5f9bdc433a1eeda614b995c6c22b395afcfbe6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:03:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
38855
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11591
x-xss-protection
0
server
cafe
etag
12161711247934188981
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:03:29 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/elements/html/ Frame 1D4D 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:03:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
38877
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:03:07 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 1D4D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssGv1wG9fWlPLHMK_RsamGCxiTOa1bCkNIJ-Eu_GqM-f949EmkT8vMBUrQuA1B2pz7QbIihh_a5xTf4LjgcttxTlthMXHcgAr9ATYrgThkOwtAJgVrwDm_6btOIECSNyGEMge0PAhR3-ZmkbAaq9qcQ4Qin4KQbFr362kKw1c2-kxIbyPtKMlYkSUjXGA-720OhWoRk-UVJtJWrh1XHBbRwHu9lwyAP2JBICs0Jmgd845O2Nju5w44Wwp0obD2rsCqGAnA0FlHcN8eQDtfFXpanVg63cubjyGmGfnY8_dA9ZWEVEvnoqgdva2X1pSi_iZdQphwekhRtL2Ch7p3dRhxbhs95fIzH6LZ8MnR937WtlUdX571I-vlxZDRzGMP-FchTj6_lLAE2oZcv2eFbdh_nlz9fW0XCjg-I5Ma7fqZtWD7A_w1l3MmsB3DxmYwPIEMRHYP-vD-2jVuv0Eugatsi9aTKxB6D1tasGn3guDLCsxcND8FJ0YseZoI0OzJNCIvmqUlxRv7XqpIbMaGE7GCTKTNmLyC-ZyoieP0_1NpHtpQZZtcWg2mX5aAHcoRfmoz6nArPETBTxoAvV_GlhVZUr4XBOW07xpQUNlKTsh6CJe2tUM70yb3B4_QdF9yp53HdWysaBQRxcGn7TDK15MePm5vZVQ0ykPScM8E9rpLRdyvKd2q1JuASFMEH5wOAU6aAIwhKKUNeV8j4WP5RyhKDTMR7fL_HanGwZfTXWdTuDPVy-DsgpKfZQGMg7QBC6a6_6YP8B-Pkx0CuNH2xFuAJ7q-tSFqosNjyk9ea2NLn_YmAou4vpidcLxr1DeAXMBEQkAb6DdgISMiN8YGCNvOPhG8fftpLszXDq3i9VZ6QCaThMJKsbm-_vWidEGWvwKN7_JY03bMuwlLYJsU3FGg2pEFyUORXmqlfeitP78LhUff77MNLj2tJhQMBHC0_9WVxnvH65sF235g8RFyx1Wt4y7lKyyMk8WfTrMOd083O_ClZxvuEXkGSdZZcxkz7Izql3TyscCyFve73am6Ninz33Gs2oivEEuV1JMCMxqxRqFVRORZf3IvKi-K_S0O3Kmqu8h3cGwgNW5MUs9qpdNHYWsXo-UWJHz4WcX56PUnJR-v_ceLBwYBfEr5Ca-3KZelttIzPCyegl6spqLlbBuOvch7G6709HZfYf8pjQVv-oCO7p13Kt6oHYzWPflfhlbrmIHx4NMaZp_z7XIDWTYH6xVRxNYlFkXk_jsZwlpid1c7yI_joE8f5OhLLRHKk0KDoXiGbyBSKcOCXqH93tocjhWcgWcI3JsvXn7F8If5W2F8Ui3t3fizn1nEFXqncufvy&sai=AMfl-YSKyZxAT1naNDTs8I8oadvFii_RoqZUN5CPtWezb6bO8xV7c-YSZu1mMY_ExHdoRpCcEbdizQWK6dWS7l_ntMe4zZKtKnAgrvibkUxVrl5KC6ZN3llj8K-VjYva5jOKwwMWUrZ057ImxMMRGAIsrlQGQy5uTSlmKmahXdgK-qUa91VE-wd5VkgbTut94J4z0oC8XxbUoHCn78R7fxUR-edDWrXdg5GLEuhHzpjmfFy0C2Q4kynAD2CofhQ&sig=Cg0ArKJSzBtcEqOOhhRsEAE&uach_m=%5BUACH%5D&pr=8:6FBEF3275985A762&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231019.27665&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 24 Oct 2023 03:51:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1D4D 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 18:02:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
467301
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 18:02:43 GMT
usync.html
eus.rubiconproject.com/ Frame 2D56 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 24 Oct 2023 03:51:04 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1D4D 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:51:04 GMT
khaos.json
token.rubiconproject.com/ Frame 195F 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
Expires
0
khaos.json
token.rubiconproject.com/ Frame 6964 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
Expires
0
khaos.json
token.rubiconproject.com/ Frame 03E7 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
Expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 1A2B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstVevksn9efVPTKgQO_UgAIeNu1DWdTqX06C6vVEEI2poWzAHjSTCBGCBMOGKJRVgFHw9IGfjJtWggiJkMxNsfD7HzycyDVteSVQ1oHw4DiPqPOnRbYfwuLhHthNCJx&sig=Cg0ArKJSzFf0tmjaJdmhEAE&id=lidar2&mcvt=1604&p=1105,436,1195,1164&mtos=1604,1604,1604,1604,1604&tos=1604,0,0,0,0&v=20231023&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2587397766&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698119457525&rpt=5071&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1A2B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssNx7swFhhhfLVOYBaQhUowEzVppSJxi57_y3ciDEcomlQQxFFWcZ6HlY1iRsEC1cf9KK69vQ_kmbqJSkjT2jjLXsneJHVB2DX7SNS-74NHlog&sig=Cg0ArKJSzBGu_2RkYt6IEAE&id=lidar2&mcvt=1607&p=0,0,90,728&mtos=1607,1607,1607,1607,1607&tos=1607,0,0,0,0&v=20231023&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=32&adk=3361789619&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698119457525&rpt=5078&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
9107379330298137186
s0.2mdn.net/simgad/ Frame 2E72 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/9107379330298137186?sqp=uqWu0g0HCFoQ2AVAZA&rs=AOga4qkjZPs9cpDF6G4gCnpXpWAm55yYcg
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c8816be8a1ac63eb157a57740dced17c63a9affbda763c4ba35f88cf07e0bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 04:47:18 GMT
x-content-type-options
nosniff
age
428626
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16210
x-xss-protection
0
last-modified
Wed, 27 Sep 2023 14:41:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 04:47:18 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/ Frame 2E72 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a860e393a22f7cd34a28120e6b5f9bdc433a1eeda614b995c6c22b395afcfbe6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:03:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
38855
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11591
x-xss-protection
0
server
cafe
etag
12161711247934188981
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:03:29 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/elements/html/ Frame 2E72 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:03:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
38877
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:03:07 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2E72 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuqpnLmUJzciniMulUh9ildQVlb7eafzdNn9c2WvAUK2rCwNO6jVpU-MGp6ydr6iMnXzijQ_w4CaEU0A4GOsekAkBZDxPlY89XGWj5J915iO52lSXlBv5P2tpXmZTu9wlT_RpecoP0G2C8e-1Fya2Z3zQwZ0Glf2nkYqCLl4c1PcDqjscpqHPsDdN43lzUyrTSo9CC_33J5WaxE75oY9k9e7nOSU-XsU5pmAxaoFtNqhEutqHon05ilQ9UtGU0A4e0_AC1kdTSdwRaGn17wJc9g_plZdRbKM1auZS56z39xPWiqTxDTrgQhTzIa2d9WpDlxQYgrRL1MrzmaSR3zNZI-GRg8m8RNYsvZSLPVHTY4H_WfQ_3i3ZOAs3QoMx-YifKY8qTDRfSbtTju1mPNEAGTj7eYQuZLrELgvyOsQ8LU9bYoD0LOjCCi4Qzadj3hBEGD8-WVQNzfFbW5w6E3w0ZN8J4ttd3AsN8QehdUQgXWUlG04bp-hb_nWpmSzdkeIJkU8ayDjub9ANTg7k0GuQDeTOYCPrv5vbDsXOET1ER5bNgQ-ggO0JBdwE3cf84vnv3CT6FhDm7Xiy1I0J1xVa3Pb88BBezMPfYfutmzB4DFxLhF1x0_f67O0Y8455JzWgszH27QZBmXZUbTUKZm4BklNA3HIDu--MCHcmgJtRfIiYla75WLn_RYHPQO2O867NRjf4MyExccwUYuFzOqo0xv1Rp0-TSrWBUDtSGM2cssRKyXpc1KpUpmJTHSIyzHhX_bRPbPZVn2uH_AWfObO_PX3ErxlKRkiViyFD64I8H74z3eAQNbRHbae5VySBQalQ8VvVUSm1MNn7xcr9u9e9aURBDmam32lcVgVXOAYDqjWgTyXjOJhIVsNf2JVV9L4spZynBtH9yTdrW1oQx7VTt9Z85BCGDl-peBohDM_hxXhNYalYuYNWqaszYR5eBqLdrZ70w1Bpm7RoQqSS0rV9sGVFVSLIlgm5IBXXu9ZkwuJ7UB_IQ10TWnJR6oFGE6kOG8IJkEi3AHy16IvCUoHOQbpDZNe47ECOUF7goqeWxbK5qVqzOoOYyUhAwSOnQR6fKYsTriQZopji44Qqnrd7joIY9quaEK2v9_Z6uRPJXkvnaVJTb9P_TgGb-LdfHc5r6VgUNtvY8C-KfYxz-saL_09Snn2UNlgm5zwToQwif_8AN00xY-H8M6HvVUpy2X_cz4nYjsu1vOj_rCoZnZSrRyk6esJwRnLyoVW0Mk7vp7OlOoEUYHrE2Ya9-TLig2-sa9oH2P5_vwu2FT5YS57I3uX5ShTMYE77ArLGrc62CWyDetsJq8cpcJX9cdmt_7FPODCiRovBB550hz2vcFnodcPqfV0IOpZcztws0&sai=AMfl-YS5n2Ih4KAFE7V7uMJk-wznGfDQLzy1gXUFobwoJx9RwevhIPV06KXX5uKqlJ-I7peze8gJtqnu9XOhF71ROY7gEK38hFzAKE3z_4IhALHJSNdA767LTikTLz_2XkqnuASlLB295PTYxNMK6NOMxDzWLA-5aNLwQ_D7ljmI7csreT-9R9_Jgp3k0joXz7LcCiIf-vR8g4oODxtdgYTA6XH6CNlQJtMuHM4gX29awmjLDB8MpS4DyTCRluo&sig=Cg0ArKJSzOe4_q5IelFiEAE&uach_m=[UACH]&pr=8:06461963C725935E&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231019.90197&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 24 Oct 2023 03:51:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2E72 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 18:02:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
467301
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 18:02:43 GMT
usync.html
eus.rubiconproject.com/ Frame 3571 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 24 Oct 2023 03:51:04 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2E72 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:51:04 GMT
9107379330298137186
s0.2mdn.net/simgad/ Frame 4DB5 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/9107379330298137186?sqp=uqWu0g0HCFoQ2AVAZA&rs=AOga4qkjZPs9cpDF6G4gCnpXpWAm55yYcg
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c8816be8a1ac63eb157a57740dced17c63a9affbda763c4ba35f88cf07e0bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 04:47:18 GMT
x-content-type-options
nosniff
age
428626
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16210
x-xss-protection
0
last-modified
Wed, 27 Sep 2023 14:41:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 04:47:18 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/ Frame 4DB5 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a860e393a22f7cd34a28120e6b5f9bdc433a1eeda614b995c6c22b395afcfbe6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:03:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
38855
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11591
x-xss-protection
0
server
cafe
etag
12161711247934188981
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:03:29 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/elements/html/ Frame 4DB5 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:03:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
38877
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:03:07 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4DB5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuq4Qw7trHa7GU9v9zRwbz8rzMQbjIhdITQnc350jFbb9pQao8GH8ZFwREgR6uTYDbdxgP11EbryXlVAMlTPhYWpdLPKj86MMQDT2EVC3bNDStIYu6PsPv-l48S3cC9mPtXQA0RvV62wn8O38iFb8XbFm8UE5HWSZIGD8THr92fFEVlmVoea-WrWjq9I5V-dwyCXwDo2hj7bvjqaX7aeTqR_nX-zuspsrp4JBBtSHrke_Ib8Fo-DxtJxf9TcrLPra7p364roq_yIIIPx6a-nJ7M0rTQ8k1V_AOGEVwo17RGXTQORehzEI18DzZ1YTH3-5yGk_4cqrbptzP60IrX9nIqIztw0yFnhAy2Z0DIpZ8JbIUM9Yf9_246bfKEfcduFx8MvQoc4eOlpZ8mqxwsOcdPZHif5pvW1t2la_FPGl2aTNqpyhLTZaW3qmN6em4e5271gKvkod4UXrAkS-R7rorqRRoed98JDJXxqRuj504HEi6SGrFHIA7zPtJuxasPYIXyQ_69S5TeAWM0MylYZif1YMwP6uaX0SfhPP53TZr-zgUusJpsk42BiF_rv3j_Rg1yX212Jq4vaRsQGPKne6lvI39U-6ihXXvq-QZBerslVVHBq5B1nlvZ9NuCO2tEpxJs1LnLzRQCSGvsklwE3l7kjeHZWVXO0fACnfy_j_ZTg1ta9rz6fXG4QoLRRdgDJAONjDp7Ve2SeuwrD_wAEoli0m-WKaL35cgTsu5IKVyzrqBuR88b3bwUT7FepIKQeSwrWeL9l1wLP27jq3yI617H2HO6PxcmWFnCTrlHKabRIRNMNSx7zrbl3KNFV8mnrBN654DIgRcXio34c6Un1ILrvUinYs9sxNUMzJm2KUzd_uetFl4nylXo6WNdymhpu4Ttm3-N0pbQoL3JX0LEHanDx8XcKwB-wXug-BvCyGm5oZI_MF0mAM9uElq-ReNnh-ahlLobA9HP5lKNkAjDjKnENv4ORZFO_czcQcMvmNTWCPGb8RvnBtrC3IJhXsw-OyXRZfXqeUBs_P9LKfLKBnmcJndwei5h4sH2V8bLxBli1hgaoKsdmABG47ZhTaWSnz79H99JjIo33dWfbJH1C8ACeiWyg2Nj4ZbVxPFHkJ0x7kBH0RlSuPDOAjDXAJWtwdhVf5qKjl3flfXLQn7WDs5OGVlOUhK-kjJBP6vx5IaJ2TRQVg1lgVd_KNoeMKhyi6DSfCy4NfS3-_NCv5ATTMbBFRzlI7m7fS-FFgOIrsqXWMpFQt7VeFehNzvxsyim9uviZEW-b5AUj2GOsqqhcSusC2Zw9Mm1gw_QGuA5cd0wKCjB1AqQ8UVQt6xnxvNYjsBcj_8&sai=AMfl-YTkZ3MEybpyNDp-JT-UItyjWBbkxjWfN4MjlvXT_di3M44fD_wkr8tVAmsZYGrePfeAWEJLzdakzPpQ7HHdhRJQIlwXujQbjZ41dkscj5h3qyRVLzo2uKipXlFJdsD3d3GMYt38zoyUstPiDl9Mi3rhWHRjeGfLqfsebx1JHYx1odQ1mDm8c3LEWvgsVK9Erk-WxVYi5cd1G8Ems8p9KebLPF9-Iz6-1CTCVZZvsGBn03CE9n1uv1iUVaM&sig=Cg0ArKJSzEzXyXMxOo46EAE&uach_m=[UACH]&pr=8:06461963C725935E&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231019.05126&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 24 Oct 2023 03:51:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4DB5 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 18:02:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
467301
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 18:02:43 GMT
usync.html
eus.rubiconproject.com/ Frame 3C46 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 24 Oct 2023 03:51:04 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4DB5 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:51:04 GMT
9107379330298137186
s0.2mdn.net/simgad/ Frame 77F2 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/9107379330298137186?sqp=uqWu0g0HCFoQ2AVAZA&rs=AOga4qkjZPs9cpDF6G4gCnpXpWAm55yYcg
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c8816be8a1ac63eb157a57740dced17c63a9affbda763c4ba35f88cf07e0bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 04:47:18 GMT
x-content-type-options
nosniff
age
428626
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16210
x-xss-protection
0
last-modified
Wed, 27 Sep 2023 14:41:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 04:47:18 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/ Frame 77F2 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a860e393a22f7cd34a28120e6b5f9bdc433a1eeda614b995c6c22b395afcfbe6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:03:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
38855
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11591
x-xss-protection
0
server
cafe
etag
12161711247934188981
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:03:29 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/elements/html/ Frame 77F2 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:03:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
38877
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:03:07 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 77F2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvufGENIq_K8ZL7mNKjV_RuQT-RalsqUggsHULLUeLB-Vc8ybvNJIpiC6ICWwk_Ne7W_vJBlafTgEiJL0_CTOzsXlECvmC5CHUk6KS1LDdjVrkwuNSlShiYlAmMzgraqxh3-CC_aKRgbDkZ7EO6ut6LWZd3n52oW7CiA_p4OeqFMGoPML-JXtbME3ZPjaa62PCLVAhsx99uGL2BHG5HKHWvpmfgfgn9XEpQuBljHn2ilHicdEd76g0ncE7aq9SI-x9SO_M2mZScvqIBNeH_5GGG3FJ9aBM4EdHqXtOGnHManU4sUALnxKdzmoS0oj0p0W9gWySNbeZc1JKKIJnDDxFItZpScyUjdDnefurLBc34sWJQMJc82HcgeSfoBOMMEZTLjHPXhBHhwSFi-5fEFR0P0VhX4sqWpNFxTyDcOLm_fAsuA6LFMRteJScP4CceRShMVyARzdlSOLh9zawA5aF57ZYBRPBwasypF6JwzQTUVMnkitiqzyCh3--PrKuAJsmPrbiDYu-QEGux9Al8O_gzfDKoiCzj2CFWfmZTmegKu9O2SQ8WGRbTAHME5_HtnkvygR8jImTApoKCpCBE0xFaoL2QUxyNrvsVrHEYC3V_ge6EXxbOThXCHfbthidMWvlzAU6NYHB59KixelR13wxGZAsEU-ueVTLfphlcd1-IQ30EjIgeIXkpuJp9GhDRrRHmI19vTJitzXu0YK_8iiHoSDU42kRbHUn--F-nciuF3ked2Qbbf__JtdigW6JXnOeCRnrvMBbAGogRyQ6QW0IzoJuore_TuamKuPZlH9Qs8aZEOpfhCk9sKyLxzTCkjhjHnIEBKgxyE-EsefHu44Q6Zc2EIKbgbrPprIdJq-LNCqHmGBqvnOARXDDenxk45TSyznKGypJPvMGRA_iyezcWycbVPYS4TcQvL38vuFOVm1SR0Kd_byTD_dI_a9o11doFhvwoQEpfW0_Cb8uT_uQvEuLXhEFA-fekzqNX-jb4gD8UKhzCaMBP_3vZHKTnWO8FCLkdVVpPgZlVM01K2CZCr8towdVoqAUeqk85cBkZK7t3oMsoEYlv6YP77yuEQUNokxzZoLiM12Loc5Vm0cfIiV5VBOVOabTiw_kZ0rVrpxbcersYxGBELo_DDliioosWgNQHGjBsrXe5Lbr25329ziRyqwpTwPmTxOkdZyPdcUSMf3n7U9AXXQE5sUETsZp_wZrxZfxDnlbVsh9HluU26Q6tQ0lCV9EgdlEvctP0wMMSe60iMdotFRCIC9L-1mrL3qOPrBOAQBKCwV2nVM1VR7RAassX97_4x8EGIxdHn6Rv-kIVG5FmfUvL5cGA641Aj_8k1vC3x3qVtODkqrXRobfHAMyAmA&sai=AMfl-YQpCEBdWYqXcQHb8Q62JqD9TB1cNUQpTcxlkXsPtXY9erDjsCpTLVqrXjzcKY5i2ZFAvgDChxvVdp4MrLWFqqOCs6gKkeXd46Hn_y2T6uYecNHVzMx9jnA9v5HuhK2nw7HTPNpJuWz3GOA9sPAmA_DXXVwkrMfa7ZGk5Cm52TvKtTJntApEyv5PqXPvj3iEA3mbySxC_ceJDQwvCUKmMmyqRfB9vLMFUvAhRxcSsUOyCpeZnD5V_SEfDaw&sig=Cg0ArKJSzAhijLPpmXq8EAE&uach_m=[UACH]&pr=8:06461963C725935E&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=1&cisv=r20231019.05508&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 24 Oct 2023 03:51:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 77F2 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 18:02:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
467301
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 18:02:43 GMT
usync.html
eus.rubiconproject.com/ Frame 1682 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 24 Oct 2023 03:51:04 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 77F2 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:51:04 GMT
casale
match.adsrvr.org/track/cmf/ Frame 711E 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turnto23.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:04 GMT
server
Kestrel
content-length
70
content-type
image/gif
dcm
s.amazon-adsystem.com/ Frame 711E
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTc_IyL251t0GCIZaPF-ywAADSUAAAAB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTc_IyL251t0GCIZaPF-ywAADSUAAAAB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTc_IyL251t0GCIZaPF-ywAADSUAAAAB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turnto23.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 24 Oct 2023 03:51:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
39QEPN6GKMYTJB36S9M2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 24 Oct 2023 03:51:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GGKW9CEMPGJKED14GDHK
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTc_IyL251t0GCIZaPF-ywAADSUAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 711E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZTc_IyL251t0GCIZaPF-ywAADSUAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGhiF6JZ6ToeMCM8JgLXjX8&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGhiF6JZ6ToeMCM8JgLXjX8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turnto23.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tsaVUk0%2BKQqOcWWI2bIir1CJBGNtt91Y0Nqv%2FqWcKh8RSk1CoOSEyVOKQlwLBnjVyGbXbR4rTU1JGAKXSyIkGowaZMJU1gs5A53eOctCAHYI2%2F7lCqnT7jgHXfX%2BFvaKd6UFpiPaDW44FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81af425deb341e6a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGhiF6JZ6ToeMCM8JgLXjX8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
501709.gif
idsync.rlcdn.com/ Frame 711E
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZTc-IyL251t0GCIZaPF.ywAA%263365&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZTc-IyL251t0GCIZaPF.ywAA%263365&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=bc221082c835437da07eeaea47a2e6de
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=bc221082-c835-437d-a07e-eaea47a2e6de
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=fcd552e8-4b4b-49a7-923e-13f50d7077e4%3A1698119465.198511&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dfcd552e8-4b4b-49a7-923e-13f50d70...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5142336725909842241&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dfcd552e8-4b4b-49a7-92...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=fcd552e8-4b4b-49a7-923e-13f50d7077e4%3A1698119465.198511&_=1698119465.2003314
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/501709.gif?partner_uid=fcd552e8-4b4b-49a7-923e-13f50d7077e4%3A1698119465.198511&_=1698119465.2003314
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turnto23.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:05 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

date
Tue, 24 Oct 2023 03:51:05 GMT
via
1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront)
server
lighttpd/1.4.69
x-amz-cf-pop
FRA56-C2
vary
Cookie
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/501709.gif?partner_uid=fcd552e8-4b4b-49a7-923e-13f50d7077e4%3A1698119465.198511&_=1698119465.2003314
content-length
445
x-amz-cf-id
tfwlF2mDE6u-JR3CBb-QnZ10n3wuhgeQoNyqLIicFiIylb8u2oETMQ==
crum
dsum-sec.casalemedia.com/ Frame 711E
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZTc-IyL251t0GCIZaPF.ywAA%263365
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=wXoHZ3CCVamCkjiGD42q&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZTc-IyL251t0GCIZaPF.ywAA%263365
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=wXoHZ3CCVamCkjiGD42q&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZTc-IyL251t0GCIZaPF.ywAA%263365
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turnto23.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EHYCbXR8SdMbjLnrwzUe1YwC8rH6VjaCEWBfPDp2jb0%2ByRVtlTWX1%2ByNnbWYACe4Kg2dDBi34PnPpnVpJyHUgVF7TEKTmRw8CU2CJdd%2FXvZay%2BFZfHv1aEjFIkjCiz%2BcC6ZnaGlFNeRWSw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81af42607d5a1e6a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=wXoHZ3CCVamCkjiGD42q&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZTc-IyL251t0GCIZaPF.ywAA%263365
pragma
no-cache
date
Tue, 24 Oct 2023 03:51:05 GMT, Tue, 24 Oct 2023 03:51:05 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 711E
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=6046c246-c6f7-46a4-a543-814bcf3bb9e2&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=6046c246-c6f7-46a4-a543-814bcf3bb9e2&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turnto23.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yxg9oj%2F0SqB3FI3NpgHH%2FpS5I86E7MIBr7WYKSvRbAHpDC03fFXGZD9K2vOV360itqR17UZ7JcMvxQl5NIdwAbw0%2BPHnjmKfpGEaDTZ2vYgNgmf5Z9cuH8S%2BZasDl5iyy8v97hA54yAJMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache
cf-ray
81af42614df71e6a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=6046c246-c6f7-46a4-a543-814bcf3bb9e2&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Tue, 24 Oct 2023 03:51:05 GMT
server
_
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 711E
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=P0ZpzToVaMokRjjLa0Z3mWwXb58kRW-cakWHdz2d
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=P0ZpzToVaMokRjjLa0Z3mWwXb58kRW-cakWHdz2d
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turnto23.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WQg7bQ2sa2nB4uZexOrhhhckh5jvOdasStrJ8RYU0B%2FNfXRWdZBmuiGuXC4JvBblnA3L4jEEH9kfvR6OmCABsdF8alGITyEnru2xh2ltvRwcHRRvEbnpC1%2BldsONkpUJ8EbbuyKcrDEFHw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81af4261be431e6a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:05 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=P0ZpzToVaMokRjjLa0Z3mWwXb58kRW-cakWHdz2d
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
rum
dsum.casalemedia.com/ Frame 711E
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1698205865
43 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1698205865
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turnto23.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bi0JytUrd%2FmKzEHU0UGpLgnsq%2B%2FkxmesrAhwDiHm1UHqJNbEBtxUQ79u5xY2AcwWqb0HiGLxo2NnoRXF67Eu4ZsJQqCI1FQHIWWwmFFdMkFdw%2FIFmamgOj9zTtTVIpo9iMcxNR8%2B"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81af4262fa0891de-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1698205865
pragma
no-cache
date
Tue, 24 Oct 2023 03:51:05 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame 711E 		43 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZTc-IyL251t0GCIZaPF.ywAA%263365
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turnto23.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:05 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
39514
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
81af4261d80218b5-FRA
content-length
43
expires
Wed, 25 Oct 2023 03:51:05 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 0FD1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZTc_IyL251t0GCIZaPF-ywAADSUAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGhiF6JZ6ToeMCM8JgLXjX8&google_cver=1
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGhiF6JZ6ToeMCM8JgLXjX8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turnto23.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BNXIXhgx0pdRWah3rpv7ctRtDnPe0PEVZsAdaq0Kyu2UFA4PcCWRp4qn2Hiiy0kskrIKLWEc1R%2BvWEAKSO2RQibcUlIYVrUZHCUFeHwqNOPMuzqJQYznMyxO0vtpqYRQeHaQ4rtKIxXXtw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81af425d7af01e6a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGhiF6JZ6ToeMCM8JgLXjX8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
501709.gif
idsync.rlcdn.com/ Frame 0FD1
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZTc-IyL251t0GCIZaPF.ywAA%263365&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZTc-IyL251t0GCIZaPF.ywAA%263365&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=490d9251f3644791a9522ad212180ed4
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=4043584326490653053
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=490d9251-f364-4791-a952-2ad212180ed4
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=fcd552e8-4b4b-49a7-923e-13f50d7077e4%3A1698119465.198511&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dfcd552e8-4b4b-49a7-923e-13f50d70...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5142336725909842241&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dfcd552e8-4b4b-49a7-92...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=fcd552e8-4b4b-49a7-923e-13f50d7077e4%3A1698119465.198511&_=1698119465.4419568
0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/501709.gif?partner_uid=fcd552e8-4b4b-49a7-923e-13f50d7077e4%3A1698119465.198511&_=1698119465.4419568
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turnto23.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:05 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

date
Tue, 24 Oct 2023 03:51:05 GMT
via
1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront)
server
lighttpd/1.4.69
x-amz-cf-pop
FRA56-C2
vary
Cookie
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/501709.gif?partner_uid=fcd552e8-4b4b-49a7-923e-13f50d7077e4%3A1698119465.198511&_=1698119465.4419568
content-length
445
x-amz-cf-id
_IuT_Mpcfr2S6nfzbeK57jPwz-2-Ym6CZxSTvX1o0yaKxGIzQgAm7w==
dcm
s.amazon-adsystem.com/ Frame 0FD1
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTc_IyL251t0GCIZaPF-ywAADSUAAAAB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTc_IyL251t0GCIZaPF-ywAADSUAAAAB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTc_IyL251t0GCIZaPF-ywAADSUAAAAB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turnto23.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 24 Oct 2023 03:51:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1H6ERGNRE0A5JSFRYYV4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 24 Oct 2023 03:51:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0ZZ3VH04ZFPS9W2JPJ68
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTc_IyL251t0GCIZaPF-ywAADSUAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 0FD1 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turnto23.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:05 GMT
server
Kestrel
content-length
70
content-type
image/gif
tp_out
d.adroll.com/cm/index/ Frame 0FD1 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turnto23.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe04:ef27:6a58:cfcf:8169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:05 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 0FD1
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1713930665&external_user_id=cab8222a-6441-4db7-9ad7-1bfb6446483b
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1713930665&external_user_id=cab8222a-6441-4db7-9ad7-1bfb6446483b
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turnto23.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MyaR80apBUIJUN0ymCKmdlbXc2cfjqjB1OHsgCsXB2j%2F0hIo%2BV3KaH6gIyHvuSm8CIymP2X7I7PpNGYQPprykNLFNIGTXpG2MMw%2BgUKyXENkX6PnUhXxwJ%2BSXUYKn7%2By1MQsUijuWOKvmw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81af4262ef3d1e6a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Tue, 24 Oct 2023 03:51:05 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1713930665&external_user_id=cab8222a-6441-4db7-9ad7-1bfb6446483b
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
crum
dsum-sec.casalemedia.com/ Frame 0FD1
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7591070485493745832&expiration=1699329080
43 B
728 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7591070485493745832&expiration=1699329080
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turnto23.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RfHU48kB8iBT4DS85UP5tFZo6xnVgBDvZHuKnmXqHRs1o3Ra27BXfG2BuK63renLu0ztahNxWkXhF7kcKF4RnHgFwrvYqcvO2h2XX4B3OoU8rMk8TxHI79OH0tRy79yzjgEqMCfVKCj1UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81af4261fe751e6a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7591070485493745832&expiration=1699329080
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame 0FD1
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4312790940954201807
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4312790940954201807
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turnto23.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rkiiad7kmjS5B%2Fm2HxMxWulgxbdQtxLkUO2BQecEBvcL%2B5DbfR10X7MSblFSt4oJOQwB3%2FFnbK2qod57Y1A%2F2S5IsexuuxGE4zQgZamByIskTMY98I5%2BF3rt%2BHNkHetSsFvWvmxjJRJOUA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81af4261ee691e6a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:05 GMT
an-x-request-uuid
ffec14f5-02e4-4f47-b874-513e48a93654
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4312790940954201807
x-proxy-origin
178.162.209.140; 178.162.209.140; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 0FD1 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZTc-IyL251t0GCIZaPF.ywAA%263365
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turnto23.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:05 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
39514
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
81af4261d80118b5-FRA
content-length
43
expires
Wed, 25 Oct 2023 03:51:05 GMT
khaos.json
token.rubiconproject.com/ Frame A611 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
Expires
0
9107379330298137186
s0.2mdn.net/simgad/ Frame 2684 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/9107379330298137186?sqp=uqWu0g0HCFoQ2AVAZA&rs=AOga4qkjZPs9cpDF6G4gCnpXpWAm55yYcg
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c8816be8a1ac63eb157a57740dced17c63a9affbda763c4ba35f88cf07e0bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 04:47:18 GMT
x-content-type-options
nosniff
age
428626
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16210
x-xss-protection
0
last-modified
Wed, 27 Sep 2023 14:41:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 04:47:18 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/ Frame 2684 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a860e393a22f7cd34a28120e6b5f9bdc433a1eeda614b995c6c22b395afcfbe6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:03:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
38855
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11591
x-xss-protection
0
server
cafe
etag
12161711247934188981
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:03:29 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/elements/html/ Frame 2684 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:03:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
38877
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:03:07 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2684 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsugNSZcxuXmDYUnmc9k46VOoiUNYpkbeymDlpbnUEiwftLA64iU6lHW05vIMZ2PuRP817sGb5VD-KEg085Mw7l0xJ7XrVo3ARSe5aDf-flMlhEs-WEKCP6gFbRv6bepKxd_gXh4YjG-kSrdghihT03M599YZ92_5DOs7VCz84SQHohs-v_rsXBJkQA2tb-_9e6NU18uU3yT9TPTSw9RulFijq4datii8o6OQRUOcJ2Vk1DLqPO5YVthkt5qi8h0D777O15VxERB1hvHIIpAh-01wOeNg492iKeKdsfqTiazGwPRK4p0jXIPUR351PzXwAr-ycKZeKzTyA0Ke-U09P9r_39pXZpxnn_eC3PInW2EG2zpXUiPGAq-sApIW2fyPBDryMPFp656JEHQxdA2cmKhhz4euqrOFz5dkYygPuELGpqaU5qXDxM9jAXaoiETNV8gPFdrIfJ7aMEzIx2HhTqU4cKoEt8AKHb2yh2FsrrRDJW3DyVpIP25MWWfSPsZJRy1k3GcPTQfWV8lpslr3Sg_6i_gqSE24sicTwHLIodG_WvYCYdjKwB9IPlBNrxzL5fWGHMyFv6qTriTwtUT9lfeq4o_8VTp1e6vfMLvTwcw5Rl4Z3Aw8sR2bR35wvBpECMei-i7tN4SYF_vpxhLRWTFneMqwLQ2U1ZXChErYCtHEB4COsC_Ie4vrvOxSAQjNIdd6nJQ8w2TXI0lcmAWKqMHlSJU77V454XVQn7tZ5LdSriVCymTmPrXS3ROCphAA523q3C0W2kwh7DYOj-lkE3KWiej6OqJ_c9RhSLGoyFhKKEMXXUg46qPQ0tdEto6lxbRnECeFn3P5qK1kyj1CH9_-zbfz2BZEGme72GKTBTC1dnkfweSUFJ5QiCjfdqmOYYn_dBzQ2FfF8YAOaH4sSNennQBk6ukE5Cvj6V1IcZqHriu1jYgMD7ZhqdgY2QENqsTnx3MTNLJ8Jvo35dp9yYB1IM6_DkL2-yVUUP4-UhQUjMIjPIfElUH-cVfAheW_MtZo7_Me9QFynT7GfxcYDEkKK-uqUIO5BjpC6LK0vVctLIPTjRRxJ8KakZ5K8sLCQn_lB9yBF7yrqm-IWCWtSwb_Ym_eH9LOQzCG6T_NKt-AOD9hop-pBdTn4VA6XbAwHQvd9wPLJK6q-wjDhxg6n9OYiVEEZhy9zJKYq2rk4vh_LzU-oVcNpv9egiY3sQaAeuZW8r4s7S8plE68PNtuA70ZiotzylFcsH7J_4PhU2o4GaUrjxL6zU3R8V8sDwuY_FRMXtD5a37n60tgAWuosJBYElezetMqGK7wsFjA-x1SH_CGyiK7bu3MlN1FH9D__O7F_8&sai=AMfl-YQf17FWrTF4VoGfDSJEnnGVDfxUMrrBm-8esDedCGPutig57q49CNFYe7X3WzoGCyt-WlQBqzQN4oZzGwx9Kq69usMciM_E6E_5CY9G1X1hR0tyko0u0QDw_A4LbdksdUxnNiDEFFlc0-KQFw6QgqmPxYAY9-exuHwBZa6wSZ8KbwyfvP61T-KF-Rp1LaBk6LYjzPvCroaIJa9_BFKtc9IldtU1LLkSLxRogpEJnkJGnvIuPKzsMOJN1KY&sig=Cg0ArKJSzIWP7dUWosziEAE&uach_m=%5BUACH%5D&pr=8:06461963C725935E&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231019.66003&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 24 Oct 2023 03:51:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2684 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 18:02:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
467301
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 18:02:43 GMT
usync.html
eus.rubiconproject.com/ Frame DF25 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 24 Oct 2023 03:51:04 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2684 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:51:04 GMT
khaos.json
token.rubiconproject.com/ Frame F0E1 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
Expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 4EEE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssUxHY9bGF83rcqGL1bG3GSVrhhuMa2fsKLTEwAJcK4M5IS7zYLBBoo3UU_4_dpqivvaL67yJhnhLU1-aonjUHeqjvFDY7lmYvZODvZYOcBIdtxs2_oWj5SbF6r1_wJ818ujkyZ-SybcA&sig=Cg0ArKJSzEVxS3u07TlfEAE&id=lidar2&mcvt=1729&p=1105,436,1195,1164&mtos=1729,1729,1729,1729,1729&tos=1729,0,0,0,0&v=20231023&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1332890142&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698119457917&rpt=4975&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4EEE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssCLHgNSA2kZConGfsBR69Wr-2o5pjMnyWwifwB5YqC-yxuIMSde6FgBisXZN8RsndTo3YjbC-NxqCKEU0ndhY5IfH214OxK3k5pnT9awbmns8&sig=Cg0ArKJSzGunz1pPH0czEAE&id=lidar2&mcvt=1735&p=0,0,90,728&mtos=1735,1735,1735,1735,1735&tos=1735,0,0,0,0&v=20231023&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=32&adk=1583589131&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698119457917&rpt=4981&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame D8AD 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNVnoce2Bq5TfDzfV11BgNaCVNy0Ii_pYm3WfHIOj7_gopya0hp9PixX0cJT2NAnLZztZk8D9Isetrlsq5dehJ3YmOVivg
Requested by
Host: 0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com
URL: https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 03:51:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
9107379330298137186
s0.2mdn.net/simgad/ Frame 68C0 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/9107379330298137186?sqp=uqWu0g0HCFoQ2AVAZA&rs=AOga4qkjZPs9cpDF6G4gCnpXpWAm55yYcg
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c8816be8a1ac63eb157a57740dced17c63a9affbda763c4ba35f88cf07e0bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 04:47:18 GMT
x-content-type-options
nosniff
age
428626
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16210
x-xss-protection
0
last-modified
Wed, 27 Sep 2023 14:41:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 04:47:18 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/ Frame 68C0 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/abg_lite_fy2021.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:15:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
2142
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9137
x-xss-protection
0
server
cafe
etag
5200559654007170660
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 03:15:22 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/ Frame 68C0 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:15:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
2142
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 03:15:22 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 68C0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvAxbrHdXoywJXOIujnP3Wg9h6H17YGptfev5QOCNAiB4XlABEZxN24CSh_apdgtymm87Yev0enF6t-uH6f3IDC_fCmdcExIeN8PBfBYf9vMhxlo1b2TaIDT4z10adCcC68dtivlsztsMiYcE8iEpj-tvZkY_yGauMh358679obzSwMNAUdz3CYHqlL2Bnrp7paHIFcgcs7KQ1c1T5R-7Z6Q5Me85vTlA1532hqaetgZ0V_HdZzXZTUJhwaPp9eoVfYAATW-Rf7xhp8krxNqzfzrA04LrJPw0JkQt5EM1OFUG39MAiLo1frc5THwUXHSsZGskW-JjNYQHQxKOEEN-nTuGW77GqGibR2ElC-X5l5I3CrU4Y0_Fcg_uDLP-VD1rm-NSCse3d9-Dwx9MIN5A7vklPCrOuyQaXvGrutxvmZ834Sa6VpeRPVN8Gzpo47ZDD9JQwGLpe_c-YGVSD-L9LoCW0oQ0A-Uzh1462ZnPCHC1NtcZMQE1bMVtceUipZ6C2k3LfrySDV8aD_HgKlN6zjYnUzjbYzMRp_w8DVCRsc986L05FipZTZ_DWLgHTGisSPv-jjOAvKatVHx_B_74qfJwm3ZINdaAu1IN5uYQr289LMc8Ll8zTOpzysGz-MBRo8Q5-tEJzI_hOzjKFiTxm-J9S18g9XNrtqKOKLETYCpQ13puuQlf1iniA1Iq7KbWfm0vXvKavI1xeH_x4cot-i_-DdbJ0KwTtui1feQ1THMpIjgCx1ByeKJhH9kgIjI46LjR2PB7JRxHDSWV1r3pQK37Pl1TxGPWyWQFtR8HofsHKTKAcdoWNotv6PBcfG_qufSJrJMeDAJO1TWVxKioH08l97-zlD9zlL1U3m0AGKOomRTIZ6uoHNwBlX6GGwXu06VHvFm6pLibhI0_0ZvSHP97m9GL4pLKs1Mbq93gwzZnCf5G7eVQI9QJ7U7AO0vbHu32zNbc7D0zXtSzZzcTQ-sGLeBoybQGH9OJPowg96xES8JG2b4kWRubItFisYhesVOfHyUINB-NYS2lPx9n52Srobch2I7ojeSl79ymhcxbPcMHa0-xQrOpp5_P9WlC1h88nLh51wUoZUfWZJS1JLTH0mO_nthHXYu7LnZHOYs7UWnXgcW2SOje5FearBNKVrhpH3R8oX-ydJX_4PSTQ6s-LptF2i6NfNJZm0vUMw7DIODT6kV5fvgaEZFez4wjLLGgJcw-n3eQthM8-feUomg65rHHXlF43HkPZ_mVTXMY1Q8I2HVCXMDThhQXvIJwYBVUjac3wbdYfweBtHGxDWDg-dpteTYS75N-QHk2vL4fOll3k-oi15-V6ipAY35Gu5zTSrofOaOJthR3xTs0wJ7ErM0-z1ceX5HlfazlSVYCLK9IX2qPkC2ooS8fe9FyPqBuXoSbZMBFeulWg&sai=AMfl-YRmJleOl1BgnN-QvQ8Krhtux7OVW3v3Q44KzKZISdgUbVwX9PLiR1mj10dmJFndS9BIJSAYdKjcIUo2hJFZdNoqbPHZqcoPFj6ZARHS2moKvMaV7FjO6sgjAK3gWqEIwpkl2p8rlXchLGwOFrWDCs5o3EWneNyODELNQIZMRFKbB3yQYBqYPmmTv8T_JWSmsHCKZ9HyMea5zkWCqCethmYv87CjAD_67kOwJEslW32rK88QmFC7cFflz3u2aYxBm8HSoMCtfjqPhkddCVyXH_8pGUL1Zb8czb5k_uISyfmQs2MldMMKvz5OSI9pTnGikMndrl7_6-JCiN1Q6lL6KqO2TMWCjX7QDsAO0Lrk8ReyqPTs3EYjIKepbLdQuW9TmXjGLiga3fdI4rLf-qKcDEXvCypX&sig=Cg0ArKJSzJVWH9FAoWMJEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231017.36199&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 24 Oct 2023 03:51:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 68C0 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 18:02:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
467301
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 18:02:43 GMT
truncated
/ Frame 96DA 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a3d4ac3a59e7bb03364032c00184faf51010fce987889f03b225c6fc19c394b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame 96DA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvVTd7loC7iydU2ZU1-sl9l6rKe-pobwYoIOyjhD0qs5BDyxmijv01BxRFZnxLZXIVwnpjDaeR-fy1TfW2yfAMeVX_xJQ9mguFkvvF-iVzf7gZ0FuvWeRsMmwD6rloKIWgbxOM1g4XAt7-Nt6HKQ-jaCO1bdwYMnIji-dYD_Mr2G0Qf1vKhk9ZCk2Gn6Hr01YdGqzQIyMIz_wefwLrkcpeEgYb87rhZWB_nUONNXNIBpkGA6TRrbFHZnhWGvVX7AMBFOYHxqugoK6J9QDG4CAyCgPUShIOVEcDc-n_eygvEEt8jN214zcZ2T3I6XH6jiwpCcxcyi9bd9D4PNoTXvXmKrI0K-JK3KLdrovRDaUfji3FnpY4s4ZUxGQUdH_0h6fNMCKr78BPB0BP9nmuXVTK3rIp4BXTR2DYHEUcdvK5Ss9g2zzGyZGRJEc2n16b1PC_PwijhLyXa_imB9UhhFnFgM4-FZUMWR6gGvPWRHHxfFcdWy1HziFdtkRYbdFUZYKkgspmRo99E1yO4rTgXeGocKIwJwZiHu2doZk0GFUJuJiJdEDb3AYvG3HzOoZ6X_CNS9YOSbE2GRJvqRI0QWJRFpeILW7ELfVF9eqiluc8ViaZYnKV5e-RFFRdOblIUYozy8G1zGREblJjd4sGjXh-NJ8easjknYQLZWO1mWM30-qGYi6AjtibW5udrjQN89osAtQdaNQrqgMhLr1bLxluflo3CfN7ikWSCOtCQZMyIEVyQxc2ucVBvXLrGvJcKPkrx4XxGayNwAOPa9Eq9cD4Bz4gxG3X-PfIwvp6z9AYOpotMqt-nSAwCUzoHOU3-AYst1PadQCXYjinC6_htzIac2AMWpYZBIP7rv81PlA_TDsFx8_nOW-hHBq2GxfveReBnz_DfvcvhoO68BR1pF_TyeYigeOTCSz9iPYN8j2e-C87ITP6OETgEy2ev0Iy8LeNkjFpIijwvo0DrlW1nXwBnER9jcBlQEbuqCSAJYHpQEn45eqsYd7HDWAx6PnyuVMH9cLMZimrJq2JvYPMtpaxEryb0i-QMhdGLB5mm4igL1OVjTwzSwdA5r2Ta0LynrgmBJMZC63MpWDQM5KQ8VmOSDFFVwAVIIqsGx9HOYtWd0uEG42CWZ5i54Xz7HCUd0_onWArHp2caHXC1F0BIQovm21yR5oEb-wxfuevLCWeJnfXxShUg4Vol9X5rX0aUW1MuINsIxgsA-2xFsE3MCrjm4TPIUpsADwuJ103iDr0rgFbGPd4f5sxpwnrJHGNtp9nkSTN454lp0A_oOu9O8Ldc4MsVo1pNcdcOJw9xmbONzhTgZP6jwUgQk6jht68orytFCod1oo7e5PTmkyjxhdFDdbgqlUQd89gc74-mkqBb4K-MdXyvhRBVYHjFbg&sai=AMfl-YQregDCc2pkLcKlFo6hGScrkK32ainXugjP49h5ComywM9zkaQC91q43AHpxZvGvGbbM8mah6nx9nUCMfxM13pD_pc3Tb-RR_NQOt-_0YhLT5j9PZjF7LNPnJ2kQX2LAnIwxHB-HbFaNRFIp4Z1ffUJvCUgAVsCzHzxMdHouf3yfTwdipJDDW-A0YRC_1UFG2yAB2jX8kEoLgqil5632rLK-2ic6_CCZAGkYGEN1AEC-rpN8HlDdnZnekR7SmQsqmKJrx458ASB1qwPxdFkOQU5M4SDBRhrKbW0-vNJbhmho9jQxMuGvxbGi1X0qrbkpvCHG2kUyvtTMTPmAG_Y8vY_TckoLM18y1pKOqRWKS5YeknCM_2jpdN7Fv7jNsDUhXo8XLLdWZxjhscvWFsOw7gyC3Ab&sig=Cg0ArKJSzAWZ2i0lI30jEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=708&vt=11&dtpt=706&dett=2&cstd=0&cisv=r20231019.40401&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
9107379330298137186
s0.2mdn.net/simgad/ Frame E1B0 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/9107379330298137186?sqp=uqWu0g0HCFoQ2AVAZA&rs=AOga4qkjZPs9cpDF6G4gCnpXpWAm55yYcg
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c8816be8a1ac63eb157a57740dced17c63a9affbda763c4ba35f88cf07e0bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 04:47:18 GMT
x-content-type-options
nosniff
age
428626
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16210
x-xss-protection
0
last-modified
Wed, 27 Sep 2023 14:41:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 04:47:18 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/ Frame E1B0 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a860e393a22f7cd34a28120e6b5f9bdc433a1eeda614b995c6c22b395afcfbe6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:03:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
38855
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11591
x-xss-protection
0
server
cafe
etag
12161711247934188981
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:03:29 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/elements/html/ Frame E1B0 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:03:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
38877
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:03:07 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame E1B0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsskn7EziO2vHFs6_f4HQH54_Lgog7Nkv4JvWEAPvMDDHeSSwoO7UENZ5DhPfSoWk9wXgMhhSC9H36t2wslcKOpsT3eALBIDDe6yJjODxlhyaTypyjFEf7TA_JPEqxzWHnaM6rWY0YqIVaY6s9YiMjp8Eqfi6WtiMKhupkeC_VVGbXVCrSlZG2JSEMyAFtySVKSNYEdfb-mIcnsu1jJHv7KjzrkdhrlnEH_tq-252SQQj2hQOGVFha4CBquyIubTsCImJMzWqN_OEeNegKYcyjZcNd7JrU-GrprDlbw2Qaug8zCnEMasjPsr-ZzOSfmxQeN_m-MQ2ApwCbZWYNvn7VYj_urW4EZl8llWRDKv3lv0usL0YAlZTqiZGPMlgPsilCcm8i2jsFYxdRPjC6MMQOh49QV2wtmkCNLScHFp1cm9ROlgTc2Y2goSzjMLk48uKP9DEq5ExZlCiNEjLOWIgowD2wxFejGAf728T2hxfOE0dAgp3HGgmusE2n1YgYarB11yrXnQxaXR2dxP5NWVZWJu7ah_enrHO1bg4zIfdUm2DLN0p4pBOSpc38Kea_BILk7z5t2BWlLd8fltco-ow0X-W7LQ6KBY5u7HPlmCKmDI951Dy6GjIsGJNhngtXrEvAmHplEg6ZkOyHXlnEoP8kFcfgJZ6Zvei3CQdn5fb5QemIrJeWT3teFXMjE-ZOuFuoZWozSfpD64na2jLWt79adFt2lPhaWglHS6SVPnV90MmxmNL2Gs1A1OO1CevlzU2vzd4bdAyuinzGnH-5AqRMSoNcEy5nLdOL5riMJVDQozmw_kBcuhajyLHZd9zFncptjbRsuTtcARxZYWO0hNN-rrAe1C_n3Ht1oSKsj2J4BmQjx6f-ukilMrWFqjgVYyQ13V8RJMZU5Pjghs7uIZR929jgmiBEmy3OeuE711CACxeplGHfK3VBsKtzmxmYKXrTFH0cm9Mr_6TXRRkmI7gUeRKscABD5xiYZ8KntGmT_2Luv-aQBO4LDFoMm9KQ6R8kBd4PTXDaDQZNArnOvnLBFI8HqfWoarR03RwvAb7qNiG8awaQCsoyf2w1NXmq_RNB6Lva4u7KS40_rWVgSH0vlgBjlTPPG_NTNadbdREP0Ii2JiIOAsrioHPtH7XkiNVgMuGUMXvhIBR6FxU8MZRV00kt5Ltozn6qnkuNbU4vUJ3WRAPpIT-BG9Adpyw3ab7NDN94rRMscecpKkoFgTRkSm-BSlHlaAOv0NUM3P29mJvJGu0ZFJKmSJjgbcw-DqLE9tDUEmTN8DvhkiCUM1eGXMfei6LPGJ5SNzvAxHy6tgcSjOAIjj2ja4nTEYDp2Bu44Olbo&sai=AMfl-YQjWkFtK-YrXW1z1yspLZ2fKVACvSHP9-bI-2ekgIH3t7NQt3JKbj0mJhkvZdEKWFJFG9iFHQlg3cya6DoVfxw7sisaudi3cyw3TUSXgbJCmIe2spkVOSKyoFARMELDz3c-FzGwqpdSpJ2d-iROoWqLHxxPD4QFtw7uSOTM8auZdneF4Cb5KMLV2EVG-m8gM1IxIrw4rPn2EGEZcghd3ySCup65gMZMo0N_7n04xUgVRAua3IJbo9LHUEc&sig=Cg0ArKJSzO1tpiAq31MiEAE&uach_m=[UACH]&pr=8:B81EEFB6E78C638E&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231019.33777&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 24 Oct 2023 03:51:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame E1B0 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 18:02:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
467301
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 18:02:43 GMT
usync.html
eus.rubiconproject.com/ Frame EFD6 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 24 Oct 2023 03:51:04 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E1B0 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:51:04 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B31 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8790591325479&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B31 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8790591325479&version=m202309260101&ct=2&x=8&cor=12340453833877360000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 0B31 		82 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DaVkLZ2tW04XaxZhInb_CHb00sFug5E87h0ew3BeB4xr3f-TPTXsh9-q6P7mCBTxYB4NbUTMy_E4MiSVkSEd8luyMrnjoVsXSCQ7We0Q7LrnTIbGhJ4g-qRnW4Z_Ho6jvDwBEP-AtvbICEes-VraSqIK9ui608CWW9Z6EIGh5KHlLhPVE&cry=1&dbm_d=AKAmf-Aaxktro9SdIW3kD9NrvqhrGMYQnQc47my6bgyM1A_F6oEyl1Tvn3EfenQPLdKxueQzPbaYzH8wR-1Q5S7IYR2sdGRtGpI-ZTXQYg03nDtP6-VdZ4SGyXnmVYrRrwrQ3B-6paAwm6Nc8Zi6-7giphCSaCbYLWt5uyQyCKxzyz0ZtYmtX1IjDJJuAJxqGwhDCWaCgh7lu5NS2DVhuuICU1eI3E_rNGwLgwn8mta5bldOcn7Pz1UXypQuS-wYg-vood8BzmWAv0P4abzi-h1qeQfZ6od6FsjQnf4n_7bxC3y1V-m_25FcaCTqz19jlRLZakL3bWkduwduVPPh7ztkdrSpS-3VMOR-HfDGQGfTOuUgcuvGHmv18Gc_zdoO2zzzkbUgjoC0qZly24l1y2xecQLzYnBNdM8Mc-wvTZys2k-p_0bm3JZu-PzI5kcaIRuiZCIHdB0vkj9m9xOejEUkIHHG2acRTqp0_Z9WbjDbrGgkKjQoNIIhk0F83verwIXr1zmheKvEP01A39XIfnwE6d37N8tZ0j6ECxz5W9FF--QkpyPo4siE7I65TYmL61zUN_AkVux3LdbAXyMTHqHZWUIvZaHGPtec769fq5K3mA5t5DLj0noOhcggY09P9yScjrqonKXJjDBM2MHYzlycxTKUcBZLl4HqS91XnoW4-Oc9cYarnXGWll_r5uolSlCaU4XFCNU8tO40ZNwi_1PIc52YcGHdyq_m0GO8R5ubreacWGOWSVtXxv3TQc1Xq-DOdnO-UV9Xk4vYzLN9i_ZqykRDqAVykrMAjHWSCZBGH0Ux3VIyrQ6aijYmkiRBOWKnZLYWeeZYN9LIorqAL2Shwzp3YugGIBxPDIaTfFNIQEPcB8efjoAAP-sV16xSXko2tWMB-UDNdnb20INtq_4nobanR2IQERrsRXzB9tWHhI3vdsUkb1UsTQoDnh5aImmePdrsrjS-1c4HW-08EBGvLQU3cwC2WPDpp8pUFEQxB6RhVwGnsja9h1-ph1EOszpacXxUByAY3fm_CbuUr2GqQe6LEitTb8A7a4Rlfr3HnItyVX2dURM7OGWuZcRoJ5DHdpx1moA9dzmKvna3Xpw_X72fBKuQNDcpoulKXKJQrwau9-CThiL5OM5uaZ6UTJ7ZYXb0N1F3nd4dpUw2DgEydT6AOBfrJezPjDGDygJMOXA1Co3Y0_Qm3Z6anYAJy1AXL3nKh7OYrLoQ_Cj5J82VDTXF3Jwi4TimW-07Q-VHEnXcFpdkkL1-Af6GROvpKSTI0xc4-quIyiNoS9PjPGgDwqLUMXENLTvwpYtH88MuD5_F3qiKJne1WYjCNlNttg4M4KxQaXHmY6G_TtvIvegk9xNQnQObqu0SgervFe4c6iL0keDfone8DywWOtA0c1M87PAJmScm5ykyzF7ej8iAgfSduTmmAJUfnwWBi2zlcb39KpLlaqgwANvk4EgaYQcMu7SuWAJIjLO8V04AEDDlu31VW5afPnp5lQWhBApdzEmoNzHQEZj_Q7o7TfPCbymcwYJ9mmOojujqxIZjbiKVMQsqxvxK_IzWhE3tso5xRf4vocHvcqPwFR2M4Kd8XKjkVLIP1b-DFo_y_1inpEBfu6ksgcotFkK-X8txcGB5q0eK8LkHPRiJ43y1uhFsMmBCZ31aHA2zEKUzV4FrNj9sWoEiDtb8R-ew6k1A-zzmP_mn0eu0NaAVO96fcI9tjWztyojsC063p3QX9RS5rUV7RBBIf9nszOPWP2gLb4Fqg37TJZHZlIz9nNkdLIVURa2kUV9NMlCei_VZvEGLpyQ5puZq9OcFeNjWAqBo56aS9kmmSD0wOD0BbDE0TyRgIoQCxdpmrUWJdtG_5UFBzQplRLi7Oo2OYufQxLQ5Q2zJa60HFVKtHAilg3IzPTs5cvtlFfLww6atIB7FMVehQg1r31EZ-5cMFPPPoKUnlvem104uLuvLMOPU0e3PbVgv8TDzuJTEPqOGVbuOl4LFWS3Xh-3L5dM2fqiiQgglNR8pkql0_7nXLeIsubJ2_6NVbjct8Y-K_ZWFVusIszyz-uvZVLlnx74vJO2jZiNBIQy8dmuyvaLTzy-XqjfDodcyJ1X3LQsPyEhlrXT9GhOXsBkVJMTyr8FMzYO2yebbjgfduhMaglc9TLcCt40szGdvBE8wkVYwSp7pZPHTBGkkysCxlnew-eoNE-E7DVQPkLTmpFhO0cJYQ6bqtZsfohuJQLyum5OdboaBoWGVMKtbEKJrfrdGslBGHUHVZ1kVv9ncTxYkU1SvOrihsPZ-euZYccZzC05exjF5n2ObfBDfFu_xb3b4bCX6zLcKcWcOWzo7K7ncUGwUDrEDQt9RvDTUz9z0LSXBo9Ry238Q8AnhvaM-5-TyHHNOZXwgDgDp41Q8I6FsY7OCI7aCnWNZowenXnMZFniXSjRq8qrp75m5CN3UasTGugjCawlH2n7K6jRAiQD29h0HFKkoWUmICFRJ0eFNo5pm72PTaI4dB-JNpcXR96wjBYULpx_x75t1Ug9zxlGTgNqWb8UgaLGV0I1e6YnY7XoEWw8FoT-Lx0NMlXC1mLKIJ0gypmSALcqMAcCd7q7fpKFSl_XDDxu3f8bagBqe90my76UR0e7WiJMH5rB4DKObXFxrQdaT8IjoxJn2sZ6qEJbrMxFHAgcnRrhGSKw__MijZmYblrIFlW5azpUmqLFUCEyXu9Z_2_0n6_Dqm3xXSFCHHY7dCyLBc0sl-xOaPczIW_iOaJcIqY9Tt5gAkrzw6Qt5BUXC4JtQ5d_1lctWaiHKLDcJYwY8BFQkPQ2dmAQ0NL2O1nQHolW0FUfSt5nl_xbnC1SBB777MIeXwMNSeq1UmCCwcfDB5J90NMH2e6rYJ9aK9baJLDTO7Oq9UbiqHPIKpUB7jo9Yu-P2dvJSha7RE7gyAT221WRs4uSYM-nqfc4clR-9G1gv9gJwHPqMvPGcx8EXpoYRwNRLDNdl5OfQMqfBvRfWJoVH18umSiY1sqPgbNQW4eGQiaaucF5VMPG7uudnaNG3ER1qDw6trkLf4O0lFsomL8rFfx3ZDi2UVXgZgT_yiRb1malCaJhCuHKOw3r0ManVVyRKOodnpy3Kt38Cz20jUNAEnSWsljzP2J1LefyXmN0cDIID-2DLE75JEpcXwF0oInSgGVaAaplxJFpqCt7d1Q95ikosl99MIo-JHJL4S6l3yzLxv9dWJDXHZljvfpoeMrpkoJ42av-V2wXjdU775RF3Mzk7NBlEkNo_qyG6JN6Ulk_gKOIiBeNhRR9UCGrW3xDdi2jj_0WM4iQ3gBL75PKQ_kPI2InEE0Ve8mXVFUlQAbf8NDyLJX55wxdSJnodyktFWrQ58A8ddoc4pL3uY3_cDD1Cm1Lho5C0Qqgdjfawmr9h52mc4RLJWxrFtRAiWaeHh-M-IdtWdz69HkKU78A28aB0K2LLbFDZhoTRX2b96fCRietqN_cdJIaOMTgyC2LA6Nk0XcmBJo7lwFheB0f6q25l_8oygfNH5FlzO10MB7wNcjmfYUX2XrlCQGrZ5qE2Epk3oixEmKGwaXjVk8yhFsv9CCL1eOmJISjXnYvSBhzK_qadKfZlZINx-WQRBbiW-tba9F7Kcb1KQy1FVxtl1-iWdulftgCtDwoTsUKxKtLRyg4zOc4ZSw8XopLge5WeKP1krnI5j36YnPWvcECS9cOA8X1SpPnfcGz0b3V9OmwfX4PgmToyFLQB2_0yOeCT_PPR1qej7nC4x2BPrfyOa0Htxfrb20efaAeKQ7r3fskb3oiPqaU7dRJefh7Bm3MHcIQDwZFp6OrJ2RdaiVSByXAqnz3T186rSA2IDrX_Ft0fEe_4wsSxNTu2FHGf_1kfvUNfIhv_hU_zR4V4ndPwHsz9rU3aFzbGDlbKc41kuSUwFrtEzO3yY3b2XXHYH1rmTpHNdaSHSNmapeKyi3VA_QpsGgRUFFYOxn7MUZ9zjFvn98hl2bJolynM3N7W4Ad8aWotpGruceY&pr=8%3A06461963C725935E&cid=CAQSMgDICaaNsrRN3HUeSZoDZcYZgwTxtYaLlCingS1jl-ydOwQXvsEoQG_cKo6e6h0qUjsfGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.turnto23.com%2F&ds=l&xdt=0&iif=1&cor=12340453833877360000&adk=2146055445&idt=35&cac=0&dtd=33
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
efd490af240f97cb9188a4223a63582f3f8a0f010b3bbbc01825e0cee4281e29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38774
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 39B4 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6498529282254&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 39B4 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6498529282254&version=m202309260101&ct=2&x=8&cor=17131007077545945000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 39B4 		82 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AKllaTelplWJdwiyQG4w7SbWrVQQegMXhsmGa7KwJtrc9K4IApkVvlV29BAzOnHurmC7S3ipEipnXRSJ4Zr_tjiDN8157V7KMZZjgYlei7T3lNY5vf2vp-T1NoJcvu7YbiPAAizp3t3piaGMkXZWzHovF6VHv_6WAohGpRgfrQy1jrYg4&cry=1&dbm_d=AKAmf-DX2StRGBinv3mApV5tegbJKPklD52T5K8RRYL12KaZ_NKnS3kCJnplqcIh6PXDXqOZxuZkpSlPLlfC2O0B8VKPY0jScN3pysgc8w1yh4b-BGh9aAF1o_1fSIOu-EWnRQ7hu_Cv-N-NdAh7UGZmQjpkbCrL-aalVj_i_zlfw-_hc1Y5gd9wXzOPYf17_cu3uyVjUCiP9cKHcmEv4bV_lXLV4EM9wi1nILj37JOZzXlRILPZfQGXNbEbpwWR5NSyKB1KJDWHd7m4D5do0gmxr1yTbTFeH6xaCEi5v2kzuza8w7vR7io4U-0p6CYp3dTMT6KVONFbKuSq30tO9ZjDqLFb2e3tEwl-SCVFyiHMFuUnic777wNXsmInDgrAgAANiV_AXtAGrqlzNlOCJuDf3V1d6ZevPMS6zEKFTzmrU1vq2Cs9ZaSSw1pZFihGBNzKNH5-6oGcY1wZEReYOozRVZ4HptHzKx4JtFXeyMpaCmNp_OrwX26TE-39lQnpUIHKfU0py3mrryoPTmEBMANaRqGouBNag8TWgcOnVMNaTL2SdNKyP_Bx2-_ZLsw73DF9z4Qi0ynjxhuWQcGYIT8ZMtRbMKvRMHHorNGrrWpF5vYzqwTfbBUm8B0iHyzh9xHLgKderkG3TYxUvY-dWjtds6bzmLurhLzGne9I9gDm-fm9XnP_sG-f7W0VMdKI7QiY_DkEHL4y_NJ_3t3fFajPBmQunrkfImxEQige8f0zrJUbiEILwSX_UQmCpj4D4JeNyqxc8hrLTq7hnbUA7QuL191KXe4HjSmhM-OHlz0yDi8ZybwZkOAdk8uA-UlPvieod4pWHqto_QjPZtCmYpABqwtFeNO7w-P-BeZqyQs1JVZ9K9gdnbkTrVcS5BEBodYqTTEhKsmrsjVmSEVpqzbime6ilO0_WUjisnbyGkWsF-RnCta570gh7IWWLVK709XxnqobELj3g9V8_XliKVOe6zxMST2lTd24O2XIvISpq2J2qzoVg1ZXac0T8PW55Bv-hO4vPBjPnAor2JjrIsQeZIg0DVaO7dIq5-Fb7AghtNR_2gDyxUMPVXtQKqB544hoe7YH2AYwSbR_W2OpJoLAb1kg7Y5wdXMwOxxXdwLY5cmWVZGwAke6UZ4teIjF5dcAlGzsTJaR5jAvsUqb6m_cbxockcBVkm_Ae9Qq4XV1dmNVYJa_z_-4ir7xD40FdwctwO21cZC_sQxOe7Mp2NnsxLLHENWqSGryC7fXfDvCR0Hd2KxNbDFPOHj8SDwwdTNBMsEfezhXuQVy8VQKufXBxUKE6E2gRQhuys6fs3NBhZDlHVKdE7Loal5gLHzazoQgXr7fF4DG0vuVr0B1Olk3uUZ4WvGK-4Qu3Uk7GP9MdTGPzXk-K3vch3VJAVWj0tae9dcglo2zdoihqdcU2QM6EeyKLRLUyayYu3pA9eqk5tFOXTtjzmPB7iNkuQRK2ld7YWTR2QPeTwroQu2lTZDsoMck_ZtHhOrn-L1HYCCrbX-bDLzrCpCTVKkDqw4PkL741hDrF3ZejR2AOQYbNn3GVq90knRIcLZcTfHYKhIUC0IrpLa0fBP2ZrD4QggW2lEBy_uAQcAHoydTu8lNCdUBCKHtOadWb6i0DjKzjgIyaaSMWZYgMKD3XMqIIh9mcXCQU5vNaLlw_c9296AdTNd00ZZbUzaAlvFPMMonrAKfuAvNLz45_JOOXeN06Md9tNgmtixNLVE1all1nOMubKb-ypNd3K6WvQTEsA0GsEgWW5I0q7bUBl95pAjbvWS62Ap8RyAYKnBeAJdcWHB1FLtvk96IyQZ4iJPRds53BlqN1Oyj9aRxVsw8WePNMj1TCtuK-QBdQ3CZGSpmfk1oQmnQGCNvB3NrYbksgMzAGszxWqZ_N8w_vfTinWS5_UW1KPWvqQYN-ay8bfVcLn5qDTZW7bzIG2zSRPdxtYSlA3gwdm91KZQ3Udsq2gG0kV6-lPh3QCtn9aRPApk94wlWYWyXWgaCLrG8NzWa61-BDUcp1EREdk5d-EJKHJaZV3ZSJUjyE78d48B2xMFWX7aMnLeuSQwkPEFY6YCNgsMk8X2UFvf81014Qe2IsGdZmped985lh9693CkvTI6ot2w3RWk8qU9jlYNWyKpl-JRI3-n2_YVAynhWBgzpEdiZSmOAr96m-6sDQfAhW3kc6MQwNihJkr7EmIYC6HNRMmFGJGoSVBeJEwcGNw8WxCJ8qxjopEh3qLKGBg8yFVznmtaMUp8L71MKDSqi1XCgmfzkdiwX2949lP8BZQqcxy-m40NR2gr5i4tAQPkmUBLQk1NmEc6HyAn2A7-kdYwQppSuToPKXQxrr6bUfDTvxWuZqI1lwyctEeImqxkH-OhOZ2lCL-TrF4UvlZFHlM7N_WkHxg04uzwYOdsArFcLCWRawEokYK4BYgbDoqrqDPZuKEh4PaGCy9V2-fEe-0KARU6R7p438QxT_FHxcJ7GkX8-IxnyJyzQCVZrK6rW4z3lvbq7RQMKIp5OVUu2nvGQnSjUkyWehFIuPPuCBvygXsrSb_ytspExVg7knUvGVZOFnjb2FOr0L8ERqeX02L-l4QW-Mj7pBUtGAlkUlOK-x_QirahXkN-39moTAw49A09Rw912KfwzjEPq-qt2rOazG_vKIasnM8BkRB-7G4MF_dm5eAuH0EjzN7w7KGmkD3Y75ZDXIa41wPQThBumh4AjoKUaUIv-QvVMtYQDitKpe2REkNNTz3i87iltljY0tUXB7hGrKc0ShABEQsLcjus4Duom3csIFesTxnl99AMyG3YBvKD01c0xLq7p_E0zaUurd6bCYnUgOi-rvQTzSzqJtjrGDOzC80iLvAxgDqGvOybrBYI0C5ZZiyzPxvrpi4Ww_2q2e0JZC8lsW-7ip_xy6JNauQPBQIiqFTXANkVDCDug2dri_1zA5uzS7utilSsmyM8_ERxHz7LYklb7-wNePyGrcxUdJYwWPwBvkSwS1qOOUSXopv56WYmS4esasTWQ4hIm5n_Wt1M53kPDluFJ9k9QRINqKqO0fBdiJYbgD3-VwOSxLzy3TzcNBMJUJNChsa4P2QiYhC5EykHCxzuG4sJP7al5YD6ZpiPtqy7JhNNxi8UJG32SkpAPplSVmDzJN1l2tPDKOi0sWtqVyeq0WIHRjghPNi6RkeAVqe2XGg5LIlRjbJLoMjnsLlGg6WtD6N0WGJ1gFY164yz8qFmrmA5FmgczM501V1VyFMQT2Bm1_mzX6wKzAdbds4Pbo05eir2awNh1BLGQ7T5D1Np37VLr96e9RqPJu52JkVlu_i_b5qc4xAuwkJSVfi0saYREsQNkg1WIEEnriLRWgRtkRrP1FXZSteG19rTG6bG5PiLfhHvd5ABRtNDAMH0VVioXExzBWE2Ug614C6MIX3_RU9MOwD-itX15-MFfMpECoH3-fpqUxByvkhUEEzuXao2iMW9JqB_RLMgqIwOaf_DFx9v59sbl_8TgBB1A9aQhfIA2XMxooppUSsJMyi_tSx4nAFAFfuTMIOmyEU2NoPHOo5x93GY90TJLjp7cOwx7NE32JOJiE4iuaLEiWPGhIyGMEGyCjnPcrQDBKaSU50SVNAmnCnh0v9NSPR59HrgIyhiUzHDeAUAf1qXTOMaBueuFM7bXMlfuJ5SvU93BbMir26ISYBxdPR5mALQsduOsr0GmpkWSHDXdc-Dbb7Cey3s3b_QxVTSaRefAEGyEOe1TkIBeKrhgbCQAxpwxSoapo8b-36jLwBFYagVgoMFvoe_hUdQuYaVyfLSraqfOba93xdAMmDKrQVTmEW6RTYLeIUcCYRlkFSl2RBStYJ_lkuczt_ypMB7_rMAE9LS5R_6iQzbHaoEnjuR9AmkXE6BGKrrLYdD3tfCtyNHgxVFsgYJXb9lSFgF0HS1yoDQ5xb0F-TiUJWy0awBnYGnCFTyzslfc5k0hSUOvPx0U2R9lAO3JloluLmrRizmkePmgkpmz8cAVc2xUjnWTtGnMXwM&pr=8%3AB81EEFB6E78C638E&cid=CAQSMgDICaaNbUGGmZvqHMIBL8QpVvFEtrnmqN8EPqUSOZhGmgnbxwXbNEFd_zeDd7o94xLoGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.turnto23.com%2F&ds=l&xdt=0&iif=1&cor=17131007077545945000&adk=3975681934&idt=45&cac=0&dtd=4
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2aaffeb8b825ccc310f7286e191ca45a64ed9db9c0476dd24ba9d53e7883d581
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38820
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
khaos.json
token.rubiconproject.com/ Frame 0B46 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
Expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame E6EC 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9425408574633&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E6EC 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9425408574633&version=m202309260101&ct=2&x=8&cor=4641653291700690000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame E6EC 		82 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dq4e0rMc5Bx6tuF_VhsvkTDFDEnHuDC4YdhRyugLaVxekqoO7FdSnDVsSnt2tdIUOCI1z6MrQoyjKxDX3g8Nm2q0etYxmmEax-pZaS4zRg7EZFogBGArlDXCyvqCYJgPcMbZ1KtMK10P-MrKkE9lLh1Mbo1wGyNRdzxTtrFWrvImkDL10&cry=1&dbm_d=AKAmf-ABgOqILz9vyciiwtyExemQB4uCQwYy2o_A7AG88Ay6VaHruYCpDCEJ8qxk0oftf4OZuYRu0NK0j0bYAhup9HPEbFfyyj_v_3V4m-vSkScPWSd3YGZTCQrCyd7lUYyFooCzhNsAM8qCVtY3JdQSaTSh4MOrY3FOEMRjG1viA9LTJCor-qZWy5rVhbtqQjIndXX1rz0x6XGpH4joxDzsEcQ7vhOJxS6T9U6OSz2cJsqRLU2C4r4IRoZJv0fBFp4lhW0Ugpc0IwpVv_S9kwyEsxAzIcGDWXienHfrTEUR4Jv_B5zVIRUt-EmPDBZBbzY5Hqe2EnmEY1W8T8nxwuvIrOko7-xx-c6gxGQolpBLQ64NEEiUseobC3vgATEm5GES0RK3lVGZfVRPeyh0HbgHTxkJLUD2zRP0qGAfDghRYuGPYaa5HQPJ0tVkH6YAoGB7pnPPE4pjY0i5JUSZhu9HtUZe-pOBjFABQ__hhdg0K2WsIlUfN0Mhe92bNEElBlsWH0LEEd6X6VUi_1KQ8d8YzkhfrTjEJJ5SFnLLGMGDo7TU3LUXSSfnz5uNkuaLTT78l7GPftlw9hbt6pAhXGc02siOJl7-8TInYuV3qFaNO-kaTxwAkn2DnpcOa9OpwkviXlWWBM4DDnvZjlJhrwGTRAM5RiaTu7kWhqe_04JSL-VASWnO_nLaUkAI99HdbHEH_OxmAP2SJ7BtypQAXrTXYHryEURCMkYTHM9oWg9rnG84MyjXhXQCYJ6d7no_I193YhmXOjAuTgjmbSKEn3ZMSqz4d-tE0BCQFMKGk0TWzNV9oA15VUrYHiZ_-jo4KGEhh1H3WBk32lV85_T5oEVvLLU7qN4NmKxQmK_THSqWBsKx1sHI04vHrN9GvBEje1IDWsA6qCO16F77ex6FRXh1D2NTBe8LlMFSJrPf_Km0VEAJC1GUluHYu-L1gP8KTiX-SPpchuza21oExk7DQl3s9XH0PWwvpmLqqaVmTNk9l0UeEOLIJQlrqnF8IaWPYOhfMbhzIzeA7XJokA1Ej6rYtiVEQcYmdZkKi73doRaQQDK25S0_XxTvf94Pt1yjedatAvgRy8jbR69ES9ylxivRQKGlWAwxdq_SduppRZjMEsUjHyUQgnjo8lQZ51zTRXtTrwJs7YSMAwQnOYMBA-WWTvJHFUZIC4A245G-dzYFkfm2T2gTwd6klmxioQMExHvGlfOZ2dUl-JDg4b8xKCrFf_KQIdDA_ettKbHBGF5K_eeWsYr2oj0BDQNfdKyPDzN1-3gZc060gHa2W5CYYDofu-o5Qjwv9UXTM7bl1sDVjD9GfwSpzZb_6Eowfs0nw13jb-xNQehAZqX1oWoYOPldiilMlWkSBt-U2A8b0rZXLpssnkVqdQ8yjz2IO-JvKv72DRWpKRKsdC1aU7_2RV3pOqPJbE8UZEZMDcyu_1q08EE4xaDgE1qA0r7cA18w2YnDVX63Csj-PkeWVjUcSUp7peopQ7RGnCuiPPTlimtSNHnhZ7fSii2_sww0p9AUpIyC1WBCmx2ejjXetoyN2qWb1M8wZqstUg615fArkFRqOJdUrj8DLYD8nwP_OSmd1hmoPUzHqBDEPa2K8RgsT63DeO4Nnv6bi_cdDWI4x5EwbsQBriyr8gK5ahChltkr8bVHktNN_mDahUv6oKB8F9wdapqGgQ0v97ywuOazhuJa7qgG2Ho2w8bSRnq_zRY7nT1TqVrTAwHHxsmDvMBX1j8fuk9ByVzj-gUrvInrdgn9ZEnIN_9B1iV0VcRrbA6CFz3xPTdHljUB_ORoUoR7PA-aU-dRjVmGiwboeSSdvSC9di4sddhEyrUyhenXYHwii1yWsspSRUV1TlUnVZvzbHiDisxfn_3DBkW3IhS9ao7pnaXSCDy8PxIU3c7dMMfYi5dMQDmjshk5du4RHB_ct7E-q2uKGmwVtJE_rYdVDwkJaipsVVuFGARSYb0XS-dTjbe_m2_BQG274PYFU_uTICjVMOy8pMgm6MXFl0ZXo9m7zVmaKiXoHe0f6T-EkW9EhLz9xHTAH2_pxnmybOWCqatjElY1oqrOHEGrBMjH1g4Yz-mkzsKUWaDeha2vAp_mppzGB0ePFgNuANTyUrU6WEtBc1nWfNbWXr94cti6XzCOr6-oa2tEbVLKBIgGRb-cx27HY1726wtKeBZJZOOLlURZGm964VGfHQvGQ7Wg_YTi_hqKmUlbemZEU5bEHWJ-6DI69d5dbxD2CyOfDZ2WXfRFdsSF-eSfoG4EH-KoMjP43XP0ebOcwXvTbKERNgPr-fs-WM0SF-wfhoVRQWvPg8zrroU23AKRi7zNTtNbp7-ae7jIMW-8rc4Bq6od8p3REVPxFjIrunDGI4Uo_2zwZ-WtgnyyugJUxexWNvfM5COtqqcN4P49_xYauAmlNphzIUBUyZws0Ik_8GmVgN_ez_5jTyRA8mc7f1gfwn2OycguUKgaHXjiZWjw5AqkDkPwVD8TZiuDKwpVURPLB8Bt1Y5WJ__ANsVHLqV_IlLNZmL42jwyd2AjStShWdGuvcyzoiAdVOO4-Gkfzu_4A0kwXI79IXS9-1XYuPQXFQl-eBCq6dKXeizoM1fViW-9cgfaPi3XJ7lQVDHbl7ID0qJ6NS_nvia39ZWd4bxfPv6z9IuF8VJynDq_2CRLMxQvHUb3cRQQ3sJEDmxvcs0CNP-p4qPlWHugpVqkEMjAY7dbNkifvtEanadWpdV59F3Ghuu839uFWLbYfRL8tlBaMEcac2ztkq5p9xjeLyGtFwsmSsX2NHTQqzB5rYKj4qRsFdGD2VdKM_kMWHay5RbguyK8Gq-3IGJ1wyR-P6LdyajOv3U-9vNjJ08kAxC4AnL_khvKuYbHwsGqcJOOG7av2eDCU_ism8HjUvNor9gQGliVo5V1YvcMtj9LCn7HnGUOJM3M0B7YdmaO_1515pVp-P64S0RTqgVEm-s4dfq9-V46rU2HQahZNxClvSTrlZ8yhwnlIAvGkoBJjIN2mc8GvqieI55Yz-LcL_eIKRoOQFT7u9x5crsD6IqxgwjFOnpnG4_zzV3RfR464ZY_u5qC5gyj1W_keikOAsUG4SJVB5jlcZXnR6lCpQG8VkkI95wBrwFJUrJQ2y2aGnJK3T3l7Pt52dQiCMMcXei2SdrbpHp3WLwdl4F13aGejwECE5avpy7vTWvg4y_CZMtRS7YrktCFU0sarnCB167hcEx8bCHSHenOuAtX-p7DTuxlXBMhwpq2TIVIj3DaHG0AU0eSEGfHtTojpJeaG9Mb59Dp_rJpEWTPv5ObVM4Q_cEbib3DdX3WMv6_-4xbbfE6UKdSdLFK2_J6FJ1sGUG1m4N3XSXYzUQxl3wvW8UCs31MDyLYFO70I_YYhP_-lBz2SDqL4WHNtJbiC9foz7mSdYJCjyt5ZnXXXG7K9YRinve-YH62hyzSfuYwMCdnceK1Hfi4_WQh9Fne3fkMjHlKT6Fm6sIpq8xTC9Ap6mR9VpdVUAJ8JcFweyfOLzJNENpqiXLhjmrjvEppT_h6MMhBC2wvAAqxZQ9UtH1XJM-gc8axtPPVQit-okxS7jvwmtYsEsMMzg7scLzuhPitrKGkhXFs1Wi0l8TMRZ_RfM-ttbR0fhi4MZEwfXP2_IBntd1C-xwrKoIw3iJUry-3VH3sD8RLZk6OTAEaKBYj69AhplNjaWT_gRgDWu6gcjAFex1gcW5SHDW7za6x6lLu8ZFxYEv2jlQWXukbj2f8Jfpl3FtjATjlZ12WdgWCQdkvkZ02DATD5vJOEJ3KgHDCxl11eL7VxEfESXwJEnnSs-ztb-sYjeYDv2BFF0oysTHJJJxMYJaeOCwjZvhe8ew8Ybt2NLKIMU_wYhREwEPWesY-nGbrm4BBRdodrNsKFJ53HM1FPI_tBGwimesiCdWXl2Ye8bzvgNXhi2y5xyMKmVm6UNxaHWMJ1i3WMn9zIvv4SULi-Jvmidkmef_F030-g2lqSG8BusD-G1Jh2vy2n0jtogSwc8r-baqrDcpk7YiteKQRHAtX6DhZ8vBlJB5kRO0Gqg&pr=8%3A64FCAFD2068D1809&cid=CAQSMgDICaaNFiZdVbPcY30YGRvJDtgeUs8XVlRws4ChEuoOGow76GFQdQpIJJm1GLa5zQx6GAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.turnto23.com%2F&ds=l&xdt=0&iif=1&cor=4641653291700690000&adk=3830210469&idt=53&cac=0&dtd=4
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6698065393e20e0b97528c7b566df0f6f7c4e6008467d40d7b2165df8603ac21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38829
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1D4D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssNvGHxhtcCDis1DsqdwORaxEV7GbDKQnXIg2USX2OlwWjdLm5WYD5228MfOHwTjkqUPpm8rs_qxMZPVTWNd8GiPvJW103tKWyy-O-7dMLiHsUvBYA7VqNqsgT6QXH3V1RQY9UVPQL_fi3p8bRnpJX77nFxLmOg-DrrPIG-CuHP10fyQOmgvXFvKcdeO22oPDisFjJDPIYjQzjmwFIyy7GXLYgKvJkc1tbXH9XhlVVfWfzwiTXqK5tfkPdE6xI6NzCLDNNaaQ8xgmyysINrvnfNPfOM1RwfB305b1rI2Fkd2ZqA0qoLMx-lXdBJ-iAGKjMoQTQTCnjJ1j2g3DVFCDW3tSdR&sai=AMfl-YS19F-Rz2FuEWWdGQO88iY4FFMicN2ARmwG6S8HPIv-JG9sDiR_UIS5QQbqIOiDC2T5uDmM7uMaxrEF7-A5_WI6o-SNZd_bTFijz6H-JSrDbeliDvQ9HPobUOedQhU&sig=Cg0ArKJSzI1iRJaPSmH6EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 24 Oct 2023 03:51:05 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 1D4D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssGv1wG9fWlPLHMK_RsamGCxiTOa1bCkNIJ-Eu_GqM-f949EmkT8vMBUrQuA1B2pz7QbIihh_a5xTf4LjgcttxTlthMXHcgAr9ATYrgThkOwtAJgVrwDm_6btOIECSNyGEMge0PAhR3-ZmkbAaq9qcQ4Qin4KQbFr362kKw1c2-kxIbyPtKMlYkSUjXGA-720OhWoRk-UVJtJWrh1XHBbRwHu9lwyAP2JBICs0Jmgd845O2Nju5w44Wwp0obD2rsCqGAnA0FlHcN8eQDtfFXpanVg63cubjyGmGfnY8_dA9ZWEVEvnoqgdva2X1pSi_iZdQphwekhRtL2Ch7p3dRhxbhs95fIzH6LZ8MnR937WtlUdX571I-vlxZDRzGMP-FchTj6_lLAE2oZcv2eFbdh_nlz9fW0XCjg-I5Ma7fqZtWD7A_w1l3MmsB3DxmYwPIEMRHYP-vD-2jVuv0Eugatsi9aTKxB6D1tasGn3guDLCsxcND8FJ0YseZoI0OzJNCIvmqUlxRv7XqpIbMaGE7GCTKTNmLyC-ZyoieP0_1NpHtpQZZtcWg2mX5aAHcoRfmoz6nArPETBTxoAvV_GlhVZUr4XBOW07xpQUNlKTsh6CJe2tUM70yb3B4_QdF9yp53HdWysaBQRxcGn7TDK15MePm5vZVQ0ykPScM8E9rpLRdyvKd2q1JuASFMEH5wOAU6aAIwhKKUNeV8j4WP5RyhKDTMR7fL_HanGwZfTXWdTuDPVy-DsgpKfZQGMg7QBC6a6_6YP8B-Pkx0CuNH2xFuAJ7q-tSFqosNjyk9ea2NLn_YmAou4vpidcLxr1DeAXMBEQkAb6DdgISMiN8YGCNvOPhG8fftpLszXDq3i9VZ6QCaThMJKsbm-_vWidEGWvwKN7_JY03bMuwlLYJsU3FGg2pEFyUORXmqlfeitP78LhUff77MNLj2tJhQMBHC0_9WVxnvH65sF235g8RFyx1Wt4y7lKyyMk8WfTrMOd083O_ClZxvuEXkGSdZZcxkz7Izql3TyscCyFve73am6Ninz33Gs2oivEEuV1JMCMxqxRqFVRORZf3IvKi-K_S0O3Kmqu8h3cGwgNW5MUs9qpdNHYWsXo-UWJHz4WcX56PUnJR-v_ceLBwYBfEr5Ca-3KZelttIzPCyegl6spqLlbBuOvch7G6709HZfYf8pjQVv-oCO7p13Kt6oHYzWPflfhlbrmIHx4NMaZp_z7XIDWTYH6xVRxNYlFkXk_jsZwlpid1c7yI_joE8f5OhLLRHKk0KDoXiGbyBSKcOCXqH93tocjhWcgWcI3JsvXn7F8If5W2F8Ui3t3fizn1nEFXqncufvy&sai=AMfl-YSKyZxAT1naNDTs8I8oadvFii_RoqZUN5CPtWezb6bO8xV7c-YSZu1mMY_ExHdoRpCcEbdizQWK6dWS7l_ntMe4zZKtKnAgrvibkUxVrl5KC6ZN3llj8K-VjYva5jOKwwMWUrZ057ImxMMRGAIsrlQGQy5uTSlmKmahXdgK-qUa91VE-wd5VkgbTut94J4z0oC8XxbUoHCn78R7fxUR-edDWrXdg5GLEuhHzpjmfFy0C2Q4kynAD2CofhQ&sig=Cg0ArKJSzBtcEqOOhhRsEAE&uach_m=%5BUACH%5D&pr=8:6FBEF3275985A762&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=800&vt=11&dtpt=798&dett=2&cstd=0&cisv=r20231019.27665&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame 2D56 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f4c0870e7f0d953d864c90b9a23f0d3374b658a9bdf11b12942e4931ca774722

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 03:51:05 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Oct 2023 15:57:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=43595
Connection
keep-alive
Content-Length
11097
Expires
Tue, 24 Oct 2023 15:57:40 GMT
khaos.json
token.rubiconproject.com/ Frame 2BCD 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
Expires
0
truncated
/ Frame 1A2B 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f62ec71b2d7f5ef8465d70654f4b271c99c61af8e1858eef371224acef174f83

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 2E72 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvWh-UFr6IiwP6JnNKuCLcl4OIaW5rW-T19LHhmGJVOY84DR5lpZZvJQWnv-tu7GZWF3-rtlPDkW8yoWZZ9juAXtvy4viK961ghWSSCpsXgfQJ4FLJ1j7lLDNyHs0QFzzWINQPSoz8ArKNfqoUatBmcYK-lir8vkYMZ5yccqesdfdfMPg28GKkIgKRFja3ToFJvtyFbp2xON7mEV8Sy8XyXcLHysJla2VngHIT58MmzZvvA-lDSlQ-pjUp0KZub4DUuB9shA1LcBgv_HeI44i39PQaDFHfNyIpxNXm4fKKzZ3hcjkqT4QhhIPn2p5e45suKP7iO5yv-4C2r7WSTkJ1NIfs&sai=AMfl-YQWnGxHoN1zoRhVk0jVLRgnzOqRZo6MpFRMHWtnLbZYeZTc3F2fzNcWik-3CCy6hxBzEu1m03sAQNu34kZ5ttB54ccjOp1-A9TzzV83k5DvihtWuj_W6hh0H6qOcTY&sig=Cg0ArKJSzJORIKtaQ_ZcEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 24 Oct 2023 03:51:05 GMT
swfobject-2.2.min.js
delivery-cdn-cf.adswizz.com/adswizz/js/ Frame 5C05 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery-cdn-cf.adswizz.com/adswizz/js/swfobject-2.2.min.js
Requested by
Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a18cbdbb0fbb733d7f4cba5d2afd6b2706e3f141c743f491057e5800368cd8e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://synchroscript.deliveryengine.adswizz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 07:50:20 GMT
via
1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
last-modified
Wed, 01 Apr 2015 12:24:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
72046
etag
"e6a40488a5f5774d02c06d0787ef01d8"
x-cache
Hit from cloudfront
content-type
application/x-javascript
accept-ranges
bytes
content-length
9211
x-amz-cf-id
HvnuOXUev0KcQ50xmQqa_E79qs7lP5Q4fsjkCtBCpZ-FoThFLr5M_Q==
view
googleads4.g.doubleclick.net/pcs/ Frame 2E72 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuqpnLmUJzciniMulUh9ildQVlb7eafzdNn9c2WvAUK2rCwNO6jVpU-MGp6ydr6iMnXzijQ_w4CaEU0A4GOsekAkBZDxPlY89XGWj5J915iO52lSXlBv5P2tpXmZTu9wlT_RpecoP0G2C8e-1Fya2Z3zQwZ0Glf2nkYqCLl4c1PcDqjscpqHPsDdN43lzUyrTSo9CC_33J5WaxE75oY9k9e7nOSU-XsU5pmAxaoFtNqhEutqHon05ilQ9UtGU0A4e0_AC1kdTSdwRaGn17wJc9g_plZdRbKM1auZS56z39xPWiqTxDTrgQhTzIa2d9WpDlxQYgrRL1MrzmaSR3zNZI-GRg8m8RNYsvZSLPVHTY4H_WfQ_3i3ZOAs3QoMx-YifKY8qTDRfSbtTju1mPNEAGTj7eYQuZLrELgvyOsQ8LU9bYoD0LOjCCi4Qzadj3hBEGD8-WVQNzfFbW5w6E3w0ZN8J4ttd3AsN8QehdUQgXWUlG04bp-hb_nWpmSzdkeIJkU8ayDjub9ANTg7k0GuQDeTOYCPrv5vbDsXOET1ER5bNgQ-ggO0JBdwE3cf84vnv3CT6FhDm7Xiy1I0J1xVa3Pb88BBezMPfYfutmzB4DFxLhF1x0_f67O0Y8455JzWgszH27QZBmXZUbTUKZm4BklNA3HIDu--MCHcmgJtRfIiYla75WLn_RYHPQO2O867NRjf4MyExccwUYuFzOqo0xv1Rp0-TSrWBUDtSGM2cssRKyXpc1KpUpmJTHSIyzHhX_bRPbPZVn2uH_AWfObO_PX3ErxlKRkiViyFD64I8H74z3eAQNbRHbae5VySBQalQ8VvVUSm1MNn7xcr9u9e9aURBDmam32lcVgVXOAYDqjWgTyXjOJhIVsNf2JVV9L4spZynBtH9yTdrW1oQx7VTt9Z85BCGDl-peBohDM_hxXhNYalYuYNWqaszYR5eBqLdrZ70w1Bpm7RoQqSS0rV9sGVFVSLIlgm5IBXXu9ZkwuJ7UB_IQ10TWnJR6oFGE6kOG8IJkEi3AHy16IvCUoHOQbpDZNe47ECOUF7goqeWxbK5qVqzOoOYyUhAwSOnQR6fKYsTriQZopji44Qqnrd7joIY9quaEK2v9_Z6uRPJXkvnaVJTb9P_TgGb-LdfHc5r6VgUNtvY8C-KfYxz-saL_09Snn2UNlgm5zwToQwif_8AN00xY-H8M6HvVUpy2X_cz4nYjsu1vOj_rCoZnZSrRyk6esJwRnLyoVW0Mk7vp7OlOoEUYHrE2Ya9-TLig2-sa9oH2P5_vwu2FT5YS57I3uX5ShTMYE77ArLGrc62CWyDetsJq8cpcJX9cdmt_7FPODCiRovBB550hz2vcFnodcPqfV0IOpZcztws0&sai=AMfl-YS5n2Ih4KAFE7V7uMJk-wznGfDQLzy1gXUFobwoJx9RwevhIPV06KXX5uKqlJ-I7peze8gJtqnu9XOhF71ROY7gEK38hFzAKE3z_4IhALHJSNdA767LTikTLz_2XkqnuASlLB295PTYxNMK6NOMxDzWLA-5aNLwQ_D7ljmI7csreT-9R9_Jgp3k0joXz7LcCiIf-vR8g4oODxtdgYTA6XH6CNlQJtMuHM4gX29awmjLDB8MpS4DyTCRluo&sig=Cg0ArKJSzOe4_q5IelFiEAE&uach_m=[UACH]&pr=8:06461963C725935E&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=806&vt=11&dtpt=804&dett=2&cstd=0&cisv=r20231019.90197&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame 3571 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f4c0870e7f0d953d864c90b9a23f0d3374b658a9bdf11b12942e4931ca774722

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 03:51:05 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Oct 2023 15:57:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=43595
Connection
keep-alive
Content-Length
11097
Expires
Tue, 24 Oct 2023 15:57:40 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4DB5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvAaqKMH-dn99bi68fQ3BZDcTop9WNzvtme3of47NvspMkvk3C20cZj-QNliPasXYyZJxa5su1rrQJM4lq0POetjeNiuTwG0S85Mfo9TrdMlWGCeq2PULKxI2EN37qGhOHiHYufWKzOvCGO8zCEcSRwT5YdfjjNridDpByzSlSN3E2sZdQr9QpsWTzIYEJDEeGsM_tPcFCJLyHczfU375bW2gIPLyww6HL8GhT-7zGZ4ioDbrtdRhTtIx7Xgqna_G9x60Eb1vuaRD-bvy8_Kswz0lLYJiyf7g0TYcpx4I2uj6O2qbj7HAxHXGQRZec8P8kffDlInq7Vu8PX0w76dr7mWPEW-Mm_iKZbkHJGYNSpIInAbg2924QQHA&sai=AMfl-YQ6GcD48XbPP3UUW4EuUZaufq8n8oJlR4Ey-0euTqo60M5Qd3Tjf_ouw_WWykEvIO00ySHK00-7dtVYWPbazkJCFYxwGeMs-diLyJPLwvxFMwaUvljNZM67HMaesDA&sig=Cg0ArKJSzDgM92OAXNv2EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 24 Oct 2023 03:51:05 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4DB5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuq4Qw7trHa7GU9v9zRwbz8rzMQbjIhdITQnc350jFbb9pQao8GH8ZFwREgR6uTYDbdxgP11EbryXlVAMlTPhYWpdLPKj86MMQDT2EVC3bNDStIYu6PsPv-l48S3cC9mPtXQA0RvV62wn8O38iFb8XbFm8UE5HWSZIGD8THr92fFEVlmVoea-WrWjq9I5V-dwyCXwDo2hj7bvjqaX7aeTqR_nX-zuspsrp4JBBtSHrke_Ib8Fo-DxtJxf9TcrLPra7p364roq_yIIIPx6a-nJ7M0rTQ8k1V_AOGEVwo17RGXTQORehzEI18DzZ1YTH3-5yGk_4cqrbptzP60IrX9nIqIztw0yFnhAy2Z0DIpZ8JbIUM9Yf9_246bfKEfcduFx8MvQoc4eOlpZ8mqxwsOcdPZHif5pvW1t2la_FPGl2aTNqpyhLTZaW3qmN6em4e5271gKvkod4UXrAkS-R7rorqRRoed98JDJXxqRuj504HEi6SGrFHIA7zPtJuxasPYIXyQ_69S5TeAWM0MylYZif1YMwP6uaX0SfhPP53TZr-zgUusJpsk42BiF_rv3j_Rg1yX212Jq4vaRsQGPKne6lvI39U-6ihXXvq-QZBerslVVHBq5B1nlvZ9NuCO2tEpxJs1LnLzRQCSGvsklwE3l7kjeHZWVXO0fACnfy_j_ZTg1ta9rz6fXG4QoLRRdgDJAONjDp7Ve2SeuwrD_wAEoli0m-WKaL35cgTsu5IKVyzrqBuR88b3bwUT7FepIKQeSwrWeL9l1wLP27jq3yI617H2HO6PxcmWFnCTrlHKabRIRNMNSx7zrbl3KNFV8mnrBN654DIgRcXio34c6Un1ILrvUinYs9sxNUMzJm2KUzd_uetFl4nylXo6WNdymhpu4Ttm3-N0pbQoL3JX0LEHanDx8XcKwB-wXug-BvCyGm5oZI_MF0mAM9uElq-ReNnh-ahlLobA9HP5lKNkAjDjKnENv4ORZFO_czcQcMvmNTWCPGb8RvnBtrC3IJhXsw-OyXRZfXqeUBs_P9LKfLKBnmcJndwei5h4sH2V8bLxBli1hgaoKsdmABG47ZhTaWSnz79H99JjIo33dWfbJH1C8ACeiWyg2Nj4ZbVxPFHkJ0x7kBH0RlSuPDOAjDXAJWtwdhVf5qKjl3flfXLQn7WDs5OGVlOUhK-kjJBP6vx5IaJ2TRQVg1lgVd_KNoeMKhyi6DSfCy4NfS3-_NCv5ATTMbBFRzlI7m7fS-FFgOIrsqXWMpFQt7VeFehNzvxsyim9uviZEW-b5AUj2GOsqqhcSusC2Zw9Mm1gw_QGuA5cd0wKCjB1AqQ8UVQt6xnxvNYjsBcj_8&sai=AMfl-YTkZ3MEybpyNDp-JT-UItyjWBbkxjWfN4MjlvXT_di3M44fD_wkr8tVAmsZYGrePfeAWEJLzdakzPpQ7HHdhRJQIlwXujQbjZ41dkscj5h3qyRVLzo2uKipXlFJdsD3d3GMYt38zoyUstPiDl9Mi3rhWHRjeGfLqfsebx1JHYx1odQ1mDm8c3LEWvgsVK9Erk-WxVYi5cd1G8Ems8p9KebLPF9-Iz6-1CTCVZZvsGBn03CE9n1uv1iUVaM&sig=Cg0ArKJSzEzXyXMxOo46EAE&uach_m=[UACH]&pr=8:06461963C725935E&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=821&vt=11&dtpt=819&dett=2&cstd=0&cisv=r20231019.05126&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame 3C46 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f4c0870e7f0d953d864c90b9a23f0d3374b658a9bdf11b12942e4931ca774722

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 03:51:05 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Oct 2023 15:57:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=43595
Connection
keep-alive
Content-Length
11097
Expires
Tue, 24 Oct 2023 15:57:40 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 77F2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstItxsNLWHIRlrH-WNmiZHbOeIatxnMy6cdSCLZnLQ1oKZBvvLg7BJeQd8cspximUVLqFR-hddQJqoJRFb3uL_wURbYhW6PjDoJ3VugFB0SxIk7myXERC8Zu0hDXOCC0bHR4jDfdQfG1hIg81UMtvuooRhCfftVyDxRUkNRYPNVaTQlMQHYbnAExi2gFwt6U9ZHO-N-hpmJbacVZy3-yQedn5RSJwuIZktVpmoptEN3yuxYthIR55i5xuuhDQNh8Ad2fijWhw8depQdwp6f8PZxX5zikAW6O_kZhLLYiXoOf2lu_37nAynzteVQLaFdZcVcOS7vhMdKo4gwNaFCsmzkE3X3DsdocJl-F_VtDHElL8-4G87okUWN23M&sai=AMfl-YSV90aIV1hByD6lPCXVaUM9T_TqiQLQqK26A9ls3XjMzk-HR-FoMaIE3lLRFQ4kkMHeBq8isVWyA-k7KRHKWRMncBI1PPIY1HZnYAsXvOttZtoxvsQQlDYH57f7jZE&sig=Cg0ArKJSzH14H2Bm9g7cEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 24 Oct 2023 03:51:05 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 77F2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvufGENIq_K8ZL7mNKjV_RuQT-RalsqUggsHULLUeLB-Vc8ybvNJIpiC6ICWwk_Ne7W_vJBlafTgEiJL0_CTOzsXlECvmC5CHUk6KS1LDdjVrkwuNSlShiYlAmMzgraqxh3-CC_aKRgbDkZ7EO6ut6LWZd3n52oW7CiA_p4OeqFMGoPML-JXtbME3ZPjaa62PCLVAhsx99uGL2BHG5HKHWvpmfgfgn9XEpQuBljHn2ilHicdEd76g0ncE7aq9SI-x9SO_M2mZScvqIBNeH_5GGG3FJ9aBM4EdHqXtOGnHManU4sUALnxKdzmoS0oj0p0W9gWySNbeZc1JKKIJnDDxFItZpScyUjdDnefurLBc34sWJQMJc82HcgeSfoBOMMEZTLjHPXhBHhwSFi-5fEFR0P0VhX4sqWpNFxTyDcOLm_fAsuA6LFMRteJScP4CceRShMVyARzdlSOLh9zawA5aF57ZYBRPBwasypF6JwzQTUVMnkitiqzyCh3--PrKuAJsmPrbiDYu-QEGux9Al8O_gzfDKoiCzj2CFWfmZTmegKu9O2SQ8WGRbTAHME5_HtnkvygR8jImTApoKCpCBE0xFaoL2QUxyNrvsVrHEYC3V_ge6EXxbOThXCHfbthidMWvlzAU6NYHB59KixelR13wxGZAsEU-ueVTLfphlcd1-IQ30EjIgeIXkpuJp9GhDRrRHmI19vTJitzXu0YK_8iiHoSDU42kRbHUn--F-nciuF3ked2Qbbf__JtdigW6JXnOeCRnrvMBbAGogRyQ6QW0IzoJuore_TuamKuPZlH9Qs8aZEOpfhCk9sKyLxzTCkjhjHnIEBKgxyE-EsefHu44Q6Zc2EIKbgbrPprIdJq-LNCqHmGBqvnOARXDDenxk45TSyznKGypJPvMGRA_iyezcWycbVPYS4TcQvL38vuFOVm1SR0Kd_byTD_dI_a9o11doFhvwoQEpfW0_Cb8uT_uQvEuLXhEFA-fekzqNX-jb4gD8UKhzCaMBP_3vZHKTnWO8FCLkdVVpPgZlVM01K2CZCr8towdVoqAUeqk85cBkZK7t3oMsoEYlv6YP77yuEQUNokxzZoLiM12Loc5Vm0cfIiV5VBOVOabTiw_kZ0rVrpxbcersYxGBELo_DDliioosWgNQHGjBsrXe5Lbr25329ziRyqwpTwPmTxOkdZyPdcUSMf3n7U9AXXQE5sUETsZp_wZrxZfxDnlbVsh9HluU26Q6tQ0lCV9EgdlEvctP0wMMSe60iMdotFRCIC9L-1mrL3qOPrBOAQBKCwV2nVM1VR7RAassX97_4x8EGIxdHn6Rv-kIVG5FmfUvL5cGA641Aj_8k1vC3x3qVtODkqrXRobfHAMyAmA&sai=AMfl-YQpCEBdWYqXcQHb8Q62JqD9TB1cNUQpTcxlkXsPtXY9erDjsCpTLVqrXjzcKY5i2ZFAvgDChxvVdp4MrLWFqqOCs6gKkeXd46Hn_y2T6uYecNHVzMx9jnA9v5HuhK2nw7HTPNpJuWz3GOA9sPAmA_DXXVwkrMfa7ZGk5Cm52TvKtTJntApEyv5PqXPvj3iEA3mbySxC_ceJDQwvCUKmMmyqRfB9vLMFUvAhRxcSsUOyCpeZnD5V_SEfDaw&sig=Cg0ArKJSzAhijLPpmXq8EAE&uach_m=[UACH]&pr=8:06461963C725935E&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=854&vt=11&dtpt=852&dett=2&cstd=1&cisv=r20231019.05508&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame 1682 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f4c0870e7f0d953d864c90b9a23f0d3374b658a9bdf11b12942e4931ca774722

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 03:51:05 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Oct 2023 15:57:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=43595
Connection
keep-alive
Content-Length
11097
Expires
Tue, 24 Oct 2023 15:57:40 GMT
truncated
/ Frame FBB1 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
599e454f64c5809981bd74329d7a4fedaf4fda22344f44e23091a1167c8c929c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4EEE 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1ed32dd277a94952690f05cbddb78fbe762a76f0682075846dd8b74126f63e13

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 2684 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssB6U6U_GoMQYfGtoRwqwfFBU9yqEe5HIyLwWothMWE5tfuDH5fqOYO_5MGKgm-cB_wbK1v7z8_jP0LMBNnQeLO6w3clTiqPPmxSXyFwioeojOw9m0tmvB4AtPmiXx0IkX_K6iIHZ46oLH6hmZ3bumkYt3GHIsc-LiZ_JGVtJcDxW0c-5tR9bntn_-oTmolfg3Tux1nXMdkOc3J-EoQ6t24xPk8GsWaggUDylZ_LNniMYoyWp5m6VonVCGfiMKFO8dAIp8DgNz-Hh-KukvbGfq2COgOZiWA_9Itbm4Y1QIc65tejz2_oO-dTYNuAqK3orXiic-LO4VT1D6FhlC3Mie1l_yQVrBvfS4Sz-JY-keRJIduzuy-VO5V-w&sai=AMfl-YTTpLyrS-SLMfpLRsbYK0zR7cQoCahthTE22YdYJ4KsDwWc0KFhrsCG5fxA2xfoZMqVP8gI6JzpPGxw3zumG_vE9Ea5N4aelkaC7-QDOkqIC_b7chPGXKXwgoPNVBk&sig=Cg0ArKJSzMR5kyLiT4m-EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 24 Oct 2023 03:51:05 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2684 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsugNSZcxuXmDYUnmc9k46VOoiUNYpkbeymDlpbnUEiwftLA64iU6lHW05vIMZ2PuRP817sGb5VD-KEg085Mw7l0xJ7XrVo3ARSe5aDf-flMlhEs-WEKCP6gFbRv6bepKxd_gXh4YjG-kSrdghihT03M599YZ92_5DOs7VCz84SQHohs-v_rsXBJkQA2tb-_9e6NU18uU3yT9TPTSw9RulFijq4datii8o6OQRUOcJ2Vk1DLqPO5YVthkt5qi8h0D777O15VxERB1hvHIIpAh-01wOeNg492iKeKdsfqTiazGwPRK4p0jXIPUR351PzXwAr-ycKZeKzTyA0Ke-U09P9r_39pXZpxnn_eC3PInW2EG2zpXUiPGAq-sApIW2fyPBDryMPFp656JEHQxdA2cmKhhz4euqrOFz5dkYygPuELGpqaU5qXDxM9jAXaoiETNV8gPFdrIfJ7aMEzIx2HhTqU4cKoEt8AKHb2yh2FsrrRDJW3DyVpIP25MWWfSPsZJRy1k3GcPTQfWV8lpslr3Sg_6i_gqSE24sicTwHLIodG_WvYCYdjKwB9IPlBNrxzL5fWGHMyFv6qTriTwtUT9lfeq4o_8VTp1e6vfMLvTwcw5Rl4Z3Aw8sR2bR35wvBpECMei-i7tN4SYF_vpxhLRWTFneMqwLQ2U1ZXChErYCtHEB4COsC_Ie4vrvOxSAQjNIdd6nJQ8w2TXI0lcmAWKqMHlSJU77V454XVQn7tZ5LdSriVCymTmPrXS3ROCphAA523q3C0W2kwh7DYOj-lkE3KWiej6OqJ_c9RhSLGoyFhKKEMXXUg46qPQ0tdEto6lxbRnECeFn3P5qK1kyj1CH9_-zbfz2BZEGme72GKTBTC1dnkfweSUFJ5QiCjfdqmOYYn_dBzQ2FfF8YAOaH4sSNennQBk6ukE5Cvj6V1IcZqHriu1jYgMD7ZhqdgY2QENqsTnx3MTNLJ8Jvo35dp9yYB1IM6_DkL2-yVUUP4-UhQUjMIjPIfElUH-cVfAheW_MtZo7_Me9QFynT7GfxcYDEkKK-uqUIO5BjpC6LK0vVctLIPTjRRxJ8KakZ5K8sLCQn_lB9yBF7yrqm-IWCWtSwb_Ym_eH9LOQzCG6T_NKt-AOD9hop-pBdTn4VA6XbAwHQvd9wPLJK6q-wjDhxg6n9OYiVEEZhy9zJKYq2rk4vh_LzU-oVcNpv9egiY3sQaAeuZW8r4s7S8plE68PNtuA70ZiotzylFcsH7J_4PhU2o4GaUrjxL6zU3R8V8sDwuY_FRMXtD5a37n60tgAWuosJBYElezetMqGK7wsFjA-x1SH_CGyiK7bu3MlN1FH9D__O7F_8&sai=AMfl-YQf17FWrTF4VoGfDSJEnnGVDfxUMrrBm-8esDedCGPutig57q49CNFYe7X3WzoGCyt-WlQBqzQN4oZzGwx9Kq69usMciM_E6E_5CY9G1X1hR0tyko0u0QDw_A4LbdksdUxnNiDEFFlc0-KQFw6QgqmPxYAY9-exuHwBZa6wSZ8KbwyfvP61T-KF-Rp1LaBk6LYjzPvCroaIJa9_BFKtc9IldtU1LLkSLxRogpEJnkJGnvIuPKzsMOJN1KY&sig=Cg0ArKJSzIWP7dUWosziEAE&uach_m=%5BUACH%5D&pr=8:06461963C725935E&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=711&vt=11&dtpt=709&dett=2&cstd=0&cisv=r20231019.66003&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame DF25 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f4c0870e7f0d953d864c90b9a23f0d3374b658a9bdf11b12942e4931ca774722

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 03:51:05 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Oct 2023 15:57:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=43595
Connection
keep-alive
Content-Length
11097
Expires
Tue, 24 Oct 2023 15:57:40 GMT
truncated
/ Frame 68C0 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
753ea873e068993553cd55d99636f2b818c3e904eccd85e74762c122359f5673

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
async_usersync
ib.adnxs.com/ Frame 9473 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:05 GMT
an-x-request-uuid
88f951bd-442c-46ce-ace5-cd24d079dcc3
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.140; 178.162.209.140; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 61C0 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:05 GMT
an-x-request-uuid
ba30ccf7-01e2-449c-ad0c-5b99941c5445
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.140; 178.162.209.140; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 68C0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvAxbrHdXoywJXOIujnP3Wg9h6H17YGptfev5QOCNAiB4XlABEZxN24CSh_apdgtymm87Yev0enF6t-uH6f3IDC_fCmdcExIeN8PBfBYf9vMhxlo1b2TaIDT4z10adCcC68dtivlsztsMiYcE8iEpj-tvZkY_yGauMh358679obzSwMNAUdz3CYHqlL2Bnrp7paHIFcgcs7KQ1c1T5R-7Z6Q5Me85vTlA1532hqaetgZ0V_HdZzXZTUJhwaPp9eoVfYAATW-Rf7xhp8krxNqzfzrA04LrJPw0JkQt5EM1OFUG39MAiLo1frc5THwUXHSsZGskW-JjNYQHQxKOEEN-nTuGW77GqGibR2ElC-X5l5I3CrU4Y0_Fcg_uDLP-VD1rm-NSCse3d9-Dwx9MIN5A7vklPCrOuyQaXvGrutxvmZ834Sa6VpeRPVN8Gzpo47ZDD9JQwGLpe_c-YGVSD-L9LoCW0oQ0A-Uzh1462ZnPCHC1NtcZMQE1bMVtceUipZ6C2k3LfrySDV8aD_HgKlN6zjYnUzjbYzMRp_w8DVCRsc986L05FipZTZ_DWLgHTGisSPv-jjOAvKatVHx_B_74qfJwm3ZINdaAu1IN5uYQr289LMc8Ll8zTOpzysGz-MBRo8Q5-tEJzI_hOzjKFiTxm-J9S18g9XNrtqKOKLETYCpQ13puuQlf1iniA1Iq7KbWfm0vXvKavI1xeH_x4cot-i_-DdbJ0KwTtui1feQ1THMpIjgCx1ByeKJhH9kgIjI46LjR2PB7JRxHDSWV1r3pQK37Pl1TxGPWyWQFtR8HofsHKTKAcdoWNotv6PBcfG_qufSJrJMeDAJO1TWVxKioH08l97-zlD9zlL1U3m0AGKOomRTIZ6uoHNwBlX6GGwXu06VHvFm6pLibhI0_0ZvSHP97m9GL4pLKs1Mbq93gwzZnCf5G7eVQI9QJ7U7AO0vbHu32zNbc7D0zXtSzZzcTQ-sGLeBoybQGH9OJPowg96xES8JG2b4kWRubItFisYhesVOfHyUINB-NYS2lPx9n52Srobch2I7ojeSl79ymhcxbPcMHa0-xQrOpp5_P9WlC1h88nLh51wUoZUfWZJS1JLTH0mO_nthHXYu7LnZHOYs7UWnXgcW2SOje5FearBNKVrhpH3R8oX-ydJX_4PSTQ6s-LptF2i6NfNJZm0vUMw7DIODT6kV5fvgaEZFez4wjLLGgJcw-n3eQthM8-feUomg65rHHXlF43HkPZ_mVTXMY1Q8I2HVCXMDThhQXvIJwYBVUjac3wbdYfweBtHGxDWDg-dpteTYS75N-QHk2vL4fOll3k-oi15-V6ipAY35Gu5zTSrofOaOJthR3xTs0wJ7ErM0-z1ceX5HlfazlSVYCLK9IX2qPkC2ooS8fe9FyPqBuXoSbZMBFeulWg&sai=AMfl-YRmJleOl1BgnN-QvQ8Krhtux7OVW3v3Q44KzKZISdgUbVwX9PLiR1mj10dmJFndS9BIJSAYdKjcIUo2hJFZdNoqbPHZqcoPFj6ZARHS2moKvMaV7FjO6sgjAK3gWqEIwpkl2p8rlXchLGwOFrWDCs5o3EWneNyODELNQIZMRFKbB3yQYBqYPmmTv8T_JWSmsHCKZ9HyMea5zkWCqCethmYv87CjAD_67kOwJEslW32rK88QmFC7cFflz3u2aYxBm8HSoMCtfjqPhkddCVyXH_8pGUL1Zb8czb5k_uISyfmQs2MldMMKvz5OSI9pTnGikMndrl7_6-JCiN1Q6lL6KqO2TMWCjX7QDsAO0Lrk8ReyqPTs3EYjIKepbLdQuW9TmXjGLiga3fdI4rLf-qKcDEXvCypX&sig=Cg0ArKJSzJVWH9FAoWMJEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=610&vt=11&dtpt=609&dett=2&cstd=0&cisv=r20231017.36199&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
usersync.aspx
dis.criteo.com/dis/ Frame FA96 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 03:51:05 GMT
expires
Tue, 24 Oct 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
223188
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 95D9 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=8AE5D383-F837-45F9-BA87-CDF87E9AE850&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 24 Oct 2023 03:51:05 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
Y97JJ6PG77WKDV7EQCTS
Pug
image2.pubmatic.com/AdServer/ Frame E1A1
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=7UHx-ugS8P32QaD8uUHvrr4Q96j2QveruEJESNIR
42 B
420 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=7UHx-ugS8P32QaD8uUHvrr4Q96j2QveruEJESNIR
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 24 Oct 2023 03:51:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Tue, 24 Oct 2023 03:51:05 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=7UHx-ugS8P32QaD8uUHvrr4Q96j2QveruEJESNIR
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 2D86
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4312790940954201807&gdpr=0&gdpr_consent=
42 B
217 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4312790940954201807&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 24 Oct 2023 03:51:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
32c9849f-7ffa-4a08-88f3-9b382b8f5609
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 24 Oct 2023 03:51:05 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4312790940954201807&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
178.162.209.140; 178.162.209.140; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame F89A
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7293367566882044049&gdpr=0&gdpr_consent=
42 B
318 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7293367566882044049&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 24 Oct 2023 03:51:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Tue, 24 Oct 2023 03:51:05 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7293367566882044049&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame F737
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=baab58b2-68a4-4914-9c13-dab5bdc5ee08&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_121b0aff-ca1f-4762-863b-11ba6f64a1b2&bsw_param=baab58b2-68a4-4914-9c13-dab5bdc5ee08&expires=10&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=baab58b2-68a4-4914-9c13-dab5bdc5ee08&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=baab58b2-68a4-4914-9c13-dab5bdc5ee08&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 24 Oct 2023 03:51:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Tue, 24 Oct 2023 03:51:05 GMT
location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=baab58b2-68a4-4914-9c13-dab5bdc5ee08&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Pug
simage2.pubmatic.com/AdServer/ Frame 9C7D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=qyPVnmOPXyNfoHzh_CaV57Ki0Yw&gdpr=0&gdpr_consent=
42 B
300 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=qyPVnmOPXyNfoHzh_CaV57Ki0Yw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 24 Oct 2023 03:51:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Tue, 24 Oct 2023 03:51:05 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=qyPVnmOPXyNfoHzh_CaV57Ki0Yw&gdpr=0&gdpr_consent=
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 9D80
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZTc-KQAaN1GdCAAb
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Tue, 24 Oct 2023 03:51:05 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230020-FRA
x-timer
S1698119466.556134,VS0,VE89

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Tue, 24 Oct 2023 03:51:05 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZTc-KQAaN1GdCAAb
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230020-FRA
x-timer
S1698119465.444665,VS0,VE92
Pug
image2.pubmatic.com/AdServer/ Frame 1DE2
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBN0NFN0tibjRBQUJnMmVxNHpkQQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAA7CE7Kbn4AABg2eq4zdA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=870500467373172628&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?ev=AAA7CE7Kbn4AABg2eq4zdA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D870500467373172628%26gdpr%3D0%26gdpr_consent...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=870500467373172628&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAA7CE7K...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAA7CE7Kbn4AABg2eq4zdA&gdpr=0&gdpr_consent=
42 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAA7CE7Kbn4AABg2eq4zdA&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 24 Oct 2023 03:51:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Tue, 24 Oct 2023 03:51:05 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAA7CE7Kbn4AABg2eq4zdA&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 354E
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
225 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 24 Oct 2023 03:51:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Tue, 24 Oct 2023 03:51:05 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame 49E2
Redirect Chain
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
42 B
185 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 24 Oct 2023 03:51:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
176
Content-Type
text/html; charset=utf-8
Date
Tue, 24 Oct 2023 03:51:05 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Pragma
no-cache
Pug
image2.pubmatic.com/AdServer/ Frame 69A8
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUdd961f5ab8cc4dd4b32ffe74a98e2197
42 B
359 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUdd961f5ab8cc4dd4b32ffe74a98e2197
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 24 Oct 2023 03:51:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Tue, 24 Oct 2023 03:51:05 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUdd961f5ab8cc4dd4b32ffe74a98e2197
pragma
no-cache
server
Tengine
cm
ipac.ctnsnet.com/int/ Frame 96CE 		43 B
368 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Tue, 24 Oct 2023 03:51:05 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
bridge
cm.adgrx.com/ Frame 56C0 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.181.122 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Tue, 24 Oct 2023 03:51:05 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-3
Pug
image2.pubmatic.com/AdServer/ Frame 1FA6
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=889298685119183901
42 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=889298685119183901
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 24 Oct 2023 03:51:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=889298685119183901
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame 8AC4
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5142336725909842241
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5142336725909842241
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 24 Oct 2023 03:51:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Tue, 24 Oct 2023 03:51:05 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5142336725909842241
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
cookiesync
core.iprom.net/ Frame 456A 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Tue, 24 Oct 2023 03:51:05 GMT
Vary
Accept-Encoding
X-adserver-worker
erebus-9504f45fa4f8@version_1.574
X-core-time
0ms
X-server-arch
v2
pubmatic
ad.mrtnsvr.com/sync/ Frame 2D52 		0
0
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 356E 		0
0
usersync
x.serverbid.com/ Frame D8C5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=3&spui=&dpui=8AE5D383-F837-45F9-BA87-CDF87E9AE850
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ads.pubmatic.com
access-control-max-age
10080
date
Tue, 24 Oct 2023 03:51:05 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CC92
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iuXTg_g3Rfm6h834fproUA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:05 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=74592
accept-ranges
bytes
content-length
5606
expires
Wed, 25 Oct 2023 00:34:17 GMT

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame CC92 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=8AE5D383-F837-45F9-BA87-CDF87E9AE850&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.163.10 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-163-10.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:05 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.17.63
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame CC92
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2827461676
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=8AE5D383-F837-45F9-BA87-CDF87E9AE850
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=8AE5D383-F837-45F9-BA87-CDF87E9AE850
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:05 GMT
via
1.1 google
last-modified
Tue, 24 Oct 2023 03:51:05 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=8AE5D383-F837-45F9-BA87-CDF87E9AE850
date
Tue, 24 Oct 2023 03:51:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame CC92
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=8AE5D383-F837-45F9-BA87-CDF87E9AE850
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MzMwNWlOWS03dmFSSEd1aG1EdEtSWGdGdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=7591070485493745832&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
HTTP/1.1
Server
3.90.125.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-90-125-107.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 03:51:06 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Tue, 24 Oct 2023 03:51:06 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame CC92
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OEFFNUQzODMtRjgzNy00NUY5LUJBODctQ0RGODdFOUFFODUw&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 24 Oct 2023 03:51:04 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame CC92
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMM2ygb3xgPTw8YWHmYyhBg&google_cver=1
42 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMM2ygb3xgPTw8YWHmYyhBg&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 24 Oct 2023 03:51:04 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMM2ygb3xgPTw8YWHmYyhBg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame CC92 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:05 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 23 Oct 2023 03:51:05 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame CC92
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7591070485493745832
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7591070485493745832
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 24 Oct 2023 03:51:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7591070485493745832
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame CC92 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:05 GMT
server
Kestrel
content-length
70
content-type
image/gif
8AE5D383-F837-45F9-BA87-CDF87E9AE850
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame CC92 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/8AE5D383-F837-45F9-BA87-CDF87E9AE850?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:83a3:afc2:1d9d:ef7d Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58292/ Frame CC92 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=8AE5D383-F837-45F9-BA87-CDF87E9AE850&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixelSync
pixel-sync.sitescout.com/dmp/ Frame CC92 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Tue, 24 Oct 2023 03:51:05 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame CC92
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4043584326490653053&gdpr=0&gdpr_consent=&us_privacy=
1 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4043584326490653053&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 24 Oct 2023 03:51:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4043584326490653053&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 24 Oct 2023 03:51:05 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame CC92 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=8AE5D383-F837-45F9-BA87-CDF87E9AE850&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:05 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame CC92
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:5cd3e657-449d-4acd-b1a2-0c97f89e597b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:5cd3e657-449d-4acd-b1a2-0c97f89e597b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 24 Oct 2023 03:51:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:5cd3e657-449d-4acd-b1a2-0c97f89e597b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Tue, 24 Oct 2023 03:51:05 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
truncated
/ Frame 455F 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
067cff18612fc56584fcff7f2e17962c2e5b8be715a00bb0f8bb7c87881db53f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame E1B0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssxDcqG-uR8nM-Iyzc88P8-ogEzemtxNaSnyAUhHFp9_XZpdGKkte1nysVGTCkbBzpUWC2dLdBaQqC4oy_gSjU_K9k4jh-S9TVxX_zWUlNtNt6Pz5nQxOzSVwKX5EnGGHottqDVO26LEjbNvFSTWo7rH6YQc85jPGRiGG4UsSEKKQ7PcbAWOt3AICrI7gpDb3EQ4WEsvnkxsjzA0F7IIruEiQzGNz3QrFbiukKcEPa5RBndH3yJb9G3RBNLcQ4KiT7-AvIh706zCtBQkLFMhOHuz0uUD3n2hj4I2aahiVAQ1UPJOaRZF8NXzlm2mjvOVNfZI3sONwR0XHkqv08gwxLzHYkI8AyydOlql3sj1NBLlGQZ0uR_Q3LszhA&sai=AMfl-YRBLPeGK8PuI_3T402zUYnUsjI-S-1J6VucV3ynrL8S9nasgxHfpeozyD7B0QeE5wscnsRyj6pxfbjuy-nfQVaP1Xno_yc7HPZXIomNv7RbgQa-BRvyJmfhSXoFESk&sig=Cg0ArKJSzCDA7W98IXxOEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 24 Oct 2023 03:51:05 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.turnto23.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.turnto23.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 24 Oct 2023 03:51:05 GMT
translator
hbopenbid.pubmatic.com/ Frame EF70 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.turnto23.com
date
Tue, 24 Oct 2023 03:51:05 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame EF70 		0
0
unruly_prebid
targeting.unrulymedia.com/ Frame EF70 		0
0
prebid
ib.adnxs.com/ut/v3/ Frame EF70 		24 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
953bbdc02ca461889afdea97c1427b9bfae361ed3927444e3408f71f78f5c764
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:05 GMT
content-encoding
gzip
an-x-request-uuid
440dfcc4-aed4-42fb-ab8d-24cf4326e4be
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.140; 178.162.209.140; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame EF70 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:05 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame EF70 		16 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000007,1,,,&eid_pubcid.org=594322fa-f6a2-4300-8529-316a7fb2181c%5E1&rf=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.domain=turnto23.com&tg_i.page=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.pbadslot=%2F65889844%2Fron01_728x90h_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=221eec239ff02f85&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90h_desktop&slots=1&rand=0.36534855998520643
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
952af1bb67e0ad63f454ecccdc14ac60f2408b4535a6dc4cff7bbdb9a8e1c5d7

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:05 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
trinity.json
apex.go.sonobi.com/ Frame EF70 		730 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2222347a6ddd8d018b%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90h_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.turnto23.com%2F&s=e2c759ba-d1bf-4b49-a439-495740503546&pv=0245b9f9-5b0e-44d5-aeb3-a45e7619c3b2&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22turnto23.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22turnto23.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.turnto23.com%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.88%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000007%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22594322fa-f6a2-4300-8529-316a7fb2181c%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.32 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
edd3d05e6351c4531fd25903bf4c01e1cecb0f9eb543215c0984b912abddcdd2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:05 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-63
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
441
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
c
prebid.a-mo.net/a/ Frame EF70 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Tue, 24 Oct 2023 03:51:05 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.turnto23.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
bid
ap.lijit.com/rtb/ Frame EF70 		25 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 New York, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
dae9a21a4fc6127af3ec58175eaf29396ee4f0ede3187c8bdd702ddae9ae4ec5

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 24 Oct 2023 03:51:05 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.turnto23.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
view
googleads4.g.doubleclick.net/pcs/ Frame E1B0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsskn7EziO2vHFs6_f4HQH54_Lgog7Nkv4JvWEAPvMDDHeSSwoO7UENZ5DhPfSoWk9wXgMhhSC9H36t2wslcKOpsT3eALBIDDe6yJjODxlhyaTypyjFEf7TA_JPEqxzWHnaM6rWY0YqIVaY6s9YiMjp8Eqfi6WtiMKhupkeC_VVGbXVCrSlZG2JSEMyAFtySVKSNYEdfb-mIcnsu1jJHv7KjzrkdhrlnEH_tq-252SQQj2hQOGVFha4CBquyIubTsCImJMzWqN_OEeNegKYcyjZcNd7JrU-GrprDlbw2Qaug8zCnEMasjPsr-ZzOSfmxQeN_m-MQ2ApwCbZWYNvn7VYj_urW4EZl8llWRDKv3lv0usL0YAlZTqiZGPMlgPsilCcm8i2jsFYxdRPjC6MMQOh49QV2wtmkCNLScHFp1cm9ROlgTc2Y2goSzjMLk48uKP9DEq5ExZlCiNEjLOWIgowD2wxFejGAf728T2hxfOE0dAgp3HGgmusE2n1YgYarB11yrXnQxaXR2dxP5NWVZWJu7ah_enrHO1bg4zIfdUm2DLN0p4pBOSpc38Kea_BILk7z5t2BWlLd8fltco-ow0X-W7LQ6KBY5u7HPlmCKmDI951Dy6GjIsGJNhngtXrEvAmHplEg6ZkOyHXlnEoP8kFcfgJZ6Zvei3CQdn5fb5QemIrJeWT3teFXMjE-ZOuFuoZWozSfpD64na2jLWt79adFt2lPhaWglHS6SVPnV90MmxmNL2Gs1A1OO1CevlzU2vzd4bdAyuinzGnH-5AqRMSoNcEy5nLdOL5riMJVDQozmw_kBcuhajyLHZd9zFncptjbRsuTtcARxZYWO0hNN-rrAe1C_n3Ht1oSKsj2J4BmQjx6f-ukilMrWFqjgVYyQ13V8RJMZU5Pjghs7uIZR929jgmiBEmy3OeuE711CACxeplGHfK3VBsKtzmxmYKXrTFH0cm9Mr_6TXRRkmI7gUeRKscABD5xiYZ8KntGmT_2Luv-aQBO4LDFoMm9KQ6R8kBd4PTXDaDQZNArnOvnLBFI8HqfWoarR03RwvAb7qNiG8awaQCsoyf2w1NXmq_RNB6Lva4u7KS40_rWVgSH0vlgBjlTPPG_NTNadbdREP0Ii2JiIOAsrioHPtH7XkiNVgMuGUMXvhIBR6FxU8MZRV00kt5Ltozn6qnkuNbU4vUJ3WRAPpIT-BG9Adpyw3ab7NDN94rRMscecpKkoFgTRkSm-BSlHlaAOv0NUM3P29mJvJGu0ZFJKmSJjgbcw-DqLE9tDUEmTN8DvhkiCUM1eGXMfei6LPGJ5SNzvAxHy6tgcSjOAIjj2ja4nTEYDp2Bu44Olbo&sai=AMfl-YQjWkFtK-YrXW1z1yspLZ2fKVACvSHP9-bI-2ekgIH3t7NQt3JKbj0mJhkvZdEKWFJFG9iFHQlg3cya6DoVfxw7sisaudi3cyw3TUSXgbJCmIe2spkVOSKyoFARMELDz3c-FzGwqpdSpJ2d-iROoWqLHxxPD4QFtw7uSOTM8auZdneF4Cb5KMLV2EVG-m8gM1IxIrw4rPn2EGEZcghd3ySCup65gMZMo0N_7n04xUgVRAua3IJbo9LHUEc&sig=Cg0ArKJSzO1tpiAq31MiEAE&uach_m=[UACH]&pr=8:B81EEFB6E78C638E&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=620&vt=11&dtpt=618&dett=2&cstd=0&cisv=r20231019.33777&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame EFD6 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f4c0870e7f0d953d864c90b9a23f0d3374b658a9bdf11b12942e4931ca774722

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 03:51:05 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Oct 2023 15:57:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=43595
Connection
keep-alive
Content-Length
11097
Expires
Tue, 24 Oct 2023 15:57:40 GMT
truncated
/ Frame 0E65 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cc6e0eb2b727c5655fa05e5f0b6873ca2f29b2ed69315aedb3ca9db7b1757d23

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame F29C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstIxDZCuhq2141KhFVAYkALh7iBvlrUXRUFZyv154uw3ukyEfahRgPoTrOrIVQCgncGkiaI7tATKoMZFE7yVjLdTMY0Av5__QcEFtJynwf0QKRfEp0mTDoy8NlC4vb3HANeGJrgIB1MEDBZ&sai=AMfl-YT9Jm_0uMpEiVTc8FtFg8BQAbrQXXmchLOzFg7TBQ4HSwV1drNzA4Umnsv-u53NII-G_H9tDxEoXv2CC7q9mPE1V7T7Pk2C_CVnFqTFks9ZqljWMxHESqTtMkTX&sig=Cg0ArKJSzJvTwv12VC-PEAE&cid=CAQSPADICaaNx_yjmpdfD0HgUT-RI8v4SmtOh5KPgM9YJl8zBrbauixhuA0FZDL38zvspmFfklHwYhMY7kJ-MhgB&id=lidar2&mcvt=1564&p=1105,436,1195,1164&mtos=1564,1564,1564,1564,1564&tos=1564,0,0,0,0&v=20231023&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=658150668&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698119458166&rpt=5607&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
9107379330298137186
s0.2mdn.net/simgad/ Frame ED94 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/9107379330298137186?sqp=uqWu0g0HCFoQ2AVAZA&rs=AOga4qkjZPs9cpDF6G4gCnpXpWAm55yYcg
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c8816be8a1ac63eb157a57740dced17c63a9affbda763c4ba35f88cf07e0bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 04:47:18 GMT
x-content-type-options
nosniff
age
428627
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16210
x-xss-protection
0
last-modified
Wed, 27 Sep 2023 14:41:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 04:47:18 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/ Frame ED94 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a860e393a22f7cd34a28120e6b5f9bdc433a1eeda614b995c6c22b395afcfbe6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:03:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
38856
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11591
x-xss-protection
0
server
cafe
etag
12161711247934188981
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:03:29 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/elements/html/ Frame ED94 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:03:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
38878
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:03:07 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame ED94 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsubidc9UtjxPYHuM7DEN7_x0o72N9XQqjypzxupOld2JzhL7TzSfzkfvY-P2BtMgbUc55bPvz3J7szjPjo4qM75CivSiXiyIYkaWBBYH6NUbez985YAsT2hdS-pInYBTT-mXga0zDJilZc9uls9W6De54rSRmQ4LC5XpPtLEHeqjKT0AvRNY9JY9MRJWnDMG885QvaqPFxPMKkA0JrPxs-4f0Cw7yehiYbD_vPcYGtgvup1OQA2dMDZjywq_pe21sxemLtwxljAkl9BKSCLbjJZPB_G6jy2JUqkh_9UY2HvwV40oqNrei6t8c7lsDDECf812zD8Jua6rOEC306qqIair33NLsuQQSgIK0MyhLNSgJOsXe6PmAOmeCBG47RJoah8WiSq3SF7jMHpO5H9MQBROd6dCIjrcEHH5Vw4rM1JN6Oqw_3dji5cj0RlnIMJcRlnbQjwdgYFSznPhnuVLs5TUhDyHSV4EnKOJRixOobd81_P6N8axieFQStpRFS4k-xmo2M4gz-swnbMSIaIx8bbdvYTVn0V6bb2SiSZy801w3ERfWocMJ9hH0IcFlziHfj6vtY44J9D9eQaZv_Q3CYPGtE2L8LR6ZV9GBkix1CfFG1oOP8IRssd21h2iMh6WOxOV7BAKgC7kPw-W2yee3sooP-xpJhj0TWThsjatCwXRW22xBE8ANvpFVEbCqKLlYpoPWnGlrkwulVVY93NsnTbuJL5rN1ZduXkBJ2873qwHIvmDenwTihrzDGbhCZZNQ0iCz1OOyyfTpZViYS0t6k4hCsDOlXf8VnNtyEvjjK_8HJaq30xR6Y_N57MU9VSxbVCAmhoRX6SNLcxC3NDvJvSkpgD9pMkvtmuC3_aSwImuh3rDuMFsOKsTyjc7gQylj02Ai7K92_VadjCMXk6QND4HXN2MndPwqv9PUYFTx1UzZWvtygwm2bE0i3MFXxje_X608f2vdqZxG77cL6b006NOJqMvjR6x4vQnCivhp7Kcq0spor_cEy4uFIjSuxJIPKd4ECfBwPPwXoQ48nwTmaavXvv1qEIcl5sUdqTphqNLW-IZ1Q48I9UTy4sr1lyAadhxzD1q_Aj7aXdQSRDempyn9Oz6Uwj9IriKG7ldmzxKBDyLDUYElDJplwvhawrXAHg1pJPTPbqqkS2tnpWzC4x7ebSyKPFrHfvG3pAmjoDECUzmV5Tc00CYJK0XhinQJ0FQ8EDrsvA7gCwL0cz5u91DLE1rRuOY3IjcDF-f2oqMVOfjxWQ0v9XhFkhYxpYmFZ6D8Z-m03N__nXhWsmluA4iNWJIL3qbRBabZya2Y3jWt8n1Z7Et03qDVzGbAObgnzAZEg&sai=AMfl-YSAdiIbpuXBkDFFTPR-3OHhFqIYfml-3Iqzwxlmkh-zr4IMjLle3G4Fe4-pbTszxxjGAbIfgEm0SQJYlzXAKNLKXDiJg6U6rfyIkM64i9gHwh7B3nw6GDNqwzP-2vGH4g-CuBHQzpBF-iJQfFZGltXf-IKu17SIw4Yn4Ij0zM51NylwEYEIr_78W2NSjNjQU9EHQXFcp14xqXvZHk3JOkWMBGNua_j3v12if8itGNl7ambJMhakHPctZpI&sig=Cg0ArKJSzF1mdAqUihYREAE&uach_m=[UACH]&pr=8:B81EEFB6E78C638E&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231019.90721&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 24 Oct 2023 03:51:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame ED94 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 18:02:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
467302
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 18:02:43 GMT
usync.html
eus.rubiconproject.com/ Frame 408B 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 24 Oct 2023 03:51:05 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ED94 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:51:05 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8EF2 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
359310
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Oct 2023 00:02:35 GMT
expires
Sat, 19 Oct 2024 00:02:35 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame C749 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
359310
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Oct 2023 00:02:35 GMT
expires
Sat, 19 Oct 2024 00:02:35 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9391 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
359310
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Oct 2023 00:02:35 GMT
expires
Sat, 19 Oct 2024 00:02:35 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180101/ Frame 0E9A 		394 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.turnto23.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d887c362637c0386db3c070ba14953f5e34363c02fcc9ab5a0ca45ae63650df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136921
x-xss-protection
0
server
cafe
etag
1460731179987907675
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:51:05 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 812D 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLuw7fgBMAE&v=APEucNUgKoNtt7bgCaORDoQ8izLimV3JDEDsJoyqqFcxc-8LBpfC74qz0JSwysd9PvYsz4AgzUDXlXnY3QFv0VotT3Wb1q4W8A
Requested by
Host: 0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com
URL: https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 03:51:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
9107379330298137186
s0.2mdn.net/simgad/ Frame 3BE4 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/9107379330298137186?sqp=uqWu0g0HCFoQ2AVAZA&rs=AOga4qkjZPs9cpDF6G4gCnpXpWAm55yYcg
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c8816be8a1ac63eb157a57740dced17c63a9affbda763c4ba35f88cf07e0bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 04:47:18 GMT
x-content-type-options
nosniff
age
428628
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16210
x-xss-protection
0
last-modified
Wed, 27 Sep 2023 14:41:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 04:47:18 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/ Frame 3BE4 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/abg_lite_fy2021.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:06:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
38672
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9137
x-xss-protection
0
server
cafe
etag
5200559654007170660
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:06:34 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/elements/html/ Frame 3BE4 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:27:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
37418
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:27:28 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3BE4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstc5BIvmL5YbaO17PZFJ2_alK_Jd-x6bN-IlXiq_j861MTSGkuh_06Yb2MBh2jquoo7icMMvHGhLpKIozeYmRyvXbpD0VAjVZGoMQ1D57a0dU79xR_CuPuxsXeBOhP1UPpxvRR2fmaEsSzp4Zjet9551Bgjkdd1KT66MkTRoYPi8sX1dghNBwJ3zPtHzVfTE9GDhvlJ9L8H2R_B9OY1CjWKcLJoy4chHwm-zWaB2a1P-MfwnJAbxpjKblGzK3fmgi8zyUOlIkOXtcT_pfbpKdqvUD4JSZuHcDo6pQ6Dozba2Qg-U70ntH2B74-F3VV0D-PO6TpuX-0PTHw6FPPufotYpLUlRnmF5Yk9uZG5OfkLyoS2sAfE6GTacdTyOL-P5kZaau8DYlbb8vHKs35Jcd59M4p3kBC_KbISqiYQYUOo8i4DJ4Pb5Tc9SiMV8Ss8Na-VS5Ds1ntVticBP2Go_y4lQyCf37_R6Sk9HlEIarKxK5pXJHO1pvIMaf2cBhloQi_efu6yTEEyi9ULQTvTSLMtiaxgwhCyZEC3FrxkGnlEvoVdG8d0NKaw3ynC0Uz6oT5D0LsurkaN0aM--RsRiHQsJq7LXXvtJMgZYzmZYwQRi3zZst-77GHjQIHx9hT2sPfmV_a0nSTPA7G9UPm8i4U4JO3J6lvj1l5_zD1KGyUk_zJJTopEgP-PBmMEhTcAKDCCzV5lEcAXPcEW2qvkkrlXIQRM4iXDVgqdH-ca_cxYTd2I7Jf9wDnR4Xhn3M3e9vNAFu5SwIehO3DeCUvEwTj4gJnmpa9JKLUwdqDtcGZ-RN3EmdA4mzmDOo4dysA6YUXbrDnV7ubLWkYz-ybKdCOBdjqTeHFbnqSwqQJ6AgmR19dcqrEF_vvM4OBpyDPRsGhATCfN_xXViXBE6Rh2Cd4WRXurDgFDooReSpai3p4y50u1AyaBeVheJhvFW3Slna8K6sKQ5inkypzP3CZcN8sWb7MQ21NJp5D_R-UmQDDZH3uuiSquJVhwmx7EHwdkSIZNyXhsJJLwfAovpdTp0_Nr-OWKW1_FAATpeShvS5K6xWXI0cDPy69q3wF7w1Uid_ZV0WSLdgTIDWqrLy-x-K9R9IWib6tQVLjzD28zq7RUTOhdQyoAfETBZFrEZ19x3zIcEsr3g9Oz2lBvG9gu8RZgKKvKvC5m4TSHAB0eUMU7DWn4w8-vNqahEo_WuA1aRStnUeag-gbJuzCsrYe4L9Md28Slq_-cN7wXd5AzagYj8hER1x0phJAnc25gMfxglRqAuDZmQiwlo8VJtW_d_4ABkEV-XVqOHDOn-wcHLkyRcTCOSzbo7ahEIELNe-xCuwUa5cTK6BrRwDXAMjfG3yYZx32Dd8HmqwYvHeUaEMzVy8FumdK9q7pdivuuLj5Lg0CQFrsi8qXRUgn4-RA&sai=AMfl-YSkCfH5WfHvknJ-5-2ncK6tqub8JzaNZ2CzyM0ORsNa1WFEoqiyqavOa8AJdumf_HXT9nQu7fP99PF6hg-tlaSbMsiPvc6tBodNlrghldVFjfMCVbqMvI7GfO_i3vvNTHATYn0qrLPa6j78gtKjmF5a08d3zZv_2jc67MKgUBNAtow-P83lU3rAbFXYFM7Fo1CVTnZwrMh6YUSiNCALM8ikMGsTKVHJVglGtkEup7FiVKO7cDHZMYvbnmAg3QnKFJx80s-pNq__Gp9BBeSGrXj53q-UtDQ8nNfVKmGeinQZ9DwVpJDRDxcht0yD92r8z-YBa_H2npDhqeKhNfzhlFtzrHNdfgPJYuK3L9BNmY7X8Qy0sH9DouaGv4iRiemo-XiOWEsTyzkeemzgB865fUi4zLLq&sig=Cg0ArKJSzEPIB_6k7oJLEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231019.50836&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 24 Oct 2023 03:51:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3BE4 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 18:02:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
467303
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 18:02:43 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B5CE 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
359311
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Oct 2023 00:02:35 GMT
expires
Sat, 19 Oct 2024 00:02:35 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 748D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
359311
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Oct 2023 00:02:35 GMT
expires
Sat, 19 Oct 2024 00:02:35 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
9107379330298137186
s0.2mdn.net/simgad/ Frame 0B31 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/9107379330298137186?sqp=uqWu0g0HCFoQ2AVAZA&rs=AOga4qkjZPs9cpDF6G4gCnpXpWAm55yYcg
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c8816be8a1ac63eb157a57740dced17c63a9affbda763c4ba35f88cf07e0bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 04:47:18 GMT
x-content-type-options
nosniff
age
428628
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16210
x-xss-protection
0
last-modified
Wed, 27 Sep 2023 14:41:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 04:47:18 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/ Frame 0B31 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a860e393a22f7cd34a28120e6b5f9bdc433a1eeda614b995c6c22b395afcfbe6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:03:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
38857
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11591
x-xss-protection
0
server
cafe
etag
12161711247934188981
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:03:29 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/elements/html/ Frame 0B31 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:03:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
38879
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:03:07 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 0B31 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvPAGqKjbplekXkmrbcJHiHr19miXNCeliMcjXTOGEWZZuTWik3TNznFEdI4oCb1Z0FXhFLvHptxbBoGBbhOQPflLPSC-XhlVP0-KjmLs0MjtpKY-AW-tJtZqdjFdOMcbfcc2t97IddPkTRXWYaLidkY2XdCGSRVcejJaRHhy3wz2S9ztMJbZZUTNna3pZZbChIuXu28q7J05DTziwvnAp6v0Lz0tfeVaFN4GSr2NcJ9cg_WMEehp8d6REvE3d02-U4KGsLZcBQL9RZUfrekExFPwwU9lzJ2M6TAByJ6ZOj-ZVeGZ-SvOiC85Fu38cQqwA6uHxr1BwAhDKQko_NS4VA99uXH6yxA_FrA_KBea4rFVmpa1etZzfpmQnFOQL4YGoPISfQGJx9bYqc4NGEahRKsiYqx3FIjT6EnOJCG2l42tj_l2kZp8BZ_NlOds6P5NDnaypW_eecfRxlRKJt9-R5KpKcfUUzGtYFqhXubvMeXrt5VTaj_ASwfRWMyUpR1bzWtJ7NuBacYBWDnqjW7Vs6CAl36NxU_BQ5axCf2WvFOXj67TOtErZYNiKMnjgkjZABJUTBbonAXVfg-54mBzGLXJLQ1bklTacvs0_w9nL0wRfLTah9b0JtBjsAaJvg1h-cDKjOyRCR42e6tpKRO-ECxJZW2MATGlR0SfUqDxpBfGlvxFt-TaXTpUQxRus2R0SqAL5xi37mIyjIyOQmSF1Hu3MyD5umgW0BrNGCbdYyuHR0OLAdr5WV60SlbFGrHKGl3PL5FV35tICeYfYxsuBWiHPZvgIsW4EHLNeAMiXqVyAE77mLnT1Ow3og9CKdjP09ok0ElPke59BhitWknmYXuJa4iVRRYDxT6STBjGIuYJvqRb96A8ke62R81FCn2P-gcUuS06QOOvhbbI_hrP2dO3sR_0Frac3c_FgfNbA0utxXD0I5vOK8e7gynU3z5uQJvWzEyCiSkXhKXuvVWMOghGOTBCJ2Dfc8wRUsieZCcQAVA73kzOOGrInKXqfVaL5AibBl-l2w0IkE9huG-8KZiEzY4y6jmn6VkoejlXDnlZmKL4kTF3rv0NN9sADjuBMY6yTFykE2SfsXDK7f_pD8Aojq9sLIY4mzC9-s_BZhmf_SWx0BZdSDHNAlenZyLyAKCHKxi7SgrGYRYO3jN3hkvmvowi3Ylmoo0uXiXOrWx88FzkRP2TT7O70s6m_bvl1CI7VXLMx5WmQv0C6k2l48erHBRbLqlLZegkIcLY9td98Ucj3VPD2stAxpGCpIkZRKQCUfWu0-ODK0mbqNHAEG9HDSSkc2v2LMXzY2YgY2KABotZShZtaIvQpgc21hZmydGWo&sai=AMfl-YSgK1ngvAxElUsnYx5u8v2C1Dw7F-1dFqu7BvkkZcLBj6mo38bKMroDVbPvoN0ylpzfBtLqtH4sglOyz2HBrVLOuibikvhZDJ52cjnrD87E898X2urh-iNf_BXNtPFYUIxxfjwfkTp8QNgERVN7uSumpEipsno07lnnXXHcRFOegurDOvFWTBsFEQYNOV4toJZ1NM2wYrRyCeubtd2u8VIq6xN9sEcKWXvhM17xc4_gvxZrbQSv7-Xjzks&sig=Cg0ArKJSzBuoyHa-7CIiEAE&uach_m=[UACH]&pr=8:06461963C725935E&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231019.35065&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 24 Oct 2023 03:51:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 0B31 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 18:02:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
467303
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 18:02:43 GMT
usync.html
eus.rubiconproject.com/ Frame F985 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 24 Oct 2023 03:51:06 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0B31 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:51:06 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame ED94 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstAcLgCJFPVdYbdKqTgFi7a1CXJJYzrbDjYInSWg5mr5SYUdR1WMtQ_YwKbUBu4j4F4kARqLigeogRX3AZ4vw6UgoqYVvOonvxIxrOihKTBV1PN9k-l45vAEFMhYaUrnrhkqDm8U9uNZnEonXjqKjnuTmFgtl6TJvfxTX54qf6mUcMcrmugW1Dnzpgs5lZbxzI6fKx4PkpKadjmyZyvsMACbS7hEcgAAVdtvxI9vfMfAFZUf48heYzQjhEnQJbyBAakHbBClGR9fvFLhNPf58YTooiFtnoMgtLjK2dMAHsBFyhMG1iVxQQxsnqNzOWmrcerKVKsBA-_Uno5aRp64txGe2iqAw&sai=AMfl-YQPSUhd4uMlh20yv3UrXdsw3ySLC7TPJHfvd_w2gZK-n-rG1-_kbNB25rGTHHXh86qsewfd-YmjPMPFcly8lKyO7c9FCyDQPaFgBYd_3xwmDPGEgLIzHReQ8iStobM&sig=Cg0ArKJSzEfOhpkMc9DGEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 24 Oct 2023 03:51:06 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame ED94 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsubidc9UtjxPYHuM7DEN7_x0o72N9XQqjypzxupOld2JzhL7TzSfzkfvY-P2BtMgbUc55bPvz3J7szjPjo4qM75CivSiXiyIYkaWBBYH6NUbez985YAsT2hdS-pInYBTT-mXga0zDJilZc9uls9W6De54rSRmQ4LC5XpPtLEHeqjKT0AvRNY9JY9MRJWnDMG885QvaqPFxPMKkA0JrPxs-4f0Cw7yehiYbD_vPcYGtgvup1OQA2dMDZjywq_pe21sxemLtwxljAkl9BKSCLbjJZPB_G6jy2JUqkh_9UY2HvwV40oqNrei6t8c7lsDDECf812zD8Jua6rOEC306qqIair33NLsuQQSgIK0MyhLNSgJOsXe6PmAOmeCBG47RJoah8WiSq3SF7jMHpO5H9MQBROd6dCIjrcEHH5Vw4rM1JN6Oqw_3dji5cj0RlnIMJcRlnbQjwdgYFSznPhnuVLs5TUhDyHSV4EnKOJRixOobd81_P6N8axieFQStpRFS4k-xmo2M4gz-swnbMSIaIx8bbdvYTVn0V6bb2SiSZy801w3ERfWocMJ9hH0IcFlziHfj6vtY44J9D9eQaZv_Q3CYPGtE2L8LR6ZV9GBkix1CfFG1oOP8IRssd21h2iMh6WOxOV7BAKgC7kPw-W2yee3sooP-xpJhj0TWThsjatCwXRW22xBE8ANvpFVEbCqKLlYpoPWnGlrkwulVVY93NsnTbuJL5rN1ZduXkBJ2873qwHIvmDenwTihrzDGbhCZZNQ0iCz1OOyyfTpZViYS0t6k4hCsDOlXf8VnNtyEvjjK_8HJaq30xR6Y_N57MU9VSxbVCAmhoRX6SNLcxC3NDvJvSkpgD9pMkvtmuC3_aSwImuh3rDuMFsOKsTyjc7gQylj02Ai7K92_VadjCMXk6QND4HXN2MndPwqv9PUYFTx1UzZWvtygwm2bE0i3MFXxje_X608f2vdqZxG77cL6b006NOJqMvjR6x4vQnCivhp7Kcq0spor_cEy4uFIjSuxJIPKd4ECfBwPPwXoQ48nwTmaavXvv1qEIcl5sUdqTphqNLW-IZ1Q48I9UTy4sr1lyAadhxzD1q_Aj7aXdQSRDempyn9Oz6Uwj9IriKG7ldmzxKBDyLDUYElDJplwvhawrXAHg1pJPTPbqqkS2tnpWzC4x7ebSyKPFrHfvG3pAmjoDECUzmV5Tc00CYJK0XhinQJ0FQ8EDrsvA7gCwL0cz5u91DLE1rRuOY3IjcDF-f2oqMVOfjxWQ0v9XhFkhYxpYmFZ6D8Z-m03N__nXhWsmluA4iNWJIL3qbRBabZya2Y3jWt8n1Z7Et03qDVzGbAObgnzAZEg&sai=AMfl-YSAdiIbpuXBkDFFTPR-3OHhFqIYfml-3Iqzwxlmkh-zr4IMjLle3G4Fe4-pbTszxxjGAbIfgEm0SQJYlzXAKNLKXDiJg6U6rfyIkM64i9gHwh7B3nw6GDNqwzP-2vGH4g-CuBHQzpBF-iJQfFZGltXf-IKu17SIw4Yn4Ij0zM51NylwEYEIr_78W2NSjNjQU9EHQXFcp14xqXvZHk3JOkWMBGNua_j3v12if8itGNl7ambJMhakHPctZpI&sig=Cg0ArKJSzF1mdAqUihYREAE&uach_m=[UACH]&pr=8:B81EEFB6E78C638E&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=772&vt=11&dtpt=770&dett=2&cstd=0&cisv=r20231019.90721&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 91E4 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
359311
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Oct 2023 00:02:35 GMT
expires
Sat, 19 Oct 2024 00:02:35 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
9107379330298137186
s0.2mdn.net/simgad/ Frame 39B4 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/9107379330298137186?sqp=uqWu0g0HCFoQ2AVAZA&rs=AOga4qkjZPs9cpDF6G4gCnpXpWAm55yYcg
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c8816be8a1ac63eb157a57740dced17c63a9affbda763c4ba35f88cf07e0bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 04:47:18 GMT
x-content-type-options
nosniff
age
428628
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16210
x-xss-protection
0
last-modified
Wed, 27 Sep 2023 14:41:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 04:47:18 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/ Frame 39B4 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a860e393a22f7cd34a28120e6b5f9bdc433a1eeda614b995c6c22b395afcfbe6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:03:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
38857
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11591
x-xss-protection
0
server
cafe
etag
12161711247934188981
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:03:29 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/elements/html/ Frame 39B4 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:03:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
38879
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:03:07 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 39B4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstOsuKYOBs8oD4KBhoYr68T_Gw6OVn6nPykEsi13ZFO-qMIeEst0pp3AweH_30WGMu_Fu43OZWGagtf9_hHurmxxOxnk_HHnhAe6tWOJPcuxJrI4VvQGSfmn-gAZdXarEJsgoAa9hQ2IdLpUOTuwHHHziRmKWdXCTwyJBYMV29ykcrkV3teErF5fJun1HvvVRrti1ZjwggFv-MUNtJunSDldxyRaULAjBuxGR9XOH8a-OZ8O-J1ABJki7VEjc6QDf7K04rISYgKAJEHjNDtbcE_K78QpnUW1ETxvGXyaOgXvIh6CorwAPYHOJUbycuAPALPiu3ibNPC2aMBj2Sgngwga-yZ2I-H6tmyhOT8T-0d6aw4czPb95b7bnpWnnv2cDr13G7v4Bkp95BXvtgLlmLbLcj6hrzcTrHTna7kkzkvybgGhFJVEOX4khzCzqZqAgOsc9gg4EKvHRuefBkPxu3On4p5yYJfEJXfVaH-CgH9FI2Pi4BZpKLRg_4hvDCx7H4CuUZOzlqmCkkFrp1y8Xcb4XBpcO15lGzniaT5iUVYhq96VOiPmP9vFrGINL0tVnQcvLJlzdI5kTY601wwJXy9S1iBZrWGFoVnYHf0IQ_VdVUt9I0-Ff1fT5hsSrFwTK0udYvTzLVQk0cwkS798Kh6Krb6TBloTWfvIAUHpDwMhf8fhWAxDbmrbZ8gChkGtcKL-vfFWuBqe6FvN8ulK3nkakO0wdGgQYK0sd1akwlM9hqKtX8yWQIYo4LwIDpPkozjJZl979-T3H0BvmXatht_mpR9oKwniDwCnKp9o6CLTUxfRrZQ_SltWeBwfRyMief3EfeXSOwobz4EkikMvVJsfI4p751SDRsgMt4jwXNITNBPFl7sS07Bvkt15JBGRL0H_iX7ODr0Q5PcLknea1TXVAuO-bR4nubGbfsCHfnFXD4uIVpf0S-rCsGvwJKgSiY5qVtxDiu-wnthZj1ANBFcT-Qh7-5KHl-LlCoZo5wIhKarfPQfVZjsV0uXnCclOpjrGOhhyxpkY6JcfokqtaizqDJn9NW-6HvFdwNFYkydrxI6knNlO5LwYafafF9mPSwC_LJi_a7IlpDApYY2W4nnqBwwrciwYLOLKV-Zwr2ctLluX4kEkUt3tVb_FcsHbyuqzD0S21-i25Gz30AL7Gh4OeXXU_y3TsGsT1ukcLa2wibGq9rH6MMRZHFW_Pe38ARmBp1fpWx8G3NqhtF6hEHXonqBMzdrWbhoXdikLbxLSGKtV_LnEZCUloMk1difCVxSlrfwSmysi1QVnImoKitFoVObFIwLKeZ-NmiPGU5WvN26x1jOUrDhU2_lvq-3vep6Vng&sai=AMfl-YQQDJjYiPzpX-i4rXUTQjNMF_I9dTxxftldy9XU59gp17CFf6v9j64h2x9P48RRqOXeK6CZyiw5Bvu8ia4oxkPU4WoXFyDN39clczWzcZY4m_6PbSYhplGRnVEa3Ec1fblD1gzPkW-GW5xrSoYf-E_cPOT0D4J39PjjO7cRjaL1X4YH7OmNNYXvlIybApDl8Zl1reqf7sUKgl9LRNBms4XTSGMbGBR_N3RcT_IYHyO_-5QoTAsxZhnIMnw&sig=Cg0ArKJSzO4-NUDglMQ-EAE&uach_m=[UACH]&pr=8:B81EEFB6E78C638E&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231019.47657&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 24 Oct 2023 03:51:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 39B4 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 18:02:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
467303
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 18:02:43 GMT
usync.html
eus.rubiconproject.com/ Frame D69A 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 24 Oct 2023 03:51:06 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 39B4 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:51:06 GMT
9107379330298137186
s0.2mdn.net/simgad/ Frame E6EC 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/9107379330298137186?sqp=uqWu0g0HCFoQ2AVAZA&rs=AOga4qkjZPs9cpDF6G4gCnpXpWAm55yYcg
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c8816be8a1ac63eb157a57740dced17c63a9affbda763c4ba35f88cf07e0bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 04:47:18 GMT
x-content-type-options
nosniff
age
428628
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16210
x-xss-protection
0
last-modified
Wed, 27 Sep 2023 14:41:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 04:47:18 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/ Frame E6EC 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a860e393a22f7cd34a28120e6b5f9bdc433a1eeda614b995c6c22b395afcfbe6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:03:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
38857
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11591
x-xss-protection
0
server
cafe
etag
12161711247934188981
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:03:29 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/elements/html/ Frame E6EC 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:03:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
38879
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:03:07 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame E6EC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsumOeQ_acpMVfvbP5XExFJMaGv8A4x5Sa886arelF3RA046oajt5K0ilAHb8ZB4g8qTlF-upYTJL8DyANh4u3tsq7ObsuqEvpH0KEJ7MVr3kfdteNNWyibCrhIQbmHSIG3S-bgvj4gAQm13ZwMpq2fdRqNG_5G1YicmOcZEu8R7LubS1FDQQ1fBgbKfeoujgC7NM9_BUJF4pECNh_hDF6avFLypsLlxsWF0_0h5ZBxg4bfeSPmYd3AyVE8X93IDvVK1c6wdq-vaWXlR6irNYYRuXDKmVMZUgWAHAfDs_kxkh_aN4smJN6sZZLgiV2TDRO60hEJStC0w_CbufhmKzAQX0y54UOT68HqEzc_OLXHUO_37axbNXVRYOd-D45aDGAGHGAKAOdqCcHFxgMM5cI3-j5ds1WSrvK4oeLPVnWF1r22t1PVKfxXWZq8MHeWF1E7xBtrJRQoOGj8R_e_XI0Fq8xLOFW8KuK_4HvNkPNCNCQOVPVx6A3r2VbLYGBMTU0BDUdzxQJRvTP9QnxDbnN6PjJuGfEEbW3JmgkgXiaZlRjrhWtBbS-OBxNBfejOJRE5-dFC52n93lorf4N_SC3ZxkocW3Ra2UzF9TD4V97wJCbWZKARx-ueYn_e_dRYnfS7fwG6FHNqtF32x8Bcjpcrx3W7fBkZVQ3b2QBIk7GwKKK92QQC0zrRhxob5QdYUAGa7ypnTd9EC1rvMG6CeYTh1r6A1pcpA_1L0QbacYnR5eMRZd2WsCzkMOyHOxsmcQ-fzi1xMnTSAMdG3SlRx7OLNJ85C1i4tUJMxtNByZYnIAHMA_xdE34pLSQhq5KwQnkJutmgVZTO1FOAm0sJDtefb1uaLofszOVo7xvKggmHdfmIhQK9LqiHz-zhg6QFib3SLDyh_66qXTw_nKLwV6ZLIXDHyL8TnSywVs2oEsiT60A4ClRocW9bQNYsLgy0ns1_UsaiPa6-Vf6BHeekdMg2EFox_mzSYC310Q9nQhc22bE_iGOXi1KAu8q0a4gwIhkcER3t2YyDBdUPqZKH0Vr-_pSCirsLEw2wIZ0ARPehetfxCg3imQi-X0yhefOZrz2Y9tOE1XT7asTNS89zz-B5JncHkVZZZo6lXxlyRwoLMC-N3LSW2pjOWZmJE_cReOe0LGwazh_7qS8m-y9NA79XzqrBLRlqCtVvaGLCRO__5k81xR5I1gJ8wqdILDBK_7pzG5euqmPNpt7WPibpo-jKY8ZOBBMJI77Ov5AiX-1rkEQe_G9hKbFkwWNxVwANZLskt3Z3fcpfVuQDxVS0h7MZMqrn8Jy1bPJfSNNOYXw-T2kz7yhUucCcTBNTIeFip1RUbLxIrMW-bdvTHGntf-qk1pkobWXo&sai=AMfl-YSHnjndiULVz3hwORIG4o1PYAdhcc4URX6kZDcPWxx4qnaADzDOh2ZilqGAoU-CpN4RNqvQCATn7Wq50mCgnFzhIu66QCHmisnXdjBAQJnZ_gOix-NwdExL9PvQA_26uYHH_Dbyp5RenuWmwGwkKfh-mSf_3CdkAozb64uwr-y4V3qwA4OOtzfBK9X85lVBjmgu0t7Ryh-A6BTcd0fXzDam16eDztfgN4U5vupiRltYrc43TS3M180U80w&sig=Cg0ArKJSzHppYOIB_p7lEAE&uach_m=[UACH]&pr=8:64FCAFD2068D1809&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231019.80077&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 24 Oct 2023 03:51:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame E6EC 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 18:02:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
467303
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 18:02:43 GMT
usync.html
eus.rubiconproject.com/ Frame 8936 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 24 Oct 2023 03:51:06 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E6EC 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:51:06 GMT
usync.js
eus.rubiconproject.com/ Frame 408B 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f4c0870e7f0d953d864c90b9a23f0d3374b658a9bdf11b12942e4931ca774722

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 03:51:06 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Oct 2023 15:57:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=43594
Connection
keep-alive
Content-Length
11097
Expires
Tue, 24 Oct 2023 15:57:40 GMT
khaos.json
token.rubiconproject.com/ Frame 2D56 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
Expires
0
khaos.json
token.rubiconproject.com/ Frame 3571 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
Expires
0
khaos.json
token.rubiconproject.com/ Frame 3C46 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
Expires
0
khaos.json
token.rubiconproject.com/ Frame 1682 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
ba134c4441b6cdf8ef9f5e0539a8ef3e
Expires
0
khaos.json
token.rubiconproject.com/ Frame DF25 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
ba134c4441b6cdf8ef9f5e0539a8ef3e
Expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 96DA 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsukiskbbt-xA369n3OS3bXz5fgPb07vt9K810A3jp0wv_dNgZV0AkuyxQhpiisHazeVf0BgBdd7xMsKoe3u-nLELDuS906q2KmSeVsOEVx5UcxGhBAcaa4r-_2xKRt76ZFnwCFYqNhQgRDq&sai=AMfl-YTHHUBbFB9gYVqcYvC5Ztcdu19kCAnZNWeRhBl2fWe8EqEZ8XCd4VWnksBEPWAxP3om2D45jV5AVRMNgd3LKH4g5pKFHQwRzU_R2hnnPD1TXqgXgCMSF09G2Q8b&sig=Cg0ArKJSzGB6vaz4dRasEAE&cid=CAQSPADICaaN-op_joD6XEiEjI1WZVj_GcG9TvsTO3YjEaFLsu0lxB3MT60crnH5pSnZPq32qejySV4hZKtwORgB&id=lidar2&mcvt=1717&p=1105,436,1195,1164&mtos=1717,1717,1717,1717,1717&tos=1717,0,0,0,0&v=20231023&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4283511922&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698119459319&rpt=5466&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 3BE4 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f8d54a4a68960362329ccb73cffd213a7dc948998d292f963cebef4bd5b6b19

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame 1D4D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuNiJXmP56YYrNrXS5FzA1TzP25S_Cne0THigHv8XFgRfI8gszsGkbfnmItpTKDgl0WWzsD6Ua_mcjcxvOnlT388PjM-i6RENiIDFTeuwBSy7lwgUogMV461UB1kfLd&sig=Cg0ArKJSzOI2q_9SgRwXEAE&id=lidar2&mcvt=1633&p=1105,436,1195,1164&mtos=1633,1633,1633,1633,1633&tos=1633,0,0,0,0&v=20231023&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3085048810&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698119459334&rpt=5662&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1D4D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssdc4Hcyb9eAsbB78nWXwp7BoFS400MVW1hEZ_dzVxmb0212US97mdRZrvNnygMZ7DiPbbpF6dsVkc3s_8d99cNLyXqDHcakf29zKKsP1w7hjQ&sig=Cg0ArKJSzKRrKkTqECCWEAE&id=lidar2&mcvt=1636&p=0,0,90,728&mtos=1636,1636,1636,1636,1636&tos=1636,0,0,0,0&v=20231023&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=32&adk=2856228691&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698119459334&rpt=5669&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3BE4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstc5BIvmL5YbaO17PZFJ2_alK_Jd-x6bN-IlXiq_j861MTSGkuh_06Yb2MBh2jquoo7icMMvHGhLpKIozeYmRyvXbpD0VAjVZGoMQ1D57a0dU79xR_CuPuxsXeBOhP1UPpxvRR2fmaEsSzp4Zjet9551Bgjkdd1KT66MkTRoYPi8sX1dghNBwJ3zPtHzVfTE9GDhvlJ9L8H2R_B9OY1CjWKcLJoy4chHwm-zWaB2a1P-MfwnJAbxpjKblGzK3fmgi8zyUOlIkOXtcT_pfbpKdqvUD4JSZuHcDo6pQ6Dozba2Qg-U70ntH2B74-F3VV0D-PO6TpuX-0PTHw6FPPufotYpLUlRnmF5Yk9uZG5OfkLyoS2sAfE6GTacdTyOL-P5kZaau8DYlbb8vHKs35Jcd59M4p3kBC_KbISqiYQYUOo8i4DJ4Pb5Tc9SiMV8Ss8Na-VS5Ds1ntVticBP2Go_y4lQyCf37_R6Sk9HlEIarKxK5pXJHO1pvIMaf2cBhloQi_efu6yTEEyi9ULQTvTSLMtiaxgwhCyZEC3FrxkGnlEvoVdG8d0NKaw3ynC0Uz6oT5D0LsurkaN0aM--RsRiHQsJq7LXXvtJMgZYzmZYwQRi3zZst-77GHjQIHx9hT2sPfmV_a0nSTPA7G9UPm8i4U4JO3J6lvj1l5_zD1KGyUk_zJJTopEgP-PBmMEhTcAKDCCzV5lEcAXPcEW2qvkkrlXIQRM4iXDVgqdH-ca_cxYTd2I7Jf9wDnR4Xhn3M3e9vNAFu5SwIehO3DeCUvEwTj4gJnmpa9JKLUwdqDtcGZ-RN3EmdA4mzmDOo4dysA6YUXbrDnV7ubLWkYz-ybKdCOBdjqTeHFbnqSwqQJ6AgmR19dcqrEF_vvM4OBpyDPRsGhATCfN_xXViXBE6Rh2Cd4WRXurDgFDooReSpai3p4y50u1AyaBeVheJhvFW3Slna8K6sKQ5inkypzP3CZcN8sWb7MQ21NJp5D_R-UmQDDZH3uuiSquJVhwmx7EHwdkSIZNyXhsJJLwfAovpdTp0_Nr-OWKW1_FAATpeShvS5K6xWXI0cDPy69q3wF7w1Uid_ZV0WSLdgTIDWqrLy-x-K9R9IWib6tQVLjzD28zq7RUTOhdQyoAfETBZFrEZ19x3zIcEsr3g9Oz2lBvG9gu8RZgKKvKvC5m4TSHAB0eUMU7DWn4w8-vNqahEo_WuA1aRStnUeag-gbJuzCsrYe4L9Md28Slq_-cN7wXd5AzagYj8hER1x0phJAnc25gMfxglRqAuDZmQiwlo8VJtW_d_4ABkEV-XVqOHDOn-wcHLkyRcTCOSzbo7ahEIELNe-xCuwUa5cTK6BrRwDXAMjfG3yYZx32Dd8HmqwYvHeUaEMzVy8FumdK9q7pdivuuLj5Lg0CQFrsi8qXRUgn4-RA&sai=AMfl-YSkCfH5WfHvknJ-5-2ncK6tqub8JzaNZ2CzyM0ORsNa1WFEoqiyqavOa8AJdumf_HXT9nQu7fP99PF6hg-tlaSbMsiPvc6tBodNlrghldVFjfMCVbqMvI7GfO_i3vvNTHATYn0qrLPa6j78gtKjmF5a08d3zZv_2jc67MKgUBNAtow-P83lU3rAbFXYFM7Fo1CVTnZwrMh6YUSiNCALM8ikMGsTKVHJVglGtkEup7FiVKO7cDHZMYvbnmAg3QnKFJx80s-pNq__Gp9BBeSGrXj53q-UtDQ8nNfVKmGeinQZ9DwVpJDRDxcht0yD92r8z-YBa_H2npDhqeKhNfzhlFtzrHNdfgPJYuK3L9BNmY7X8Qy0sH9DouaGv4iRiemo-XiOWEsTyzkeemzgB865fUi4zLLq&sig=Cg0ArKJSzEPIB_6k7oJLEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=543&vt=11&dtpt=541&dett=2&cstd=0&cisv=r20231019.50836&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
g_pbto
1x1.a-mo.net/hbx/ Frame EF70 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&ts=1698119466667&eid=229541beb747e7fe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.38.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-38-36.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:06 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
ads
securepubads.g.doubleclick.net/gampad/ Frame EF70 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=530274199045409&correlator=576538532934197&eid=31078932%2C31077693&output=ldjh&gdfp_req=1&vrg=202310180101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90h_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=12&didk=1238102910&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3De50e849b35181897-22f4cb2b01e300fb%3AT%3D1698119454%3ART%3D1698119456%3AS%3DALNI_Mb5gUuI9aS6qK2x-t47jw9hNBFWDA&gpic=UID%3D00000ca185f196c1%3AT%3D1698119454%3ART%3D1698119454%3AS%3DALNI_MZ3lXs6HWnz-gMYNjwKFORAKht3QA&abxe=1&dt=1698119466670&lmt=1698112266&adxs=436&adys=1839&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=11&ucis=fniz8jcxxyz6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fwww.turnto23.com%2F&ref=https%3A%2F%2Fwww.turnto23.com%2F&top=https%3A%2F%2Fwww.turnto23.com%2F&vis=1&psz=728x90&msz=728x90&fws=256&ohw=0&ea=0&psts=AOrYGsm6kFT86cffcgYmtmBTxN7uZ8SxgZWxa5WBfNCEcKg6uQ4bArNukrKLbSr4-Z7xXY9kgfiVCjTDCm0TsvZ2N_Z6TSdZ%2CAOrYGslufZY1wrz3ZXLvFax1q5z-SY9AJfhmI30K0jqn34x5rXcWedJL2aXzBRjW4VptdVO5zbkcmS2ZnhCm7fxlPlUB4fn-%2CAOrYGsmhIzktVEyvnEKGLh3RDVF9s7GcXmP8hUsQhJdvrnmXALqxAEEtgfM2C7iCjDHba0Qst_rPRpjt5ZGaRBlmmCMig-u6fxdrwiE%2CAOrYGskUQUIRfiPj7iYC9y-VbeJMQ1cpleo9DploVX6IgfqQLth_UBst8KBSLwyu-CCSXE_pzYynOFSLqEQVMYlViWJFgOT9%2CAOrYGsk910DbARW3vW69Gw6_K0z3GNEUExpe4wi-uX-aAUtI2CsrJ2y7CTjjGJHNV9Woxqtw9dNQyXwZzhKa11swtd7S2Quh%2CAOrYGsmy5VPgMR5LMxp3-V7XA1yGqtcWAaXRahwFZ4NK2iz9QjHjR_02Wjpz1j_bZ4D3VeCok5j6kcUOwTi6Ei7zzjFX_Dph%2CAOrYGslH8xtgbMj6KKJ7Z540ATQ9K4wCRVM2rK1-3sBUuuBE_bz1b1MDpn7VQYwDDTbivSw7AL3cJt8drQ_dODR4EZGTOAtE%2CAOrYGslvFKlkf1Yd8eqeDzAJGYOtMaNmE0eDNfcZH8dNpVWIhCMUWreI41fLNhh32nvToy3aQba9lYZqv7Ez-faRg8qp18iV1LbGsxU%2CAOrYGsmod9xpyXGvfwyFcyPCGPioYxDfNWPs9bYGS0mpj9WzAi-KQNAYdMJPoW_V3JJ1jKbXGZZM_j87LcPrdx4fSOpAoSD-&ga_vid=1990415797.1698119454&ga_sid=1698119457&ga_hid=2120292015&ga_fc=true&dlt=1698119454556&idt=792&prev_scp=Domain%3Dturnto23.com&adks=2445953488&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
801c6db96e03cfb9a93f9d5816cf3859c9060b4785f61255148fb45fb31c94a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11902
x-xss-protection
0
google-lineitem-id
6110887587
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138404649566
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
khaos.json
token.rubiconproject.com/ Frame EFD6 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
ba134c4441b6cdf8ef9f5e0539a8ef3e
Expires
0
truncated
/ Frame 1D4D 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6b13f471a72da78f658f7feeefb2ac3ff8f1afcc4c47d04c680b77ebfe488830

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 0B31 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuNLhaCtB-HKYsd19rE1D07wFTzWDWmK8asnPuOIOLdLEjYd3FbNfm4BvxeZmPqgIJZgFtwJFxPH8MykcdVd5UEN4ejtT1ivwMkaux7SkEp_u9GeNd7gYDu-iOHG5lE2a1RT4qi1DR51S4N71FjYB46mWZFfCSaPdZ1UhQk7h7Y9nj0pwJMuMINW3jhnjyauDzffNQLa_JiH6ogaLQosFyA6HuhtbUlTzg9t4SgJNw9gRTaL1bOKcGGc1O4lj2wXVCsTGeHPCeJWDrrQStkjW30JnhPNe06UGFeQWazC8qm_pxs92Yd0SvnnlYLacbBrlXbA0URNdcnkw7GgoBuVtfWSu-k&sai=AMfl-YREZFxNyK67Kr-sl988DEX3KGnlbOH2NVg62ZjAHWdU3q3MsHiOI_6CjOg4ddAqlIhkT6UUJh3AwPFdZQ6qDH15t2i4O-ZjHkelUXCPmtDSI4DJ_qBheVrDkApjeE0&sig=Cg0ArKJSzHYvrJJqxS5iEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 24 Oct 2023 03:51:06 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 0B31 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvPAGqKjbplekXkmrbcJHiHr19miXNCeliMcjXTOGEWZZuTWik3TNznFEdI4oCb1Z0FXhFLvHptxbBoGBbhOQPflLPSC-XhlVP0-KjmLs0MjtpKY-AW-tJtZqdjFdOMcbfcc2t97IddPkTRXWYaLidkY2XdCGSRVcejJaRHhy3wz2S9ztMJbZZUTNna3pZZbChIuXu28q7J05DTziwvnAp6v0Lz0tfeVaFN4GSr2NcJ9cg_WMEehp8d6REvE3d02-U4KGsLZcBQL9RZUfrekExFPwwU9lzJ2M6TAByJ6ZOj-ZVeGZ-SvOiC85Fu38cQqwA6uHxr1BwAhDKQko_NS4VA99uXH6yxA_FrA_KBea4rFVmpa1etZzfpmQnFOQL4YGoPISfQGJx9bYqc4NGEahRKsiYqx3FIjT6EnOJCG2l42tj_l2kZp8BZ_NlOds6P5NDnaypW_eecfRxlRKJt9-R5KpKcfUUzGtYFqhXubvMeXrt5VTaj_ASwfRWMyUpR1bzWtJ7NuBacYBWDnqjW7Vs6CAl36NxU_BQ5axCf2WvFOXj67TOtErZYNiKMnjgkjZABJUTBbonAXVfg-54mBzGLXJLQ1bklTacvs0_w9nL0wRfLTah9b0JtBjsAaJvg1h-cDKjOyRCR42e6tpKRO-ECxJZW2MATGlR0SfUqDxpBfGlvxFt-TaXTpUQxRus2R0SqAL5xi37mIyjIyOQmSF1Hu3MyD5umgW0BrNGCbdYyuHR0OLAdr5WV60SlbFGrHKGl3PL5FV35tICeYfYxsuBWiHPZvgIsW4EHLNeAMiXqVyAE77mLnT1Ow3og9CKdjP09ok0ElPke59BhitWknmYXuJa4iVRRYDxT6STBjGIuYJvqRb96A8ke62R81FCn2P-gcUuS06QOOvhbbI_hrP2dO3sR_0Frac3c_FgfNbA0utxXD0I5vOK8e7gynU3z5uQJvWzEyCiSkXhKXuvVWMOghGOTBCJ2Dfc8wRUsieZCcQAVA73kzOOGrInKXqfVaL5AibBl-l2w0IkE9huG-8KZiEzY4y6jmn6VkoejlXDnlZmKL4kTF3rv0NN9sADjuBMY6yTFykE2SfsXDK7f_pD8Aojq9sLIY4mzC9-s_BZhmf_SWx0BZdSDHNAlenZyLyAKCHKxi7SgrGYRYO3jN3hkvmvowi3Ylmoo0uXiXOrWx88FzkRP2TT7O70s6m_bvl1CI7VXLMx5WmQv0C6k2l48erHBRbLqlLZegkIcLY9td98Ucj3VPD2stAxpGCpIkZRKQCUfWu0-ODK0mbqNHAEG9HDSSkc2v2LMXzY2YgY2KABotZShZtaIvQpgc21hZmydGWo&sai=AMfl-YSgK1ngvAxElUsnYx5u8v2C1Dw7F-1dFqu7BvkkZcLBj6mo38bKMroDVbPvoN0ylpzfBtLqtH4sglOyz2HBrVLOuibikvhZDJ52cjnrD87E898X2urh-iNf_BXNtPFYUIxxfjwfkTp8QNgERVN7uSumpEipsno07lnnXXHcRFOegurDOvFWTBsFEQYNOV4toJZ1NM2wYrRyCeubtd2u8VIq6xN9sEcKWXvhM17xc4_gvxZrbQSv7-Xjzks&sig=Cg0ArKJSzBuoyHa-7CIiEAE&uach_m=[UACH]&pr=8:06461963C725935E&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=460&vt=11&dtpt=458&dett=2&cstd=0&cisv=r20231019.35065&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame F985 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f4c0870e7f0d953d864c90b9a23f0d3374b658a9bdf11b12942e4931ca774722

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 03:51:06 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Oct 2023 15:57:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=43594
Connection
keep-alive
Content-Length
11097
Expires
Tue, 24 Oct 2023 15:57:40 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 68C0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssU0CMEZw_I0jOWkPPPlT6VUuwtGQIl_J56SYIVBtcajwxR9OqqOmPAIfLHpSPrdozGVCEZzF0OWJL_x3nKWsn_JI7gWSD5AsEbPsbwu7gRFWpDUGXuSEex6uFKSZ-_kf10KtnIyP17v5-6&sai=AMfl-YRbbRgrZXbsqLblbexKhqc3lwT_5rLnJb8Iehsg28HmY74Knzn4ceZ25gefZAad2TK1imjGpZWx7Zrel8jGsEIhyGqd7Wy1iiRjjaaclhBk14OW0_YDjHCjTIhv&sig=Cg0ArKJSzFBccjRYnta0EAE&cid=CAQSPADICaaN-FYqDdRqeqUImKeWU2-qSr0EI9848Cl6uiJatgiV1qc3bg6vvBNqPp1ZmXs7LTr7AIqCOoWVrBgB&id=lidar2&mcvt=1395&p=1105,436,1195,1164&mtos=1395,1395,1395,1395,1395&tos=1395,0,0,0,0&v=20231023&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3272850789&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698119459685&rpt=5669&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 39B4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsts-3oTwQZCiLh_TAVJ-kMR6_VMsRRDqP1xuDXSDE59vNhAikmLbEpDs5Eo3Bg20MNyhgxWIxb8x8BorN-TUrjXXfuRR-Uw7u95lc7NZilVlijdb_k-cwLQxfLu3O1ysEaHBZQOJcgthj1SjBX0GV1HgitJFJ-zD5SZNX59RYOx-N33p4w7-PL5XxTVDoGg_UtLHs0VQdDrS6zWTerkzbTa8UXLa9pjbAR17Jkn773RLNyYQIa7-qnpCi-L2WkVlkhkwS2OztxBtsvgcctkLmQbwbTVmdmTJ6HVFcuGEr4vAXYy7LBGhlB87kJbH9OY6xW7dfBbC1OS2dQmF7pgRI6UpRk4Ug&sai=AMfl-YTv_Qgvf9T2wOEtEV4pGeNWqv43a3GINF9bca1zaWb7C7TI_q7_wL1ESozh2qOXgPvdwvxNHym4LtTZnd-HHFG1yAlnBeQ6t4vfy_XUZeVSnKTcVLIZ9eULVJ8cNp8&sig=Cg0ArKJSzCdSbvwKEI3lEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 24 Oct 2023 03:51:06 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 39B4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstOsuKYOBs8oD4KBhoYr68T_Gw6OVn6nPykEsi13ZFO-qMIeEst0pp3AweH_30WGMu_Fu43OZWGagtf9_hHurmxxOxnk_HHnhAe6tWOJPcuxJrI4VvQGSfmn-gAZdXarEJsgoAa9hQ2IdLpUOTuwHHHziRmKWdXCTwyJBYMV29ykcrkV3teErF5fJun1HvvVRrti1ZjwggFv-MUNtJunSDldxyRaULAjBuxGR9XOH8a-OZ8O-J1ABJki7VEjc6QDf7K04rISYgKAJEHjNDtbcE_K78QpnUW1ETxvGXyaOgXvIh6CorwAPYHOJUbycuAPALPiu3ibNPC2aMBj2Sgngwga-yZ2I-H6tmyhOT8T-0d6aw4czPb95b7bnpWnnv2cDr13G7v4Bkp95BXvtgLlmLbLcj6hrzcTrHTna7kkzkvybgGhFJVEOX4khzCzqZqAgOsc9gg4EKvHRuefBkPxu3On4p5yYJfEJXfVaH-CgH9FI2Pi4BZpKLRg_4hvDCx7H4CuUZOzlqmCkkFrp1y8Xcb4XBpcO15lGzniaT5iUVYhq96VOiPmP9vFrGINL0tVnQcvLJlzdI5kTY601wwJXy9S1iBZrWGFoVnYHf0IQ_VdVUt9I0-Ff1fT5hsSrFwTK0udYvTzLVQk0cwkS798Kh6Krb6TBloTWfvIAUHpDwMhf8fhWAxDbmrbZ8gChkGtcKL-vfFWuBqe6FvN8ulK3nkakO0wdGgQYK0sd1akwlM9hqKtX8yWQIYo4LwIDpPkozjJZl979-T3H0BvmXatht_mpR9oKwniDwCnKp9o6CLTUxfRrZQ_SltWeBwfRyMief3EfeXSOwobz4EkikMvVJsfI4p751SDRsgMt4jwXNITNBPFl7sS07Bvkt15JBGRL0H_iX7ODr0Q5PcLknea1TXVAuO-bR4nubGbfsCHfnFXD4uIVpf0S-rCsGvwJKgSiY5qVtxDiu-wnthZj1ANBFcT-Qh7-5KHl-LlCoZo5wIhKarfPQfVZjsV0uXnCclOpjrGOhhyxpkY6JcfokqtaizqDJn9NW-6HvFdwNFYkydrxI6knNlO5LwYafafF9mPSwC_LJi_a7IlpDApYY2W4nnqBwwrciwYLOLKV-Zwr2ctLluX4kEkUt3tVb_FcsHbyuqzD0S21-i25Gz30AL7Gh4OeXXU_y3TsGsT1ukcLa2wibGq9rH6MMRZHFW_Pe38ARmBp1fpWx8G3NqhtF6hEHXonqBMzdrWbhoXdikLbxLSGKtV_LnEZCUloMk1difCVxSlrfwSmysi1QVnImoKitFoVObFIwLKeZ-NmiPGU5WvN26x1jOUrDhU2_lvq-3vep6Vng&sai=AMfl-YQQDJjYiPzpX-i4rXUTQjNMF_I9dTxxftldy9XU59gp17CFf6v9j64h2x9P48RRqOXeK6CZyiw5Bvu8ia4oxkPU4WoXFyDN39clczWzcZY4m_6PbSYhplGRnVEa3Ec1fblD1gzPkW-GW5xrSoYf-E_cPOT0D4J39PjjO7cRjaL1X4YH7OmNNYXvlIybApDl8Zl1reqf7sUKgl9LRNBms4XTSGMbGBR_N3RcT_IYHyO_-5QoTAsxZhnIMnw&sig=Cg0ArKJSzO4-NUDglMQ-EAE&uach_m=[UACH]&pr=8:B81EEFB6E78C638E&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=387&vt=11&dtpt=386&dett=2&cstd=0&cisv=r20231019.47657&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame D69A 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f4c0870e7f0d953d864c90b9a23f0d3374b658a9bdf11b12942e4931ca774722

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 03:51:06 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Oct 2023 15:57:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=43594
Connection
keep-alive
Content-Length
11097
Expires
Tue, 24 Oct 2023 15:57:40 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E6EC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu2Y8Jmi7vExZWRBVNUHmtoDjqhmZ1IrFxX65HVmhTBGqhx11fezkfam296I5o2xuiLiESmBhcqqTcl_ySS0sWf7fPzOJW8VDjW8a43gDQqHJTyj4lDqF0WKSaKG4voZZuZetV6qLUlbX1e0IjQbtF5z6ffJNh4O_Vj97-KcqxodaWujt3gCKADquvzrvK_ZmZ3FZAccpeel9GyAu3pL3kfmXCfoe7GrFrzYvTioE-WcvybA8AUodIQUg291Gi6Og2O18uzxSaaF_IFlWx95m4rDyiCh3c3d15x2dZbz24fdxYbr6uUysvrF1569roRAnYF24hfaDhQ2FdUPIQF9SknpGac4bd4mqDXgf-QUTZlv7SW7Vxw-Tzd6g&sai=AMfl-YRoccKhcdYczxCXoHLytecyXGXAZWnIVGiB-QubhL7Pi5P6eYrkvCAxxnSlzC8B7x8T3AohijHPkQaqA618XwEKfV4oofyuj8jaiEIWb-Uzj1OX5C1SfXSZ3kXe39g&sig=Cg0ArKJSzCS0tFVD_9qlEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 24 Oct 2023 03:51:06 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame E6EC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsumOeQ_acpMVfvbP5XExFJMaGv8A4x5Sa886arelF3RA046oajt5K0ilAHb8ZB4g8qTlF-upYTJL8DyANh4u3tsq7ObsuqEvpH0KEJ7MVr3kfdteNNWyibCrhIQbmHSIG3S-bgvj4gAQm13ZwMpq2fdRqNG_5G1YicmOcZEu8R7LubS1FDQQ1fBgbKfeoujgC7NM9_BUJF4pECNh_hDF6avFLypsLlxsWF0_0h5ZBxg4bfeSPmYd3AyVE8X93IDvVK1c6wdq-vaWXlR6irNYYRuXDKmVMZUgWAHAfDs_kxkh_aN4smJN6sZZLgiV2TDRO60hEJStC0w_CbufhmKzAQX0y54UOT68HqEzc_OLXHUO_37axbNXVRYOd-D45aDGAGHGAKAOdqCcHFxgMM5cI3-j5ds1WSrvK4oeLPVnWF1r22t1PVKfxXWZq8MHeWF1E7xBtrJRQoOGj8R_e_XI0Fq8xLOFW8KuK_4HvNkPNCNCQOVPVx6A3r2VbLYGBMTU0BDUdzxQJRvTP9QnxDbnN6PjJuGfEEbW3JmgkgXiaZlRjrhWtBbS-OBxNBfejOJRE5-dFC52n93lorf4N_SC3ZxkocW3Ra2UzF9TD4V97wJCbWZKARx-ueYn_e_dRYnfS7fwG6FHNqtF32x8Bcjpcrx3W7fBkZVQ3b2QBIk7GwKKK92QQC0zrRhxob5QdYUAGa7ypnTd9EC1rvMG6CeYTh1r6A1pcpA_1L0QbacYnR5eMRZd2WsCzkMOyHOxsmcQ-fzi1xMnTSAMdG3SlRx7OLNJ85C1i4tUJMxtNByZYnIAHMA_xdE34pLSQhq5KwQnkJutmgVZTO1FOAm0sJDtefb1uaLofszOVo7xvKggmHdfmIhQK9LqiHz-zhg6QFib3SLDyh_66qXTw_nKLwV6ZLIXDHyL8TnSywVs2oEsiT60A4ClRocW9bQNYsLgy0ns1_UsaiPa6-Vf6BHeekdMg2EFox_mzSYC310Q9nQhc22bE_iGOXi1KAu8q0a4gwIhkcER3t2YyDBdUPqZKH0Vr-_pSCirsLEw2wIZ0ARPehetfxCg3imQi-X0yhefOZrz2Y9tOE1XT7asTNS89zz-B5JncHkVZZZo6lXxlyRwoLMC-N3LSW2pjOWZmJE_cReOe0LGwazh_7qS8m-y9NA79XzqrBLRlqCtVvaGLCRO__5k81xR5I1gJ8wqdILDBK_7pzG5euqmPNpt7WPibpo-jKY8ZOBBMJI77Ov5AiX-1rkEQe_G9hKbFkwWNxVwANZLskt3Z3fcpfVuQDxVS0h7MZMqrn8Jy1bPJfSNNOYXw-T2kz7yhUucCcTBNTIeFip1RUbLxIrMW-bdvTHGntf-qk1pkobWXo&sai=AMfl-YSHnjndiULVz3hwORIG4o1PYAdhcc4URX6kZDcPWxx4qnaADzDOh2ZilqGAoU-CpN4RNqvQCATn7Wq50mCgnFzhIu66QCHmisnXdjBAQJnZ_gOix-NwdExL9PvQA_26uYHH_Dbyp5RenuWmwGwkKfh-mSf_3CdkAozb64uwr-y4V3qwA4OOtzfBK9X85lVBjmgu0t7Ryh-A6BTcd0fXzDam16eDztfgN4U5vupiRltYrc43TS3M180U80w&sig=Cg0ArKJSzHppYOIB_p7lEAE&uach_m=[UACH]&pr=8:64FCAFD2068D1809&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=392&vt=11&dtpt=390&dett=2&cstd=0&cisv=r20231019.80077&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame 8936 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f4c0870e7f0d953d864c90b9a23f0d3374b658a9bdf11b12942e4931ca774722

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 03:51:06 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Oct 2023 15:57:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=43594
Connection
keep-alive
Content-Length
11097
Expires
Tue, 24 Oct 2023 15:57:40 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E1B0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstPEDxk8n2OU1Vcj89wd9pQkGKQZ4Z9DCjxE-9j2tMnVPDaT5T5x7kRX-YC-Ox6Tisvo1yLjAeejtfnBFM62FMuCyOtLEefuXz-vvNaCSIKJJ79PaYyvwuNRZ1S&sig=Cg0ArKJSzFULNtKVWqhzEAE&id=lidar2&mcvt=1374&p=0,0,90,728&mtos=1374,1374,1374,1374,1374&tos=1374,0,0,0,0&v=20231023&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=32&adk=3848484338&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698119459561&rpt=5914&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E1B0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsthsnWc638UBHm3-BQXZMmlPVjmHHQFcCe0osiCpIaesuafZS6zpYFhkzLpQmMbJrou4YjwJvk61xb_2pzx43Ck-iwIaRJngxZqmVRyIuOtJm2rOKFEHIoIR3IwWyVk&sig=Cg0ArKJSzChlzhGyamI0EAE&id=lidar2&mcvt=1377&p=1105,436,1195,1164&mtos=1377,1377,1377,1377,1377&tos=1377,0,0,0,0&v=20231023&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3516126248&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698119459561&rpt=5909&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 2E72 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
da4be0b6d36f2b3673f98ff7c519a5833ea0a2ff6735c24935495b886c5b24c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4DB5 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5fe5d952ca38421506bc6eafd6aae78a42d9909d79550f921d636151b7d6e997

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 77F2 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3aab158b0ad778672c81aa717389dade86367a796916d8e840486c17084f3f94

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 2684 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f261892a92dc625b333a31a24a8706a9a4a612a7ec1f7d016967c559ffab1886

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame F00B 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
359311
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Oct 2023 00:02:35 GMT
expires
Sat, 19 Oct 2024 00:02:35 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame E1B0 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f960cb9b07a9aa9b89afc37ad574784d97d2a967f168447f82cba478281f83da

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame DEE1 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
359311
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Oct 2023 00:02:35 GMT
expires
Sat, 19 Oct 2024 00:02:35 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 6038 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=27120577&p=161763&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b051c94d3f1054f50cc4bdf888d233f26b0e3290818335a788abf116be1e10d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 24 Oct 2023 03:51:06 GMT
content-length
1658
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 62D2 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=78160242&p=161763&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b051c94d3f1054f50cc4bdf888d233f26b0e3290818335a788abf116be1e10d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 24 Oct 2023 03:51:05 GMT
content-length
1658
content-type
text/html; charset=UTF-8
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3BD3 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
359312
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Oct 2023 00:02:35 GMT
expires
Sat, 19 Oct 2024 00:02:35 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A3AD 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
359312
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Oct 2023 00:02:35 GMT
expires
Sat, 19 Oct 2024 00:02:35 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
khaos.json
token.rubiconproject.com/ Frame 408B 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
ba134c4441b6cdf8ef9f5e0539a8ef3e
Expires
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E5D4 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
359312
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Oct 2023 00:02:35 GMT
expires
Sat, 19 Oct 2024 00:02:35 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 59F8 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
359312
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Oct 2023 00:02:35 GMT
expires
Sat, 19 Oct 2024 00:02:35 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 086D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
359312
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Oct 2023 00:02:35 GMT
expires
Sat, 19 Oct 2024 00:02:35 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 0E9A 		0
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3AA0 		0
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame D05F 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
359312
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Oct 2023 00:02:35 GMT
expires
Sat, 19 Oct 2024 00:02:35 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
khaos.json
token.rubiconproject.com/ Frame F985 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
ba134c4441b6cdf8ef9f5e0539a8ef3e
Expires
0
truncated
/ Frame ED94 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9fe8593990bc04935d7dd9181d46f65a0fbe53470e23d093a21b3ef909f3d4a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame 0E9A 		0
0
b-bf5d88b-a63e596d.js
tagan.adlightning.com/saambaa-scripps/ Frame A24B 		81 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fa89391e3469f8058741d523202cc91c8d09cd60904bb4e8b7f29cdd131e21f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 12:53:47 GMT
content-encoding
gzip
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-version-id
w2CFDfXgWToQaU2Wu4JnPbCVlMPRw.zt
x-amz-cf-pop
FRA60-P4
age
831441
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30736
x-amz-meta-git_commit
bf5d88b
last-modified
Mon, 25 Sep 2023 15:15:46 GMT
server
AmazonS3
etag
"a1617ff72fe85a663d89bf61d753aef9"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
5vOyxXccFdP_PcA7Zb36ZjLLDI31wM4WWAoHRsC8Lh0TFKQV--SWlw==
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame A24B 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78a4ce41a3ee2791e1499c43600d0d29c2bce00b4e3e418cbac46574b87c11af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9661
x-xss-protection
0
server
cafe
etag
18252388714636414113
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:51:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A24B 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:51:07 GMT
khaos.json
token.rubiconproject.com/ Frame D69A 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
ba134c4441b6cdf8ef9f5e0539a8ef3e
Expires
0
khaos.json
token.rubiconproject.com/ Frame 8936 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
ba134c4441b6cdf8ef9f5e0539a8ef3e
Expires
0
gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
pagead2.googlesyndication.com/bg/ Frame 8EF2 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82473b1a43b1d0d8d801b0c40231bfde703a702f66ab4c778c40b7af8a8da405
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 08:59:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
67919
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14604
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 22 Oct 2024 08:59:08 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame CC92 		47 B
226 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=76628570&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 24 Oct 2023 03:51:07 GMT
content-length
47
content-type
text/html; charset=UTF-8
gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
pagead2.googlesyndication.com/bg/ Frame C749 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82473b1a43b1d0d8d801b0c40231bfde703a702f66ab4c778c40b7af8a8da405
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 08:59:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
67919
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14604
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 22 Oct 2024 08:59:08 GMT
gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
pagead2.googlesyndication.com/bg/ Frame 9391 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82473b1a43b1d0d8d801b0c40231bfde703a702f66ab4c778c40b7af8a8da405
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 08:59:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
67919
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14604
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 22 Oct 2024 08:59:08 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 4EEE 		62 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1220d6f0e954e8079d7d0da9af7f086b86d3692c106bd6d9f7bb38a4fb8c710b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:31:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
1160
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23557
x-xss-protection
0
server
cafe
etag
1850745145916647609
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 04:31:47 GMT
gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
pagead2.googlesyndication.com/bg/ Frame B5CE 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82473b1a43b1d0d8d801b0c40231bfde703a702f66ab4c778c40b7af8a8da405
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 08:59:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
67919
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14604
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 22 Oct 2024 08:59:08 GMT
gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
pagead2.googlesyndication.com/bg/ Frame 748D 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82473b1a43b1d0d8d801b0c40231bfde703a702f66ab4c778c40b7af8a8da405
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 08:59:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
67919
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14604
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 22 Oct 2024 08:59:08 GMT
truncated
/ Frame 0B31 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
017bd6c2894abfb4cba054ed7ea5add42e3b65edef22ba557537577d50a06738

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B517 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
359312
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Oct 2023 00:02:35 GMT
expires
Sat, 19 Oct 2024 00:02:35 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
pagead2.googlesyndication.com/bg/ Frame 91E4 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82473b1a43b1d0d8d801b0c40231bfde703a702f66ab4c778c40b7af8a8da405
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 08:59:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
67919
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14604
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 22 Oct 2024 08:59:08 GMT
truncated
/ Frame 39B4 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63fd87bbcd38c6f0bf60f0c48b56a121aa28b01034211f6ea3a229842e03abd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E6EC 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ca3aa8255481287c51735315dbb7d499cb01d54bf154e4357094bbcf39bfe6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame ED94 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvxXaZNjuyUI3oueEZmU9oZOjbCFIEpRvD_3M58Y9XPc3ZqWQWlURVuJrqT_169Oa9dsWNZTUJ8rvJkBumb6RLgl6Y81U1hmRbQMJGdKgYBAr8&sig=Cg0ArKJSzDJbL0yY830LEAE&id=lidar2&mcvt=1063&p=0,0,90,728&mtos=1063,1063,1063,1063,1063&tos=1063,0,0,0,0&v=20231023&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=32&adk=2833232780&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698119459975&rpt=6373&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame ED94 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvHK2PvSh-DanAKLHGuAl9ajdaLFP1KI4j9nY65LLfBxDmv2yWr_zDORe_32t1Y6ujwSJMW_MYujfzNuFR6agPNXCW63y-FwDWM-Ia16RNuxH4BDY79uc_OC_vy0mfz&sig=Cg0ArKJSzP1hNCUHZmK-EAE&id=lidar2&mcvt=1066&p=1105,436,1195,1164&mtos=1066,1066,1066,1066,1066&tos=1066,0,0,0,0&v=20231023&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2445953488&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698119459975&rpt=6366&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 4349 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
359312
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Oct 2023 00:02:35 GMT
expires
Sat, 19 Oct 2024 00:02:35 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 2DB8 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
359312
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Oct 2023 00:02:35 GMT
expires
Sat, 19 Oct 2024 00:02:35 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
match
c1.adform.net/serving/cookie/ Frame E1BF 		35 B
600 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=8AE5D383-F837-45F9-BA87-CDF87E9AE850&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Tue, 24 Oct 2023 03:51:07 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 08E1
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=23b28d88280d2453/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Gp1rLOrtXYhXSQSSXSaQXWVY&gdpr=0&gdpr_consent=
42 B
202 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Gp1rLOrtXYhXSQSSXSaQXWVY&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 24 Oct 2023 03:51:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Gp1rLOrtXYhXSQSSXSaQXWVY&gdpr=0&gdpr_consent=
i.match
s.tribalfusion.com/z/ Frame 2BC7
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
396 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
81af42711de0907c-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Tue, 24 Oct 2023 03:51:07 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
81af426fed4b907c-FRA
content-type
text/html
date
Tue, 24 Oct 2023 03:51:07 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
76
pub
matching.truffle.bid/sync/ Frame FC91 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.86.88.23.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Tue, 24 Oct 2023 03:51:07 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame 2CAC
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7A4D58EE25704C63B7D9B1C3BDCA1C17&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7A4D58EE25704C63B7D9B1C3BDCA1C17&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 24 Oct 2023 03:51:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Tue, 24 Oct 2023 03:51:07 GMT
expires
Mon, 23 Oct 2023 03:51:07 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7A4D58EE25704C63B7D9B1C3BDCA1C17&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame 3039
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://ad.turn.com/r/cs?pid=45&rndcb=1320780502
  • https://sync.1rx.io/usersync/turn/4043584326490653053?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-ad3b9d34-cd6c-4e64-bc76-55434edc65f1-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ad3b9d34-cd6c-4e64-bc76-55434edc65f1-003
42 B
97 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ad3b9d34-cd6c-4e64-bc76-55434edc65f1-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 24 Oct 2023 03:51:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Tue, 24 Oct 2023 03:51:07 GMT
etag
RXad3b9d34cd6c4e64bc7655434edc65f1003
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ad3b9d34-cd6c-4e64-bc76-55434edc65f1-003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
mw
mwzeom.zeotap.com/ Frame 6038 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=8AE5D383-F837-45F9-BA87-CDF87E9AE850
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:07 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
81af426fd8a99247-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 6038
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=8AE5D383-F837-45F9-BA87-CDF87E9AE850&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=8AE5D383-F837-45F9-BA87-CDF87E9AE850&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=8AE5D383-F837-45F9-BA87-CDF87E9AE850&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:11 GMT
frontend-id
5
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:11 GMT
frontend-id
5
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=8AE5D383-F837-45F9-BA87-CDF87E9AE850&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 6038
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=8AE5D383-F837-45F9-BA87-CDF87E9AE850&gdpr=0&gdpr_consent=
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=5d92edbcb7f5a5c550c9363ca3a8cd2f&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Protocol
H2
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:07 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 6038
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4312790940954201807
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4312790940954201807
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 24 Oct 2023 03:51:06 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:07 GMT
an-x-request-uuid
dbb43c99-185b-4602-b1af-b6ece59200d5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4312790940954201807
x-proxy-origin
178.162.209.140; 178.162.209.140; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 438C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
359312
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Oct 2023 00:02:35 GMT
expires
Sat, 19 Oct 2024 00:02:35 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
mw
mwzeom.zeotap.com/ Frame 62D2 		95 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=8AE5D383-F837-45F9-BA87-CDF87E9AE850
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:07 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
81af426fd8aa9247-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 62D2
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=8AE5D383-F837-45F9-BA87-CDF87E9AE850&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=8AE5D383-F837-45F9-BA87-CDF87E9AE850&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=8AE5D383-F837-45F9-BA87-CDF87E9AE850&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:11 GMT
frontend-id
5
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:11 GMT
frontend-id
9
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=8AE5D383-F837-45F9-BA87-CDF87E9AE850&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 62D2
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=8AE5D383-F837-45F9-BA87-CDF87E9AE850&gdpr=0&gdpr_consent=
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=5d92edbcb7f5a5c550c9363ca3a8cd2f&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Protocol
H2
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:07 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
match
c1.adform.net/serving/cookie/ Frame BFDD 		35 B
600 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=8AE5D383-F837-45F9-BA87-CDF87E9AE850&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Tue, 24 Oct 2023 03:51:07 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 0D42
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0%26redirect%3Dhttps%253A%252F%25...
  • https://pixel-eu.onaudience.com/?partner=161&icm&cver&mapped=5d92edbcb7f5a5c550c9363ca3a8cd2f&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JaTgMXbVMTRXgjbVT&gdpr=0&gdpr_consent=
42 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JaTgMXbVMTRXgjbVT&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 24 Oct 2023 03:51:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JaTgMXbVMTRXgjbVT&gdpr=0&gdpr_consent=
i.match
s.tribalfusion.com/z/ Frame A3A1
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
422 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
81af42711ddf907c-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Tue, 24 Oct 2023 03:51:07 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
81af426fed4a907c-FRA
content-type
text/html
date
Tue, 24 Oct 2023 03:51:07 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
612
Pug
simage2.pubmatic.com/AdServer/ Frame 62D2
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4312790940954201807
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4312790940954201807
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 24 Oct 2023 03:51:07 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:07 GMT
an-x-request-uuid
200715f9-4e50-4ce2-a55d-d35b3ca9d7cc
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4312790940954201807
x-proxy-origin
178.162.209.140; 178.162.209.140; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pub
matching.truffle.bid/sync/ Frame 5A7E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.86.88.23.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Tue, 24 Oct 2023 03:51:07 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame 35E1
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7A4D58EE25704C63B7D9B1C3BDCA1C17&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7A4D58EE25704C63B7D9B1C3BDCA1C17&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 24 Oct 2023 03:51:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Tue, 24 Oct 2023 03:51:07 GMT
expires
Mon, 23 Oct 2023 03:51:07 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7A4D58EE25704C63B7D9B1C3BDCA1C17&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame EF07
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://ad.turn.com/r/cs?pid=45&rndcb=556306136
  • https://sync.1rx.io/usersync/turn/4043584326490653053?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-ad3b9d34-cd6c-4e64-bc76-55434edc65f1-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ad3b9d34-cd6c-4e64-bc76-55434edc65f1-003
42 B
335 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ad3b9d34-cd6c-4e64-bc76-55434edc65f1-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 24 Oct 2023 03:51:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Tue, 24 Oct 2023 03:51:07 GMT
etag
RXad3b9d34cd6c4e64bc7655434edc65f1003
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ad3b9d34-cd6c-4e64-bc76-55434edc65f1-003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1964 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
359312
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Oct 2023 00:02:35 GMT
expires
Sat, 19 Oct 2024 00:02:35 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
SPug
simage4.pubmatic.com/AdServer/ Frame CC92 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156319&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:07 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
view
securepubads.g.doubleclick.net/pcs/ Frame A24B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstyY0Q4KtFqLssfdOpkvyroAXLh0j9_4OocL9pjQ0Y1CO2qJkQ2VdnHGXbitxflPpttXWW8Z_fMheepZE05xRlgEKdD3M-7_Y2dnUkwISm9xmwbgoDwm6RpRN9Ge-OS-pyW6zA4CJYqyYy2UOI3uPEemJEZ0JmdTA6aCqEbSmvp7MuWbG2xt-0PwtXVbWO9p9xydSCuDQ-CWPGAZ_hxIx-LyXay8qIrawC4VVWSTCKzNqcJH8NLlo0EGLSX-sH54OwpIMs1u4T7rZqox0zFa-o5TGh6TQghSnzGt04WdhpYlen7m7o6e3EanZOQRO1qJhhUzj6Anfz14L8kSGDnG8WHIXOHH6CaXqaiTsOcJIVEHGIct43P&sai=AMfl-YTyAGUsbcpp9k_hICVDvb8q7WkzX8aUzPkaDQQqOYh9Jl-b-unWdxi3ZGynOQujnVRtXRZpxG7QDUiIO0tVOa7DZaqqg7wj1whb44VPzgzu2xQiOgO5GqJYaNrK7Mo&sig=Cg0ArKJSzE70P8lxQjKbEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
pagead2.googlesyndication.com/bg/ Frame F00B 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82473b1a43b1d0d8d801b0c40231bfde703a702f66ab4c778c40b7af8a8da405
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 08:59:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
67919
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14604
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 22 Oct 2024 08:59:08 GMT
gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
pagead2.googlesyndication.com/bg/ Frame DEE1 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82473b1a43b1d0d8d801b0c40231bfde703a702f66ab4c778c40b7af8a8da405
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 08:59:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
67919
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14604
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 22 Oct 2024 08:59:08 GMT
gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
pagead2.googlesyndication.com/bg/ Frame 3BD3 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82473b1a43b1d0d8d801b0c40231bfde703a702f66ab4c778c40b7af8a8da405
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 08:59:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
67919
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14604
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 22 Oct 2024 08:59:08 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 6038 		47 B
168 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=90674899&p=161763&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 24 Oct 2023 03:51:07 GMT
content-length
47
content-type
text/html; charset=UTF-8
gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
pagead2.googlesyndication.com/bg/ Frame A3AD 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82473b1a43b1d0d8d801b0c40231bfde703a702f66ab4c778c40b7af8a8da405
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 08:59:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
67919
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14604
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 22 Oct 2024 08:59:08 GMT
gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
pagead2.googlesyndication.com/bg/ Frame E5D4 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82473b1a43b1d0d8d801b0c40231bfde703a702f66ab4c778c40b7af8a8da405
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 08:59:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
67919
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14604
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 22 Oct 2024 08:59:08 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3BE4 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvMePPqfScR5ybGWBahJLf9zWPV54vjwLh1xwlmWJGhY88d3t9-JxzWnEo6rPMXxWOX1efVqRoCg2yO75_EBwvPtvhnXkLentKeX2fmAhyHfYHErTE9hVFEUZ8F9DjuM21C8LnH0ej-8mEZ&sai=AMfl-YS4rWvPksnokELBGb2q9SZft5OYGVnx_UmMsMqMAG1TTiLsRJWX084dY-YGHyPFGlfNLQ-vJZfaTaNCyq70P9vB_F1ooQzst4ZsAny75rzZXrwK-WEKMsGpRiwj&sig=Cg0ArKJSzEd5Ju33JX-QEAE&cid=CAQSPADICaaNKd8HySNZwkYH6I5j-mGB2iO_Y8taRXRck4EnS0RSv0GjxR7EmfmaPiviiE_86msT8F6oinYwYBgB&id=lidar2&mcvt=1071&p=1105,436,1195,1164&mtos=1071,1071,1071,1071,1071&tos=1071,0,0,0,0&v=20231023&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1601445237&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698119461313&rpt=5325&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
pagead2.googlesyndication.com/bg/ Frame 59F8 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82473b1a43b1d0d8d801b0c40231bfde703a702f66ab4c778c40b7af8a8da405
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 08:59:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
67919
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14604
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 22 Oct 2024 08:59:08 GMT
gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
pagead2.googlesyndication.com/bg/ Frame 086D 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82473b1a43b1d0d8d801b0c40231bfde703a702f66ab4c778c40b7af8a8da405
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 08:59:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
67919
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14604
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 22 Oct 2024 08:59:08 GMT
usersync
x.serverbid.com/ Frame D4F1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=3&spui=&dpui=8AE5D383-F837-45F9-BA87-CDF87E9AE850
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ads.pubmatic.com
access-control-max-age
10080
date
Tue, 24 Oct 2023 03:51:07 GMT
gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
pagead2.googlesyndication.com/bg/ Frame D05F 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82473b1a43b1d0d8d801b0c40231bfde703a702f66ab4c778c40b7af8a8da405
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 08:59:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
67919
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14604
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 22 Oct 2024 08:59:08 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame A24B 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6fc5ea31e5855895a552d4875b3cb4fb1a145ee2e9e36a99533cdb92688e4d15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51039
x-xss-protection
0
server
cafe
etag
3365704303860382231
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:51:07 GMT
truncated
/ Frame A24B 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f88011702d4f9095bf4337994e99f8db4be1e1181bac3174414018648706a83

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame 0B31 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvBVaqFi-DWAU-9PbKwdIin87mTv63da9EObOF0xEqILfMDtXKuJhWoDJJ29uCaaIG4CBKtFvT_I4CV-ezSiw6qhtUDVzAF4OSEMhn8Ll8D3q7bjEosb_yM6k8YB6lj&sig=Cg0ArKJSzOLzsGub_xDiEAE&id=lidar2&mcvt=1150&p=1105,436,1195,1164&mtos=1150,1150,1150,1150,1150&tos=1150,0,0,0,0&v=20231023&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2059224439&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698119461178&rpt=5555&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0B31 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssqqu-I-na5bD3kvmfOCOavSSa58sjsyvFio0Z6adCKF6atScli3GSXkcnKtHCciOZka3vgobZyRXzIVtTsKqtdFkJOns6ZjgXlhjkLVO6ji2s&sig=Cg0ArKJSzHUGGAONAUeyEAE&id=lidar2&mcvt=1153&p=0,0,90,728&mtos=1153,1153,1153,1153,1153&tos=1153,0,0,0,0&v=20231023&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=32&adk=2146055445&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698119461178&rpt=5562&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 4EEE 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lo3shj5c&chm=1&e=21060099&ctx=2&qqid=CLjBqfjjjYIDFVVk4AodzRYLMg&met.4=fb.rd~lb.5oa~ol.73q~idt.26~dt.-h1&met.3=739.5ob~735.5qy_1~735.5qz_1~374.6o7~738.73m~113.7n9_5~112.7n7_7&met.1=1.lo3shbi5~14.0~15.0~16.0~17.0~18.0~19.1~20.1~21.1~22.2vw~23.2vw&met.7=CBsQCDgB~CBsQCiArOAs~CE0QChgBICwoLDBMOCBoLHBJeMrYA4ABntYDiAHX2wuwAQG4AQM~CCIQBBgBIN4HKN4HMJQIODZo3gdwkwh4rAKwAQG4AQM~CCgQBRgBIPoHKPoHMJkIOB9o_AdwmAh4twSAAYsCiAGkBbABAbgBAw~CBwQChgBIPoHKPoHMKoIOC9o-wdwpwh4r_gBgAGD9gGIAY3HBbABAbgBAw~CBwQBhgBIPsHKPsHMKwIODFo_Adwqwh41gKAASqIASqwAQG4AQM~CBwQBhgBIPsHKPsHMKwIODJo_AdwrAh4rAKwAQG4AQM~CBsQBiCDCDgQ~CBwQARgBIPAOKPAOMKEPODFo8A5woA94rAKwAQG4AQM~CBwQARgBIPEOKPEOMKEPODBo8Q5woA94rAKwAQG4AQM~CCgQChgBIIAPKIAPMLwPODtogQ9wtA94-7ECgAHPrwKIAdaSBbABAbgBAw~CCkQBhgBIPwcKPwcMI0dOBFo_RxwjB14_oABgAHSfogB0n6wAQG4AQM~CAkQChgBIIsdKIsdMJwdOBFojB1wmh1481yAAcdaiAGD8QGwAQG4AQM~CBwQChgBII0dKI0dMJ0dOBFojR1wnB14miOAAe4giAGAWLABAbgBAw~CCIQBBgBIJEdKJEdMNEdOEBokh1w0B14rAKwAQG4AQM~CCcQChgBIJIdKJIdMKMdOBFokh1woR14qG2AAfxqiAGKxQKwAQG4AQM~CBsQBSCSHTi3Hw~CE0QChgBIJQdKJQdML4dOCtolh1wsR14ytgDgAGe1gOIAdfbC7ABAbgBAw~CCIQBBgBIPEmKPEmMKUnODRo8iZwpCd4rAKwAQG4AQM~CCIQBBgBIIEnKIEnMLgnODdogidwtyd4rAKwAQG4AQM~CCAQBBgBIMA0KMA0MPU0ODVowTRw9DR41gKAASqIASqwAQG4AQM~CCAQBBgBIMU0KMU0MPk0ODRoxTRw-DR41gKAASqIASqwAQG4AQM~CCcQBRgBILk8KLk8MM48OBVouzxwyTx490OAActBiAHqsgGwAQG4AQM~CCgQChgBIOFJKOFJMPBJOA9o4Ulw70l4sboBgAGFuAGIAaTsA7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:07 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
pagead2.googlesyndication.com/bg/ Frame B517 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82473b1a43b1d0d8d801b0c40231bfde703a702f66ab4c778c40b7af8a8da405
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 08:59:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
67920
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14604
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 22 Oct 2024 08:59:08 GMT
gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
pagead2.googlesyndication.com/bg/ Frame 4349 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82473b1a43b1d0d8d801b0c40231bfde703a702f66ab4c778c40b7af8a8da405
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 08:59:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
67920
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14604
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 22 Oct 2024 08:59:08 GMT
gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
pagead2.googlesyndication.com/bg/ Frame 2DB8 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82473b1a43b1d0d8d801b0c40231bfde703a702f66ab4c778c40b7af8a8da405
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 08:59:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
67920
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14604
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 22 Oct 2024 08:59:08 GMT
gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
pagead2.googlesyndication.com/bg/ Frame 438C 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82473b1a43b1d0d8d801b0c40231bfde703a702f66ab4c778c40b7af8a8da405
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 08:59:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
67920
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14604
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 22 Oct 2024 08:59:08 GMT
gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
pagead2.googlesyndication.com/bg/ Frame 1964 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82473b1a43b1d0d8d801b0c40231bfde703a702f66ab4c778c40b7af8a8da405
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 08:59:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
67920
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14604
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 22 Oct 2024 08:59:08 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A2B 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5832951580908&version=m202309260101&ct=2&x=8&cor=13230136029907048000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FBB1 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7209319307527&version=m202309260101&ct=2&x=8&cor=5503406133038051000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4EEE 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=176633105076&version=m202309260101&ct=2&x=8&cor=375779578854838100
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 455F 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6940974560246&version=m202309260101&ct=2&x=8&cor=9861377568991816000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/ Frame A24B 		394 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.turnto23.com&bust=31079013
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0f40adcd4ce4c95d404fe656d3461b394d1731877b1697bfdfc7d6d7be2de6e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136885
x-xss-protection
0
server
cafe
etag
10250597476855846383
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:51:08 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0E65 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8780588734937&version=m202309260101&ct=2&x=8&cor=3043535032308745000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1D4D 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=455201739899&version=m202309260101&ct=2&x=8&cor=11655676908132452000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2E72 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6676699722949&version=m202309260101&ct=2&x=8&cor=15529575471000766000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4DB5 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6776923609184&version=m202309260101&ct=2&x=8&cor=12463689764663804000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 77F2 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6486128038221&version=m202309260101&ct=2&x=8&cor=17959620350274382000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2684 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=469139480244&version=m202309260101&ct=2&x=8&cor=2186202321780296700
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E1B0 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4582536648446&version=m202309260101&ct=2&x=8&cor=15606813723318067000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame A24B 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.turnto23.com&callback=_gfp_s_&client=ca-pub-6552175488733768&cookie=ID%3De50e849b35181897-22f4cb2b01e300fb%3AT%3D1698119454%3ART%3D1698119456%3AS%3DALNI_Mb5gUuI9aS6qK2x-t47jw9hNBFWDA&gpic=UID%3D00000ca185f196c1%3AT%3D1698119454%3ART%3D1698119454%3AS%3DALNI_MZ3lXs6HWnz-gMYNjwKFORAKht3QA
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame FB6D 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=90&slotname=RON_728x90_House&adk=3207061216&adf=3171375561&pi=t.ma~as.RON_728x90_House&w=728&lmt=1698112268&url=https%3A%2F%2Fwww.turnto23.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698119467900&bpp=473&bdt=642&idt=1037&shv=r20231019&mjsv=m202310190101&ptt=5&saldr=sd&cookie=ID%3De50e849b35181897-22f4cb2b01e300fb%3AT%3D1698119454%3ART%3D1698119456%3AS%3DALNI_Mb5gUuI9aS6qK2x-t47jw9hNBFWDA&gpic=UID%3D00000ca185f196c1%3AT%3D1698119454%3ART%3D1698119454%3AS%3DALNI_MZ3lXs6HWnz-gMYNjwKFORAKht3QA&correlator=5899886685643&frm=23&ife=4&pv=1&ga_vid=1990415797.1698119454&ga_sid=1698119469&ga_hid=1502835861&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1839&biw=1600&bih=1200&isw=728&ish=90&ifk=1601150885&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C44805112%2C44805534%2C44805932%2C44806738%2C31078301%2C31079013%2C31079012&oid=2&pvsid=3997054607154673&tmod=216564388&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.a6gd2pyyfal8&btvi=1&fsb=1&dtd=1054
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 03:51:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame ED94 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7242666621001&version=m202309260101&ct=2&x=8&cor=14548409949965713000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B31 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8790591325479&version=m202309260101&ct=2&x=8&cor=12340453833877360000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 39B4 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6498529282254&version=m202309260101&ct=2&x=8&cor=17131007077545945000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E6EC 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9425408574633&version=m202309260101&ct=2&x=8&cor=4641653291700690000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C749 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BLFSjIz83ZcDCM_ahjuwPh6Oi4AUAAAAAOAHgBAI&bg=!HB-lH1DNAAY5nEQaGZw7ADQBe5WfOA7_ez05i5MmYCNflXF1TDdfaP3dl0mdx-J3-goIM5mC99jKj8qpk3HlHJGy2ZjyAgAABYxSAAAABWgBB5kC8tCmw2vRpjdBf6gEJTdK8Ucb5pRkmiGPidJgriL3-uMuu7h0mG1_K1qrJ0tWWUPQW5DzEXTuCo853y_SeFDlnK39Hp_p2QIof_AMBDDqTIqztLpqZ7aDmixnnVGd2GZk8m2jjcvYJBjiPxppG0pQfnDGPFlOPlc3tjg54MvIQc0aGhNq-HqwaSf2k4CjU3mHIiz4DiHnlZLezb8KKJ1Kz8VZy-vrricTCivkzxq90hPC7jYSaZxGof2YbKN2O5xrWzB83sckHVe9EVe7yMjCtNEA9xZY9wIwGQC-_g48ESJILg8GaKyR7KDeSGnqzBOLXncL4pFdqxHQwB7YvPU4c6rUErtRcTDQcvzbjWAoxQYscC3mUvTD7lqhSW_9Vnovx8dAh1jfWRDBIxPOTpFOEYW9x0LPG_O-p75hwqJgl2btXPO-FB7X4MsMk3ELUr9h6qJsQXGLnN4OiCVqsBOUv8M1eLwSqAyetfVbH7sUezMrsp7zXyDvVIuh0TwXlQQjdwBp9f4ZM2H9feOcN8kuynAKzccC7mtNDT6BXkLxbLVhzwMF8-8zad6xFeZznB9lY7XYvKZ9cfmrkqlNcNaDtExBdFHO5gTwLFe6xBAfw987GxECAjiPKNOkVCeXUY1ekj56zwC7wmyC3vBTx3jwdtrTUdATPQzGg0mgUBecp1D3b7Lv9PKMKSvY6ZrvhDwdhdWyANa87bXTUXRNQfS_6qhb1xHT3yGd0YrJXABuxzhfTxJ1-Zfnumx0oI49ny63i3XJCDGEzjerNxFaGQE15Co2SBCwPi9xcBnYZL7UgLSBy3j1-b26m3pX5TlA2rWC8sdtgoz7HtvQq8HEKP1qBc7Mad8Odho2kEO6Qk-AGOzKJaxj1tR5cI3oIU7wMAalte6lsNJUrjjv8niO7dPMd8-h2XsCUP0OGEoE_WeC2jEdcNn32PH1kTK1PdR3JFHvl3z-C2uxNY9nRZ9Hi_urKiU4X6cdvCt10cqMCg29-Gdm4d8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A24B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstCxRA7iQQEfO1pr9HosJxzFofZFFymRWaTewhIg_zV9zJvDJDdzqZycMXOF7PPuePdGO9R_pyWImvc0NhwFvOJsmwRdVAgP3PJg0Xr-fZR62WogBi_QO-lELtCO-ONup5RUA2JIf6TgGXaXKXaRJs5EAD0hcFIOVrqe1i_ga9PsHRg_JhW-iMyxrF0Cm6vtRnaSgsI7bTFApqe6lTH9RM0zlvIWBmHZnHXPMb1G-vxutR-nd8a0-22V-zYFyEe-0gJguxb8JbwH_H7FYCi1YA3qaggKdVSWnsEa4C7BipyMda-VNox-JimC7NT4s64TonjDUMI2EwBQAqzzq-GA5528gXN8b9EAoUMXrRarvNcgvFYxG1RGec&sai=AMfl-YSSkfxv1LoqpmeCkfEhD7y4Gq4wAC2j7KWF8AKr7DIwqjPZ-Qf6SaJc2ze70-X4Sl7scQBJ0nVVQ5orkN7wvUVmviQWkFaTymCVvSUplRB6KKvCrfWxcWZ96y7eOVI&sig=Cg0ArKJSzLhaAS6VtNqpEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 24 Oct 2023 03:51:09 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame A24B 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231019&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.turnto23.com&bust=31079013
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
79fb6ece7988711e5c6858038d1243351cdd5922afbfff0b4d49cb31b6f14e32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12243
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 91E4 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BjSeoIT83ZaL4GN_ux_APs7uOyAEAAAAAOAHgBAI&bg=!5Oel56jNAAY5nEQaGZw7ADQBe5WfOMhdnSEFrfV33Cb34qWlCZhUGMbs4K43TVKfO_r4rFxzNBzHk1o7YanD2BQ2N9ncAgAABXRSAAAABGgBBwoAGaJSerBdVwaG9CVLNB7525NPoduIPxTffkuZAyC63wIAoR1W1qdc7RBytziVERfjq1CKcx9OmxMvIhC_5Na5YKodvXhfKquCD4b7hWEGM9OvFxFek17rxJ4KKdrrvT7pcEc2eoRV48Ks7bzpnQ6QIzpiymQ2Z4E1K--17Fle4QTetYBPO07GrTpJ_TLSi6VUO1N0nfLgWU12EphlcwQWCYQngTST5NKW4qOrDlwyP3XVwxacz-_eKNkZgJqNtNM9KQO3PAF74NEudUNgiDr_jisye2R2F_rhWqZpRp0R5Hkl1cZXghE7UeRUojCC-X9O6kxMW08Tyz5rhypWzSkhK_9ixSqHnnhpYQ4UXJlJenc1MHxwH-XRKCok7bkwva4bcIwf3gnVgCkgan7jeATlOY_qpru_gqvchxugFwA_h0S_zMy3WPFLwMxdZzoAt6JE4Auc3pgWKWo9Qebu8RVQA4AuSjhqkQCD6NFkdYZlNO4hmPHpJVn4pSglqQ-OcNh2YNYfXO5y_59k6kMRPXBzijEl23e-95LNY8Nlw0hM9FCsJWzIJN5w18oebIeU3l2zCdRrYYZcbRmlBtHeY6ex6Q_CLF-h2Y7HZRmSjIDmvtt-yXnJYKrVKgncfgN7Ie4ApX6i3IrBO3UscyHY4Xijq3Up37loQvuAPDsUzqbn7nisaK1YUoA8p4I9Quqf7N89VMjP3CjsOFVUS6if_v0Uv4nYL-kKgkgOYo9Cb_MiEqLUrgWjpEAGuGp3ERQgr8-qTBDNUQJkhXX2Qamsl9aKlZNVB3jF8F88hn7dXnMNtxNnqdBrHrysLFqk9utwakR3Wd2qLgbKuzZkQ3h8vsRbHO2hwY5y_5sYiZ1p_wuaaAya7WF7Y_UuTi4kGy3y6RfNZLR-LcC0uuFsiEBC9g_H9NbiItWDcU3XzbBQQXIVtAkoeQmFyXnA2ofJRlUgYqoS8Ue6hAIf8psb8vPhJ_507MOwNWLTpFYyns_S2sCczukqG8dWHgYijEVdW5CElGRMTYogEClv9WQ2HhGmdWf3DAW3fKHz35MmmeWF64C4ZPdpj6OWad_EvnNc7-DUZbIkKZfSv5Z5rkdljcuZww
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 6038 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=161763&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:08 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8EF2 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BBE4SIz83ZYylMfGZjuwPgZ6I2AoAAAAAOAHgBAI&bg=!pqWlperNAAY5nEQaGZw7ADQBe5WfOGmL7qm20CAFVWTl94PgP2waIjkqbc19O0QFFrunNa-1_skdvXOI4HUSlAn8C32FAgAABhtSAAAABGgBB5kC8ng1DEqjk4DD60IWH8wav-jHJYzrvbKu7bxhtseeltXa2eCF99eMEib0NUSLOmTOAyCCL5dg2tOQhRTESmHCXvxvyc3JBLAPlSBJ5QAG_U3kAxHwEg1azgg13pze8E4SR2_wJl8_B4_WQ36dXErvTRzlX4Z0j9vOGIq0Xb3qtFDdIPNqhrmFAHOyTuYzFKXBPpoduAfxqs_13FSj5rolisi86yfv3wSdM97pSDvlDPnB6Yi0J2bdhR3WRPGhIW6L1eFF119_OODTsbJEcxhwECa-nhDuWt6W1-irY5nKB4eoR58PrMCdqejaZALwXU-w7xf_oQaV3Tsk1278WsUdkrSGQrV_liLvu4rNARnQEQpcbCIeEbYN8LuAfMwIbwlDYvp6-fzBsgSwjUkHIK67s_1V79TmLNj04gkDojKtTYTpWKErnuYrc0jjK_mG5ay9wH2RPiSm5swZ3ZKVU0P9Ib-VC1FGGBco0XxeI-voIuX-EFTcy_FgEyaLOJifQNZ7-UyU7kDsxphc2xEkd-Jnv1WJxa1CRJY4HxfUUh0rQ-SNdN87xLN21jmBKx2yaIuA0LztGxC6FdmF1AzjPA_PGJvJeKFP6kTVseVI8lo4AhsZ6YYzEYnUYz2LyhP3OxLMD9qtZLxkT0f2-SOTC0-VrgFrJ5w4rF_j7cXxcFJNPxQ7UbFpL8R49e1w3x6NwXGK3nmfBmlJ4-KtiQCJRLM-UYRFNKsz1k1pItKuQYAcu-qakZLs2pd51QOMgvgFey_Q1YTICjP95EyDnEZ6ozGG7N2cHHzh_FnY1wxV5Ja9gMGO6nyedN7jvoyMFXsmiM0WcHHmTOnhLhjUP9FagPUF1749MeyAKDZyWxQAkkTB-1pYqleQ0ZWQm9JBpzo_ZlRLOfpoFECJIbTPndGPpf3J0j8A-RZVYdxXTLXCZguuVskT5w_jQPgZ7_oaWc40jxpJ7LAkLkMEi9ZlwY_aCuSRLgyU9wUgV3xE8DwQ9UUOeggbvQ4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 62D2 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=161763&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:08 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9391 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bolb7Iz83ZbKrNNqz9u8Pr_C9sA0AAAAAOAHgBAI&bg=!-Pul-7TNAAY5nEQaGZw7ADQBe5WfOG2L9d0RRaGRQCAP8cpMtWRcTZYGrhncbQaHtkgVhldEa_jyz9wweKE29xpaDernAgAABhdSAAAABGgBB5kC-_YLdzHwv8mFlrfZZCJ2730PvUXvFjF2m1HehJpweFbg3vo1AQUjtWkX0ykTuH7nalzeVquVtBLxOHta_ZH32qKCbLs6_AmT4zxjoBhS-q_JpEI44UYpJaPtjDihktVZAVH3_pR1W5RulD21O9-txE9KNb-tzLHZ_Sx1eoV4qiZoKGoLoti6B4DVfydb9_RvBOla39WD449ADXImdqyAkkD3GlE93liW6h9thqWwoSQAyp4BE6pDs40NqA37RU4YnWbf68Y-589cSNrdLzBtqIKg1Fu9UZ_E6wFMaww81UaO9IPozRYrt6Np2injJqIaIfzqPKuycGT4MWsqNX2Pj91rLQlA0t0krz-AtPGuP_p0luE1_7mzw6c7RvGSuWIYBn13ze8sXlIvWXPXp6LlGkmcTOLjE9vlTmRu-sAzTXJWWBBq1pipKTfg3IhS70xNN8qm_CbEQvv8hxrg0QxMZSF-D1DrMHEWWqJJzZlWvNVmepv7Ulmc5mkX5sisEwjOzMQ0ozmwPMqgd6X0L6FRexcl3GKn87CBtoZtZJfd-Zdhf5Pt77GjzKO-UQKcYyVmUSXheE-x8lVcIq6fOV4-7Rd919teVJQNe8Xu7d-iQ8l-frPNyX_xX5H9b3L4dgv7Qu1KQBu-5_oSsOJPFsptnnHR-aqhaEzqP5VX9MwV-tafUh8uWq0mwwFucqZWXnHE-nml9womv5K7xat4Tzh9eh2H1dBFOWS7qstDN6hJWwY3tIC9Xe7DKGBve_KaGywLAEJdpmZAfYJb1gtl9jbDIRqcHtYKadH6ycBtFt5mJEFYZYqZ_H3wD13w4m5gwUuRTKs_KdmjwZmEKBf0ir6qp2W-FSPvwIBrMShQfnTDrTFMKKsIxqeZe5lopmRpx6F42wHfP_2I5XNHL2hByNDFOjLOVGrjkeZI5bT2hRB2BPNkmNv9eSIVyn3Zndmbp663sueGcNtMi5FoHlztuSF2Qgchm8vS3DeauVVQOQCBw6H6R8US_6yybDzdwUI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B5CE 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BrdreIz83ZcGvPJCd9u8PhvmmqAUAAAAAOAHgBAI&bg=!Xl2lXRLNAAY5nEQaGZw7ADQBe5WfOOywcaJXWAbvwzEiPQDeE_RUPw4sqFy_CPyip_5KaGk64IiRWhUilv_zZd3f26WRAgAABgxSAAAABGgBBwoAXhh5I7AkhzBn4XjeO0EQkBAkNdjmojcH6r6yPyGcyG31vqe3VGIosJHqzzKjjd2G6bCuX-MiJ8XO9CsiLF8JM7qD2y3vcuspdtgpunZTA6Y99ZWtiiTAw1S5VYV_UQaZAvAXQ2ZPUXREUZ2j8rGXLqjZycFPGjZTgn5phvlymZbhq2C3pGzMPdWdF6ngoQ3DZ-X_K8BTQ9y9E7VVvmReWKmhN2u-bI-fzMLMxzb1ERWvBgB3dnfpwL5nS2JgC0lcS7qm8NxfYJ2vXShkx5-btvdd6veb4vv-b8wLq_fN49YUEJ-n1gtuQhg6dl95fNgsf0-iozbI3FP42g0Y6mfyJMnIxTIDw-GNxa4OOlu0Awdt7i5gKnPtE1C3Y82zzEOD5mK58rw_1ziBDE9g1BaQ9pzxQdqtv3JkCCN5WQLMq_1Zlf8dV_E3HkYFaqob-o15SCM2ZBOfvnN0niq5XHC1i8273k6F0V3ZRPoL01YxchEdFyX4ljuvUo_4_XhE3ehFH1BJfegB1fueR2h0rQW_kHVxn77-gxZ_LAjFZDTrEuk0H7-DRQ0-rsREW_nV4pQ3RHGowNILoNsp9RscasyPWgcOO7YaCTydSdWvPV1vUzcXiNYJlHM11nfOLmWoxJHpARtuXm4bYoyqzCQz8UXOvj43cVWY9ekItzDBitIE4hzJHNIkDhtR2O6CTh59XH2kiPNRRjassUhM7Ql2lK-kBRXNpOJoSJl0eDPM6Lbc4BNoUT8zamSCJKM89ECrjlOung3Jnyma1DKFSPougySIjXCV3Whqq1gW_z5SeAH1shKrLoUBFuzYHGz7QyoQ7wRpcCR2SmGUYrcipHfHKY7d77S7QZKR-Uyylhjg6Ny_C1B7tnCtlc1JzC35xF5TuxJmAGYDIFssS61nV_EDLousn5yFiQpdjIJHR5hmI9c9qMUCuKtbjQGMJlA4OoAEhdWdP5MVbdPLazXX8zhFf31aJ6PnvmvOV11Y2gDoyXfSqHM72q69v4k4HtyGRLMDP_LECmQNymuL-oQM2H4si2fr-v11inU8UEQoLTlmxp3ZCDGAmaQav9mULtjFMERJFcbptyAdfBDN2vN8VaBt0NjUBGlW7kiTU4tpWHp7oxSnwojlBQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 748D 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B5SdnJD83ZfndDu2k3gPZnK74BwAAAAA4AeAEAg&bg=!JCelJ2jNAAY5nEQaGZw7ADQBe5WfOIcMtwtGEg3qhOmha8Zcu_4y4mR92P6EEEhGCQ1_fUBqfCCnQFZehOmacv5i965iAgAABhlSAAAABGgBBwoAe9kTrEB2lc5JbuDzUuoytWk3oVrYJhIWlRD08EpvIF6R4tJGwytoczfLSWeXAlyVDqUSDlTh9mvo-ihgIEzXs0Rg2Z05hyYpHhsVglAvCr4MFgc9r9L8KvHX50YM2hRPk5WAy--PzH89qPIMyd5pdLUIeoyVkanif-cTtZkDAUPDfnXAK-G4lejFPOPewta0ocGoGtXTfZxFCA4J9JrgOVBVa4YnQajTSmMoK1Yy8rvzxVdgycpIBQMAJe-L8juZ1cPZiWZMZn4M56K0Fl01a5K14M-QstkntTRjTVO-YmOhwRnVE4S6-0OJJ-l6wI05zH4bcrClX17runtlUeJopeNHznJ7s35iyvoGBAzmIwP7iHDdWkloJfBRoe-jy1Vs6YnCXQzRtVUxGndwoWaBj3SeLQUX-xfe9JJHupx4FLKEkyJRpiCVB0H2E7BNJpCKA74HXSY-P-SesqqeqBEJzElVG4A29b_Na0OkY6jJ09K-1ywo55f8RwVhhhqT6kEJ5r9-qLHnVQUWsfFWmNlGdZyyu_79UerKzNLa9AkFZRHYOWE7mvZbRBksYYVfdxwpgXCtUlcEIM20bAz0E1Op1tfn4qvmGZIBvqui6QEwetuhOqVJMvsywW9LI64iTYaanEv4Qd99RJ_-0OzWMR1pj-BRnIIhtrQnrszKhAD0hk3Yl3Hf1Xyxd_44rY-VILqhxo8l6-CDZ7viuDhqKsRy0TZjoe8Y987xj5sNIlBYzINm66w6wuTi4Ppc575rChT6TG77S8PfY0uw-xfMHWfHVgwdmP376MMgCsQCODPK5rtjoqn5YFvRRBH-HCMijMLit5vay66Y7aQ8kUEYNDQ96n-CvECAsvuVg8WAJXv0ouIFXsL8hruyyaXld_ciNICH1xkIO5EXATsu_FMLaGmlVnm-onG_ic8duoj2lk1wewIRuaCsW-kwEdi6_50QAjPGvd29M2JOV7YoR4PaHPIKddS6p08fMq97BmnhjOsQ6RYa12c0zRUj6wJEmW9sYgk-FLM6H-ybqcYkVkjBYsrewa9utpVIyKxjca8fORXfN9K7YFuTyoLqWrDiaJAUMXnhauSTZJqWW8nXePnLq7MPeTaFVDtirEU-X5lko6igCkAv49IPwNS1oTgxCNllNLwx7P7GqQdRYY8AqG1fm7QhAFa7wZNAW7UopDDL69Bn7I4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A24B 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 24 Oct 2023 03:51:09 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F00B 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bab-BIT83Zc6eG9bl7gOZx5j4CwAAAAA4AeAEAg&bg=!HxylHFPNAAY5nEQaGZw7ADQBe5WfOKKo6QhqYveF3duxGa6LYbMiLNQmQdgr8gBdvxt26Naay7_YsOSlHolC2QhsiI9fAgAABaFSAAAAA2gBB5kDJ2axg715mZAK8di1LNTud97Istx6DQkn-le8C2kCcrfxMSJkhW5rzwR_m44_7S1vzVIzAMER2RAfeaVSjiE9Hr0TEiFnqjvpODKKVmuuM7dz9i0T7GNihbJeBY-Zpo3wplmysO6Si2frXjz9k2cXOwpUkagp3LMxNeGsU16OSNO2lT7nSyS6WbvP4vqJh8zO0aMqx7OtWDkmGNy6g0N5j8gH2X1P5nbnibXz8UpU-AeRHw_zsYNLDz08qhtGeyE00ZC7UOQ0DUTirfr-D0HUS8fhcdTxpNHdRSAMvOTbP0tFHaSO5FxkTRVsraTVJn8h8u76a4gsXH5t2aYym4IuO8BV7yod7kOOnvjzkzei-KwctNjvy5AFidtdaekuTUGFlUJOmK-miA-yNwJWfHjjwoXHc5DQM9CI-71AZUxFNZ2xDfa3K7TYWkRxwVLq41DElOQuSYmpvenFivN12r4qk5K7Rhet5LRIFA7-BjluwsiUKnb_o4iRMkzJKGVF_f9phRioTjEWIz07Ur0C0f1_8SvhcnvE_yt4QZhbSOOEQJUXZG7bPIImUAfe2Uan8oWuI9zWCYPBKJ-7aD8ttuzNvVRoO45X7ISNuqwWq2YjlN7FS0BA_0KCHV2a7KL__c2WXZlnNTkRahZquaGGg-JqLB9erfm-d6DWdBt7qRbR6EIELzgedWJOt0UvIsXDibPCpxo_l1MB53xKtlCASkyWDavjobzbXQ9GIR-0wnRcx4IJjHXBBJqcv216noocVuKFIO9jLyrLIj8blOF4zz-MZvbgSDTWS3Va7qiKDjX11FaD-LJuaDeHDyZNmM3dOZkNP1Q0vElU-VkdbAcrxNTmlYpOyx6WzdYsbr1qKwnfNHCTamUkB9B2E3Alf6duV5OGb7z3JSVEeCDjdGyEfOhWcxNjA77d0cmHwbh6J2-3j9WQE9HZFUVl60kV7vW2SG8eQNylZjeMoIYlr9iMdbsYoxNH-3O8zK5AdbSOc_aAIIozmoLvmF_4A9rUgRLKKxcnudFgfc-ijyJ9qL9sRV5okEE70koc21cSLdfjMjZegHHNRSIzeHEM-g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DEE1 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BhXVFJj83ZdekE5PwgAe-y5boBQAAAAA4AeAEAg&bg=!4OOl46zNAAY5nEQaGZw7ADQBe5WfOLe5SvclXLSEq0lD4v1gmh9YBm5sWaCBlX4Z8hPRtz5D2pQuqQwgPwlGbMkFdlrPAgAABZRSAAAAA2gBBwoAdLhgbQtsz049NOVvLJtZ8LG4UykiC8kp-9Q89Snaq8e2nDIpYn8O5fTjxyJ-V5sKr330aghrS4UB5vq_eXO7Yvc4WCRzbeM_auOiQm05L-7TvZfxQJcHPYqoFOTiY1fflmJPpoAtZOq9rO5qLGyf5C18GqjlmQL_XT2QW_D_hQzKIUAAUjCXK-PJmqepTu_eeoKMz-kXwjZxtwVPfym_W_11E3JB41Ed3rNvr7jejQlOpGDu82qQNMH-ZJ0J9avTniNzKM5DOXdXaetwMi_b1Y_-QXO7DjKYyV-IBQwalg3td1GBVw-lKzpcLCdtrKOdS2_DPPEALhP_HKdj3WXmIhX0qSGfWow40UxT-N6MP2bJncHsxQ0t1Xb4e5oc0DqxpqY8HvFghwm6uueTHajtFtmiMubNhrJc15Cn_o9F_in6OmUk7bnKJ8uk67lZEjKy6P7rgRTCcY4PMl_m13ONSzNppSabqpZymwV4tnljxbN8o0crWLc0OotKPcneL8PlcgZ0J0ndWGnO6P6OvF13WQqF9kv8oNWUngUrRQeIHukLhGmnvixnnni-HTEd-8FwaC3GSDuU0PQKcNhP6TD3Z6F3jmQ4F6gmLwSgsfxoFQeeShUEXMF-yFIAiz4eGWzLaPMFB8ylRH7OXhVerp4vkr-r87fQoqvwRssi2Zqtnmbv7GEXL7QSOD9gEtfMOxQiNICJyCELy-MYjMXggGhjnC1q5QB3i8ObmbqMgReL4WORIorKfxZUIJF7-kWyvRl6Y9vcxGSey6T02ksS_dmoaZzJxkWWcFFlERKT4GRODccMDr747W9OoMctJ5vyc_WzF0pIoidTQZ5bKWtemC3rnG_1J0OVj6oWudtx9GQ6QaT_ptHCpdHFAg7TwMxI9wHHUxeHsqvpqKAdn8zPUz-isaouifig64xAvccvgD8w-w1t9wcm3cZwUAZOI3DxnTIcxjayWpVy0jHgbgbWzHCK2izseiTZ0V8CCA7TTCquCkn9NMxlHE27BZBOa02sh_R0cb9zFhd-EOPzpOdAN61ukaFcrrJxNKLbe31B9SsBif_22gPeUGBSTJWCQCRx5vwp194lc73OLieOd9_rNUzakD0sfKwCzd5iaB4Cs6u63uHdbNIX1jl2Zvu-2aLtLl3ElCIPOSjFhVcgaFvRKBTibNTqU9E74Hw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3BD3 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BkphVJj83ZeCwKLSTjuwPv6ug-AQAAAAAOAHgBAI&bg=!PzylPHPNAAY5nEQaGZw7ADQBe5WfOFW6I3Ac43IZeNoM-3Ypfl6XohafntglzqkqJTmCPHPCX__sRES4eCV5OXVhSYzGAgAABZBSAAAABGgBBwoAkU90KKcxmeDlYHw8LTE8De02l-QyjO_KQVVv7gptqC-UaflS27_JdWY1G9TOZzfcw60M7VKbssE_2mO5O1ojBmZa31_HB1SBZda5bTZxtSZL0RnfjS4gHobtiqtB6cTqkHiZe_MYvJyeTiyyxwbCiKe_ZwJyl0HnrB5QJHHqzHRp2phzbFSQ7qkujVakwiBh39WZAvbQD2KL1VSWNReSgGuLPWFW9vedeRhKCsDIT792lPOWvHG3BoMSUK79d2F3ZPgQm0wrHUSkBSP73Ir8y2l4fT8gtD16_2GpOFnPKamit4uCCeJj0KY8xtWb1Z8m_4qN_MgT_bUK_7OMfygb57JZif9pHuyZAZikmr9bMBdcCwLyyMe-5_MXQ3r3HP5oyHOPV6b5odg7w-_K-B5pAQkxIJhKZSNjLnKNTAHm7dg0-4HyOjEbMQpz75CpNFSpNKsm9u4zfMkoeq5RKFhEzT3MFKYhZ9634HFcqrcE9LB_rhYC-Q9cCLwDHRvKw41RQHEsjJxt3XZr_a1AWWPAbxXzjCmFvhm9A_gAAv-ek3EHZY8xLD-IWnXqj9C4oGEAUXmASi9JvnONoQhKTQzTliWqzIJCjsiBevtdQiDVf9BuR89_JgU0L2UmNbE_pwprF5M6ZuezZTqfkBn5y3EXqRHGIz9nWZP9e-Z4wvz-I8pa1VgzEeXnHFcWf3GHX2vBzwDUREg_0TEuSG8TsL6fb2eu7Dm3I7YyXW2GPniw9tROuECEw4IFZyZF6ZL5j9xOJxLCKJkax-eAwEuoXPSSW4saXVAj64Ahai0V7pefh5NwvXK_V95gSjqbAfCpLMf_FMBS1sbTrdPLdicfk4DPlgfN-seE2iWLU24V8B4yI_hVSvKs_uHm-Tno3z2NNWQ2kVFd0B-C012mvK3GaAt3FWgIG9Qh2ny-GNxTWR54BLyg4-NQsLQaxjVEImDUe6rPi4aFIv7pz-wvfQSO0Sw2TEYu-jDgNT2oiwdaMasK76-Qts2iHXF9V99nUOEHrtL1MM6BKtbxRUMEBpet7vigcIwOmulnk6icbo3_SHXgjflhx1potgdkP4nA8Df14YL_dvQU-Wq8u98F-0nn9HAmgKCJqoqbqK1dEx0R6wnOBKvE0szGas6r7O4h7zMP1Tsdkn7A1mqZ7r_j6Z7vTcwSpSGLB9O-DrFz1Z9qBUi6OQC2kgFt57k3ZzWFEw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A3AD 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BtGgZJj83Zem7KrW_juwP06CEkAYAAAAAOAHgBAI&bg=!Y2ClYC_NAAY5nEQaGZw7ADQBe5WfOAVZeaEbXQjn9YLBgnhVQriGaB8zpmRxADIpXayLyHbuzoVPyxpAiHXmxuwVrkhJAgAABYVSAAAABmgBB5kC7yYEC1H4_oHuwDk4umeurgBBuux18WfYQE4W0EYHJt5bdwjL8WozPM67-vItynWbxzuYYonW937ScmSNh15tFYYbLPQYspQykkca758Lq2UVh0hQX7gwMgm82MBhUsgX2N-9ONGxja3ARKZzQ1_YULyYl6aop_AhDPkeOAKfes1ezdkRAPOsOe502bM2-cALqX7YSPFmzmlWDxxQ_tWvQsilcdD_Jva1ygSmdeI_RK_7YyJ2XtBoGUJ7r1y5wIhfkbern1TfC4fpGHHlzeC6xvUmlCwPYIBrn3wIMcjPe_6UKGifWNycnGa9ZDcsjXsFddt03vKAzl2zG0VITvOodLn9t3d2qsK6jGeG2f26CFGJHDnjth250iiPo32XF4Jw-9iAtAZs5FP1hvvU9yzR2UzFAStcW3zFt-ItplSZZgU8H4W6zwlpY2cuKZwt1ojllDAFif7WTxjP3d3KwCs0vQ4hspkf7Hh6sDelsNzExM4otbAJUre0e-5MZb15c1SUBSkqqWfsPOjqEXKt6eoAiuvkmS8hZxwq4E6EoExfcVYH05DtLhDQW7vD6hpngMsB7p8cFDq07LkOwlmkVq78hoFFhfaSnYt9eqCGmUf4A-KfilEzvDpy8lDJzc5TxIWdny9unl8ZQKjX2m65WaoQU4wyZOOj6YqfJknlAGUrrsSqn3l-YKU9FDDaAC5PYxw7kZp3hlaHhnupxloP4FNohHLeQuXiYvNd0HvYAnpgL5KnjHelaQLJgnAFAtumwDkj6duWtSnxdcOigxPnWfQNay0eot_ct8u-7iddPy-HeBW8ZkVErf_kZouzNtrgb4y1BoJhKf_kVhq1gQQcbVxH3pIBfe42piqL6gs0dO2kPwTfokJMOr7z0SMhMLnjNzSE0DDKf4ZrRER86I3XGLY9DOYJU15Vlk4q5q64mcgDNKACiR-csDX5tMEjRq4l2VsZqhADksaHy7a1VcvBAV9tQ8DNM3Ut6jJ_Z3l5fuU2aRQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D05F 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Br0MgJz83ZcGKDcK83gOCypeYAQAAAAA4AeAEAg&bg=!SUqlSgXNAAY5nEQaGZw7ADQBe5WfOLJir32_vXOMaZlUdlBoh9mabD03Ctdl0rlAw_F9vQznKJU4Dd7ONUrV4CFuGgOUAgAABWBSAAAABGgBBwoAOGjHo6FPh_gsaxeH5KJYF29NViFVF6-me-fVuRYWolBA1z4UzhlTXlIfJF2U7756sVIJkA_UR_09mQLrVCB7Jt7CankIp9BLYWZbXhtCcXg1GvHvSxXjQboFDyo9V34Fpoih-vzhcA1wBOLBPSncW3-UM_H5xRuQy76q9r38yXOyfUz5vGLu5Y5ioFpg05-k5v8irSOI_XkQunQpl3XpqkoFxykfZp3OQ7Fm-7xgzaEZdYhsfMeSj4rMoul6K-uOhL83XZ_A-Qyx0WM8cSqLQlwgN1nYuK3lO5SdPJRlG4DLroHygdpJStIvFAQk9IeuLk1SobT6krqqvwnlcdIIIGjm_MSqBTTE1Kobs6R5cUbwpZdkUNXy3QXL9-HZCpdXksvkCezoM98CZGFPhbvQhIBP9tMZ9MbVywM8tRfb-a6rVzTy2ZqHHsxQK2saDwNCTtww7wDr_LxPGmniKtvj4nmj0liWqSGL-oIYvo2UvIpZ2CZmyxWxS7hHXpZJZ0mGG9B_NG70KekPjaYjlSYhtWu51ZIzX0QYoxMSCJUzLqLLpdNkM9WftXRmDTRrONwcCD-ETTx13ATt_Kku8iNQfoRz85GI6lLBwP39YnYYSdslk8zP5bmLrbYUH9lFr9RPvndSjHhWEUSLqgzRYSA3bnvyll43u4MoTi-lMyPXcxVKCqbuxZu5oRSjjoTOkZ-6Cp72i9yBQVopO6YifTSDutxvKWblc5Ec2r9yfkdO7nOIAdYXLvXJNelpzXrenQ3xDv_Mj4lRhjqtOchjfjpH2y14EBwRU5nI09aOYilJAMD1dCGLfMOSfe8Pas5icsvXR9u1YCiH2ZshDBIm2iVLQ441o_5cEK83Vv5OkCCSJT6n2s56foFovi8VQUXvrXIwN_BfMyI4qIrp7VD_VwQ4Kki_IqKALkIf745INOXY2Z1UbmM-noRAcfaB0D2vD2MObF5QkQso694T91L-ThVjYLGNk3gJmYzW8KTQKY36Vlf0X_gUaMWpTM4o1h-nXBHZ7PVovmsK49HU0OXm5FcHEAqaKAiOtqwjvv4kg2qldLATQBFGVnMc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E5D4 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BK6BuJj83ZcmWK8TD7_UP4ZGZiAcAAAAAOAHgBAI&bg=!8fKl8r3NAAY5nEQaGZw7ADQBe5WfOEkuub9cHzeSx3tck9mKkir1K_C-SyY-tZ7zZq-HnjMxm6TfDLtU17OQF9GToNUPAgAABd5SAAAAA2gBBwoAA6ve6pkC5znH9LmZq0o6sGNI3U8TG_ea_zxLKc_lTbfDpGW1FOtkAwA6mHidb34vaatNPG-YIfPca9TLBRuB3nplxMVEGDdV2iz9gVxQywdOtCvexGPBo3f93wtecMyVWrc1BmVYRM4Jc7Tad-XokzHB1A0t0WQiivvR-zaU0H0NLAMV6ARpqZA9v5DVmB8D5-aTcYIjgAQ0XViXmdjOm3QBWJFk0o4hNPaCyls7buEigPSA-v8_9XU-DM2mjx31sfwxYYuN7yF5ba1sQmkwu5nPdzV92cgYbLuNldpnjArVhgaVUSk7QOeEBBY7sMo8jHh7dyuXsk6KHemSagkNxDk-uX0ffyNqqDOy0V64EPzxTmm_0-Xf63eZegmpCIfgdp5BoPfBRL-GNhwA8IESgIUuNKYqAxdM9JhFdiUOdvnqjSo_1-cm2M35_pgw1dAmEJ2DICsHeCvLxSRQwPaKZleR7qAk1ZsgQsgM7eTV6R1lsp6W3i5Ywl6WfozNr2y-hxc6kIVgyvtgSGhGrT9iH0zUyTIpiCNLU2AOnMxugFCByzE-R9nqz_xYmzfz6Dah5d1_nIctLJoRfLThYyytpKt3v-dPDoGFreQNW4sh9JPSqaMTKwZVuMLugZdStMIeztLW2aIj55I4zlPr4-TdoOBAsxA7EqFyCaryZd5yJulKKIawsv1xNXwMIhNg0SQdNMmJZqi0dO3NnAD5vUo8YBrMvamXz81vqWtdLJTNwz_OCmJPHWlcUVRA2b7WeUW17cfHix9YiENVeofjBs2q8JAgrOGxsu_XnjnVutvV0fCtTBqDdm0TEjzk1Wk2L7xlcoWvEgyX9dhiEInHwJudj0v-FIV4QqEs5N6G0K01sKROyS7qpqOwEYkWTbKohUtmYCTi5cm0dBZ1p1j-llelT2HOoDkNK6WlxesYMt6BvDkR14XCB1jC8Wp3p1ziB3QXHr1jMc6ii-aoJAs5JaHEHZYHMdl5Hw7C5QptwDfz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 59F8 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BiktmIj83ZbmuAcem1PIPobm3iAEAAAAAOAHgBAI&bg=!oaKlou3NAAY5nEQaGZw7ADQBe5WfOIn_MiwDSRL48bD_HpXeJHSkXP5fGB1Elxjz4k5ajA18pUHn5yiZD1_xpStp6hezAgAABdJSAAAABGgBBwoARMQ4XZUudcAcm6lqB6msrwCoDzarJYfls7vr4tp3x-H-hPSkEmevkMWpQYaGl5ETSMSX6iCLg-UUcPIhJwzNNQiOOWr0mQMenKlI66MYFFmFJhzOpZQe7ayEmAIRCeB3NJ3QuFkQMz8gT2qt9dPh15EYcFk3eTFGuMeMbTUvf3qh4MztMUJI8JN3SxlBF_o84JFMGr4AJ1z7amcnOTq8OI7CWIaXNHLDsoxTUr4CjKog3HFbMAZkkK_OwXz9o1YP7NKfwTGgmZE6XaAo1lmENJp0TVBcjSWfjmPH1V5PEHFzvMLIAvaZ7QYabUe1oIPxBf_M3PLCwLxopGjsQNP8HEoEzk5NeeKu2E8LrdbPNrFx4tDMlOI-pGI5DhG4PvzMZoRbIeCRSU7I2TbwYKGqiAUopBwK3NdKmYke0y6ksrnHZFhCuozyzZIJUJAaXyTHnjN2p9O45d9YL7RXg6jL3EjkPpHUW_ot1S6I3ke6DaE4RViettBbGHpeGVDmQzuPgqb1okz1mU2C08fey_Ywj9mvuLYnQ0cfdhUs2GBqHmDDk-xbmz-QPxpmBI951cRneLzYYZMH7qtxsi9-jvgWpoXS6P1iMnZcGM3-ObjyDAzNWUtBYTWG-U20ztiyJkog7lXnrQefYQ5LyIT5Wy7iIJG8CxesxFFoJh6Vi5NEy9pyrKKSMbnCP5hBs_wGOh_V_kapgsCRtClYPiiJ6UI_Zd4ElohE6u_BpD6rsYNVhy1mhrLgoi09ZqjQ92zBONbyfumAQua0r7EciGPeTAO1QALe9JmFUeGK05TOEz64aelwCAAYcAGa1jdmct4jgP3KOawJiim-aLwaoDjxnWEPDO_uGt8Mh4pzWpVrt1Z_B5-ZZDpi17t_g_Qbne-jcNoPD-Jo6xWVp7_qxRXNexCKpmBk2XSA-20vFpUsiDaTUslrG0hutRMuD1PmrvuQzOjz8c1ZUQlYhfO9F7Agst6MTqFa1VAEoMxcZgi4baKnxg-g7KOurcwXfDLtXGUOTSHR0Z1Mu4q2XJVSNXhWGkui1aNFcrgwjJul4kHaf4rXMmZfRXTfbRqqkJ7X7YBEdjnfYIxZ-JlWjDUjLuc9PzeAhcAGUH0wUpa6QBtgbUXhXBmsKtE91y4aTAom5XuXp7TWkT-LjXbY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 086D 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B375YJj83ZfLFMoimgQeWzZDoCgAAAAA4AeAEAg&bg=!hYalhsnNAAY5nEQaGZw7ADQBe5WfOHpQtGluABsgKT6YXd4jledvD2I678O-S-t4JG13qk0nuxADa7jExwI5rF_L4cqbAgAABcdSAAAAA2gBBwoAHkrfmoawJ7eXt_WPmKH9pxnZQ2Jqr3X12NVru637_pkC6kd5dMh0KyrHhSPDqEBIVZ8L7jFVtoClguPPWvouBtmygRXkk2N_nFqVQKkVm_S2ghxNBRhp2zIrl_-_tmEXpiMMwkfk-3CNRCQbq9xSBtd-wcU6tk2eFXiVDXGduCa7af1oQpo_SkkL15OVsB-Sq6vZsimIGlP4Cn1nA4jhpsnvImQ15oPTzD6E0fFT122d1sUw8vUZ2w0Y_5rMBfRNuXeMvGsT4Gn5zh4_2AdtQS2Fhx9_kps27pQnQ5j8hHG_3-INyf3na8o36FKBsxRwnFdLqE122ZMLhGl-EHTdyA0Cl18rqwoTrFIY7iISIDOlzog-nfHQIU-TQlFKjoWZTr2PF6J26cWAXc-Qo3b9B-ARuvaCMb210CgYJ5qVVYv45CfpcX248ZpyXsI6a-nHT-DFOFanLLgnDfynhiWl9iLUKXsRB4ReuBNKhL7GmGs2soUEmHbkNIQbDw76RCbgfAlRiWSgja4zbrVWMAwW2_cnakszrZF3tUdOq2JZje-OKhFulFbl0Z1RAhaEEzbyTzj2y2RqUJzzRksOSyIXo5gKWl5GfnPx6ev2Tk1alxzzOu9mJYP4TC424ec_WYYjoeH69VqV1ipv82Mp_iIdL8GWFfUF0dIyGnWdQgzm_NHyMCaBCgz-lp8IeYtDicD9IFwbiPAOmAD2DFI25SPOJ8MmjdGiNMtwYRaJepQb0tfJuAHSvOhP0W1SdbNHYpaHM0kw4UUKihdneMQRnCKUSgAIWONbWf2CV71G_cd8891vsfLdt4qbA3UmIASx3PYNnX4xdl3g-TvBRLktN4PxSnUxreTZMZUaiEEGbxKJeNrcqKvuVMDOfgHbcbZZ-rG_HiYsb1uAbVWqjhJ_eWv5f-0Br0j_0S3TtfUB28tLhu5uz8nOQZ2JzMjwH4VcOaJulrMXVeZLWlbgiUErUDS4ltx-VSeH2FI8gRi6_fYUfjhDjkDuOGQEHJnbuC8GueHaDp3je9G4LXQuELMi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9480 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
33973
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Oct 2023 18:24:56 GMT
expires
Tue, 22 Oct 2024 18:24:56 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9615 		829 B
558 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
219143f04972eabcc5a6ffcf46d444bc01c141d44a567361385657a0c0fb9c71
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Le3PNrKL4RO0NpHNl-APaw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Le3PNrKL4RO0NpHNl-APaw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 03:51:09 GMT
expires
Tue, 24 Oct 2023 03:51:09 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame B517 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_TUaKD83ZafDC52VjuwP8MGsgA4AAAAAOAHgBAI&bg=!7u2l7aLNAAY5nEQaGZw7ADQBe5WfOG1hUgZAw0UtOATKSbLjbCCvbUNIZ9BrA-GWREOzzCceWF7VLH_e3gt50BvcRmd9AgAABIVSAAAABmgBBwoAU_Vh97yYuPRr5OVOwIm7IAIpHG-673cQMi-7sSLHCnChSb4tXQkEBUv8RzlgnI9YdSBD4I2sdS0NTnqNMQWJJUINI-obo6VmqnfEVqgR48u6PUwPmQL1ZNH4PhC0zmTxTWHCVjwabpOk-icjHuuntZ6i8j5itXNa8OFnjQ_-v6pd76Pc5PVryAi1vh96kL2bk3mOXqJDXXylfS_QYYur076lcqdw1F0quRuQ7NhtB4nld03IMYfhzce3bVvQM3Zfl49xkZqC42R-20IFUmA_3u2GkewTeaYjm1QMbfczsGIANm3MnIB1SEpXBHwY7ZnlLPbku7_VfOyUgIZSLuPIJhKLLXY3RSG6cYjXp9lYb_BEPaBvAXgCxcZP92DggzHuctCpLI8gdr1j6mt-eOGYRlWtUj99roLShJFFOfDDjIy_8kibaEUa-neItxRptO4hWQ7pfEDTbmHN6KKhD91ArGaR7YhUTm3TUd4omPamDEBLpLrCnhySPpRchRJWHKuhvdGWJ4pue1ha2IyccMwhjdrQOPmzHZjnxLoAb2j01fI8oj4xT7X52lP5e5E3LIBroxP0dyiUM34yqTRbXZWmiFoho-xzKvDlWn8W6tXPqW5fkl8mjFkG8I1NxPSwxpp8HIXAgLN6fKamKRfCkjEEeSr3tNE1UjVGp-SViQolp2Zyok8HQfSO3iuS4sAQPzurtCpmw17MF3wNU6B4hESclWF87zC02lugd3D-jz6SMA2fPf_sVx9Ca5oDtOGbBGTp0dcIy3cRZ8HHrK9dBMGhtPLORtthj2ElEBHeDEjHzRAbpSswUBHOUA-oqFqRiRMswBN26-aVqmzHs0AYmy5uXA2yiIoaHiZ7SmINFp_y-1baHFe82HZo3C2Yyv87TRutYnZ0mdvf0e4BiwLZwsAuJ01vgu0ewBhq4bKNJeT5zs9dPnOVQ3bvZhFc6azrIVKDJ87wmvdZWsEMnKbXm6eydikFOL2XDrM_Ec-1VQTfvwBP6uRZNybPtu5vPivauUXZN_4kX3PiifdCHwkAwnMMU6fI1ADp0XRBtvn4Ilg7jC16D9Zq3ZHmPi779zKJfF3tRNlN1_c3HntGCL8HsTMeuD6n4J9HDyEgFEy62w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2DB8 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BvhV-KD83Za-0OpaE7_UPjrufyAEAAAAAOAHgBAI&bg=!UVKlUh3NAAY5nEQaGZw7ADQBe5WfOC4-I98JH8LrcO0lsciPf5A3rh0YG8QM4lATGD5qajzdaQX6MkIVpKTbQrCh2XZLAgAABDZSAAAABGgBB5kC9V2Ldj3PQjzEuaPFaFB-bAgOr5c_Sx6tvGBofcTgA1uyurjL8n8SZWwT-GkBowhfWuTbGEKQ-BRlDt5HJDVJ58562AgYVpieE-lChe0WztQ2y7TI0Qxo-7fmxQqDpWCYti6fix7Qoj-sjr0HBujAo0uOilKz1XBdwX6bghpV9N5JS7EK4Ebc64fRLT-2uDO8syx8fo4qBBerJ8X4Gm_QjjQLH0lebPIrOV2t0eMsxOajjt9SjjHLPRaIu8q7NC3SoUX45ealB1KBk66mPINgxko-k1Gl3kznHTz7j3-w9qrhxeJF8ITvfEPCNr6AQ-ReYpvOQfqqTSE2w6DGtfBQOi19gU9pds2ptQgjF3swYD-PTB-oCVt8QdfwJSXwiV9ZdlJD1A95PDyJLK-kPuqTVpO4JWQFedd_LkGiK1Qrc4MbhBUfyNOYNwnOuXE0lcAVcuJpJp0poHOsnoOikLWCT3zCmRAMtlYp7Fs4CJwhQ_v9JUT1idDQYJAS0eFOvzJzRsfxuIGW_xrNAz7MXGGxLE_h0cTd_FedyxVhjkeSBeTl2kwcdJBb9q26BkGOa8j8RnrxZYhVZmlBkqSQmP1cJk-I2lRg-UNZ-hNh7e85wGffyYq3n4kCHx1gy59ddXPT1tL-TWAFLM7EHpXxTw7p4rzrJEftQDCCTMBL8ANf5pCOpkUHr5dHQvMumGuxLnK-FTbURHRGXwjuwSa1STOS1nrKlebDFxFbgwVAyBdgDqZyKG9vrizh-6aVxei8pWkZ2EADsKPUOGAm7IOvkVeMnGkpLDoXQVmoufg1C3iCoBknIEDcyhlMkKvvi87hFVY5cY5voZjwS4Ix82BHUk9OP6Ua7t3bNCxx4WUd3Wgz1aV1QwvjHJBTXRlo33k64OvD1k5LTw0Xp1Z7BfK1rvEgoykywAtOWk86raX3VAbMvLkBe26kOKTw1m9oxiRJKiluC3LRlkuHfsHblPRA26F6ztO2VCvWvbb8iFc5AiWvu8cBPX-XOEU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4349 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BqJ3zIj83ZYWKMfn8x_APrN66sAIAAAAAOAHgBAI&bg=!PT6lPnHNAAY5nEQaGZw7ADQBe5WfOCGVEgB8un5lOJUFogUkmzn8WD3IFmqCVB7qYiu7aoeAINJhh3p3uZ-b6Vlx9h8VAgAABHVSAAAAA2gBB5kDF8hSrFYIzawjyElqtC033b7sEcA1wV1vlix9CHYTAaTh7WRgdU_o_fmlXJ12IUp2vbqdJNW4chUe_0CZYRq_IGPTjO04d5TALeBXPzkiSw9V5D8Eo9V4WDWs7ftkZw5u2ZwhxecXmz4E_4JMLdvFteldxMIEYKNjPVGZxtlGlIrVP5rukS68l6Lm-py97ItPMFkQnB00d4bSpQFqkcD4v4GVuT-3rZ8etN1RVM4w432d4uXMTqbD9R3IWUvoMIf6pcNwRBijDXOOxbbSTgh0eY-t_1VCbspAWIY-FtZy-HU_V1lmwiG4DAAcqeqdH6u5p7HTBJ_9A09yYWppxLesAqsjXmEp9vXC1qOX4xUnz9Z5qShN0U-gpHU6K5T4x7lMCPptvfRZo80Yv85FOi5FksvlExS3W3ZkZsc1Sk_7ggMy5J-O_FWbHX-rQSEqZd_N_MDASUB12C7ay4rGvRaWTqfcw7PdfEDDWENZ_HM68_DkVbY-uyzNwnPHlifRTAERUDqyQRzcw7iiViPHI3Fn_qpfTy7d5IfoDiyIh9O1ZqfSuwnUFSLTLQe4dTavvNoWgPn34N_iY5P58AvfdgzPUbzx02Ezv1_kGVYulB2UUA5gegUydQwig3L776zQuo5zj17oRnnR77wwDKcL6iOUdFuwrI3TbrbGrBFqhmPvylMioVSew9_MO5xQDaqNJHvHdhuqYuFMUpXDbfvPLD-2CfjOOhRpS1IgqiujPNGDXxYStIUzrFpwxtwc4uEVmmsDr5ifD7NsmXLobjNV17jZdyypu2pIisxVyALYRXvIpOwJj4NRo6r6F6suVJaqlT6I89PyMCIJigP5EMWiwP-zuun4iVP9iTIwYzwohqU1bRz06G_Bm4lrAfUPJCUtdEXjpNS1OgMCaOV10d3KPeAp6iVYT56qOCZdCMl_jkFCdtIT20vcUA44fYoIzUbkVT3v8JE_CN71Cl-JRFdf6P5rnnNc1Rba13op8mijF5B7A9FN0P5mcbjKSubXt1VTs5_1GytSftHrTws9XClDxyBDkTjr_Bn0T_kd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 438C 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B5l9PKD83Zeq1PIPY7_UP7PCwuAwAAAAAOAHgBAI&bg=!-fql-rXNAAY5nEQaGZw7ADQBe5WfOKTFRzugy1ClzG4XZZhakyaSYaFF95yvLrYd2zoNMduhQDeuA17DifQ72oAImhaXAgAABENSAAAABGgBBwoAB0JZ9kQmGRCZAvZcG-NKSw2x7GvFay6pYiI5ErMeFhCN22_iaDXS-ytkjAddrL30Fl6DaLKSXml164rt1RXy7HarVAB9Lu3ebyL3FX5MK4tF-qXYeEzcNGSj4OSU_hddFA21ZmoSerabHaI8Ult2L4-2RXzlL5T60ihhdjQYFHjA_cEcKUvEdK3sdUnZeJgPwK3n1sgMU4rr6nsfWW2eN4lPofbL-Iva4UGu3IKoZVIENCmHK0oGKbP4pjK-lvnL3HfPIHkAmjiJngLmV8iyCsxATeXO9zgUcJeevHvlHm6MSMF8AsO9rlJn08GpIzMKLX0ls51PmvaO-kmQMW-ewyws4d8AZXNQgAUaqoyAaJD8M9Ub-C4JDtUO6mH9q5wYEALexwiqjjaVdaWhegtow2-S2_0ppn9b3EGWNcQ4ZSaDGdnkI8uuZkKcMdDQRBkWUpA3AR88-tz08IBYq7osh9jHEP9-vK9Kifvfck5BDXdLVRJBOE1Pm_cN6ejV3wxP1SfwlXbjbMri3GPGdcFwHzgbNaXH1jsmFEiwEQccozEp-ruQvGF-kZIZzrPC28u5_PBnau0sAmt2nts_LX-19QzfzdNRNugEMNGGv4zCpYdD_Rgl2T7qlk2m1Ft1CaTcWVWHxZM56ah1roIxfHrNlTlTMy1zNuhvO357QSczAkBOUsxK2vEtoQXpZUp3_4ns_RQrxH-aMUIyFBB4bZ3B1xEBT6DCc9xr8KFMOYhNCbEY3a3nvZVtWALTaeq1vO_n9PZ1z-Za7krXiUaXKpC24UmR-XFX1ZLRElt9yfOiLOmhQlxYi1o2cC3kEJiLo9FvpfMdA5b0fys1d27DYB6Ww6nmxq8tBqyYbEA2QLEu209MLXLmVbiL4KGIKV1_kwcnrydMUXhdgbUxGWSDKQmjd7Wb0tBolA6_lJ1rHvtiH8Um-JJf6tiThz_ZOH44y3ylZv3lz-3T_2DMEG013qH3DJUa5eEb8-aA4fw_pAHJjd9UZQG_VmeGz-exSV9gMK3e8g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1964 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BykhHKD83ZZbKPNmqgAeep7fgBgAAAAA4AeAEAg&bg=!5-Sl5KvNAAY5nEQaGZw7ADQBe5WfOGGLomIe2GyyxA-cLWwTgpWJRcTOalYG8ZpbdY3a-kHRIvFsgIv9D2wpNlHNGeDrAgAABDNSAAAAA2gBB5kC6BlhiA8zBpKTQjxM4B-cc6Kh4_HXoYrGr8cT4nZFSf4Z2DhHljbw3cgnIROaMnk6R3FKnfI2L0_bYbCoUYkT8F3gvCyIsGCpmX29wORI_ITVZo51C5A13AaptP4wkolnPWYVEKBvJsWXZS7Fq-u6PeszTNt7Y2o9LTQ07c9U58zk_jTuT7vAyj4r3zfnyFFapJjj98ME7qn50h3YqZRclmYR52Zb0p-c91BRPfhraWn3612ENYROOvViyHedAIoaeUCXkmz1XwDMIvFPSPLo5eiREBNmPOlKtwxKn346Rh5c6DjUqx1murbeX3_7YjYK1gn9CmBmWdBfyZ_iC8TlB0qkl49gBaR09YBcYTiWg3BweS2t5uMlelvDlhLqZpDnUGtId9G671-W35xZUn4zhk3xBKg4YzzPvPnPI5Tv3KqBudkz7EngnI7S7zDvJN2nl0bGrPRDbsHeZ_2pVHRncdCehOOOt2nntAdxZmX41yjwFL8xn2UG5CQBdqesIa611GUo_NnwOIJKy2V560xOZxgdq4aw3Eq8m5YJuUbyOIkdjP6E7PH-Y9wBaTWUa-LdMyhofbby9ygmBXmMJgP-5QNTlLdpQXSJy0ap0smchjg4YlNs9Df4WvH-NDlXrKY966XQGfU5O0rjUV3LUH7BfycYaOXC5fe4C7r1Aku_WoLuslW3BtUyJ_zU1o-3dPofCAifXMYzhbrRqcRzboM335tr1EEAmeFFPPj4rlzFq3oEfNcqLOjK8MV4SJLe-ZMp-elFwf5Gu8QMY7vc-7XPEzxTo3XYcGjIOg0CcGKTPSrj5QPWsrMHMil7RdDYWyXEOirYNR267V8GhHB70i4uE4k-CkeLeP33YWQOS3tzZCTfqHGyX3UvoEFmlANAj5x6nONbP0E4k2dhyk8cCaLZ9THh5ygsK2N6MQJ5D55ZH3D7Ya9K2Mjm15I3wGploAbmJ-01zSHq-5zJ2_Szpnt2kto4g_aWIjq0Rg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9615 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231019&jk=3997054607154673&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
pagead2.googlesyndication.com/bg/ Frame 9480 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d341447828796fe3d9c13df41f7e1066f4cb4730571fe61c1bd6ac8df7e82fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 14:11:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
481182
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15187
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Oct 2024 14:11:27 GMT
generate_204
tpc.googlesyndication.com/ Frame 9480 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Fi_Vhg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:09 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame A24B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231019&jk=3997054607154673&bg=!CQqlCkXNAAaMkNwkrJA7ADQBe5WfOC-RXk7Hah7rwtfnnAaY3dxtv2SetcWhiLhEK7DU_j5SRRh8aKeWlrBywmtby22WAgAAAFVSAAAACmgBB5kC6PsBdNCtCDfrkZTy6Wg378nGK9XVfPomXPWaaUCC3BH4bkwrnYscbTESlFcSSIPlbaehnU3SJ2S0bQMJ1EAEQfFdxpLgqBUNh_UvhdkJRuAWblOJ2IJvdaCpY90tO3SxJ7fUjmClqNShnVbJzE-va9QJlbivkj6thn8ry1x_WsJb4qPoDRkxnHua5Q5wrrVq1ZNiMwFH7wMR-ygx5LslG_KEMK66Hn2eUVYDHrcU3tBOOCs84rX6HDcbu43RzPOxcousV7e1X5MdB4nKbB7JePSF4K8mVJpaAdIEDTzZ-aH-XdS7F_KXvxU0KrKT8fU1zhvsWDKuKyEdoSl6FreVeXhcjpJ0QUFyb7PTLYpxip99Q_ezlpWGNxvjYx3lQ_uC6l63twfT_0xMf1b2ottZIyWIETbS9EqUgA2D57jWDzOFrFGoKpgxKQ2MHEc9GLAeDiNPwc1xg9eh6Y6-HJimIEeqQd5KfovmtOBLzXlJ1Wwy9jSN7vQl1FzmlySA845F41say5Z9bC-Zgd4beBp2zO1X-CKMjbe7WSSVObp9p0YUaEZYTUo27wOL5w0DIiq1daJf67eA2jzittp6c1B6-I_-4-6ifNPBA6xq_XnXIGEJxeHAAchM6tdSNY4l16NTlSn_Suv7yYNkBG8j6Si33XnfVdKY0fxeuWc0GfOQqhXQmx3h7Z3rRf-ZLHFHX-TauxRV8Ctb-MPVp45G3UYydLCC5GzJz-qg3luxQxojd9vERGmHTV3FR51VaZHz4TTeHYpI14fqiY1e283R01lnPoSmSRG_5EM9uO8eXppX_z0nOKzBglMopcJsVK8qRt2xhtfod0ja-0AVCPecO3SHnz_NBRmOsHNLH5zbnuWFxLOFT-1SpnJ7RV8sETE0ydVkfKMT0BRCFQE4l4QltQtqnXVmXlZXi4dNAyLMbyRmue3ZSA4RmI5CrwrQAURdhWLoth2zpIOs9VaVDIpjg7--n8Hb0PaxuDfBlA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.turnto23.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.turnto23.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 24 Oct 2023 03:51:12 GMT
trinity.json
apex.go.sonobi.com/ Frame EF70 		730 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2223174006474d2652%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90h_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.turnto23.com%2F&s=dd9d7073-3296-458b-ae12-c6ed6a00d884&pv=0245b9f9-5b0e-44d5-aeb3-a45e7619c3b2&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22turnto23.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22turnto23.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.turnto23.com%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.88%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000007%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22594322fa-f6a2-4300-8529-316a7fb2181c%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.32 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
c743d7267e778c5fcee630883cd945ed036242546d40deb30ab705a0c105f752
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:12 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-63
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
442
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ Frame EF70 		25 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 New York, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
d4ee7375b721beb2bae6af57caa65db5e27e9fc46ef0b1563fc91c136fb14f30

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 24 Oct 2023 03:51:12 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.turnto23.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
unruly_prebid
targeting.unrulymedia.com/ Frame EF70 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.turnto23.com
pragma
no-cache
date
Tue, 24 Oct 2023 03:51:12 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame EF70 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.turnto23.com
date
Tue, 24 Oct 2023 03:51:11 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame EF70 		16 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000007,1,,,&eid_pubcid.org=594322fa-f6a2-4300-8529-316a7fb2181c%5E1&rf=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.domain=turnto23.com&tg_i.page=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.pbadslot=%2F65889844%2Fron01_728x90h_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=2393102dd2cc9073&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90h_desktop&slots=1&rand=0.8786741110930218
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f79ba9729864cf2b7471e83bc0f4e2e7f8508216c0da03f7792423eb0e63f790

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:12 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame EF70 		24 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
56cfbaecec5e1879f2fd9b76b669e80e66b54bb47893909cbb8c55176f7a72c6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:12 GMT
content-encoding
gzip
an-x-request-uuid
dcbd7113-441f-464e-ba22-733e29b4624c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.140; 178.162.209.140; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ Frame EF70 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Tue, 24 Oct 2023 03:51:11 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.turnto23.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame EF70 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:12 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
expires
0
pbjs
htlb.casalemedia.com/openrtb/ Frame EF70 		38 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1e9feae4ced72c05decb2fc212e1cb15399fc19cb013b1763ef75d665930812

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oqVL6u3qnJTJUzHtXhEVxIB%2B3ea63Z0VTuT%2FGnbcwZqpKZDdCp3qbYGAF%2BDbtUANUTQTVoGpE0B3mczu3VfBgKJM%2Fya9fEP0QtfD2qriXxeF4WCdCqP3g6JnF%2BOD3UYcZDpHCWkz"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81af428dfee71e6a-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
ads
securepubads.g.doubleclick.net/gampad/ Frame EF70 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=530274199045409&correlator=875668021917147&eid=31078932%2C31077693&output=ldjh&gdfp_req=1&vrg=202310180101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90h_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=13&didk=1238102910&sfv=1-0-40&rcs=2&eri=1&sc=1&cookie=ID%3De50e849b35181897-22f4cb2b01e300fb%3AT%3D1698119454%3ART%3D1698119456%3AS%3DALNI_Mb5gUuI9aS6qK2x-t47jw9hNBFWDA&gpic=UID%3D00000ca185f196c1%3AT%3D1698119454%3ART%3D1698119454%3AS%3DALNI_MZ3lXs6HWnz-gMYNjwKFORAKht3QA&abxe=1&dt=1698119472620&lmt=1698112272&adxs=436&adys=1839&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=12&ucis=fniz8jcxxyz6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fwww.turnto23.com%2F&ref=https%3A%2F%2Fwww.turnto23.com%2F&top=https%3A%2F%2Fwww.turnto23.com%2F&vis=1&psz=728x90&msz=728x90&fws=256&ohw=0&ea=0&psts=AOrYGsm6kFT86cffcgYmtmBTxN7uZ8SxgZWxa5WBfNCEcKg6uQ4bArNukrKLbSr4-Z7xXY9kgfiVCjTDCm0TsvZ2N_Z6TSdZ%2CAOrYGslufZY1wrz3ZXLvFax1q5z-SY9AJfhmI30K0jqn34x5rXcWedJL2aXzBRjW4VptdVO5zbkcmS2ZnhCm7fxlPlUB4fn-%2CAOrYGsmhIzktVEyvnEKGLh3RDVF9s7GcXmP8hUsQhJdvrnmXALqxAEEtgfM2C7iCjDHba0Qst_rPRpjt5ZGaRBlmmCMig-u6fxdrwiE%2CAOrYGskUQUIRfiPj7iYC9y-VbeJMQ1cpleo9DploVX6IgfqQLth_UBst8KBSLwyu-CCSXE_pzYynOFSLqEQVMYlViWJFgOT9%2CAOrYGsk910DbARW3vW69Gw6_K0z3GNEUExpe4wi-uX-aAUtI2CsrJ2y7CTjjGJHNV9Woxqtw9dNQyXwZzhKa11swtd7S2Quh%2CAOrYGsmy5VPgMR5LMxp3-V7XA1yGqtcWAaXRahwFZ4NK2iz9QjHjR_02Wjpz1j_bZ4D3VeCok5j6kcUOwTi6Ei7zzjFX_Dph%2CAOrYGslH8xtgbMj6KKJ7Z540ATQ9K4wCRVM2rK1-3sBUuuBE_bz1b1MDpn7VQYwDDTbivSw7AL3cJt8drQ_dODR4EZGTOAtE%2CAOrYGslvFKlkf1Yd8eqeDzAJGYOtMaNmE0eDNfcZH8dNpVWIhCMUWreI41fLNhh32nvToy3aQba9lYZqv7Ez-faRg8qp18iV1LbGsxU%2CAOrYGsmod9xpyXGvfwyFcyPCGPioYxDfNWPs9bYGS0mpj9WzAi-KQNAYdMJPoW_V3JJ1jKbXGZZM_j87LcPrdx4fSOpAoSD-&ga_vid=1990415797.1698119454&ga_sid=1698119457&ga_hid=2120292015&ga_fc=true&dlt=1698119454556&idt=792&prev_scp=Domain%3Dturnto23.com%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D728x90%26hb_pb_appnexus%3D0.04%26hb_adid_appnexus%3D25017ca87fcc7ca8%26hb_bidder_appnexus%3Dappnexus%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.06%26hb_adid_rubicon%3D2490959df363e64e%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.06%26hb_adid%3D2490959df363e64e%26hb_bidder%3Drubicon&adks=2445953488&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49c48af584bf8432de1861894e948356cd0c96e85404b3da17c7df96ae0e33b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:12 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11837
x-xss-protection
0
google-lineitem-id
5112246896
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138274588173
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.turnto23.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.turnto23.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 24 Oct 2023 03:51:12 GMT
bid
ap.lijit.com/rtb/ Frame EE06 		25 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 New York, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
71c13b764952f4abaa685ddbbf987f58d0ddf6e41981345549185c0a5de1a931

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 24 Oct 2023 03:51:12 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.turnto23.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame EE06 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:12 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame EE06 		16 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000007,1,,,&eid_pubcid.org=594322fa-f6a2-4300-8529-316a7fb2181c%5E1&rf=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.domain=turnto23.com&tg_i.page=https%3A%2F%2Fwww.turnto23.com%2F&tg_i.pbadslot=%2F65889844%2Fron01_728x90b_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=2130cfdee217a20e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90b_desktop&slots=1&rand=0.49154900474539054
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2b048e4e913da14f51d70cfbb564f1cf0b835d36df27e303ff88c2c45b01e1de

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:12 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame EE06 		24 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
083e424c9ea06cbba755b44feb498182988547d830966a2961b64adb888ed345
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:12 GMT
content-encoding
gzip
an-x-request-uuid
f8e1da0b-dde6-4c09-80a4-10b82e666a55
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.140; 178.162.209.140; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame EE06 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.turnto23.com
pragma
no-cache
date
Tue, 24 Oct 2023 03:51:12 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ Frame EE06 		730 B
978 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22219723db8d8a9115%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90b_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.turnto23.com%2F&s=bf2b698b-5c8c-4c0f-9d5a-43bcc2c52147&pv=e88b58d0-70fb-493b-8df0-9cfa1395c5b3&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22turnto23.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22turnto23.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.turnto23.com%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.88%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000007%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22594322fa-f6a2-4300-8529-316a7fb2181c%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.32 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
7ea4787d13f97914256b25002f633ef7d731ddeba78dc44ea3cac778880b3ffc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:12 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-63
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
443
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame EE06 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.turnto23.com
date
Tue, 24 Oct 2023 03:51:12 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ Frame EE06 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Tue, 24 Oct 2023 03:51:12 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.turnto23.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
pbjs
htlb.casalemedia.com/openrtb/ Frame EE06 		38 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9320aea699796c5e2d6daff012481d5a98dc981aabdb73c18fa0ef4b8867788

Request headers

Referer
https://www.turnto23.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2cv4nP5PlXjhxepmZj6fSY3MgH0Zp3u0UVbJr7evJuctN3%2Fi5g3bPdYpuTaMTFhIwYxEDXI%2Bsqt44lRH7mvlUT18gp0RewxX2UQbpLMTfDvH8%2FtWKBgLGkPgzeUfKWptgvBL5BZU"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81af429048a91e6a-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
728x90_ak_v3.png
saambaa-static.azureedge.net/sidestage/ Frame EE06 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa-static.azureedge.net/sidestage/728x90_ak_v3.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/6784) /
Resource Hash
3e18c8b1d97b6da1d013835a374ea4c88f5985ea76c176ebe93930dd9246bd21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 24 Oct 2023 03:51:12 GMT
last-modified
Thu, 27 Jan 2022 00:46:57 GMT
server
ECAcc (frb/6784)
content-md5
0BQeU1Z5BhFu3+87WleHgw==
age
337881
etag
0x8D9E12E85AF719E
x-cache
HIT
content-type
image/png
x-ms-request-id
5e6a3705-301e-006d-721a-03472c000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
28093
activeview
pagead2.googlesyndication.com/pcs/ Frame A24B 		0
0
b-bf5d88b-a63e596d.js
tagan.adlightning.com/saambaa-scripps/ Frame DFAF 		81 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fa89391e3469f8058741d523202cc91c8d09cd60904bb4e8b7f29cdd131e21f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 12:53:47 GMT
content-encoding
gzip
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-version-id
w2CFDfXgWToQaU2Wu4JnPbCVlMPRw.zt
x-amz-cf-pop
FRA60-P4
age
831446
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30736
x-amz-meta-git_commit
bf5d88b
last-modified
Mon, 25 Sep 2023 15:15:46 GMT
server
AmazonS3
etag
"a1617ff72fe85a663d89bf61d753aef9"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
4WQxrMqZZeOj7LKyfx8v8RoS75YcziNlBs1AeCZtVsr9yilugsn36Q==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DFAF 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:51:12 GMT
728x90_ak_v3.png
saambaa-static.azureedge.net/sidestage/ Frame EF70 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa-static.azureedge.net/sidestage/728x90_ak_v3.png
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/6784) /
Resource Hash
3e18c8b1d97b6da1d013835a374ea4c88f5985ea76c176ebe93930dd9246bd21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 24 Oct 2023 03:51:12 GMT
last-modified
Thu, 27 Jan 2022 00:46:57 GMT
server
ECAcc (frb/6784)
content-md5
0BQeU1Z5BhFu3+87WleHgw==
age
337881
etag
0x8D9E12E85AF719E
x-cache
HIT
content-type
image/png
x-ms-request-id
5e6a3705-301e-006d-721a-03472c000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
28093
ads
securepubads.g.doubleclick.net/gampad/ Frame EE06 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2815794612805761&correlator=3888221927787431&eid=31079032&output=ldjh&gdfp_req=1&vrg=202310180101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90b_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=12&didk=1238102904&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3De50e849b35181897-22f4cb2b01e300fb%3AT%3D1698119454%3ART%3D1698119456%3AS%3DALNI_Mb5gUuI9aS6qK2x-t47jw9hNBFWDA&gpic=UID%3D00000ca185f196c1%3AT%3D1698119454%3ART%3D1698119454%3AS%3DALNI_MZ3lXs6HWnz-gMYNjwKFORAKht3QA&abxe=1&dt=1698119472875&lmt=1698112272&adxs=436&adys=1105&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=36y50j6vebsh&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fwww.turnto23.com%2F&ref=https%3A%2F%2Fwww.turnto23.com%2F&top=https%3A%2F%2Fwww.turnto23.com%2F&vis=1&psz=728x90&msz=728x90&fws=384&ohw=0&ea=0&psts=AOrYGsl0nSuC-kiwvujVks3IGAtOBFyJp-rSXwzIMUB8FJ1H3jQ-yWL9J0ExGM538gyUAs43FMLRbVPVvLlvpX1DN4SaKnzg%2CAOrYGsk8u76-RYyqoCXpDPYRxIgwsavok_2OgJ3g1fDd17IKSEDhym8VNVX5xg_SUrJGm0eMJ9fVZchZ4s2iiVk4Lvzk9zad%2CAOrYGsk5WjsXQ1IH8dEhS9UsROU5puPVdKZ3FiA2rCCQE8Ur33BR6efE_RUgK_JvO16CJDNtgf0JcC126gSHoy_tu1KaYH6G%2CAOrYGsmlPH0QIP_uAifYW92yTxz0L11_Nt_Y7MGiGtaq0DfZ_gugwRom5qUk6vMErkiXPCZdUMh3jXOSNRBA9c-xZWXG-fjnDkQlMfo%2CAOrYGskuQbNkEhK7PJvRe3kCXJuyPIdOCA6UOQTjk1oISxR6vpEP-qcPqzV3an8bEwv6TsTJovcm7UapWcqVYT1w0N95Q-M-&ga_vid=1990415797.1698119454&ga_sid=1698119457&ga_hid=282875182&ga_fc=true&dlt=1698119454716&idt=691&prev_scp=Domain%3Dturnto23.com%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.06%26hb_adid_rubicon%3D22755994b1b2e775%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.06%26hb_adid%3D22755994b1b2e775%26hb_bidder%3Drubicon%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D728x90%26hb_pb_appnexus%3D0.04%26hb_adid_appnexus%3D228caaab7c5cb9e7%26hb_bidder_appnexus%3Dappnexus&adks=2587397766&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079032
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9eac23c3f5b38c720588675f36e49fe92e6a38dcaaf71a914372ae2d0e4d7f61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:13 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11854
x-xss-protection
0
google-lineitem-id
6152679486
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138412693540
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.turnto23.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DFAF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBVyhtLKtWeKuiMGRYIVY659WgH0pzEIXkJVHp24-ft4eKjlVtWQcTQLkomZVzNT8POWaOM_WoAIaDMy1selFBewHTnDh7AnjxVwRjbaw45SokGmi8wvgaSdhUIInbM9K3kVigknhuoq7UcMC91CSB_pfDObnYNDXLU2u6iNrbdINr037LFA3S8-b99UncXe86v5OjZmkFTmy8stV_Jal5F5yBuB7WTBAbtGscaZAcb3m6PDOQfXy-K7ZWFEdi0JDhIFqvKJ45n11Hh1m3JUUhERD39XysfkpFFY9DZcUfVT5lGN_47Pie8_JrqzqCJwfUQLCPsbG33hcs-7NcksEbHA&sai=AMfl-YSjA69sSg1z3fdFPtzz06ts0izhNMPUUkS90wSI1Y6WNeXJemyElYUmq8IS-y3LWKXjbtaKty-1RQavCnKFkPNqtjY9FNgsDxGmE0tzhAX11aLUQ19dPidDAduuAFM&sig=Cg0ArKJSzHmYwuyvc_KIEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame F9F0 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5yrvGATAB&v=APEucNW1sj6srprIbaXaVoKOaqHK0b74P6go-bZOUa3N34dYjm51_59sQYZ7fjA_hPnQSN0FgDX_HzBTo2AbMJ5ANki35F8Cp2eKIBIRmTxJx9YuULBjUoT0F9gBSR2T5teG2OsYUR91I8aSyCzPRoA5clf_jS1S-83yuoxnQBc_XG_OjRDCRng
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 03:51:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame DFAF 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:51:13 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DFAF 		42 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C0UksHKAeQEQe-93gL2aVZW4-QVm1Bz-vSF71HoIGQsD5Hx4Rlw8T6kNLeryXr6KfPiVaufFyNzsD9rWGvaJIBV2-osJZp9BV0i9R0UUjL6xlUrA8
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DFAF 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3326781331903443534&x=8&ct=77
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
651024ca-80f3-45b1-b350-6ba83e1b749a
beacon-ams3.rubiconproject.com/beacon/d/ Frame DFAF 		43 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/651024ca-80f3-45b1-b350-6ba83e1b749a?oo=0&accountId=24022&siteId=410000&zoneId=2299328&sizeId=2&e=6A1E40E384DA563B5E18EA4D775A8685FB2CC37484A2604B4ADC47D905FC15EA177D0837340BA608BAA1A6683813E1CE683D50851BF2EEDFA11A7632C9252E1517F2949787A01982B1CCDCB62963C87899BDDFEBC55FD3EA08D541AA523D52CA7A2813F474328DAE387F4D6A41BA11702B308EC93DCA036D7B447C6F8AF87FC54E6FC96756E5E571A070EF10DD1CF1B7DA4C5F4E9090450F8E6D65AD40408E5D2F4FBD6FAA647F6411AAA105776E0844D1DABB948E42499BCDA10306204D320B
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::57 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:12 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1A2B 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 1A2B 		0
0
b-bf5d88b-a63e596d.js
tagan.adlightning.com/saambaa-scripps/ Frame 612D 		81 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fa89391e3469f8058741d523202cc91c8d09cd60904bb4e8b7f29cdd131e21f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 12:53:47 GMT
content-encoding
gzip
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-version-id
w2CFDfXgWToQaU2Wu4JnPbCVlMPRw.zt
x-amz-cf-pop
FRA60-P4
age
831447
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30736
x-amz-meta-git_commit
bf5d88b
last-modified
Mon, 25 Sep 2023 15:15:46 GMT
server
AmazonS3
etag
"a1617ff72fe85a663d89bf61d753aef9"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
xy8jzCe1L72en4VuqKThXxMA-5zCBK27_548GUElmcDO27roMnKLsQ==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 612D 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:51:13 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DFAF 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3025625608565&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DFAF 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3025625608565&version=m202309260101&ct=77&x=8&cor=3326781331903443500
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame DFAF 		18 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AyLNCbUyWdsMNqZpRPsR_hA90ItgBPvrAS1wMW20qJhNqy1Q2xckWW5PEEg6rdjXzHZ9rKmOHEU2le4dztUMiGxstnctUPG8cchL9ZtLQG4-9kJSlG9GtQNY-_tMU1WJEDMMjp30Lnm9DhC6NNuibPNh4xQGezsFBBOBt5MCk4FmbLhOk&cry=1&dbm_d=AKAmf-BgS6wcAPyWhDGHTPcV3lOne1F3U5x5W4rBbDrhJUvrjWffNcmpem7Zx5DjpZlAto6RXrWbbuJoenTVwAhkQWkejuCwsiGd-8bDpVsehdfJ4N5Xap-5haT7_42L5p4zP6PnW3om-MZxjKWjebh_kFgns5pwIV3vqGwwfQr1tk7aXvBDPvRHeTIzHb4ftYiKw6F2kBRoNLuR7ZdetFZ8W3Rf8RbNh7aAWi-wAbCE5w9XMZ42b2dUup3wWiZeOOihx1V8NCtu8qzXAWQqQ2XVWdLCtFlyuKurqzFHSKh4cf-lWJnAwIGxfZ5Rk2dXwIHQvO3Dzpt8E4k_AmNdVkQAUBhtWs_nwVFPJKUCbKgOJ67MtDWy2zMQavD63Ne4C1j-bz_7SdIqidzdd6T7bBUQT6RW9-uBa3DYnfAFca4bkd9PnN-H4hXrtzCxrc72rtbL0zG2ooGH8HKlmzGVqOYHh14i-H1kP1sCfCWfNpzn5y38bRKQm9ygVtKPeB-qpwP8hcY4M1WUO-CI_79mmozNGlJNFL8h9pFD0leYRXV0TNCP894Kxo3ds256cSnWTb7n5hGIWz7y6qaiI6mSCmWuElk17woqG5wfGpyVgkdOEj9zqSmF2bCl788sg8PBWAq1yQVjuYIIJy7M_FQrydZWhhU4xjXV8fJDZTNQb3F3oeK0PJqZ8zelfpfTGEZ2qQqxX5-LaUHRoFQHWx2mW_finVI-lgWSOlX1J9CNZ-p0VMj3j3NwcjsQynr0Ue92O8j9gTaFda_t64j3-nVmvTX3AV02KqAhidTQVZxJNRvQBP6c2zbAzabll1-I2Jrkz2Ld7VGgCcKTlnH7em96Saqx6Sxs2c8dQ0XPtCmyGA8ve007KCzKgBNfgTjkjNqWC4NKn8l2z2GGKziVhopod9vtTlW61FSetgP6Cb5fGMYYoKzekXHNXmRaZCf316mOBnGQQXHjOSTQHYhdvQvwAnInG1FTRtud2V-uhX97NZV2gcrqCsm8aJvR8zHKaKXSV8wFlBSwAHh3atrM7gW4aOP94VBklgKpo_eBM7GiRRxTsbOP6bh5lwL_tHpghPNT-gFvWFAp4cZY22biSc78B9PGteSG3r6gtNliXpc4BIcXUte2weo1cfa6RIz_tM0BgLZOWukE2xhiB5U9w16XpFyVCpOgqXY0nxvhQRUawhmIwoyXpRU46-Tei0ksOYvGIB698O-54sYFXcPw1HEzHfTu7ncRXJIiG9Y94UY8NJOA3geNnG4xAdUVDtqpI9Hz25VGy0oOKBMzN6f8n1PFlqJ0XMI-HFknQCAr6Sfnl8HX0GdH3ySdVIYg6AJYl_W3zjtFXfCWPMKEuUjKKl9SSS9RgBJh6bR190b68NXVfGOfhaYxb4y24X2XXF4FTt-2uHup-ps_uCUQqsn2AYj6HiTup3UoJGztmTjTLSwnH9lXkSEbBX3dXU9jTjF8o5XRAWArZ8sh18HI7BsrI7-yiHk79XvTmNU2mOR6X3N0Tf6b9r2nhbJH7WEh0avIfdxkh_IQe-TAsuXVbKcpK9DVQ-tP5YwdHsgMLCX45JVbimqaES5p8J84-qpdXjuPm61_U8JvBjkagRb3w642i0VaDsIm1FiKSB6t9fw4_FY_e1Z4S25vUpGRovcJUc6RQL0FAGw_SBisaQIT9eJNdAEIMLmkk1NcpsQFHhpmLo7DfDqoo_hqgMh07ONlpCnNQVjwIaIDrCqi_TetKEMmPsO-jbzA1HkEdE2JZ5Q1O8RZNsqQbiKa8t3pouFCVhUL9NqNy_raO9_5Awpk-C24RnpCcu78hOx3EUtTTb9rxtaNIYgKZcJZr9vgYr_YUkixZHhTCFS7tlyFZa9MkZc3exfISXkJa1HQycevzi8TjsPrdC9Q-YJgDXiXM6ic4Co_j7m9ATRWfD7cclPp1gwPZwf_DBUhr_RAkrXSXlxdTjIBMkya1faOcPrTCFxeIen53ZVP2_kecpkteszVU17zVBlPIX0_TM4FeYFKWAW0D5W9sxiLIE7aT543TR12BUcD7gAs1_iHfOXUfy8rRVAV3Yqm3CWi71YE49QPjze4c1p3JZY1wRvPdnImNJGBEoFPmToZVdSU2Y-7gj4xAjeK_Ezn9CnQd3Yl5dEPl99HvLT5PSi03r0JVHjztO4DzoMgFAmNM2s1VFBK8dOZu45wdnHVy8Agpw7NiIieYe1LSMAc_rJulU-q7xh1vRyRSv4OaJN3VNL1Pi8ZSKjHboRWvSs2SBLLoOy73qYFSG_wwqOo6MpZ6498RUlaH64WYHB5-4A3GRheFXIUazx29tmi3rapnaG483r-eH1jh4svmRUi16DFIqCHKPJsdHOaZ_-cxJP4lOM_X2Iqb5gwY9oz4JmVHT9jJ2zxw3lIufdFLtcREyhvmNg1xaGooHpRrYN6XRi2_8w2QqH1C5GdCgfwxUGcrFa8nVD3PmOMEcQ2tdKqZekXO8zQpcui7iVbP8ZDhwBYQhviIXSKxmqPmXNDbrvAc2qfgWOrN1JlQC-45KuvChj6CtaxCUDxtEIAX5-pbxgrHBGuR5n_OXTgrhIU6KAeNXozsZAzN4amvGAj7q3MN7pG5xonT6MMWqxgahfEEii3sh0Sp5KbKKx7XXkMYwBjsW99Gs2veP9TFV69QrP3LnyJR3Z5iJ17R1ny_0GM2s8z-_j02Z3Y2l0CD5BQ5k1hbbT-QSPPmR1gSV14I7VFzR_RoQgNPYm7lvi0oPfCTfEwBm5OfrZUEf0KuAhZwXic7jON4y45eapf6t9iKCyYKtYOYaw3e-zZMpEX00CASGzYWJiorqo87n93-15pvx5MjU_nP2pUuFUDXZbfq3J9RbM7rf9iZTBoc2BuWpvLrrV-jLhOIVEW8M8e98StKfLdSqsxR-ewd8upyrSpODu9kmbYf_l-bYgAXf-f4y9ou9r_DPr84TeTVPsdEIAJWrPiwrr0MEMUNPb8xNfkWmRqi8adezGdGyK7-v4GCM266HqWAWz4aFk9kJ2RTtQngZdpZ6mG4X7tNhGsJ6jLLe2Qqz_9Tf4ShEzmbJSLXdd_MFVciOgVOxi8re_6jp8UefwqO6qlgAK-oT1841M5derYnFqAIYpZYY1P0yV5qjWqOYl0XqFRrxSQTg8G_lhBQxwlG3mARuEdR5UW3w_qMAwQJj6iNgc7G24eej2XTHL0YvWU-bLrK0Pw7MwQq75a4b7qVuRxRCxWFYvuyj7FRXglW_n4A_rllXTog1V1bID1QN16wI-M-pKvwQEyQEiXpj9qrWJtS7sh9LmpQ7O2_kIfKc9n-afh5uzvrmcn-TfCXfnpFGxoT5vChE5xPH4Yzxq9P8wWx8KKgDM8IQXuhH-WLgAwth2NEIwdf5VkiarZefb1uBgA0TSxfuL1yEZ2MWzfKuwtKZzJwwBOdPEVJTuhRZqXH5QZRwCdi_YllOH_K2h-VATVkFSmoOpmZHPFF9mJ5DNkIQJGSUD4yM6lmK5rHIUYdyx_GR2ZB3UG-ad-J0a9DA51-pGZVroj1WdEUhuOeKJZ-UgFJuPGJLnKnlZ_jHi2tf7WA_fF_WhtbwIWeG3uq6VyZBr-A0CZ7ercVltmb6aZQbiMknufGqvP2btnckFIWUtinF6CIRUjARGFh-UNkfK275wNxylSM1jVEbT-rl3F7zkzOQFVRHHOwTH0rcJZOjT_qRvfg7t6X-uyUHp7fdJcFe8kmjgsuvJJ6gbXzSOBYFcgWep56ysSiJOeWnfQkdkGAE2PW9gF-6efdLjwV4_ZXh7s7QLIY9jTUsh85faDXGK92qER1K-EcuRsmzb6_QZperoxuHA96hXlmBkzZSqG4a68Pr0Hj1pqxWBSpiG7gkhwbqfilUEsfe40BmQB5FEq0rwXeUB6iM6plYi2Cls7htHt2JrZSxZTqEXp0DfMpJXoATBRFw&pr=8%3A6A70B232D8A82543&cid=CAQSQADICaaN6vEnzfkK6f1U8MA6p-gAJRPYrBnOPtsUDZX7HeN4Fr5N8Ft0dkaYvnENXqU5Eek7AxFH4NRSROXD2tMYAQ&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.turnto23.com%2F&ds=l&xdt=0&iif=1&cor=3326781331903443500&adk=1883044388&idt=187&cac=0&dtd=6
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
654adabd3506b74d12b836a8e08e7f762c71f4d30bd056657c8093d5dc6c760c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13262
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 612D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsulqXhU2xdmdvrT_JbTjfFoWBVDFHXseXxSnFnlHYm03kGjyIcWfk2wcLIzQjaXtIwD9JE_RbZtkY17DCtJmLGlpiKskNevC9AcrVLgvzCLCxf6fIvECvWO904RC1Zsp6KzqwuqhxLpe5nNJHvVafJcx0f3RuHGWWFuXBSoo3lAHtvMDW64Z3UKpweo4QZRlLeYhd8tLUPPNxHoslyQMN7eF5WhbHAKRUf-xM3GRl-_Dj-6VbeeQoC6aNni4JmQaM1ullDaUJGgWK9efAAC4pk-1Lsg10GQ1wC3AMpTlEKWlh3nD_thTapY9FjQwbW4tT6BUrS9GZkPd4Jl0SjrRty0tLFbNHnsKo_07nGYugVWpO4p0BILOm8&sai=AMfl-YSzNU3zKl19IhOzuRWYDRlQ3DKogdt3h1uTDd9o3RcDFDlNOHIQPOvNePrVP8ZZOUktOK_CFQVFIERy33ah7-V6IE4V5-oN6ZSN43oXNM5Yd6aT3131ICZcyQGrKqA&sig=Cg0ArKJSzNIiR_ZpnZPgEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame EF4A 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5yrvGATAB&v=APEucNVGffyXAJ4DZmOtd1Gofz1wgYVMvzjTrRNQqwmUxOu5zyAoS0RgcC7FouvSoW0SN0Ni273cVgegsShIJmRHtPj6_zHvm4URZSqgc54gHEB4JBYU22eyjkx6jCagMDMSaddlPLJ0s3RByf3VYZaCAz2uto13bFLSdy8P4ldjPR2-4U4VwHA
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 03:51:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 612D 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 03:51:13 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 612D 		42 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AhQBH3BJ5Xj07hKHaztPh_g5OEjf_N9e22PDeNnQXoVQYp8EgjJnt4vtQEK5r4xtFS34UDQeCDr_yf1j_-XKkeBR8OUuq96HL_aBgO0ig_zvgnm9g
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 612D 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2995594952250335516&x=8&ct=77
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
628487c2-b1d8-4bb4-8594-b309d7203b6b
beacon-ams3.rubiconproject.com/beacon/d/ Frame 612D 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/628487c2-b1d8-4bb4-8594-b309d7203b6b?oo=0&accountId=24022&siteId=410000&zoneId=2299328&sizeId=2&e=6A1E40E384DA563BD3F98A1E01599F53F38E2418805C70A7FD3777033CCB10DA106AC1275038B04B1254F08A53DDEDACB5C2902C8625ADA48D37A235B913ECF1B8CA893C0769847CDC937872C48698373B3181E0EBBA7E95FA7428932CC2A7A660E4E1E54D938E50718940885A9AC4EC1685EE102E46A4520DFA770CC32F2D5E69A8906358651F3372FEAE557457B19ADD4247D1612265B4CC5DCC17448706E275FF8398328C25957CEA453DEC626D02D146B15E7A1F3BA3
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::57 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:12 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame DFAF 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 18:02:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
467310
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 18:02:43 GMT
encwumjulb0v
hal9000.redintelligence.net/zone/ Frame DFAF 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/encwumjulb0v?subid=&gdpr=&gdpr_consent=&rnd=1698119472353993&extVar[]=DV360_SSP:8&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCj5H_MD83ZcnNFdazx_APrZ--6AWbpoCiadWS6ovOD_YuEAEgur7wFmCVgoCAsAfIAQmpAi77K4TJ5bE-qAMByAObBKoEoAJP0OJRcyEI0cpNK2kQPOf_mok64kr9sL6Ddu1nJYn0mse5yNnyIPRaOEDLU19FYwUi0LJ73Q03-XSPIRphQfMxfMDD2DOC1i0ODYGoRNTp9A-K9ZktHdlsE94u3POR9aDZfAZcEH1lPhqcyUGVU8WmBvC7bgUN7JqWMDBI0kcFb_7OvZhQQMYjRNFGWGdWPlgI5TaPMhMKgHj-LX6iy7K_qcZHJQuJGFd-U9m1IHUDxZoLdR0xQx0CwnYlrvODGmV2krfK7-fAtlIslQLMbhD0fpvKsfX9uMVR-w4t2OgZieCkfqOhlhDD4z5YIQRFbI4jR_7qIIMAtr9GjcjpUVLCTI2J883bLd4BETKrCugdKgjtYqKMh1wKsH6Lm_87dJjABNGiz9SABOAEA4gFtd3Jgj6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYXzICqgI6AoBASL39wTryCA1iaWRkZXItNDEwMDAwgAoEmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CREWwE7OgqxTQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSQADICaaN6vEnzfkK6f1U8MA6p-gAJRPYrBnOPtsUDZX7HeN4Fr5N8Ft0dkaYvnENXqU5Eek7AxFH4NRSROXD2tMYAQ%26sig%3DAOD64_2K0Ui2nMZZdNNPYDJBdaOzZ5eXqA%26client%3Dca-pub-6579838053286784%26dbm_c%3DAKAmf-C52e4r1m1HUw1UenigKHpoeYf5WLr9ATkqgJHlkprvvUu853s6yxVEMrB2JgwptHPiUGFio5yP_kjvz8lTnSswJeV21Ftww-xwl4_ULcittGkMxeDbAgUOgYjFZDlZ-Dbs-jL56ZC19j2Vg2yrE1rhZ68bHwZh9GeaTrGXRJArtItKaC0%26cry%3D1%26dbm_d%3DAKAmf-CD_8ammSDd24NB7lDsEcLR0o0qsOjjpAMN7k5N5IPU1Rph4kIf56EgvmKWDf9pbrQ04-Dz66R32OYv04MqPX0FLmF2IG32JC6J682zMouW-O2GepnQ7_q-0pi2WeChqmtjw3QhKYmcgm19AHyyISvbtvDgyPZUnYLojCRpqjNkcPTTUcMbLwk4n-Pu9hdmthi1-nOA0PnI9sUYti6quLu6Qfd5vAJ3aQLd4R8ld4Hdzf1mqRWFupbxgy1WJwxRsFEOQdxtwrKs7nOTAPai2MAe6uXtoE2DTGj6a2vyEfsEqT09VkA24UPuAzh52D9TXSxcwJiUFmMYkaMz6iQnxhZFgxKZgXR71vKDg3DZHh7Noi9tPpXJ0Lm8tPv3G-jUNA-f7KMp2BgoEhpPGbS-nOG_ADEW_YmqBhjqQjh6EfvEhiFWrDZxRUOP_G77KCI5zjd8L413enJNGYY2o92Qqbziq1kX0YE5Wm-knrslHTD5kjjPsuU-X2xUJr-mHMnvo_wgNJr-f5ENy8dL3DsGDM2XsgvNvK7r6k8IhpCFup3is1mhtnE%26adurl%3D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.104.53 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
c9926884daeb95121339e70e0867a892cb1a6a2c95dc2ffc5ef32aea565e6465

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 03:51:13 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4217
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
view
securepubads.g.doubleclick.net/pcs/ Frame DFAF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu5TzNyuoXqx4dJ2f_ifpHRLXS_GXk8l83h9lP0vvy7Wc87YBShKDkU2YDF9YfuA0-ZUXQLUv90wNugggKDbS8LDhpQDlTEi5VorqNwo40qadt9AOXQhKToM-kEfJE_E-gEgpkIoNMua53-XSxBLDRIxVVx-o-5F6mxIeF8KArKfrBhDYiZ7QxZP_j3HdNanpqbVHYgNpEW6Ti3cnN3pLJdle79w8-ILQcF2dK7xILaO9Nk_2F6LIXOi7kBIOz8zALymgih8YN8OJB34-fsReTi0sDDEszsvDbmxyYmKYJd2WeJQnPlDQgM0Mq5ycPchbN0BatcmIGQJ6VUEIgGpD4Mctjm&sai=AMfl-YQj7el1bbJSIAGOjPuPK5A67xEFkp2cNWB07B4kBaiDHcZ19sVcUG8eDEfb7UasE4ABiRKB6DAJr02GOJoWCqowOpKixPaFW2O5qpA3D1oJFS-K4Uk0POnOBFWkirA&sig=Cg0ArKJSzELJmSpjLd9tEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 24 Oct 2023 03:51:13 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 612D 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5461230249317&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 612D 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5461230249317&version=m202309260101&ct=77&x=8&cor=2995594952250335700
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 612D 		18 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AtsRYefoAPHrBhyVPx_OMORLJnKbG_edlnRfdl5oGUhquQXawwUD7kQcgFAfF5xIq2fYYX2vbD4frSX_qS2oJT3vl_XyBfLo0NSQb3AB25SIY8F2KvZKD1jCIr6I1ObPdAT2YRvkRIiqUA7tBmqnBsXCfAsiKHWo-RmX_JgLPTT2Jm49U&cry=1&dbm_d=AKAmf-CvBV7x-bBP6irib1C9MfAxd2ocY6ULbH07Jy67vQyjI_S6NkrqBBMSZ-3R0pw18JpZykHD6iec9pRgw2IdBNa7RsZWl4cwGYyMHxxr57G2OW17a3hP7Qv1U4blQtf_2C6TNg6SnxSjJmLfMDPz-Ccv8IEixGblUWfawnvU0UWAksIi0vu3Q2NOtLMsqyUHk6PEiaHEN7t1vLBm8di-WyFGfCwQLbvYD_dd2JDd2jHIDRf-NTu-1cvMJUEFDSWvgGbHOkGZbUj2l1AR4lcN6cyDC3wRKagHFt4Mg4PfWoGLOVC7yf_0Yk04-LfWMKWmTq3Udakshw8On8Nbsv2eMFZfB5BUbd6Dw0mGOU_Qow4xP3LIVZKNG7Nx1iP82pq-LVGOUhX5vq51Oka1xi-sXitghKRZTFrZnGvOcvHagoeThlGKtjv3M8-vUYUmz4jovZFaHBv_RBfcK4x60__uJeL705VXmP0mSvhhh-5yHk-SArr0M-eKU95uX_bCHMO9yNLTaAsL7lphs28eGZCMQ_qQ4RcCFLjYRecAteQEydxO61jCwKmL3FavVQuw5yGx19LSB-tzRxU4n0zB8tCbY8RPm3YM3cew2n0Dp06uCMVMzepOzed21VhgfzJLXg-yYVKi10VNzm4ES0n0C7qo1Vf3-u5lL-w6V8vnM5WRk1VWuU7STqzYRuhKj5gw2Vw8IYm571s1XEvp5YdEMIBjw856kXzPf0XboXclkrRuuQhBigUIiPFP5YcTezFAhmKG6U_fD6w_eOdvZPRITjsao-fEHuNJ7aBmnMszPis84M9EzWlgkkumKGn5w2Xa9I5iaeEmu23oqAxu_zxmx7HAyjbCvDIcOgh3ct7dX1-oaGf8H4aI9K_QZvdJDYeRJhFrzXRSCpYmgLrpB9jC7OsACBTPHGEkH_Itw4rXhwVhqFoYVtD-u-HcJ6I6ZpvVI402FHLcL1eZCjZsx6joq-Uk6LtzbaPLaiZ9ujkQbP1inJCGy7JlLktwDpS-Q9Y1yTVkA4t0xQQFDcxseX75uaOwmi1wJ4nnwVkxVnObphzwOXbuMjM8OQNET02NyfYczVzLRTTwAamrFBdsOV1K-Fnqc3fgDz-BfYgTQvuLgGwLF4d8J1v8L2ra1tVYJzT-bQHLFjh-FcR8ANpd1w4RNDxoeyaZwfD4gR6IiUM2-Ni70q_l-2SDIYYVTLhpsxGDB9Fb_-Jsp5PMhtdnDgnOU9c0PQgVWRmELoqNRl3eWCnk2s8Zdx0VsvdyRBJpCo6CS9ukqkSvQll3_F9R2KnwhLZ7vp1CsrWmefIHI1oS7N2zkBNuiOEt5RKyWuOzyQeL6bE750TLOl4kWzrfNzHs2tv_lTqTTRCJ-Qgx_GDs4jQLGLzMH5kjONwKosr-srRZfo3KsImhMaXXIR0jzt_TU_BgJYQxz4QtS9EkuGxcNzhL2auosN5rdbdiVR3kFMiOdx2V-k7tEVr9UAwmHxAmORqrtXSX2WsRu1KrZ_-BuvtfMWaePSB0R7eLR94KXxQf-kC75gqUTLDnqPC3ugtHSXKCh2fez3XB0n0GlQ7XGCp8A0XjCKOrvbEaVOfisCX8m3LsXgLVMxG6lWboKQAf86zSju0_lJSeOiY5LgJuJcQ-FeFcJ6-nao8trbMYdqylaNrooRQ2f2F7DYyNh9t1Z_thUNKyQuOoYcqka36XlNtNV6TLLiFLbOXwMcZmckv66Fq-2WUR96qWBSZl6_Oxb2VEd9m6tf6ypabwbp1mUXEy0ql7zp1EntLBkr3_-yGolFVac_N5IRXTdk-d0liFdLQaIWKTDUWVqJ9R-akAdzr6KLgRTIDvLh7mA7Sq0jY6oFuy_iP0UMcwmg2eSzmfxSxv9RlEGzpHfFEFf-bU9hUY9wTNZfd-g9O9c83k-nASuLK86I4vqU3mbrGtLZQ3_Fjon7bW_svpGKYHKttP4mBsyHiEXQa_5tBOpuvxQ5z3GadMZrni8QFDptGp5A78miYx9BhcLiM0pmhfMxf61cQnS0Z2XPTT2xJ96jO_SVDSRljgXm5tguvdy_UF5xnoh0dB17afukE8Xw8WFcNM1ZawYN3fpayri-djmSJclh25gFvAnL1MmNNAcg4l6-zxKGZVsVPcCGPUlYYtfSawIQyURjkJ-FvlbPqqhwk2FzuWJNzRl6PE0vetygJAivo_7HslwV6JK77xDRJWdK-q68UH6X3MqIqr4kpJ-_MDetwjqZwYXGH57HlfVk0UTsItUkWUKQItaOKH6e_NL3RgHOR-mUu_JMRVcJU-xjSkLQkR-j3CliWxtEKKt4GBn1B3ElHwk6jW9i-0M9eCDJt0_d9TTyeUDO_B1a1tk8MiZUMOh7Jh6nUh9SUUsoXdpXhYa_IzVNGlJctsS_x8tIxExFiEtAY1lcZZ5eRU0474MDSk-DeOwTMLWYTh9SVIS-Dd-EvGBkM8q0fk5sZdbUa6BCan_1QMmXCqjw58SFrfsYRP30f0USu9OJfpsemiF1mBEr7ifWDmLuZ4JEddaZSwp0wVCtjtAsw8GLrBLCV6KrMyKgwQRVOuVBeiHDtI-mTKK5feZ0bH4o7257F4KnKTuSd9cbiXKPQL9v4zcb22EqqE9fxaw9na7vpgwu3NI-C5KxaGT1sVBLGtgY1ZC9THq3T0s7icp5tVewtHSW0MamZRjH-3rXRfk_y081mcIm5BUCm9s-gTqPPnEFTs2_2QSIA73BJqL3DaofwWjPkEujEt3UnrslKotLpaKvehomJsonMnlMt56EDuDKY8o5eYdQcEefcZAC98M4x1KGP4AsdSrx0UugdhkK4AMLa9QDHvVRdQsR2E2yKSqCsY4ccQAzInhVlgsvtN02OyVA3dGvf6QLE2-FNmqIpMBhrE4TmgcLC5Ceh4-FT6X8HNBy4llKl_RoCrNm_njnauvWInvuRVdvtq-eY6bojrCVzBjfARALyKMP2kWAzHSa26QJg3seRe8xEj6Vsb3eJ2OdUL26gqfjvGJI-4an_xuogPKZ6cod4YUHbdt2ZUQibZoVIic9uiIt2NTwpEBo98clfT44mglgho7K00hlyMDGwin1dXSywgnBW7ay0_oQNLldTCyzkua84vpJVY4aABWnmIIPSe7kZ4ZsaJUFbgXiAT9bL_kSdWrtjf-dvsMSZNjBpyAIUDGtv9Y4UCt46UabS-YIGk2iB4NRo5e20dh1xk7nSqosKMJaWKVJ7lJgJ_b4__LaVh4y5Yqe0ICIjMLgiqx08NalZNx5vL91biYmLIK8c5V73WB6P_48xUmMGYxGXg5yFUQq0_nQgUc4skHefZubjLWqi1h397aQifeRUrteyxv3mVZsog23csmldMjoOw2lkweHOE6vXHMwcnnhIB5Z0DB9z5iT2f1c7JJZ1p6T2U8Gm67WsgvW-_Eo4Vnwb0CMCdYe8vi6mgB0krvd5RIe95sQ-lzcnXBjawDoQ9fgAOjZhkqPl9JGiU0-LMm1ZkefIL05WQoT-kfTC72duusEQHHkijho2P1OB1Iu_bXv6-J-Fx1kUyL_GvcumMyCLK22pYPqmPnjyipusJD5GUqW5vEDew4VqruTjUV-4G_XyRKTBvpx9f_zIJTlfd8VOKRKwndxJ0t3KHgtBwMzFqGIDve9bgHAhpQROF8_EIu_gG6g2gDG_LSYmNKANzUTm1gEC1FG9jlvNlW1j6Hzr09Yo_9idKdwZ8vKyb5sHPD8YHJKeHZxGwskrFBTNL_T2o-mgtbLUtEPJNJUJnOA7vKzHaSBxD9bGmqlKLe7XvL45sLYyXdSvSwUYnhWkdIAHR5PwRHwHByBhUEV0R1b8hQZtaw_4bOhIj0OsLaDOvRt9hf-TkHP541MMDUyJtMnjWNFNA6ifPeeyXZo-vwb5hVgQGVBhAsbieYwsEfoj5nE3ChGur1ZdAsp5VwA&pr=8%3A14D6CF88847B142B&cid=CAQSQADICaaNdtphya-PMVExwRoFC2P2UFfjUMZmJDSRK44ek51bTCUzYCpfbH0-pzcTumyFFpY4sQnZZ5cVsGfGeTYYAQ&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.turnto23.com%2F&ds=l&xdt=0&iif=1&cor=2995594952250335700&adk=2301766802&idt=38&cac=0&dtd=7
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9cb57e066773eb8de83df1e62a359d6dc33c34e40965cea8f61928b2db6b0d64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13527
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9247 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
359319
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Oct 2023 00:02:35 GMT
expires
Sat, 19 Oct 2024 00:02:35 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
request.php
hal90001.redintelligence.net/ Frame DFAF
Redirect Chain
  • https://hal90001.redintelligence.net/request.php?zone=encwumjulb0v&nw=20&renderingType=javascript&namespace=d292e831bb&subid=&uid=db147bc607081337&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90001.redintelligence.net/request.php?zone=encwumjulb0v&nw=20&renderingType=javascript&namespace=d292e831bb&subid=&uid=db147bc607081337&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90001.redintelligence.net/request.php?zone=encwumjulb0v&nw=20&renderingType=javascript&namespace=d292e831bb&subid=&uid=db147bc607081337&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=1x1&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A8&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCj5H_MD83ZcnNFdazx_APrZ--6AWbpoCiadWS6ovOD_YuEAEgur7wFmCVgoCAsAfIAQmpAi77K4TJ5bE-qAMByAObBKoEoAJP0OJRcyEI0cpNK2kQPOf_mok64kr9sL6Ddu1nJYn0mse5yNnyIPRaOEDLU19FYwUi0LJ73Q03-XSPIRphQfMxfMDD2DOC1i0ODYGoRNTp9A-K9ZktHdlsE94u3POR9aDZfAZcEH1lPhqcyUGVU8WmBvC7bgUN7JqWMDBI0kcFb_7OvZhQQMYjRNFGWGdWPlgI5TaPMhMKgHj-LX6iy7K_qcZHJQuJGFd-U9m1IHUDxZoLdR0xQx0CwnYlrvODGmV2krfK7-fAtlIslQLMbhD0fpvKsfX9uMVR-w4t2OgZieCkfqOhlhDD4z5YIQRFbI4jR_7qIIMAtr9GjcjpUVLCTI2J883bLd4BETKrCugdKgjtYqKMh1wKsH6Lm_87dJjABNGiz9SABOAEA4gFtd3Jgj6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYXzICqgI6AoBASL39wTryCA1iaWRkZXItNDEwMDAwgAoEmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CREWwE7OgqxTQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSQADICaaN6vEnzfkK6f1U8MA6p-gAJRPYrBnOPtsUDZX7HeN4Fr5N8Ft0dkaYvnENXqU5Eek7AxFH4NRSROXD2tMYAQ%26sig%3DAOD64_2K0Ui2nMZZdNNPYDJBdaOzZ5eXqA%26client%3Dca-pub-6579838053286784%26dbm_c%3DAKAmf-C52e4r1m1HUw1UenigKHpoeYf5WLr9ATkqgJHlkprvvUu853s6yxVEMrB2JgwptHPiUGFio5yP_kjvz8lTnSswJeV21Ftww-xwl4_ULcittGkMxeDbAgUOgYjFZDlZ-Dbs-jL56ZC19j2Vg2yrE1rhZ68bHwZh9GeaTrGXRJArtItKaC0%26cry%3D1%26dbm_d%3DAKAmf-CD_8ammSDd24NB7lDsEcLR0o0qsOjjpAMN7k5N5IPU1Rph4kIf56EgvmKWDf9pbrQ04-Dz66R32OYv04MqPX0FLmF2IG32JC6J682zMouW-O2GepnQ7_q-0pi2WeChqmtjw3QhKYmcgm19AHyyISvbtvDgyPZUnYLojCRpqjNkcPTTUcMbLwk4n-Pu9hdmthi1-nOA0PnI9sUYti6quLu6Qfd5vAJ3aQLd4R8ld4Hdzf1mqRWFupbxgy1WJwxRsFEOQdxtwrKs7nOTAPai2MAe6uXtoE2DTGj6a2vyEfsEqT09VkA24UPuAzh52D9TXSxcwJiUFmMYkaMz6iQnxhZFgxKZgXR71vKDg3DZHh7Noi9tPpXJ0Lm8tPv3G-jUNA-f7KMp2BgoEhpPGbS-nOG_ADEW_YmqBhjqQjh6EfvEhiFWrDZxRUOP_G77KCI5zjd8L413enJNGYY2o92Qqbziq1kX0YE5Wm-knrslHTD5kjjPsuU-X2xUJr-mHMnvo_wgNJr-f5ENy8dL3DsGDM2XsgvNvK7r6k8IhpCFup3is1mhtnE%26adurl%3D&documentReferer=https%3A%2F%2Fwww.turnto23.com%2F&ancestorOrigins=https%3A%2F%2Fwww.turnto23.com%2Chttps%3A%2F%2Fwww.turnto23.com&random=2249981693277&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Server
46.4.10.49 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
38df44fd0aa4188d465579a32c2f7c5d0ce2b7aa88ec21b904923685e72ef27d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 24 Oct 2023 03:51:14 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
92804000009849004444640012487001
Connection
close
Content-Length
926
Expires
Tue, 24 Oct 2023 04:51:14 +0200

Redirect headers

Pragma
no-cache
Date
Tue, 24 Oct 2023 03:51:14 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=encwumjulb0v&nw=20&renderingType=javascript&namespace=d292e831bb&subid=&uid=db147bc607081337&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=1x1&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A8&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCj5H_MD83ZcnNFdazx_APrZ--6AWbpoCiadWS6ovOD_YuEAEgur7wFmCVgoCAsAfIAQmpAi77K4TJ5bE-qAMByAObBKoEoAJP0OJRcyEI0cpNK2kQPOf_mok64kr9sL6Ddu1nJYn0mse5yNnyIPRaOEDLU19FYwUi0LJ73Q03-XSPIRphQfMxfMDD2DOC1i0ODYGoRNTp9A-K9ZktHdlsE94u3POR9aDZfAZcEH1lPhqcyUGVU8WmBvC7bgUN7JqWMDBI0kcFb_7OvZhQQMYjRNFGWGdWPlgI5TaPMhMKgHj-LX6iy7K_qcZHJQuJGFd-U9m1IHUDxZoLdR0xQx0CwnYlrvODGmV2krfK7-fAtlIslQLMbhD0fpvKsfX9uMVR-w4t2OgZieCkfqOhlhDD4z5YIQRFbI4jR_7qIIMAtr9GjcjpUVLCTI2J883bLd4BETKrCugdKgjtYqKMh1wKsH6Lm_87dJjABNGiz9SABOAEA4gFtd3Jgj6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYXzICqgI6AoBASL39wTryCA1iaWRkZXItNDEwMDAwgAoEmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CREWwE7OgqxTQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSQADICaaN6vEnzfkK6f1U8MA6p-gAJRPYrBnOPtsUDZX7HeN4Fr5N8Ft0dkaYvnENXqU5Eek7AxFH4NRSROXD2tMYAQ%26sig%3DAOD64_2K0Ui2nMZZdNNPYDJBdaOzZ5eXqA%26client%3Dca-pub-6579838053286784%26dbm_c%3DAKAmf-C52e4r1m1HUw1UenigKHpoeYf5WLr9ATkqgJHlkprvvUu853s6yxVEMrB2JgwptHPiUGFio5yP_kjvz8lTnSswJeV21Ftww-xwl4_ULcittGkMxeDbAgUOgYjFZDlZ-Dbs-jL56ZC19j2Vg2yrE1rhZ68bHwZh9GeaTrGXRJArtItKaC0%26cry%3D1%26dbm_d%3DAKAmf-CD_8ammSDd24NB7lDsEcLR0o0qsOjjpAMN7k5N5IPU1Rph4kIf56EgvmKWDf9pbrQ04-Dz66R32OYv04MqPX0FLmF2IG32JC6J682zMouW-O2GepnQ7_q-0pi2WeChqmtjw3QhKYmcgm19AHyyISvbtvDgyPZUnYLojCRpqjNkcPTTUcMbLwk4n-Pu9hdmthi1-nOA0PnI9sUYti6quLu6Qfd5vAJ3aQLd4R8ld4Hdzf1mqRWFupbxgy1WJwxRsFEOQdxtwrKs7nOTAPai2MAe6uXtoE2DTGj6a2vyEfsEqT09VkA24UPuAzh52D9TXSxcwJiUFmMYkaMz6iQnxhZFgxKZgXR71vKDg3DZHh7Noi9tPpXJ0Lm8tPv3G-jUNA-f7KMp2BgoEhpPGbS-nOG_ADEW_YmqBhjqQjh6EfvEhiFWrDZxRUOP_G77KCI5zjd8L413enJNGYY2o92Qqbziq1kX0YE5Wm-knrslHTD5kjjPsuU-X2xUJr-mHMnvo_wgNJr-f5ENy8dL3DsGDM2XsgvNvK7r6k8IhpCFup3is1mhtnE%26adurl%3D&documentReferer=https%3A%2F%2Fwww.turnto23.com%2F&ancestorOrigins=https%3A%2F%2Fwww.turnto23.com%2Chttps%3A%2F%2Fwww.turnto23.com&random=2249981693277&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Tue, 24 Oct 2023 04:51:14 +0200
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 612D 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 18:02:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
467310
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 18:02:43 GMT
encwumjulb0v
hal9000.redintelligence.net/zone/ Frame 612D 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/encwumjulb0v?subid=&gdpr=&gdpr_consent=&rnd=1698119472695955&extVar[]=DV360_SSP:8&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZzE2MD83ZZO9KtDi7gPwppCABZumgKJp1ZLqi84P9i4QASC6vvAWYJWCgICwB8gBCakCBuiBPIXmsT6oAwHIA5uEgIAEqgSgAk_Q_PyIFiwLpGeIMbltZismvPMYWRuGUQaHb5rmQRagCwkmxX0BNv-sQVosWIpXetEg3KXhVKIBhMGkCXx0ONxBni2YJuqVvXrnrCK_3jWdmQ9uViueR2QDAN1jBoiupfEUiQuS1PQ-Pv9XMEd2GH_j6UvrEU-Ch-7CrCXlcqkWvX8vJblHcsBh5_04Afw0oyFakMgDWqnqdcAGWDsUg63C50RUXISN8gPDReh3_c9aRgkarUAj4QgOSMUMBrkT9lkk-8YrlQl88pVrFsZBRm6i83Us5hWwZ0APC-TYRp0LOqo5YKB_Z3PKmdvPVA5R_uLzK3tLjPmhhfVGyzh54pcqktFNJ2zz6-FwGHM9UY-gP5TpkjqhaZmC_geNK9fi6sAE0aLP1IAE4AQDiAW13cmCPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARhfMgKqAjoCgEBIvf3BOvIIDWJpZGRlci00MTAwMDCACgSYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJERbATs6CrFNATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSQADICaaNdtphya-PMVExwRoFC2P2UFfjUMZmJDSRK44ek51bTCUzYCpfbH0-pzcTumyFFpY4sQnZZ5cVsGfGeTYYAQ%26sig%3DAOD64_2mp56wEGHB4fo5b9iRQdFEP-ICYA%26client%3Dca-pub-6579838053286784%26dbm_c%3DAKAmf-DA7IQKEr-y5uc6B-DF8NjgtSIer48tKKSzu62xmRPvGghskSebNPRJvuEH80UFw1YZ27WDylCjSVwjOuD7u2Gz8It0PDlKFZpm4BQYqvcggQSkXZALFXpLz3rRpMCWV84dxR2Hwat8MoiSmdMyM_xkG5K_l5e0CorXjNFuZB_5-IC5iNE%26cry%3D1%26dbm_d%3DAKAmf-Cwj1wTB6WzFX9GCzYGTFrD332U-C5choaPz4dmetnfa2Uk1UnZQNRpzvCm-pYgfOkjR647xoWDkJvskIVctxVZ4B6qJwOcS6LYjBrZM_d9ICEO72x8TuUdLK_SF6l6hPssFBRkRGvKbi8Ikl3s17ufJKpuzcfljhgZnp9tThpKmcvEf1brZVErGEXypDe0iYZdIcf22TrcWwK0kR7iDdSZv_G1ZLfRYYKRt5oM5xmzS1q9LKlwPJt3OwSfWH8xanVlopksGYKuNVJEtZNoWJOmjzOdW_b-1IZSzi5HM2YccbJcmeLwkarm6tvTyfVkqXaTNcetuyKLmkHBIfMa7OzAFDNT81QbGGnviLqCuXEx5B_FJrUv7nO_zu4cm664yPOM2QTdYQ0ohUEc2EEsSaNJumoek0sa1oaD3jqSo3WZECgauxF3J4_sUZFaG6hRULohcS4OOjo7nyZS_RDjC1vCy5v1hzJtYQylFYrkxzUnVjL8zIv2i_4pgCkFcmq62u82zOWqKDh6e2qO8_1oQpqSKB5TCTVz9mRRf0xwvpow6LVVEig%26adurl%3D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.104.53 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
364597098df017ab3af7fb016f99ceb6de28da9e3433843db6b91066dff64021

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 03:51:13 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4223
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
view
securepubads.g.doubleclick.net/pcs/ Frame 612D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvBtER4rFao-YsqaEfzcUD8QRhCKvq_rtRCXO2ErqqW2mA9-7bQFaqTjcNxFmCc8lnGWXQZKp9LQp5Doquh-mbOOjDU12497-VYoyBjgW6flo6yftCUPUCwixCbMHzNwYVl0x4eodOUCTn58aYlG2sFSTDU28cdefK-vgume5kAcm9ST_oqvOVAi5Rb-iKd0-38iRwANPLh4G0FrvS7Pl244SyOnSyJH5vIsywuR57P3xTDqHbVwpTWqz4COqBVpxLUFxNPZGYFlSStAXAg4G-uUP5F1Fjlz2UvTTUpuwnj367K-TRIABRy8ICpGmw0QcqFrsUguu5TZI2RLN0w5zVkQBBd-9HqKgmdN94FII4Qur-0cUE0yOEY7A&sai=AMfl-YSF1m6L1PG8AYz3Xzm8Au8HxMM2pJJjZxHPIHiH-v2v0_mVUYChW2vuwPChZZcaHSbiQik-iUHtx5wZMoAnrnQM1aiihQQnb832CehYjykHaOxBFpEoH3wJSiuNPjY&sig=Cg0ArKJSzA-xaS6GOBFhEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 24 Oct 2023 03:51:13 GMT
request.php
hal90003.redintelligence.net/ Frame 612D
Redirect Chain
  • https://hal90003.redintelligence.net/request.php?zone=encwumjulb0v&nw=20&renderingType=javascript&namespace=7878fee121&subid=&uid=cd4dde6313dfb551&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90003.redintelligence.net/request.php?zone=encwumjulb0v&nw=20&renderingType=javascript&namespace=7878fee121&subid=&uid=cd4dde6313dfb551&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90003.redintelligence.net/request.php?zone=encwumjulb0v&nw=20&renderingType=javascript&namespace=7878fee121&subid=&uid=cd4dde6313dfb551&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A8&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZzE2MD83ZZO9KtDi7gPwppCABZumgKJp1ZLqi84P9i4QASC6vvAWYJWCgICwB8gBCakCBuiBPIXmsT6oAwHIA5uEgIAEqgSgAk_Q_PyIFiwLpGeIMbltZismvPMYWRuGUQaHb5rmQRagCwkmxX0BNv-sQVosWIpXetEg3KXhVKIBhMGkCXx0ONxBni2YJuqVvXrnrCK_3jWdmQ9uViueR2QDAN1jBoiupfEUiQuS1PQ-Pv9XMEd2GH_j6UvrEU-Ch-7CrCXlcqkWvX8vJblHcsBh5_04Afw0oyFakMgDWqnqdcAGWDsUg63C50RUXISN8gPDReh3_c9aRgkarUAj4QgOSMUMBrkT9lkk-8YrlQl88pVrFsZBRm6i83Us5hWwZ0APC-TYRp0LOqo5YKB_Z3PKmdvPVA5R_uLzK3tLjPmhhfVGyzh54pcqktFNJ2zz6-FwGHM9UY-gP5TpkjqhaZmC_geNK9fi6sAE0aLP1IAE4AQDiAW13cmCPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARhfMgKqAjoCgEBIvf3BOvIIDWJpZGRlci00MTAwMDCACgSYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJERbATs6CrFNATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSQADICaaNdtphya-PMVExwRoFC2P2UFfjUMZmJDSRK44ek51bTCUzYCpfbH0-pzcTumyFFpY4sQnZZ5cVsGfGeTYYAQ%26sig%3DAOD64_2mp56wEGHB4fo5b9iRQdFEP-ICYA%26client%3Dca-pub-6579838053286784%26dbm_c%3DAKAmf-DA7IQKEr-y5uc6B-DF8NjgtSIer48tKKSzu62xmRPvGghskSebNPRJvuEH80UFw1YZ27WDylCjSVwjOuD7u2Gz8It0PDlKFZpm4BQYqvcggQSkXZALFXpLz3rRpMCWV84dxR2Hwat8MoiSmdMyM_xkG5K_l5e0CorXjNFuZB_5-IC5iNE%26cry%3D1%26dbm_d%3DAKAmf-Cwj1wTB6WzFX9GCzYGTFrD332U-C5choaPz4dmetnfa2Uk1UnZQNRpzvCm-pYgfOkjR647xoWDkJvskIVctxVZ4B6qJwOcS6LYjBrZM_d9ICEO72x8TuUdLK_SF6l6hPssFBRkRGvKbi8Ikl3s17ufJKpuzcfljhgZnp9tThpKmcvEf1brZVErGEXypDe0iYZdIcf22TrcWwK0kR7iDdSZv_G1ZLfRYYKRt5oM5xmzS1q9LKlwPJt3OwSfWH8xanVlopksGYKuNVJEtZNoWJOmjzOdW_b-1IZSzi5HM2YccbJcmeLwkarm6tvTyfVkqXaTNcetuyKLmkHBIfMa7OzAFDNT81QbGGnviLqCuXEx5B_FJrUv7nO_zu4cm664yPOM2QTdYQ0ohUEc2EEsSaNJumoek0sa1oaD3jqSo3WZECgauxF3J4_sUZFaG6hRULohcS4OOjo7nyZS_RDjC1vCy5v1hzJtYQylFYrkxzUnVjL8zIv2i_4pgCkFcmq62u82zOWqKDh6e2qO8_1oQpqSKB5TCTVz9mRRf0xwvpow6LVVEig%26adurl%3D&documentReferer=https%3A%2F%2Fwww.turnto23.com%2F&ancestorOrigins=https%3A%2F%2Fwww.turnto23.com%2Chttps%3A%2F%2Fwww.turnto23.com&random=3355771414658&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Server
138.201.63.117 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
9cabb6a5c4ba40b748c25948d1de5ac39e02208a94b06304ed9f7f65b0795478

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 24 Oct 2023 03:51:14 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
55583800010662104444640012487003
Connection
close
Content-Length
927
Expires
Tue, 24 Oct 2023 04:51:14 +0200

Redirect headers

Pragma
no-cache
Date
Tue, 24 Oct 2023 03:51:14 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=encwumjulb0v&nw=20&renderingType=javascript&namespace=7878fee121&subid=&uid=cd4dde6313dfb551&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A8&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZzE2MD83ZZO9KtDi7gPwppCABZumgKJp1ZLqi84P9i4QASC6vvAWYJWCgICwB8gBCakCBuiBPIXmsT6oAwHIA5uEgIAEqgSgAk_Q_PyIFiwLpGeIMbltZismvPMYWRuGUQaHb5rmQRagCwkmxX0BNv-sQVosWIpXetEg3KXhVKIBhMGkCXx0ONxBni2YJuqVvXrnrCK_3jWdmQ9uViueR2QDAN1jBoiupfEUiQuS1PQ-Pv9XMEd2GH_j6UvrEU-Ch-7CrCXlcqkWvX8vJblHcsBh5_04Afw0oyFakMgDWqnqdcAGWDsUg63C50RUXISN8gPDReh3_c9aRgkarUAj4QgOSMUMBrkT9lkk-8YrlQl88pVrFsZBRm6i83Us5hWwZ0APC-TYRp0LOqo5YKB_Z3PKmdvPVA5R_uLzK3tLjPmhhfVGyzh54pcqktFNJ2zz6-FwGHM9UY-gP5TpkjqhaZmC_geNK9fi6sAE0aLP1IAE4AQDiAW13cmCPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARhfMgKqAjoCgEBIvf3BOvIIDWJpZGRlci00MTAwMDCACgSYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJERbATs6CrFNATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSQADICaaNdtphya-PMVExwRoFC2P2UFfjUMZmJDSRK44ek51bTCUzYCpfbH0-pzcTumyFFpY4sQnZZ5cVsGfGeTYYAQ%26sig%3DAOD64_2mp56wEGHB4fo5b9iRQdFEP-ICYA%26client%3Dca-pub-6579838053286784%26dbm_c%3DAKAmf-DA7IQKEr-y5uc6B-DF8NjgtSIer48tKKSzu62xmRPvGghskSebNPRJvuEH80UFw1YZ27WDylCjSVwjOuD7u2Gz8It0PDlKFZpm4BQYqvcggQSkXZALFXpLz3rRpMCWV84dxR2Hwat8MoiSmdMyM_xkG5K_l5e0CorXjNFuZB_5-IC5iNE%26cry%3D1%26dbm_d%3DAKAmf-Cwj1wTB6WzFX9GCzYGTFrD332U-C5choaPz4dmetnfa2Uk1UnZQNRpzvCm-pYgfOkjR647xoWDkJvskIVctxVZ4B6qJwOcS6LYjBrZM_d9ICEO72x8TuUdLK_SF6l6hPssFBRkRGvKbi8Ikl3s17ufJKpuzcfljhgZnp9tThpKmcvEf1brZVErGEXypDe0iYZdIcf22TrcWwK0kR7iDdSZv_G1ZLfRYYKRt5oM5xmzS1q9LKlwPJt3OwSfWH8xanVlopksGYKuNVJEtZNoWJOmjzOdW_b-1IZSzi5HM2YccbJcmeLwkarm6tvTyfVkqXaTNcetuyKLmkHBIfMa7OzAFDNT81QbGGnviLqCuXEx5B_FJrUv7nO_zu4cm664yPOM2QTdYQ0ohUEc2EEsSaNJumoek0sa1oaD3jqSo3WZECgauxF3J4_sUZFaG6hRULohcS4OOjo7nyZS_RDjC1vCy5v1hzJtYQylFYrkxzUnVjL8zIv2i_4pgCkFcmq62u82zOWqKDh6e2qO8_1oQpqSKB5TCTVz9mRRf0xwvpow6LVVEig%26adurl%3D&documentReferer=https%3A%2F%2Fwww.turnto23.com%2F&ancestorOrigins=https%3A%2F%2Fwww.turnto23.com%2Chttps%3A%2F%2Fwww.turnto23.com&random=3355771414658&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Tue, 24 Oct 2023 04:51:14 +0200
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0168 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
359319
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Oct 2023 00:02:35 GMT
expires
Sat, 19 Oct 2024 00:02:35 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
pagead2.googlesyndication.com/bg/ Frame 9247 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82473b1a43b1d0d8d801b0c40231bfde703a702f66ab4c778c40b7af8a8da405
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 08:59:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
67926
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14604
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 22 Oct 2024 08:59:08 GMT
gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
pagead2.googlesyndication.com/bg/ Frame 0168 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82473b1a43b1d0d8d801b0c40231bfde703a702f66ab4c778c40b7af8a8da405
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 08:59:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
67926
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14604
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 22 Oct 2024 08:59:08 GMT
89f7480c0afa0150827cf163f8728151
pv.medialead.de/trck/epv/ Frame 27F2 		0
616 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=92804000009849004444640012487001&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.239.193.130 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
attribution-reporting-register-source
{"SourceEventId":"25200521800103636","Destination":"https://trck.easy-m.de","Expiry":5184000,"FilterData":{}}
content-length
0
content-type
application/javascript; charset=utf-8
date
Tue, 24 Oct 2023 03:51:14 GMT
host
pv.medialead.de
proxy-host
pv.medialead.de
server
nginx
strict-transport-security
max-age=15768000
vary
Origin
x-iplb-instance
40027
x-iplb-request-id
B2A2D18C:A10E_91EFC182:01BB_65373F32_3FD51C7:1193D
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/epv/ Frame FBDC 		0
616 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=92804000009849004444640012487001&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.239.193.130 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
attribution-reporting-register-source
{"SourceEventId":"17200521800104416","Destination":"https://trck.easy-m.de","Expiry":5184000,"FilterData":{}}
content-length
0
content-type
application/javascript; charset=utf-8
date
Tue, 24 Oct 2023 03:51:14 GMT
host
pv.medialead.de
proxy-host
pv.medialead.de
server
nginx
strict-transport-security
max-age=15768000
vary
Origin
x-iplb-instance
40028
x-iplb-request-id
B2A2D18C:A110_91EFC182:01BB_65373F32_4024DAA:19774
request_content.php
hal90001.redintelligence.net/ Frame E518 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90001.redintelligence.net/request_content.php?s=92804000009849004444640012487001&a=078f35f5
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
5b4e0675137260baa3f269ce48984899c5f1de303031e310d9a687f8a874e0b0

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2091
Content-Type
text/html; charset=utf-8
Date
Tue, 24 Oct 2023 03:51:14 GMT
Expires
Tue, 24 Oct 2023 04:51:14 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
impression.php
t23.intelliad.de/ Frame DFAF 		43 B
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t23.intelliad.de/impression.php?cl=2353636373136323131303&cp=101&ag=248&bm=100&bmcl=5373735313236323131303&crid=101&timestamp=1698119474&co=
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.138.165 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:14 GMT
server
Apache
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW NID PSAo PSDo OUR STP OTC"
content-type
image/gif
cache-control
no-store, no-cache, max-age=0, must-revalidate
content-length
43
expires
Sat, 26 Jul 1997 05:00:00 GMT
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame DFAF
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=92804000009849004444640012487001&t=htlp&gdpr=1&consent=1&gdpr_consent=
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=92804000009849004444640012487001&t=htlp&gdpr=1&consent=1&gdpr_consent=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=92804000009849004444640012487001&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Server
145.239.193.130 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:14 GMT
strict-transport-security
max-age=15768000
attribution-reporting-register-source
{"SourceEventId":"17200521800104416","Destination":"https://trck.easy-m.de","Expiry":5184000,"FilterData":{}}
server
nginx
host
pv.medialead.de
x-iplb-request-id
B2A2D18C:A10E_91EFC182:01BB_65373F32_3FD51CB:1193D
x-iplb-instance
40027
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
43
proxy-host
pv.medialead.de

Redirect headers

location
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=92804000009849004444640012487001&t=htlp&gdpr=1&consent=1&gdpr_consent=
date
Tue, 24 Oct 2023 03:51:14 GMT
server
nginx
content-length
154
content-type
text/html
usync.html
eus.rubiconproject.com/ Frame 9F3B 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 24 Oct 2023 03:51:14 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 9F3B 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f4c0870e7f0d953d864c90b9a23f0d3374b658a9bdf11b12942e4931ca774722

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 03:51:14 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Oct 2023 15:57:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=43586
Connection
keep-alive
Content-Length
11097
Expires
Tue, 24 Oct 2023 15:57:40 GMT
89f7480c0afa0150827cf163f8728151
pv.medialead.de/trck/epv/ Frame 423E 		0
616 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=55583800010662104444640012487003&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.239.193.130 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
attribution-reporting-register-source
{"SourceEventId":"25200521800103636","Destination":"https://trck.easy-m.de","Expiry":5184000,"FilterData":{}}
content-length
0
content-type
application/javascript; charset=utf-8
date
Tue, 24 Oct 2023 03:51:14 GMT
host
pv.medialead.de
proxy-host
pv.medialead.de
server
nginx
strict-transport-security
max-age=15768000
vary
Origin
x-iplb-instance
40028
x-iplb-request-id
B2A2D18C:A112_91EFC182:01BB_65373F32_4024DAC:19774
impression.php
t23.intelliad.de/ Frame 612D 		43 B
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t23.intelliad.de/impression.php?cl=2353636373136323131303&cp=101&ag=248&bm=100&bmcl=5373735313236323131303&crid=101&timestamp=1698119474&co=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.138.165 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:14 GMT
server
Apache
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW NID PSAo PSDo OUR STP OTC"
content-type
image/gif
cache-control
no-store, no-cache, max-age=0, must-revalidate
content-length
43
expires
Sat, 26 Jul 1997 05:00:00 GMT
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/epv/ Frame B447 		0
616 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=55583800010662104444640012487003&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.239.193.130 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
attribution-reporting-register-source
{"SourceEventId":"17200521800104416","Destination":"https://trck.easy-m.de","Expiry":5184000,"FilterData":{}}
content-length
0
content-type
application/javascript; charset=utf-8
date
Tue, 24 Oct 2023 03:51:14 GMT
host
pv.medialead.de
proxy-host
pv.medialead.de
server
nginx
strict-transport-security
max-age=15768000
vary
Origin
x-iplb-instance
40028
x-iplb-request-id
B2A2D18C:A114_91EFC182:01BB_65373F32_4025EC1:19772
request_content.php
hal90003.redintelligence.net/ Frame EB60 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90003.redintelligence.net/request_content.php?s=55583800010662104444640012487003&a=c997e1aa
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
fbf34fdd277152ac905a960be1d1da3780640345c504f011c40ca00a856d3f1e

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2095
Content-Type
text/html; charset=utf-8
Date
Tue, 24 Oct 2023 03:51:14 GMT
Expires
Tue, 24 Oct 2023 04:51:14 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame 612D
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=55583800010662104444640012487003&t=htlp&gdpr=1&consent=1&gdpr_consent=
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=55583800010662104444640012487003&t=htlp&gdpr=1&consent=1&gdpr_consent=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=55583800010662104444640012487003&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Server
145.239.193.130 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:51:14 GMT
strict-transport-security
max-age=15768000
attribution-reporting-register-source
{"SourceEventId":"17200521800104416","Destination":"https://trck.easy-m.de","Expiry":5184000,"FilterData":{}}
server
nginx
host
pv.medialead.de
x-iplb-request-id
B2A2D18C:A110_91EFC182:01BB_65373F32_4024DAE:19774
x-iplb-instance
40028
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
43
proxy-host
pv.medialead.de

Redirect headers

location
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=55583800010662104444640012487003&t=htlp&gdpr=1&consent=1&gdpr_consent=
date
Tue, 24 Oct 2023 03:51:14 GMT
server
nginx
content-length
154
content-type
text/html
usync.html
eus.rubiconproject.com/ Frame 8BFB 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.turnto23.com
URL: https://www.turnto23.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.turnto23.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 24 Oct 2023 03:51:14 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
truncated
/ Frame 612D 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
24179e8e3120a1590f2f0fd0443ad5045943890e611e62a5111656c00bb14514

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame E518 		2 KB
434 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,700
Requested by
Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=92804000009849004444640012487001&a=078f35f5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90001.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 24 Oct 2023 03:51:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 02:02:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 24 Oct 2023 03:51:14 GMT
/
hal9000.redintelligence.net/scale/ Frame E518 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/50502/creativesup/Fyrst-627x627.jpg
Requested by
Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=92804000009849004444640012487001&a=078f35f5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.104.53 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
258ef37d41bd3822ecd4e1820d2aba584edcdaf256f7dda87f67b187c5358f97

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90001.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 03:51:14 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
8900
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame E518 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/71572/creativesup/iQ_Online-Deutschkurse_627x627px.jpg
Requested by
Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=92804000009849004444640012487001&a=078f35f5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.104.53 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
14d9b6f5da1265eaa9e12bbee1d6f6f3c67594c448646a4a3bc64be6e57a70c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90001.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 03:51:14 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
7081
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame E518 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-627x627.jpg
Requested by
Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=92804000009849004444640012487001&a=078f35f5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.104.53 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
6e5cdf885ba6a34d5f51ef209f1ea03e2f448c6587dabdad35d10c3c89ba440c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90001.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 03:51:14 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
9892
Vary
Accept-Encoding
Content-Type
image/png
usync.js
eus.rubiconproject.com/ Frame 8BFB 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f4c0870e7f0d953d864c90b9a23f0d3374b658a9bdf11b12942e4931ca774722

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 03:51:14 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Oct 2023 15:57:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=43586
Connection
keep-alive
Content-Length
11097
Expires
Tue, 24 Oct 2023 15:57:40 GMT
css
fonts.googleapis.com/ Frame EB60 		2 KB
434 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,700
Requested by
Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=55583800010662104444640012487003&a=c997e1aa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90003.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 24 Oct 2023 03:51:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 02:45:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 24 Oct 2023 03:51:14 GMT
/
hal9000.redintelligence.net/scale/ Frame EB60 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/50502/creativesup/Fyrst-1200x627.jpg
Requested by
Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=55583800010662104444640012487003&a=c997e1aa
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.104.53 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
f0e3e619abce11db3bc3bee0086e155016c61b7387b11e32cf88fa95353c741a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90003.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 03:51:14 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
13287
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame EB60 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/71572/creativesup/iQ_Online-Deutschkurse_1200x627px.jpg
Requested by
Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=55583800010662104444640012487003&a=c997e1aa
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.104.53 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
fca3281ff80d6cceac08859b3f470b6ae89bf72367cc0d68fd6b2ac0283701ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90003.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 03:51:14 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
10143
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame EB60 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by
Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=55583800010662104444640012487003&a=c997e1aa
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.104.53 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
cbba5314761eb5d0bce614a7a219e1a95e8cc3ac36c0b46b09ca3a6ef5a3a38c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90003.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 03:51:14 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16984
Vary
Accept-Encoding
Content-Type
image/png
khaos.json
token.rubiconproject.com/ Frame 9F3B 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
ba134c4441b6cdf8ef9f5e0539a8ef3e
Expires
0
viewability
hal90001.redintelligence.net/ Frame E518 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90001.redintelligence.net/viewability?s=92804000009849004444640012487001&a=15ce4bf8&vb=m
Requested by
Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=92804000009849004444640012487001&a=078f35f5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90001.redintelligence.net/request_content.php?s=92804000009849004444640012487001&a=078f35f5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 03:51:14 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
khaos.json
token.rubiconproject.com/ Frame 8BFB 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
ba134c4441b6cdf8ef9f5e0539a8ef3e
Expires
0
viewability
hal90003.redintelligence.net/ Frame EB60 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90003.redintelligence.net/viewability?s=55583800010662104444640012487003&a=04615af2&vb=m
Requested by
Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=55583800010662104444640012487003&a=c997e1aa
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90003.redintelligence.net/request_content.php?s=55583800010662104444640012487003&a=c997e1aa
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 03:51:14 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9247 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BwAqUMT83ZdSeFJn13gOcuqaADQAAAAA4AeAEAg&bg=!d3SldDvNAAY5nEQaGZw7ADQBe5WfODXYGTx-BYMvN0XHKMQVPK5mqc1tzQQpbd6nduGDnin-XKJNMloltwBw4m_AQTuhAgAAAWJSAAAABWgBB5kC7L84QAlMBu7JAYHCAbtVqNdcPoBAgQSwMAd-5xvVrNtfDdyNiGD5bjVa2qhhL4O5mJn4uswhsZmGzWFRWDzaae8NVIFvV6Lc6Ulsit5lUPSN-fKqjbcEuxRVe_6jOx9W3EdFBhh4-dWyaL5w54b-sLU1Pq5zBTYOBCb7IVARwUWeUgaeU4_-p_cJcp5A1izsMgsaDJcHwu80i2lIVfKx3nW2tLSnoyP4KA3-1dKYgvrjE_kNJe9_2JOh9zIsOjk6-cKtusXVnZqskxPZiDpZ7whIr1kLin5jvA5Tx3tyjmNLVx2sLmU2KLEX_z0nQhlu9njdCHyaR6qcEgButF1nUNnFxoeVFUMt8N9XQxNJpAHX4CF5wKQ3NJ68xJCXNaaQrtZyxY0vqzw6XMD8r-LhBs8A9r9CkhUbq76EMrry4qWOxZuzWOqM2MrPkO-Y7VJyvNhD6CkPtw2dZ9US4GtKqU-fTL8-2ETdzQEoCU2WxNKX7icEfJuauwQhoyZzQwkTl2BIbkOKqy-4yAeLGmTADmM7aH-IQHnF4EO7IyGG4OHLt-MZsbtMZNwxwKboPC9--39tqLYGe1W_jLDBd1IHjZLFaIw8R5m73OHVGG-i0bsxjrfHpKF90bNtvh3yejkKUUwbDgcK5SwSzq2xI9LZVoYcfAAL1o0hV6PcRzJd44J9gAVFbD6eojmQBPVQudYO3lyzeCcNMfFQaOxw2r84SQqL1daOVW9cqKPu6eTaWNFNMl7BLBt_nsDetyRc6bzm84xZJZ4oaUrnwiH3Ohn8qlkRKm9wB3NHHQCJO-j182CqPpNeGVFn2bMLvq-lFIEWdKqOiNp0D3jyFRWc5i6yI4f5zUREd9YX54pthWDogIEMbhpZdhUNHJj9w7tNuApqoFV0_BZ5lNwytFoVYqCWkKO8QYrjtJajSA-aEp4wwxCxKQrIffIuDR3MRcYxnzOaudG4d6RUUiv7VvezLa9BMhYSfL0uYHcFknHNeNA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0168 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BNfpiMT83ZZvZJtet1PIP0sO9iAYAAAAAOAHgBAI&bg=!RkWlRQrNAAY5nEQaGZw7ADQBe5WfOO4efhJ0lf8LJtInaFdaFgCreomhMAZeFhbIt-NgUqwOwMzJvooXEJz28p7YwAuyAgAAAVVSAAAABGgBB5kC7ecibbl3P0GuaYG4Yk4pBiLW1gYqYcu0iK45XPQQXD0WLv3bz91JiQG8rfHhx8MnwYGTTQxWaIG3V6aS_634bfVpPe9dhE_hzzfiYZ8-XmDmrHKLL5ZTEfqsJIHtnd_jEX-WdZPL6MwurhR8vU4EGhE-DmZZNfM_OaPLHgRr63jk96DVyJDHol4eH7WOf7WiUT53jQC_rQsBKsZTGxpzKlHIhPRzupElA6ji9myO7_cUFx1YkhVsAv2G_wxPHt8DY7Tqf1oZ5Gu6AYHUHxA-nkcIbfrSO11fOf1AVyYZ5FV4GlMe3ZKp6FD7LxnYOynBzep1e72w-HQXfff7sOiRs1rXDZyM_MPANDCwIIR-4MeuqKZKXpbC2DcU69SJuWb0-6VOi7VMsm3atyGEyCsxTSGYK8mMvPoBVzCt19U_dLNt3rhsq4cSp6LB5BkWo9kjMF9383urrrv0Jhh5s7ygtNIIrvQiNy4nTLWCerEXFoG5Qz6MErILsmdmF0kp6VPOlDkux0Cn61r-ZsujyRbZEdu_OnMuostiw7g0Wh1ICCi7g_FdPwmSLsS3l3z4hD5YwUvG6ndHxR07STlZo56dnRROJ6x3R3oFvkh09bHGH-DNuyGlcE17Kqszox549gMtvkuY3rqVvlrKizb8Q9tZwU0DSx87UOqwPU_j_xLQUYoGlqzq8B1oEr-Kd3HnvotNKQESx0ngngKXNQNIP3UHws68cXEZMx2gRpyK6NB0CXeh_xF9UDxnK_z4-Qr9WguAsZQbLzlexO7AJV4vTVHvEuOM5D0Zkp2_DEpe_kYLChkgbl7bDeFxK3kD8dp_ByIrFUEWrwFVHea8-KJ8GdbYALLYvFijm4udB9xNNJ6Xx1hnwoIaxT1pkWbyhFnT9ecX3LyKlgYyXwZvF4sVGtjYfBgynCmlG20mzHi1RRI5rJayI4PwNRzOuJslLSQYj2xtqIms5LT6PYOswb2s611MNm6Oqi1UPwP_rQS95N4i
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 612D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuXkAet8YS30HNsZgMOhBxi3AcgufRhZdb0YtxQl_yk3iyu1MrxDSqrW1S2YHqFrHL1YVF5VF2UZE095Iwiwg9U9AqUcBr3m1cTUVCNKOTQM52pwlhlikFzcpSBQiI9&sig=Cg0ArKJSzIIvMbLsu-IeEAE&id=lidar2&mcvt=1001&p=1105,436,1195,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231023&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2587397766&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698119473241&rpt=465&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-scripps/b-bf5d88b-a63e596d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turnto23.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 03:51:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGYtUGUZosZtaZybN59RtWk&google_cver=1
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
htlb.casalemedia.com
URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Domain
targeting.unrulymedia.com
URL
https://targeting.unrulymedia.com/unruly_prebid
Domain
partner.googleadservices.com
URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.turnto23.com&callback=_gfp_s_&client=ca-pub-6552175488733768&cookie=ID%3De50e849b35181897-22f4cb2b01e300fb%3AT%3D1698119454%3ART%3D1698119456%3AS%3DALNI_Mb5gUuI9aS6qK2x-t47jw9hNBFWDA&gpic=UID%3D00000ca185f196c1%3AT%3D1698119454%3ART%3D1698119454%3AS%3DALNI_MZ3lXs6HWnz-gMYNjwKFORAKht3QA
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=90&slotname=RON_728x90_House&adk=3207061216&adf=3171362780&pi=t.ma~as.RON_728x90_House&w=728&lmt=1698112267&url=https%3A%2F%2Fwww.turnto23.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698119463789&bpp=1901&bdt=3942&idt=3347&shv=r20231019&mjsv=m202310180101&ptt=5&saldr=sd&cookie=ID%3De50e849b35181897-22f4cb2b01e300fb%3AT%3D1698119454%3ART%3D1698119456%3AS%3DALNI_Mb5gUuI9aS6qK2x-t47jw9hNBFWDA&gpic=UID%3D00000ca185f196c1%3AT%3D1698119454%3ART%3D1698119454%3AS%3DALNI_MZ3lXs6HWnz-gMYNjwKFORAKht3QA&correlator=5899886685643&frm=23&ife=4&pv=2&ga_vid=1990415797.1698119454&ga_sid=1698119467&ga_hid=1255673043&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1839&biw=1600&bih=1200&isw=728&ish=90&ifk=1601150885&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C44805112%2C44805533%2C44805914%2C44805933%2C44806738%2C31078301%2C44803793%2C31079012&oid=2&pvsid=2566649514969005&tmod=133986209&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.rd80pzr6434p&btvi=1&fsb=1&dtd=3371
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuKgSKETt0BM8uFsvqR7a4HLzUbYN_IleCpu5bR8P6NN9nH3jEZ-84OKnracZhfp5EsHaPwyOMt5mDeof2UJ7qKv5Y-ifEYZsvnNu6uQSWOJ55wn2c0l8bsn1LaZow0&sig=Cg0ArKJSzPP2SkYghan0EAE&id=lidar2&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20231023&bin=7&avms=ns&bs=0,0&mc=0&vu=1&app=0&itpl=19&adk=2445953488&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=2&r=b&rst=1698119459848&ec=1&wmsd=2&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv8y-L12woQg0kEwjjQkpoEefQAU6uz-BIW9TBqhpftTCZgWxBXkyUOkjl0oHr2ubau5owlMMHmPU8_3F4OXxr4p16ku3HK7Nn0wGA0LKT0rmvhcl52P86MoLuJJ1-9&sig=Cg0ArKJSzHcX4c6miW8xEAE&id=lidartos&mcvt=0&p=1839,436,1929,1164&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20231023&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=2445953488&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1698119467259&rpt=2258&isd=0&lsd=0&ec=1&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstVevksn9efVPTKgQO_UgAIeNu1DWdTqX06C6vVEEI2poWzAHjSTCBGCBMOGKJRVgFHw9IGfjJtWggiJkMxNsfD7HzycyDVteSVQ1oHw4DiPqPOnRbYfwuLhHthNCJx&sig=Cg0ArKJSzFf0tmjaJdmhEAE&id=lidartos&mcvt=10065&p=1105,436,1195,1164&mtos=10065,10065,10065,10065,10065&tos=10065,0,0,0,0&v=20231023&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2587397766&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=b&rst=1698119457525&rpt=5071&isd=0&lsd=0&ec=1&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssNx7swFhhhfLVOYBaQhUowEzVppSJxi57_y3ciDEcomlQQxFFWcZ6HlY1iRsEC1cf9KK69vQ_kmbqJSkjT2jjLXsneJHVB2DX7SNS-74NHlog&sig=Cg0ArKJSzBGu_2RkYt6IEAE&id=lidartos&mcvt=10065&p=0,0,90,728&mtos=10065,10065,10065,10065,10065&tos=10065,0,0,0,0&v=20231023&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=32&adk=3361789619&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=b&rst=1698119457525&rpt=5078&ec=1&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Verdicts & Comments Add Verdict or Comment

155 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| ScrippsAdLib string| environment string| daysSincePublished string| datePublished object| publishedTime object| modifiedTime number| daysSince function| getCookie object| gtmObj boolean| loggedIn string| callLetters string| jsTitle string| jsTags string| jsPublishDate string| jsUpdateDate string| jsIsBreaking string| jsIsAlert string| jsAuthors string| jsHasVideo string| jsSection string| jsPageType string| jsDisablePrerollAds string| jsDisableDisplayAds string| jsDisableInlineVideoAds string| jsFname object| ga4Data object| dataLayer function| x00_0x21a4 function| x00_0x5e97 object| _Scanner function| onReady object| OneTrustStub function| OptanonWrapper object| head object| pushlyJs string| pdk function| pushly object| PushlySDK object| ddls object| adsOnPage boolean| IS_CMS object| _disable object| AdDebugger object| ScrippsUtils object| StickyRightRail object| sUserHub object| AdTargetingParams object| DynamicTargetingParams object| ScrippsOutstreamPlayer boolean| disableInviewRefreshing boolean| disableRightRailRefreshing boolean| enableInfiniteRefresh object| adTimeouts object| rightRailRefreshTimeout number| inviewRefreshTimeout boolean| enableRightRailSecondRefresh boolean| enableInviewSecondRefresh boolean| rightRailRefresh boolean| inviewRefresh object| ScrippsAdsLib undefined| refreshCheckInt undefined| rule_RefreshMinTime undefined| is50PercentInView undefined| fnCheckRefreshAd object| ImageLazyLoad object| googletag object| apstag object| advBidxc object| pbjs object| ScrippsAdUtils string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData function| fbAsyncInit function| ready function| loadChartbeat string| contentType object| _aps boolean| apstagLOADED object| apscustom object| google_tag_manager object| google_tag_data object| FB object| _comscore string| ssaUrl string| GoogleAnalyticsObject function| ga object| optimizely object| pbjsChunk object| _pbjsGlobals function| _typeof object| PARSELY object| Optanon object| OneTrust object| vars undefined| define function| ReconnectingWebSocket object| ScrippsUserHub object| __buffer object| COMSCORE object| ns_p object| gaplugins object| gaGlobal object| gaData object| ggeac object| google_js_reporting_queue function| onYouTubeIframeAPIReady object| HeaderSM object| __bt_intrnl object| __bt object| __bt_tag_d object| __bt_tag_am undefined| google_measure_js_timing object| _ScrippsAdLib string| jsInitialBreakpoint boolean| __bt_already_invoked object| QSI object| WAFQualtricsWebpackJsonP-cloud-1.101.0 object| _qsie string| jsWxTemp string| jsWxCond number| google_unique_id object| GoogleGcLKhOms object| google_image_requests object| -5hjp3qoppmo object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| googDdmPs

121 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: ChAKBgjSARCqFgoGCKIBEKoW
.turnto23.com/ Name: pbjs_sharedId
Value: 362d19aa-d0bf-4d4c-a015-9dfcc98f8705
.turnto23.com/ Name: pbjs_sharedId_cst
Value: zix7LPQsHA%3D%3D
.turnto23.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.turnto23.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1698119453375%2C%22slts%22:0}
.turnto23.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=e179981f5235fd2df821a7fd02f5e155%22%2C%22session_count%22:1%2C%22last_session_ts%22:1698119453375}
www.turnto23.com/ Name: mnet_session_depth
Value: 1%7C1698119453480
.turnto23.com/ Name: _gid
Value: GA1.2.1990415797.1698119454
.turnto23.com/ Name: _ga_43S1SYMQEN
Value: GS1.1.1698119453.1.0.1698119453.0.0.0
.www.turnto23.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Tue+Oct+24+2023+05%3A50%3A53+GMT%2B0200+(Central+European+Summer+Time)&version=6.15.0&hosts=&landingPath=https%3A%2F%2Fwww.turnto23.com%2F&groups=C0001%3A1%2CC0003%3A1%2CSPD_BG%3A1%2CC0004%3A1%2CC0002%3A1
.turnto23.com/ Name: _gat_ScrippsEnterprise
Value: 1
.turnto23.com/ Name: _ga
Value: GA1.2.95429075.1698119454
.turnto23.com/ Name: _gat
Value: 1
.media.net/ Name: visitor-id
Value: 3411210531492437000V10
.rubiconproject.com/ Name: audit
Value: 1|yQuirGeEF6CstSXLw+RmPC+IXqvPVzt4X6LBWwGzep07cZe5xyGZWUszRmEOYhJNYN/Oy0VIiXtp7tY7oUXjXUgcdj94p/Mz2scNgMlqaoG+xUA9sgf/4b7FQD2yB//h
.adnxs.com/ Name: uuid2
Value: 4312790940954201807
.rubiconproject.com/ Name: khaos
Value: LO3SH8E7-H-5JFV
.doubleclick.net/ Name: IDE
Value: AHWqTUlZoHC-YzNhFhZMvDm6FliVhar4o8Zz9lXKF3VQfa_YI1_HG30_xdCBjqZgBVw
.turnto23.com/ Name: __gpi
Value: UID=00000ca185f196c1:T=1698119454:RT=1698119454:S=ALNI_MZ3lXs6HWnz-gMYNjwKFORAKht3QA
.doubleclick.net/ Name: APC
Value: AfxxVi6k0adEX1Qh2azO7ZObk2_kDgCaQfmM_zbntaPP-lLXA5hw6g
www.turnto23.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.turnto23.com/ Name: _pubcid
Value: 594322fa-f6a2-4300-8529-316a7fb2181c
.quantserve.com/ Name: mc
Value: 65373f20-5b1b5-ced5e-65fc6
.turnto23.com/ Name: __qca
Value: P0-159855721-1698119455912
.turnto23.com/ Name: __gads
Value: ID=e50e849b35181897-22f4cb2b01e300fb:T=1698119454:RT=1698119456:S=ALNI_Mb5gUuI9aS6qK2x-t47jw9hNBFWDA
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: _usd_turnto23.com
Value: e88b58d0-70fb-493b-8df0-9cfa1395c5b3
.go.sonobi.com/ Name: __uis
Value: b50b9b83-306e-4cfb-a81e-c8ac12fa8442
.casalemedia.com/ Name: CMID
Value: ZTc-IyL251t0GCIZaPF.ywAA
.casalemedia.com/ Name: CMPS
Value: 3365
.casalemedia.com/ Name: CMPRO
Value: 3365
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E?ihi)bw!]tbPl1M>e)ZlrFUfJ+tGXxomV>m'EXuOAnP>PKo>=*j(MrFk7aaV6WKC5#D3If)y3KL9D3I?+g1QmSW
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEMM2ygb3xgPTw8YWHmYyhBg&KRTB&23025-CAESEMM2ygb3xgPTw8YWHmYyhBg&KRTB&23386-CAESEMM2ygb3xgPTw8YWHmYyhBg
.serverbid.com/ Name: CONSUMABLEID
Value: 5abca24c12304b49bca24c12300b490d
.creativecdn.com/ Name: ts
Value: 1698119461
.creativecdn.com/ Name: u
Value: wXoHZ3CCVamCkjiGD42q
.3lift.com/ Name: tluid
Value: 3677546807414160136514
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: bbd47d15fa99bae7
.bidswitch.net/ Name: c
Value: 1698119461
.bidswitch.net/ Name: tuuid_lu
Value: 1698119461
.bidswitch.net/ Name: tuuid
Value: baab58b2-68a4-4914-9c13-dab5bdc5ee08
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTI2NjM3MrU0sLQwMTIyMRTiM9RNzEr1TQo1N4m3KI0AAFGZcvElAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTI2NjM3MrU0sLQwMTIyMRTiM9RNzEr1TQo1N4m3KI0AAFGZcvElAAAA
.demdex.net/ Name: demdex
Value: 47379667575088931732295490720471958601
.dpm.demdex.net/ Name: dpm
Value: 47379667575088931732295490720471958601
.adform.net/ Name: C
Value: 1
.krxd.net/ Name: _kuid_
Value: P35cQKvC
.bluekai.com/ Name: bku
Value: oxL99YDdBtVKhSDz
.exelator.com/ Name: EE
Value: "5d92edbcb7f5a5c550c9363ca3a8cd2f"
.adform.net/ Name: uid
Value: 7591070485493745832
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcE0xdIoNSUpOck8zTTRNNnU1CDZ0tjMODnRONEiOcUobXFZatGCpaXFQDWHllTklOQ0rS6LD3WMd3P09fSJXOacUZSfm7oCLBTmGrTY0NBiSX5RZvoiF9fFRSlpDItKik8FH13%252FHADlKCuy"
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ad3b9d34-cd6c-4e64-bc76-55434edc65f1-003%22%7D
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 8AE5D383-F837-45F9-BA87-CDF87E9AE850
.agkn.com/ Name: ab
Value: 0001%3AidfbNWtTlrr%2BObmo3efUDoPc9%2Bp4GKTf
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: AztDojAZeUdiu-FuUjpOk8I
.liadm.com/ Name: lidid
Value: 490d9251-f364-4791-a952-2ad212180ed4
.csync.loopme.me/ Name: viewer_token
Value: 6046c246-c6f7-46a4-a543-814bcf3bb9e2
.turn.com/ Name: uid
Value: 4043584326490653053
.rezync.com/ Name: zync-uuid
Value: fcd552e8-4b4b-49a7-923e-13f50d7077e4:1698119465.198511
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXByxWAIAwEwIvtxMdCNh-7EQiFWLkz32VnbbJXiE6dovm6ZB8lGIdte3MvfWAZQKrxRgaBHy2GY7I5AAAA
.quantserve.com/ Name: d
Value: EPkBEgGhKvijC_vLEA
.company-target.com/ Name: tuuid
Value: cab8222a-6441-4db7-9ad7-1bfb6446483b
.company-target.com/ Name: tuuid_lu
Value: 1698119465|ix:0
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-7UHx-ugS8P32QaD8uUHvrr4Q96j2QveruEJESNIR&KRTB&19420-7UHx-ugS8P32QaD8uUHvrr4Q96j2QveruEJESNIR&KRTB&22979-7UHx-ugS8P32QaD8uUHvrr4Q96j2QveruEJESNIR&KRTB&23403-7UHx-ugS8P32QaD8uUHvrr4Q96j2QveruEJESNIR
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_121b0aff-ca1f-4762-863b-11ba6f64a1b2
.adfarm1.adition.com/ Name: UserID1
Value: 7293367566882044049
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5142336725909842241
.adx.opera.com/ Name: UID
Value: OPUdd961f5ab8cc4dd4b32ffe74a98e2197
.adsby.bidtheatre.com/ Name: __kuid
Value: 5cd3e657-449d-4acd-b1a2-0c97f89e597b.467333465
.weborama.fr/ Name: AFFICHE_W
Value: jF@KzRRTTn6M39
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPUdd961f5ab8cc4dd4b32ffe74a98e2197&KRTB&23485-OPUdd961f5ab8cc4dd4b32ffe74a98e2197&KRTB&23524-OPUdd961f5ab8cc4dd4b32ffe74a98e2197
.simpli.fi/ Name: suid
Value: 7A4D58EE25704C63B7D9B1C3BDCA1C17
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7293367566882044049&KRTB&23369-7293367566882044049
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-4312790940954201807&KRTB&23339-4312790940954201807
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-baab58b2-68a4-4914-9c13-dab5bdc5ee08
.ctnsnet.com/ Name: cid_69163aae0c2e498ca644ade1c12c9645
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-7591070485493745832&KRTB&23263-7591070485493745832&KRTB&23481-7591070485493745832
.de17a.com/ Name: guid
Value: 1.889298685119183901
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZTc-KQAaN1GdCAAb
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1XMsRGAIAxG4XMAK84x8PxDQojbiMBAlpaWlk5oiZZf8d4zjIiWAOMoTOFwse1FhGrynDl7tk29UageoclSdFGtvPZohiUBTvcZScD1N91TN8ToBe8iv_V5AAAA
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4043584326490653053&KRTB&23150-4043584326490653053&KRTB&23527-4043584326490653053
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-889298685119183901
.bidr.io/ Name: bito
Value: AAA7CE7Kbn4AABg2eq4zdA
.bidr.io/ Name: bitoIsSecure
Value: ok
.smartadserver.com/ Name: pid
Value: 870500467373172628
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AAA7CE7Kbn4AABg2eq4zdA
live.rezync.com/ Name: sd-session-id
Value: .eJwNzEEOgyAQQNG7zFoaBmaA4TJGZUxIq21ENzW9e1n-5OXfMH702KZd9xPyeVw6wPKqvRrkG1r9bvqEDIzkvA_RsVhJ5Bwh_AZo2lp972Mt3axLYXaaDM00G5IpGnFeDfqVbYk2RqWMQRKiUOAHSmLsmz-M2CVG.ZTc_KQ.Nr4AqqCb5wKlAyugklcY0AZDkTg
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAA7CE7Kbn4AABg2eq4zdA
.pubmatic.com/ Name: KRTBCOOKIE_945
Value: 19558-uid:
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-ab23d59e-638f-5f23-5fa0-7ce1fc2695e7.H%2BR%2BTHBCZ8MRdT9RidAmW2%2F5PBhBeHF7nVksNZomNHw
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-ab23d59e-638f-5f23-5fa0-7ce1fc2695e7.H%2BR%2BTHBCZ8MRdT9RidAmW2%2F5PBhBeHF7nVksNZomNHw
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AqyPVnmOPXyNfoHzh_CaV57Ki0Yw.4iIoynghlU7M7IW%2BWbEz05fYFwSyDyfZUWZfL9i8ORQ
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AqyPVnmOPXyNfoHzh_CaV57Ki0Yw.4iIoynghlU7M7IW%2BWbEz05fYFwSyDyfZUWZfL9i8ORQ
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKILIse0JEqzrMoaYgmz6kTwZkG2Whlk_elVfD5dXyOQDlEHwYBCCp_typBjABOgTLdGrUQgRgQAi8.ykSkkUEIsyFEBMSQv85b7GXADpCN6jcJPy%2FGlkmBiEo
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKILIse0JEqzrMoaYgmz6kTwZkG2Whlk_elVfD5dXyOQDlEHwYBCCp_typBjABOgTLdGrUQgRgQAi8.ykSkkUEIsyFEBMSQv85b7GXADpCN6jcJPy%2FGlkmBiEo
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-qyPVnmOPXyNfoHzh_CaV57Ki0Yw&KRTB&23334-qyPVnmOPXyNfoHzh_CaV57Ki0Yw&KRTB&23417-qyPVnmOPXyNfoHzh_CaV57Ki0Yw&KRTB&23426-qyPVnmOPXyNfoHzh_CaV57Ki0Yw
.audrte.com/ Name: arcki2
Value: 3305iNY-7vaRHGuhmDtKRXgFw!20220908!1698119465795!ip#178.162.209.140
.audrte.com/ Name: arcki2_pubmatic
Value: 8AE5D383-F837-45F9-BA87-CDF87E9AE850!20220908!1698119465799
.audrte.com/ Name: arcki2_ddp2
Value: 3305iNY-7vaRHGuhmDtKRXgFw!20220908!1698119466170
.audrte.com/ Name: arcki2_adform
Value: 7591070485493745832!20220908!1698119466352
.pubmatic.com/ Name: DPSync3
Value: 1699315200%3A201_245_241_235_227_226_219_197
.pubmatic.com/ Name: SyncRTB3
Value: 1700697600%3A203%7C1699401600%3A35%7C1703289600%3A69%7C1699315200%3A249_71_13_165_214_55_176_8_251_233_238_264_54_81_204_234_254_22_88_46_220_161_3_196_21_56_166_99_243%7C1698710400%3A223_2_15%7C1698969600%3A63
.zeotap.com/ Name: zc
Value: edbd559f-5f17-404b-54ee-79abbd36ba0d
ads.playground.xyz/ Name: connect.sid
Value: s%3AwXocSm9UznJ7DWAOK1Rlq2pfc1qjDhGt.ri4TO4qEGaMHa2KaQooRII%2ByjCp%2BcPG5o5VGLlfeXJY
.onaudience.com/ Name: done_redirects161
Value: 1
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ad3b9d34-cd6c-4e64-bc76-55434edc65f1-003%22%2C%22nxtrdr%22%3Afalse%7D
.semasio.net/ Name: SEUNCY
Value: 5C28CA1C2CF3DB92
.onaudience.com/ Name: cookie
Value: 23b28d88280d2453
.onaudience.com/ Name: done_redirects104
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-ad3b9d34-cd6c-4e64-bc76-55434edc65f1-003&KRTB&17107-RX-ad3b9d34-cd6c-4e64-bc76-55434edc65f1-003
.onaudience.com/ Name: done_redirects147
Value: 1
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.pubmatic.com/ Name: pi
Value: 161763:4
.tribalfusion.com/ Name: ANON_ID
Value: aWntmIujieEo7YxU2mxDonFGuYon71RCZdcgnDHXi9hFNGCh8tGwHRR2NYkQnRZceOT7FgZbYbDfZcRmLSMgmEtjeR9i
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-39puKE4JaTgMXbVMTRXgjbVT
.pubmatic.com/ Name: PugT
Value: 1698119467
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1698141068168
.pubmatic.com/ Name: SPugT
Value: 1698119468
.go.sonobi.com/ Name: HAPLB8G
Value: s8663|ZTc/M
.adnxs.com/ Name: icu
Value: ChgIxIZ3EAoYASABKAEwnf7cqQY4AUABSAEKGQjTuYgBEAoYCCAIKAgwsP7cqQY4CEAISAgQsP7cqQYYCA..

13 Console Messages

Source Level URL
Text
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6200089548495652&output=html&adk=1812271804&adf=3279755400&lmt=1698112256&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x540_l%7C212x540_r&format=0x0&url=https%3A%2F%2Fwww.turnto23.com%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698119455942&bpp=10&bdt=1387&idt=563&shv=r20231019&mjsv=m202310180101&ptt=9&saldr=aa&cookie=ID%3De50e849b35181897%3AT%3D1698119454%3ART%3D1698119454%3AS%3DALNI_Mb5-AwItlY21SH9fpmhb-BfN2L0Xw&gpic=UID%3D00000ca185f196c1%3AT%3D1698119454%3ART%3D1698119454%3AS%3DALNI_MZ3lXs6HWnz-gMYNjwKFORAKht3QA&nras=1&correlator=5899886685643&frm=23&ife=4&pv=2&ga_vid=1990415797.1698119454&ga_sid=1698119457&ga_hid=2120292015&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=728&ish=90&ifk=3773104044&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31078019%2C44805113%2C44805533%2C44805934%2C44806737%2C31078297%2C31079012%2C44806141&oid=2&pvsid=530274199045409&tmod=677431818&uas=0&nvt=1&fsapi=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.7atj4yn12goa&btvi=1&fsb=1&dtd=616
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6200089548495652&output=html&adk=1812271804&adf=3279755403&lmt=1698112256&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x540_l%7C212x540_r&format=0x0&url=https%3A%2F%2Fwww.turnto23.com%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698119456313&bpp=3&bdt=1598&idt=267&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&cookie=ID%3De50e849b35181897%3AT%3D1698119454%3ART%3D1698119454%3AS%3DALNI_Mb5-AwItlY21SH9fpmhb-BfN2L0Xw&gpic=UID%3D00000ca185f196c1%3AT%3D1698119454%3ART%3D1698119454%3AS%3DALNI_MZ3lXs6HWnz-gMYNjwKFORAKht3QA&nras=1&correlator=5899886685643&frm=23&ife=4&pv=1&ga_vid=1990415797.1698119454&ga_sid=1698119457&ga_hid=282875182&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=728&ish=90&ifk=2754386938&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077328%2C44805112%2C44805533%2C44805914%2C44805932%2C44806737%2C31078297%2C44803793%2C44806141&oid=2&pvsid=2815794612805761&tmod=227490395&uas=0&nvt=1&fsapi=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.jxm8jziqhh8v&fsb=1&dtd=289
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGYtUGUZosZtaZybN59RtWk&google_cver=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://bcp.crwdcntrl.net/gmap/?google_gid=CAESEL9hqgd80Qw_UoisKfjLZLs&google_cver=1
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=8AE5D383-F837-45F9-BA87-CDF87E9AE850&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://idsync.rlcdn.com/501709.gif?partner_uid=fcd552e8-4b4b-49a7-923e-13f50d7077e4%3A1698119465.198511&_=1698119465.2003314
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://idsync.rlcdn.com/501709.gif?partner_uid=fcd552e8-4b4b-49a7-923e-13f50d7077e4%3A1698119465.198511&_=1698119465.4419568
Message:
Failed to load resource: the server responded with a status of 451 ()
rendering warning
Message:
WARNING: Too many active WebGL contexts. Oldest context will be lost.
rendering warning
Message:
WARNING: Too many active WebGL contexts. Oldest context will be lost.
rendering warning
Message:
WARNING: Too many active WebGL contexts. Oldest context will be lost.
rendering warning
Message:
WARNING: Too many active WebGL contexts. Oldest context will be lost.
rendering warning
Message:
WARNING: Too many active WebGL contexts. Oldest context will be lost.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://cms.scrippsdigital.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0f09840fbfb2b21ca771adcad9b20a9b.safeframe.googlesyndication.com
1x1.a-mo.net
86f81c21972ae1c36467dbd3b0bcd674.safeframe.googlesyndication.com
a.audrte.com
a.tribalfusion.com
a639388eb0b206709f754fab04bf1cab.safeframe.googlesyndication.com
aa.agkn.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.360yield.com
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ad.yieldlab.net
ads.playground.xyz
ads.pubmatic.com
ads.rubiconproject.com
analyticssystems.net
ap.lijit.com
apex.go.sonobi.com
api.btloader.com
api.ewscloud.com
api.saambaa.com
assets.scrippsdigital.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon-ams3.rubiconproject.com
beacon.krxd.net
bh.contextweb.com
bid.g.doubleclick.net
btloader.com
c.amazon-adsystem.com
c1.adform.net
c21lg-d.media.net
casale-match.dotomi.com
cdn.adswizz.com
cdn.cookielaw.org
cdn.indexww.com
cdn.jsdelivr.net
cdn.parsely.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
config.aps.amazon-adsystem.com
connect.facebook.net
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
csi.gstatic.com
csync.loopme.me
d.adroll.com
d.turn.com
d3plfjw9uod7ab.cloudfront.net
d5p.de17a.com
delivery-cdn-cf.adswizz.com
dhukrzx4tb.execute-api.us-east-2.amazonaws.com
dis.criteo.com
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e.serverbid.com
eb2.3lift.com
eus.rubiconproject.com
ewscripps-d.openx.net
ewscripps.brightspotcdn.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
global.ib-ibi.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
hal9000.redintelligence.net
hal90001.redintelligence.net
hal90003.redintelligence.net
hblg.media.net
hbopenbid.pubmatic.com
hbx.media.net
htlb.casalemedia.com
i.liadm.com
ib.adnxs.com
idsync.frontend.weborama.fr
idsync.rlcdn.com
image2.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
ipac.ctnsnet.com
js-sec.indexww.com
lexicon.33across.com
live.rezync.com
loada.exelator.com
loadm.exelator.com
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
matching.truffle.bid
medialead.de
mwzeom.zeotap.com
onetag-sys.com
p.rfihub.com
p.typekit.net
p1.parsely.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sitescout.com
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prebid.a-mo.net
prod.tahoe-analytics.publishers.advertising.a2z.com
pubmatic-match.dotomi.com
pv.medialead.de
r4---sn-5go7ynld.c.2mdn.net
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
s0.2mdn.net
saambaa-static.azureedge.net
saambaa.com
sb.scorecardresearch.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
siteintercept.qualtrics.com
sonata-notifications.taptapnetworks.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
static.ewscloud.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.colossusssp.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.search.spotxchange.com
sync.serverbid.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
synchrobox.adswizz.com
synchroscript.deliveryengine.adswizz.com
t.adx.opera.com
t23.intelliad.de
tagan.adlightning.com
tags.bluekai.com
targeting.unrulymedia.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
use.typekit.net
usermatch.targeting.unrulymedia.com
videoads.ewscloud.com
web.hb.ad.cpe.dotomi.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.turnto23.com
x.bidswitch.net
x.dlx.addthis.com
x.serverbid.com
zn5mw1rvkaqsbsmp4wvw-newsy.siteintercept.qualtrics.com
ad.mrtnsvr.com
cm-supply-web.gammaplatform.com
googleads.g.doubleclick.net
htlb.casalemedia.com
pagead2.googlesyndication.com
partner.googleadservices.com
sync.search.spotxchange.com
targeting.unrulymedia.com
104.17.208.240
104.18.24.18
104.18.26.193
108.138.1.25
108.138.26.101
108.177.15.154
13.224.189.20
13.32.119.77
13.32.121.37
13.32.121.46
13.32.27.56
13.32.27.99
130.211.23.194
138.201.63.117
141.94.171.214
141.94.242.226
142.250.184.226
142.250.184.230
142.250.186.162
144.76.104.53
145.239.193.130
145.40.97.67
146.59.148.16
15.197.193.217
151.101.194.49
159.89.246.130
161.47.17.28
172.240.155.108
173.231.181.122
178.250.7.11
18.184.107.13
18.197.92.81
18.245.60.90
18.245.86.62
18.66.147.119
185.184.8.90
185.64.189.112
185.64.190.78
185.64.190.81
185.64.191.210
185.86.138.152
193.0.160.130
195.5.165.20
198.47.127.205
2001:4860:4802:32::3
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
2001:678:cb4:bbbb::13
208.93.169.131
213.155.156.168
216.46.185.183
216.52.2.48
23.212.211.47
23.35.228.23
23.35.229.251
23.35.236.188
23.35.236.201
23.35.237.56
23.35.237.75
23.88.86.2
2600:1901:0:8344::
2600:9000:211e:1200:13:a391:88c0:21
2600:9000:211e:f600:1b:fdeb:7440:93a1
2600:9000:223c:aa00:6:44e3:f8c0:93a1
2600:9000:236e:c400:10:618e:d880:93a1
2602:803:c003:200::31
2602:803:c003:200::57
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:10::6816:1957
2606:4700:10::ac43:293c
2606:4700:20::681a:246
2606:4700:3030::6815:251b
2606:4700::6810:5514
2606:4700::6812:18ad
2606:4700::6812:83ec
2606:4700:e0::ac40:670b
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:800::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:812::2003
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::200a
2a00:1450:4001:827::2001
2a00:1450:4001:828::2006
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2004
2a00:1450:400c:c07::9a
2a00:1450:400f:3::9
2a02:26f0:3500:16::215:148b
2a02:26f0:3500:16::215:148f
2a02:fa8:8806:12::1460
2a02:fa8:8806:13::1370
2a03:2880:f083:9:face:b00c:0:3
2a05:d018:cc3:fe04:ef27:6a58:cfcf:8169
2a05:d018:d29:3605:83a3:afc2:1d9d:ef7d
3.12.81.4
3.124.138.165
3.126.233.203
3.226.38.36
3.67.162.24
3.75.62.37
3.90.125.107
34.102.253.54
34.111.129.221
34.111.131.239
34.149.20.76
34.242.19.90
34.250.238.79
34.251.59.251
34.96.71.22
34.98.64.218
35.186.193.173
35.204.74.118
35.214.198.34
35.227.252.103
35.244.174.68
37.157.3.20
37.157.6.233
37.252.171.149
46.228.174.115
46.228.174.117
46.4.10.49
51.89.9.254
52.30.88.129
52.33.9.22
52.46.128.147
52.48.146.251
52.51.216.150
52.95.115.196
54.155.18.159
54.155.252.188
54.194.163.10
54.209.88.56
54.78.254.47
54.83.245.159
64.227.64.62
65.9.61.60
67.202.105.23
69.166.1.32
69.166.1.66
69.173.144.165
69.192.160.219
70.42.32.255
76.223.111.18
77.243.51.121
82.145.213.8
85.114.159.93
94.23.99.218
98.98.134.241
98.98.134.242
99.86.4.71
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
00df4c71abce5525e275be8f94ee32a07ffbeea94226e8096bbb432e3928e8b1
01373b57a679861d01fe2bdfddc6098c536b67b57a3fdb026fff315af05795f5
017bd6c2894abfb4cba054ed7ea5add42e3b65edef22ba557537577d50a06738
023443b476afa0e02a46cd802152f0694d552be9e7420551159f3dd520d064e0
02944027b173aff64af1590bfde87c3e78a59c15a9be7dc95c57d06f2a6422bd
03aad58f643224f6ce0d2172cb2ed55ca8129bdab96873e2d4ed033972f0c800
049a0988afbe0292eae92b1a4ee09dbed6ee3f6755d47b46ea8c7a4203f0d92c
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05a8722d8af14333da9e347609d0da4fccd426d7b1d95aff5438f6aab8e3743c
067cff18612fc56584fcff7f2e17962c2e5b8be715a00bb0f8bb7c87881db53f
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0827767b6e50f2c51ce9ca205d956b3158d98695b305c63501544fe99f73e86c
083e424c9ea06cbba755b44feb498182988547d830966a2961b64adb888ed345
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
09fb1e63fdd9bb5ca96ee92e4435cfbf7e55179227bb517b0cc4d8d7ac477746
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ca3aa8255481287c51735315dbb7d499cb01d54bf154e4357094bbcf39bfe6f
0d930e8638bbff18b2e06b0828ace05d2798f2ba27a03d42755350ccde39be8d
0dc2b91061cfb857bdf7403e2a77b37d955aad84eb976af80e7dac2935914e50
0decd5276d4bdfd43f9d6d887dcbe8337ccea5f0d17744488b5a6ebdab22b766
0eb6a2c2938c36636048ead176826ce36105c77d70fddbf3a660828d4073a2e9
0f40adcd4ce4c95d404fe656d3461b394d1731877b1697bfdfc7d6d7be2de6e8
0f5045704d930f800266bd20f9b0a92a4ec88c9405d89d8bf75e67d4848d21ce
0fee5b1ef0abe81fc9707fbe6056f07e28a00d15db0d0a4c8600f63bab9785e0
104054dd60f1110f22d4df22d0e51e46f4c88ced8338db94a4d19836d2e65172
1088ffd03c472e24273139ea4104ea73f4689dab14b2c243486cf09e15c2847b
10d18a20421cb767260193f64ea689c43e37388c5d91fd5db9d8e4d5f0ed57e6
10dedceab30b8ec091e300bd2bc3245a32436f71923d3a9cfd26b2195a98d64f
1220d6f0e954e8079d7d0da9af7f086b86d3692c106bd6d9f7bb38a4fb8c710b
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1386ec2c92b822e037eb126e171f4596c14203c4dc62fe70969a56a9bb7fd168
13fb80c5df275d26a55d0a3014d34bbc49998ee53732110393c7f2c55b7f0b96
14beb831885426d7d822f9439d84648380871dc48286325a0b689e11ed7c7300
14d9b6f5da1265eaa9e12bbee1d6f6f3c67594c448646a4a3bc64be6e57a70c0
15b170eaf61d40ee24896f230cf8d3926a7e9bd7e1d9f18ad2b61221fc3ba81a
162149da25015d6903e8cbc353d848bd3979b3e0eab64eeca42a73b12a21717d
1673135c92e9aee856bae71f33a38583105115d0a7a09b9f0a0e3aca57113268
17fd7aa71dc3034a47341dc744184e16fb2d6e4a25082588fa49dc7119065625
180d7f305496c5767206068a21f3e5fe5a91eb6d83dcbc55aeb0b718323b2bdd
185c87387b640e0c6c002709a8afac0e3c47034b01560c56cbdd1f68a7857189
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1bb97e7a17078cd4f9571c1a65c5c1e526fc5ed28590076a429eb369d994a615
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c7aded36ae5e4c9989f619065d86d04f61c6ec0b65f92b63cef9b69a12318dd
1cf576f8fc2874b35ed18fbb559e2cf33f83d7a9d60482e48320524e119fa767
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d887c362637c0386db3c070ba14953f5e34363c02fcc9ab5a0ca45ae63650df
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e00548beae4bdf5d7b0af8f0ce7cbb5179f16c13b491f86086f4191d513a973
1e15c0d4f18c6cf44000de95c20b77c3b644005ace03570970225f481160a184
1ed32dd277a94952690f05cbddb78fbe762a76f0682075846dd8b74126f63e13
1eeb4e2a375efd651f1d8c9d078b136c8bc3ecda53a1133e74101890a9452af7
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
208fdd4ced789c8dc9f1f70ea617deab787b280444e22ac039458084bb373c9b
219143f04972eabcc5a6ffcf46d444bc01c141d44a567361385657a0c0fb9c71
22180a8e9cc696e7b67bb5dff2135731ee30824db2a5ec6af586e6e92cf7a72f
24179e8e3120a1590f2f0fd0443ad5045943890e611e62a5111656c00bb14514
245195fa8ccc0ca45ae60a9ea59522e0ea43cff8fb4c8fbcd5ac7fbd5560d1e2
2464e277470219ca26236f4de51da1839890269f1ea9a61ae207342305adee9c
258ef37d41bd3822ecd4e1820d2aba584edcdaf256f7dda87f67b187c5358f97
26479f09f59e26fcdf87fc8c9b1c254ac82d935486d15d46ea0f79fafea11f1d
26fa19d21396c4583f8365633a30b55610879050a08a0097991b6f1eb47b9ec9
283f66f72b50d1a90a4b8ec7482a4c82f40aeb5ea9255b1f2d100dfad882bd3b
2878c06eaa36809d2bf556a97ac803fa0870241e075817b5310e9b0410cc66d4
29231d9dd7dde1d907424b282b079a2c4224dc56dd2033a74941b1faea32a087
29394413b37164099febb0341c61e3f268237bc464bef855ee535a52b124cb19
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2aaffeb8b825ccc310f7286e191ca45a64ed9db9c0476dd24ba9d53e7883d581
2b048e4e913da14f51d70cfbb564f1cf0b835d36df27e303ff88c2c45b01e1de
2c3a91c494210da400070d1f6f58f3ab199d22fcc822ce8d5dda8ce17840cf6d
2c7724fa0c8a5721c0010e8098d0710d8c01ae839d763bee33b69abea88185af
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e744a66257c7c975261db63da2cc0b344ff2a82621849aea8c8c7019337df51
2eb6047bcd21f1e7377677dcf26ec4699884d92d0ac91372740de56ed7288cd1
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f9f270447055553c235d4826867c3d205563764a75e7356984a851520b6f370
2fc7f40fe3b6fca4d842274e5c319024864535325c7484e201b7c53257209809
30805b5bab1c490d0a0a5d6f4e6730c9d9942d732962a1df3374f462a375abe9
3121e0001cbc5057ed8e9612cdb21b7f64ef7748e29a14e767f0d11698d1ae27
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
323ac3fbd8542090ee1930eeed2890ac57fe245b2c39696028083e7b5f29ea1d
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
329c2533e80f90fd6b20ba31d2aa5903213e33ef54c2f8fc309b4a416c627642
33982d79fb15b2dc8d3ffa18b7bae94a6d9d62f4a370d2485f3b56baefadd786
34ccb0f889207c2d579ee5c3e30dc691449c4e42fc7e6bd7fad771f830ad5c02
364597098df017ab3af7fb016f99ceb6de28da9e3433843db6b91066dff64021
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
38c231bc557cd27a5d8395b46a77d54bae05334fedf5321380f0bf4a7f779a4e
38df44fd0aa4188d465579a32c2f7c5d0ce2b7aa88ec21b904923685e72ef27d
39406742d2944d872bc7b0b90e8af33d1384cc837e9d1801c17eb40c64600558
3aab158b0ad778672c81aa717389dade86367a796916d8e840486c17084f3f94
3bb0a8d40d59158f74ee37a867c9b3688cbc3f817bd0e2afba0dd70524ea0fcd
3c8816be8a1ac63eb157a57740dced17c63a9affbda763c4ba35f88cf07e0bc2
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dad89bd01783443195a892365b91096da2f6ebb36b2169ab32af37344c82f1f
3db505f708a9989915d9a3dfb226467dc557082613465271e8bc4d17d4d497e2
3e18c8b1d97b6da1d013835a374ea4c88f5985ea76c176ebe93930dd9246bd21
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f5a74379cf7b6d7ed63784c9239e20e0817c6a25ccb3179e8f5ab566f25fb25
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4379d7377b4e9430d36b6ec053a6d1a9e136f6d861e3a3549884b541db15c6cf
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660
446b97e70c328363f2cd5fbc1eee6d8307ee92ef0a8e894bbca5409e110095e4
44cc19ce59e9c7e92ee72808bf74e669d19d7f724789334f4acbaf602d43bd6f
4550746366703f4d024deace79fb586300593fb08a081f10697dbef863a97230
457ff80d1a72a33a8c018f63f4b38f40f6b2987148e512c0f554a711357927d7
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
488a67494b2295609f2c3d18e23486c959bcd180d0d5a7ad7367275ee533215a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
493ff6d469d3ef0450a103d814abd9c64197d6be07b149460660274f4c91fc18
49c48af584bf8432de1861894e948356cd0c96e85404b3da17c7df96ae0e33b7
4a283046b2ad15dda69b1046f512568c5ab242cf5538deda5721b3931ddd8760
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b7a070460c400d1fbe9368ab6aee1a08f396a4091bdd79966c57863b57aed42
4c5f80cce6889f5bd1236ae540178efed729c20bf20c5afaeed6e2fa02d50323
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e17ff7619f8f5eee97599d73b2d704bfdd201fab8449072f070a7d799c9318d
4e60abab8a358b1271a5c6344b03d5e09fa46b0da9abb1044043e04d7c92c100
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51cda630cfb2315e00576f8b5c1904e65ce1f7cef0d8372acd9c97027ea0e1a6
520e4e303c171de9446cf45674490ab0104e31ce452a5174d0c236bcc56cc748
54220344a758515fcb688cadc9429037171600f33e09bfa0ec371b11a5212a0e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56cfbaecec5e1879f2fd9b76b669e80e66b54bb47893909cbb8c55176f7a72c6
577aa7dee2a55345b557658b0bd8e980a2b2a291533f852ce07504b5dde20619
577cd6273df8d1bc51ca6ddf9c7ffbffe5893ee06cba164933b9ea31f72ee3a1
57e07ee4412b6df5c367409c3b5f85b4c7051e4961d6a61a55f616f71eb960e7
581ee015da1b8b85367b537755e29f1d064e98564c1ed60d95888a9cccec11a9
58e40f90d32455d12bbd9436095975e22e109e390271f1e2f8180c3b9bf04140
593020cf5d3e63224b556bcbde5b53f41654dd245db946c4abcb83b97ef61833
594daa4d2d56adf6462615b4144d76eac33280262756172916b817c840af46d7
599e454f64c5809981bd74329d7a4fedaf4fda22344f44e23091a1167c8c929c
5b4e0675137260baa3f269ce48984899c5f1de303031e310d9a687f8a874e0b0
5b647edf1597f3427578fc09d41be48660f2388e92022eb0693975efd38acda0
5b8cf5ba57b2f1136536c6259c1ab39a48a70e9fe2faf33469be697dff659757
5c2e8d38712960d262f98dbba5a13a3a4855a24b12b336151e5f3581afcaf893
5c5ad269940d94ab40420e13e08a58cb47757c1dc7f8d3bf7f1b677f863e639b
5cd484128d4d21711133e156f7b2cc97797d9d129e94923535256ea3dd6e1568
5cecdbd68236d1313ae3d4bfda8ba50a6228968a09fdccb6aaacf2b4212de1db
5d8f24de649d274c051960845b51a0407362d6b4c80de23985e648d3378708f5
5f8d54a4a68960362329ccb73cffd213a7dc948998d292f963cebef4bd5b6b19
5fa706e29292d1a242d2fe536f6f02263b492b541fafd4580fb4adb1fab6bd20
5fb78e256d772838cf30e04c5cd827081063b22cc516b553ad8e2c4efec5b84c
5fe5d952ca38421506bc6eafd6aae78a42d9909d79550f921d636151b7d6e997
605e3ffc2242cb28691c4a7755955af2188fc1b27cebe9843bdd28734d791a22
60b9c237b76d36ffad22559780860321a7bd90851970e6fee99c8df04e5dd777
60d3fa2a92dcf0117935636ca0f2ba5e78c5eb0704bfc1ab35f012342381c5c4
6189d6dd1ac8331d35282928125273abdc6499aa8206478d1fcbb77afb409d11
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620a07002f926d9e5071dbd4300c813f123c84d597a5f30651d9493986e64048
62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1
634acd03d4524cd05257f188176f6fba111f59525f41fc9e39f619e9c397d379
63fd87bbcd38c6f0bf60f0c48b56a121aa28b01034211f6ea3a229842e03abd5
648b841e2377cb6fcd32eacb8ca4e5d86e424071323f49d64665eca7a4f8e161
64c73f049b7d49f2715f3edbdc4ef2669656e5d00d16be6dff168d3cf004549d
654adabd3506b74d12b836a8e08e7f762c71f4d30bd056657c8093d5dc6c760c
6698065393e20e0b97528c7b566df0f6f7c4e6008467d40d7b2165df8603ac21
6716207d8af64d06be048ab0b7fd9c4e723b8bb6fdb5ceabada90866127fae0c
67a0e773f82e6bf375a21248dcafa1c4c1cc1fac40ee6b1d8e503ba5e10c0f93
6883b04de92ee7568205248e36b46fa0ba820662c0babffa70b264b6133c0194
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b13f471a72da78f658f7feeefb2ac3ff8f1afcc4c47d04c680b77ebfe488830
6bc89c5f44b051d3dbb0daaab22d9be57a5eee843602ba96e6ce69aab16958ee
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6ca85dce202aa58472fc014b66011a48e171fe9ead74f3f75bb48b304637db8f
6df45560cee53656a767b06e1a5a3475fceb104bd208783adfe6376de7bd3789
6e5cdf885ba6a34d5f51ef209f1ea03e2f448c6587dabdad35d10c3c89ba440c
6e7f6500e0a80125abfba8a5806a14e2d9fc938afd3fe93f66ea6da6aaffe267
6fc5ea31e5855895a552d4875b3cb4fb1a145ee2e9e36a99533cdb92688e4d15
7029d848f52bfa1b717070483f5a9446bade819c06378e48eb09652eda2a8bb1
709ca4b1c3024530eff9697a4b9795f39910557ab89a3376dc280d4b37b7bd6c
7127bd4b5682c041ce003b319c9693ee3001cfd052a035b0c2a8650ed6f9d190
717788798913c99f4d821085cec987ada9bbf33d93e8ae14152a99a4fa0a742e
71ac1a14b9d4a0266420bed3cb1afd5cff14a68dc820d0a5c58179db252c8720
71af00dc540f712de353ad05201088db4f04ed9c142bef165c4dc6da0f44dbf6
71c13b764952f4abaa685ddbbf987f58d0ddf6e41981345549185c0a5de1a931
72884ce61ad28488aa1bd7421e1e3649264ab64943a5369df089cea97ab14385
749b2c6db09136fdda87a7ac242097b2d0c84051d3bff242f295cbeaa23af8c6
74c9941d8ee42572786da8117f7ce4b45f0777a793519cf9962a3b3740290f0a
753ea873e068993553cd55d99636f2b818c3e904eccd85e74762c122359f5673
763c57eb4e5b2159b738bc0b91be5d435d25fe3f388e926d94108ba271bd1cd1
766f6a2b53c856b0e0aba25eea158bad2db9339a3fed9b42c60f98d3b2cd422f
767ef338b1a984d080dd155cf253923439ffcb2c56137c0cc50c82c839d73384
77a3469e555db092e4bf07c42b573e4adec6a0cdfea6914f5374e3ec74af135d
78a4ce41a3ee2791e1499c43600d0d29c2bce00b4e3e418cbac46574b87c11af
7929b8452ca70d064f3d5f8f53e57cf6f740305d5b68b841198a62016db0c892
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
797b9a55629c348d9421cf908c354e0d7bc152328f711101d80860c85e9c6973
799a084462c5a85e566915691792bf800a13954c0662312f246c68a1d492f2ba
79fb6ece7988711e5c6858038d1243351cdd5922afbfff0b4d49cb31b6f14e32
7bc6fef827aa7f88d62e98cfd829fb47732fad974b68bfc79716d492fe1bb4c0
7bfe81031c453d0fa568b4666c28e7e2d27de9a72dfaa4ce8c89eb083d618957
7ca3aba52f015c4f5f1db95d50e5f2ddf5a75c793385dff9e9ac3b9bf97d2069
7d5212e078ec348f7b470830a5e1613091d69286801f5343a25c296e1d57f3e1
7de013e5ea8474daa73832c5d2b90579801ccff7ff402cd01cd1f3d490244f90
7e3570fdba77ad3997b969b4790b921026c48792a7e68fef6cf9fb13b8e47a08
7e9d796a15dd7cb0ba2073dd49de6d1efacf4708ff791a227d350f95a00fc1f0
7ea4787d13f97914256b25002f633ef7d731ddeba78dc44ea3cac778880b3ffc
7f88011702d4f9095bf4337994e99f8db4be1e1181bac3174414018648706a83
7f8f9398d598c73603ec9d3c4882706048ee9886fa939b6fcec550f938c84128
7f9699029a3259a609976633f23c6677b0d0eb2a4912f72cbe48ae999232d30b
801c6db96e03cfb9a93f9d5816cf3859c9060b4785f61255148fb45fb31c94a0
8078f0197f96b825a4c864342272ca8bd374f303696fe36aeb5c7ded7625e00c
81754d9914d5f6bf571d980672db535c0963d42f4724c9bdf4fdb1250692e987
81a6361b1f6ff5f9f6ca05b773fb993d7b7b3f668635ccba4379fa3ecb9a7e3e
81af12992cec1b4398ab1ad80e8eafe974a680cdf7162c27f652d7343608d9e5
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8205b4a286ac2aa077630a09500b32fc19062a5b0511cdac2982f4306589f49c
82473b1a43b1d0d8d801b0c40231bfde703a702f66ab4c778c40b7af8a8da405
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
830b8e9de60f12249f00579f567c620c2f1e9b12072d1ba1f9c10031cf04bb76
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84bd432c981c22e15c9a14f9ad0140373ba7b72938ecfcbd431ac53df52f5d21
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
875427aa16ef20c2b16fb3b3a0e79fcd1327790a055b9674c315a05e1df2c9fd
8784bd6b0af5e41f1d21cf0ab2396b425a8b24393507919e77f25392bebfdd6b
87caa13fcecef08fbb4b7e29be3e468bdd40073f83fe6411bfc9f258b9c50dcd
888e57daefbcf74c9f7c76ed6788084384f79b31e76f50bc6bd5eca7fa25fceb
89c9e80ecd6f37be835fe762db514ef63023190e1905645372c551b8c2201c89
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a34cf128b04be2b9696f0904cb75525c2cf7c87fe85c90db7c106b58d181263
8af03eb0348ebd3b30432805d57b69fed1cfd2da6135f1dbd0c425fa496f395b
8ba88ae52d13bdabfe18fe7f3016123a106dd662c85bdeac7bc1125f69354a76
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
8e939955ab34ae028af80f413cfc5a159f4aa93ecc4112b052061e381b34d6b8
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8f6fa121cd2340e5a7e01f50642158f1391acf7fc297ab44cd08fe10a76f7b85
8fad8206f9b8a03a67e54eb77bd26556f1450e435cf230387f2af7acb500368f
90ab58d5036e3750b920bd9b60a75f48fe668448d03bbb8df22ebcc8d0961aa1
90ae53641eb3c42e020b92a233f09be4c2db89578b976c61f97a27a9b6478d83
90d629f01c261744b95b2638388846bec8943090e04de2e9a53dd0c54c63e146
91d47751cf8b721f97b94e8125945bb960dad1a249f62b7cc3337182f70e9773
92ea551088c33435cd0d5ca7ad8964da120b66a5e1a93b2f854e02d2a949f8c1
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
943ef5dc99d5f15801abf010672f38219b93e2d9b865f66f9dad732716dae5a9
9470137342ec088b7c020fe717274cc62469b3da3043ee7811f97fb63b474b86
952af1bb67e0ad63f454ecccdc14ac60f2408b4535a6dc4cff7bbdb9a8e1c5d7
953bbdc02ca461889afdea97c1427b9bfae361ed3927444e3408f71f78f5c764
95575c175ad5b021221fb3be3719748e2cb58a60dbbfabb4f89c324d80790050
965bfbe8d4dae3f3c72a93d68967ce3abbad5d4cf08787370c509db5f310414d
970f6dd3f071aaed8bcd5b39bf4846b572e73faff628ea752b336f7e18f955bc
979e532e35e71f553e589410fe5368811c447c321e8396eb538ac29d9871a9a2
97fd2139b1fe49337efeb29ced4c830213491afda12fa4b7cbcf47b4af6f584b
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9950c566673460ec055fcebef68b5bbd0eb611c1cf4fbf7a1d0b0ed374895dd7
99aaebb5b0f309a69e743d08725be55ea8f5a1713364cefc6024ce58aa9c6ae9
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99ca44f09f49dbaffe75720ddcd89edfaa202917d4789bea9ab322cbe14bbb57
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9c088a7bde5392310e96013928bf747b644276f32a9f99e4a8722eb1dd4f1364
9c6e688b1de8b05df1e8fdc845ee5eed212f9e78f3e00e603699448ad7b43aeb
9cabb6a5c4ba40b748c25948d1de5ac39e02208a94b06304ed9f7f65b0795478
9cb57e066773eb8de83df1e62a359d6dc33c34e40965cea8f61928b2db6b0d64
9ce8c0ab3df1df8637fa83be1f16e3c8e85b4fa087399e440957c410d22b6b30
9d341447828796fe3d9c13df41f7e1066f4cb4730571fe61c1bd6ac8df7e82fa
9d39cf2be5da67babea72be0a4d9c469654951692c49f888bbfd5925b532e99e
9d63c4021880813abfb6f9eace7f9b956bc221cb642dd33d8b7062a4e6878f97
9e4e465a192bb601566253a6f277475d9901cd4e65b980b6e9afba0a414769a0
9e6ebf055937e7bc01a1f505dab51499478200cf23f3b871151f41d3538e3382
9eac23c3f5b38c720588675f36e49fe92e6a38dcaaf71a914372ae2d0e4d7f61
9ee9aa0f93237db0cfa0cf08f81f3bb75af4bacf0fd6a55a70b94d520080f873
9f1004316d3edd7ab11d861d36950e2bbf09e6814c127c5afa91289f6afcb564
9f6078fe481ee5c600e15b2526868053edfef57288ba4ee695a761042954d012
9fe8593990bc04935d7dd9181d46f65a0fbe53470e23d093a21b3ef909f3d4a6
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a0c3f870df4566089ac5969249d0aff4b020b97f1ca1c8eae4619c26541a5e51
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a18cbdbb0fbb733d7f4cba5d2afd6b2706e3f141c743f491057e5800368cd8e5
a196b3ea49d3c5804e7d51fbeb3d143b3ac33a25c55b9a3d6ec7dde16f666734
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
a1ae0ed71f172ec8e25416221120a3eae7c020c83b1ee09a928a279af9bbceca
a1dda4b0626dab9d9bd1738d60fd60aa7ec86216a97d2f643e06538bab98c6b5
a3d4ac3a59e7bb03364032c00184faf51010fce987889f03b225c6fc19c394b2
a4bb6825bb9ade42b3c147046b41c932bc4428f5c11bd5b969a5ffeeef1608c3
a5e7bdeec32432f86e9a8349a1c2e359270a67e6b3a2b99a4058e2a977ff16a8
a6c042359f40fcbc436a895af92ad0774db0979c94111d6ccf5b906a75be8863
a7338f9af98646f84f767e52ccc6d5f7ffe96f93789a5b3bb9aa9f4c41a6620f
a75f123b32bc1da6572a242a2d0e6066cbd7754158af4a4f02fdace3a3d51e07
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9
a860e393a22f7cd34a28120e6b5f9bdc433a1eeda614b995c6c22b395afcfbe6
a8a8586d0753760fd0f2e26b2506952aff385c17fbffbb8910b4086ab26a6b25
a92f26ad45031cc81c54bd4779898bedc980b3e5915abd5d58d7406dee1a639f
a964d2953dc3df9f7532f7e033397e6fffd16b2316c7bd20e2270bb3cdfc5e9a
a9bedaac92cc91cb53c3ab652684c85333c22b574a378a8d8b31987fe80eb830
aa2184d6bdb6dcebc710e9cfb8263d8cb3747b9276a18e6c9a642c8a7f8a7f8d
ab1125f06c48d3f438ff2bffb9650fa4a08263637396f2f4d63bf9538b1009f0
ab7424c2f60d4e403fc8c43c0b245927e2fbea67e15dc3642cf9c5eddbd75e63
ac2f0b1a69b9ff186c6dcf21d9e3270ef3a0610d35206057af231608548797ac
acb3a6c766954e7423f0ffd1e12e605e11811bd358a7a1be5443d4b1c80a4a80
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
adf2e6738bddea9fb56e542bbf10e92ea7458eab87dfd6da633d51069b6a5ee9
adf649e2e1ba0489c53a4730b06ce0e0188cc167aea81d85dafc19e44e2163cc
aff4d39b59092d38bcd20767d6d2ea4ee26df82fd1b3610a609479e2f5459b39
b051c94d3f1054f50cc4bdf888d233f26b0e3290818335a788abf116be1e10d0
b0af5ba49c246189c5abea60a5256b8f6d127a6dc99bbefcd023d55a001fba28
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15848dd9a41b28740439b32767ae21b2642dc4a40a3edec09fe18023ba45572
b201f87a9f0434b6a7e689ca5b3bed68770c7c8d94aaf10e1ae756cd44f93129
b333a33f794194adaf94287fb06c6529010aade13c0574140ea03f4bd9f433bf
b35ac8a01a854d2726d5a17c8297f4555cd336084d9a5e5d2f952e49913d8775
b362f760a64601810a2fad3f90c881917cc0d8675000a391e83d388a1a402fce
b4096925f34c85d0c0e934ad77c44165dcd66fecc354c153784d246f00911da5
b436cd178eb37817ffa0580cf6f45cb42de8c152db784e7349cc0447e1b062d3
b51644ddb858d342171b8e299ae1797b9655e8d39485aec7afb90d7692f8eaa5
b60027faece44b420b9bcbba834808626141ba9fde3a68bdf04ad10d359866ca
b6276bdfd4e4844bffab5fc63afcbf296b5ab01ffab5ec61c7c513ba41089d09
b6f671638248959ffc2d4a5ab50761cbb5f482ae1fb203f3c8310eb4ccb64108
b83a5325f3a63719df02bc5826a0a0fb9c529c1d0f7cf5b4521e6d11cfbbfe34
b8af800c7b6345f563d1da2fe5c0ded2e544bfa39c3d75bdcd946f354923a501
b8e6a4476f1f8f31c688bd1a0347a87bc4fe3c057eb2bdd6d871f6331ca9ed26
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
b9ea1d6ab153b5ecf884fe467972d9e71308566792e3139bd4b8d6993d82b15e
ba0e6d25bd1f435864bd37ef90a0c39abfdf8d462ca2871ca2a0d38b2fd0cec8
ba24eda30cf8adc762f0c2027b5e616f52d83f231c5ddd28f7b6f733d1438fc9
ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a
ba9e238c4275121e8573d1a0adc09a033cb2314f5c33a26661e566d10104326a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb64e52d744ced96df76e20f4ad9c25003d98b79d55e0f28cfe818569c53637c
bba475f382cf94be3abaa5558f9ea170d83b889bab8f9114060e94067f97820f
beb2f8bbbd49243623d9436e4b4ccaa979d6f5f5cf4c70ff33bc6dd93ca7a741
bf2ba01a793b6590c02f678e858ec7dfe9e5f157379cd3f0898b0ee2d68044b4
bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2
bf9c2565472796553b58be6175534ac19dd9e40fbef7515fea96e3a9a86aa8e0
c0064db9e5d0aeccfe5eb38efeadcc649e5b7cea349e97f2965efff6c59300a3
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c28e48482f738e83604914f155aba449664555adc04e95b0f63a3efa68f48950
c2c25bb39f8efa8b490d7c22d2f4ad85f62b78f0fcc7b0aa74c6771f017a55ab
c3cf05f4830378f974572f8d74ae5230ef4c7724b2d481ce4c979851c9d5f80d
c3d6290dae25721b75b45c294c15347b9dedc5b2a0b8c19187f55dcc2d6d1965
c3fbc8349fe685cbd563da86958681f44e54cc6e0b357442519b964781210529
c40f050992d1b74a6eea96b22a569c57351f29172417a25eb370493c51d0950b
c46261799db2b9293be2af0302b45e51ab5d1e383d0e7b4994432c8fe0ff3d26
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c4d70dd26bcbf3b83519d6bfba8fde8a5311b41b14981ac0c21daf04937c09d3
c5ed686ee3d8cdad13ff57ddf44eaf3909252a9886da09ab45bf9d2c2991fdbd
c5efa211a717e15a66764cd60214b7711e2a420817a07de3492a5be535ed0cfe
c6028b6ed7b16c37d07c00d841ce55e1cbe3bd6697e3c4e710cb3e1bc0ea1443
c671dba350a7f875dfa8aabcd17f18ec6a0c09c9403ddf56349b7d97510d4962
c695827d38a6c6edfc182a5555a22867c9af10102dfde215972387b50c70ea01
c743d7267e778c5fcee630883cd945ed036242546d40deb30ab705a0c105f752
c74d74e850012430d18faf53f2af98f2d30bffed2ab3cc1a8b76e55c049724bd
c7c557df42e75b26d527f8c8d5ce9181f0f3048f1c84abcbf8d6014954aa70d6
c7df33c045f83baa2d02d7e96e4c67d4d3eae6a07783de1630467dbb6ef6f0c3
c849c8c65be44de422c18eea1d8d2ede23aefd848e8ca38632f8e0baf46409c3
c888cad41f1abd8cfd3461e0dcd9b1b4a777101bb23f6c3dff2fb7d63e822084
c9320aea699796c5e2d6daff012481d5a98dc981aabdb73c18fa0ef4b8867788
c95c231cd986ca8ef3ddf1b4000c6231149ac7b25541880a3f944c551c956591
c9926884daeb95121339e70e0867a892cb1a6a2c95dc2ffc5ef32aea565e6465
ca22eba124587108138d0be01642860a9753af08fa9ba6d9e1841b68dc79ba58
cbba5314761eb5d0bce614a7a219e1a95e8cc3ac36c0b46b09ca3a6ef5a3a38c
cc6e0eb2b727c5655fa05e5f0b6873ca2f29b2ed69315aedb3ca9db7b1757d23
cd7ca1b30d182ad464248fd37d2dedbc44b76c36aa99f056e0d775afe58cc319
ce745d2d5bf55949251a0341e18e6115f8d0af8223b4f0c5f6461e95450b8787
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0688a78b669577ec4942bd5fe2e0b23e45574036a869c02da73791d414ef8ca
d06d6b8bda421af8b2b7df9243b562fc90acbe758dfa3503552f91cc774c09cd
d0cb621dcf81a814d8cfde3e75d142eea8c1d3b76d7469b753e3f689ea232ff1
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d14e2db8b864a788b773a8cda28bcb3b427cb8a4746031660385fc722e80871a
d1a0472ce85bace4a31f4c7e9a58f16009a817284b68e4b791dbd845e064fa45
d1d66d789bd948aa18a9f958e95c58a126bfc1289816784e1493d3c7a00d528a
d1e9feae4ced72c05decb2fc212e1cb15399fc19cb013b1763ef75d665930812
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d33f7513fa0e7c91f0612b7ef6e44aadedc1ea2165b737d22c425835ea130b96
d3d907f085c583d85855a86d3f8de41001fb2ec083636f488bf4d57030ac30c7
d3f7ff529117a85b4278d401d03a23c6474987c9c39fd55dfe7fc8ed5495e020
d44ffae446c882db7683bb7a254a0a998292004a6961590f06278f04aca26c58
d4ee7375b721beb2bae6af57caa65db5e27e9fc46ef0b1563fc91c136fb14f30
d5061bc947687a1eeebe87f1584543bae02599492ae58114605038f92ec52078
d557f93db0b96372feaf9f0695d65a04d5c04fb943f6a40da18d9b9708f9b5b9
d66c157e60a88623fc6bb87393d303096b3a2db235ad33c1cdb80ed71ee38c42
d6a5e09e10f94077749be842a39eccdb423df69e86b81b279683fcfc33ad443c
d6a772fe86729d7d99b1692833b687b97a06a887cbbee6156f51a9a869b2e54a
d6d37d97fadc4ac4d4c5a1d0dc33111910d890a43588a1157c827702e97d73dc
d93dbb308c9ee05f12a636b520bd4c2165a1bc58d887e75c4857a12187cdba5d
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9aceb453edb794717e62d202798d06fc04ce1aba49136c61e2d733180119ce0
da4be0b6d36f2b3673f98ff7c519a5833ea0a2ff6735c24935495b886c5b24c3
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dabe1dd37970f8b88069aceddf2cac01c99680734fc9ed61f18400e1d24dc7a7
dae9a21a4fc6127af3ec58175eaf29396ee4f0ede3187c8bdd702ddae9ae4ec5
daf714d406597e66ea78021d3403a9ab04015d4e580ab7f4c6adf6a9056e90bc
db0d80e465f3418e85675db61b05a7f7a6ec31864066de73fe37adbe12a300fa
db3f9ec6f9431efdd527fa24e534ffa0227a7409b5a2e4c50db39e6ba851b7b0
dba4e42b172c7321e5fb4f037bc2080a218a2b5605ac05dfcca4dade2111d83c
dc3a0e2e935e1287780338713472a6ab77cfddcd82259c9d6bb4317de0d93898
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd19ee9a5613e4fbe9fe8e4dc92970d2b57774cd8bf45af979675d2a60a66bde
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de907bac978ab46c71b237ef56901252e6f8a75b5bda1768d86d48292a1f150e
e0c1e35d7f07be8f8ac6d6ae789913f4fdf9230edd710ebb3a6ae0a9181c19c5
e1fbf2cab1af2eba0753d58d64b126f2df82199bdcd509d636670ec77eea1e44
e317d72184f175517e5c71273b70cc53d88e1bf4887e3fac1c1c7e448f83b323
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d188579bddcd83fc8d1383f60e6a50c5cc3428e4f6c32b493a8cce04bc9c87
e4d42ba9c82f8ced32ad82a5e05bf5682e97d38727d14a8e22282a4a4db99088
e5b5cc5ba9db92239a11a158418c1329a8a3e8c2ad63fe384fe8596fbf4d363c
e6d5caca1c24dabd22addf4ba9a5db61b4e4a825d9b847ea970b5a0370c0fc2b
e6f2671d44eaac17168918f69d4365fda6f2a49d5a3f046341d3301783576924
e7dee068051d9028f97d358b012ed88228a947a62a77049cd16fd2b1922f5a30
e879b3153e1a7c5e782ae1d53ccddc97f6cc719bae34a46ad835f8c2369ac570
e8eac1eb92b88942efbb9a7962a998865b586a494fb3ce518f3102724bcf6359
eb65580e83a113a649b9c625cd5953cda3bc33dcd588879e0cab390c7a88fff8
eb718e9a80bccde9b1409107abba6356a5ad91bc3e9e7b4879757b3cd53a5341
eba46237e8af3091facfc0b05d562a5f162cf4978692dd0085822f52d2efc966
ebcfa276e25d109999ff4d4ac61094e56a4f0d997b5ec7c622ca12be98b538c8
ed307b9176ce74e8ec5cd56461795d1c63e3a2df73afe3dbb03731e20a8e7101
edaa3d1db669f9b95feaca48807abad4293a7401a64737e625e145e063b10069
edc3681a1c512be5665b2ba07351162b8acfb4fa6bb510c03357b1aac137046c
edd3d05e6351c4531fd25903bf4c01e1cecb0f9eb543215c0984b912abddcdd2
ee4871835c5e6cb2c6fa43613663450ea851c12b62f795bda6a0f8d5bcdd5cbe
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4fbfc97004c5e9aa6e1f796d48d5198d53338795a8d799b0047736f4b0e218
ef6e10cfa1ca06d74341af9e659d856539273cf0dc4a5c17f03f67ed04eae6d5
ef8f2083a44752d1c6d0cb8a311ee6083bf6e7ebf9219dff075803e64cb777d6
efd490af240f97cb9188a4223a63582f3f8a0f010b3bbbc01825e0cee4281e29
effcb37466d42c01aee829b50ad7a5f3eb6e540af405ca5511a4bb8f5efe1fb6
f0169dfe222e3e29775854b42c9efa04fc76395b736f006b7e3633f326418e48
f017ac797c7bdfa849b6054add58c84b3719ef2c042fac29b749d416025a0039
f0e3e619abce11db3bc3bee0086e155016c61b7387b11e32cf88fa95353c741a
f10c59ce6b91ec9f367f3dd1152fa1583b63ae3d52b7e71f2db97e856442644a
f19cfde79e6d2bff9c93ec10bae81577b9df8233f8462c3caceba9a55ad9cb92
f1e70058e511b595ecb92c464adbe7f430b8223cc2ab2748314d14ee7c4bebc3
f2154a81cc3716d27bf944d277cbf3ba54d8d5fd067afc9ae965726e0e5b5a77
f223ca48b7c6707a7203f42dc4a632f7db04d0bb8d954d37838816af6c068347
f261892a92dc625b333a31a24a8706a9a4a612a7ec1f7d016967c559ffab1886
f4c0870e7f0d953d864c90b9a23f0d3374b658a9bdf11b12942e4931ca774722
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5fefd6b4d657208d3e73ca6e2c5ea7054878f9c777eaec5f6bf27591554555f
f62ec71b2d7f5ef8465d70654f4b271c99c61af8e1858eef371224acef174f83
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68ba9ea52969fb30dca0370962056160abc5cbc8dba244b9dbf575af356e2ad
f6c9a0c94181cd282c37e2c8706bb0f8506a6ae6f564fbc23acd4f90634710c9
f744b1fc6eaddde86e46fd919e90588f7099b655f403a911254009490b0f1487
f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a
f79ba9729864cf2b7471e83bc0f4e2e7f8508216c0da03f7792423eb0e63f790
f7a393458c6b5ddae2f4911216353787e07f756d7cadf7af15d70595c3444a57
f8bd99942081b3f6cd7e41469b659443a71bfd03e55b3099c4ae04504a6474b0
f8dee6979634e4ace26d138fcb53d849bd5be1d4fe4da43b0aeb9dd34afdcaac
f94a91ca534f0493fe40200f72b517c9b0fbcff51ef6739a45dfb7047475ce1c
f960cb9b07a9aa9b89afc37ad574784d97d2a967f168447f82cba478281f83da
f9820c9d715ce9c243cedf205444b57206ef1de56c70b12e778c7151efeb22b3
f9d9c7a87c8d45bf544e7e77ebd3e5ca06c28c690e4c36bf6def49fa95326941
fa269d86853ca342c78b339dc6cb033f485ecb4c30850b4d2788dc0638e04c95
fa89391e3469f8058741d523202cc91c8d09cd60904bb4e8b7f29cdd131e21f3
fabc8427a346e6f57c6cb14424aad67c2adff0b0a198aea685d8c6cf2c69355f
fbf34fdd277152ac905a960be1d1da3780640345c504f011c40ca00a856d3f1e
fc494fb3691404eebf7d3e39a042469d31fee2863f5307d0697fe41ee9f9f073
fca3281ff80d6cceac08859b3f470b6ae89bf72367cc0d68fd6b2ac0283701ef
fcb478fb055b163547e965b61193c2ecd55503cf237430cd13733a343184f9be
fdcb74f626ef8f1059c0e3bd503017b8fdda4a54afcc26a4da734f5fd5c7a87a
ffb3cbb692a508d81baac2714794cd9f522c1bc8e04dd282c7da81f5d7490e65