weloveelephants.club Open in urlscan Pro
169.150.247.38 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://weloveelephants.club/?bypass-cdn=1
Submission: On January 22 via api (January 22nd 2024, 9:17:21 pm UTC) from US — Scanned from DE

Summary HTTP 112 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 33 IPs in 9 countries across 32 domains to perform 112 HTTP transactions. The main IP is 169.150.247.38, located in Frankfurt am Main, Germany and belongs to CDN77 ^_^, GB. The main domain is weloveelephants.club.
TLS certificate: Issued by R3 on January 9th 2024. Valid for: 3 months.

This is the only time weloveelephants.club was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	169.150.247.38 169.150.247.38	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4005:802::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
12	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:fa8:8806... 2a02:fa8:8806:21::1720	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 11	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
2 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 2	23.35.237.56 23.35.237.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2620:1ec:bdf::67 2620:1ec:bdf::67	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	23.35.228.188 23.35.228.188	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1901:0:7... 2600:1901:0:76b9::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 3	2a02:26f0:480... 2a02:26f0:480:22::1726:62d3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:7d46:bd77:a0a1:96	16509 (AMAZON-02) (AMAZON-02)
1 2	37.157.6.254 37.157.6.254	198622 (ADFORM) (ADFORM)
1	2a02:cb40:200... 2a02:cb40:200::242	20546 (SOPRADO-ANY) (SOPRADO-ANY)
1 1	23.199.221.167 23.199.221.167	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6813:afbe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.132.128.129 18.132.128.129	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.52 18.66.147.52	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.36 99.86.4.36	16509 (AMAZON-02) (AMAZON-02)
2	18.134.214.132 18.134.214.132	16509 (AMAZON-02) (AMAZON-02)
112	33

22 169.150.247.38 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 169-150-247-38.bunnyinfra.net

weloveelephants.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4005:802::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:21::1720 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 216.58.206.34 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.75.86.98 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ius.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.237.56 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:bdf::67 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.228.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-188.deploy.static.akamaitechnologies.com

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:480:22::1726:62d3 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.153 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ams3-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:7d46:bd77:a0a1:96 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.254 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:cb40:200::242 (Germany)

ASN20546 (SOPRADO-ANY, DE)

t.adcell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.199.221.167 (Düsseldorf, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-199-221-167.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:afbe (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.132.128.129 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-132-128-129.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-52.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-36.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.134.214.132 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-134-214-132.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	weloveelephants.club weloveelephants.club	2 MB
20	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 cm.g.doubleclick.net — Cisco Umbrella Rank: 260	54 KB
17	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	712 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 29340 ad4m.at — Cisco Umbrella Rank: 11475 assets.ad4m.at — Cisco Umbrella Rank: 41583	140 KB
6	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2616 www.google.com — Cisco Umbrella Rank: 2	2 KB
4	adnxs.com cdn.adnxs.com — Cisco Umbrella Rank: 1783 ams3-ib.adnxs.com — Cisco Umbrella Rank: 6829	29 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 28599 api.webgains.io — Cisco Umbrella Rank: 69568	19 KB
3	bing.com 1 redirects www.bing.com — Cisco Umbrella Rank: 53	7 KB
3	gstatic.com fonts.gstatic.com	60 KB
2	adform.net 1 redirects c1.adform.net — Cisco Umbrella Rank: 583	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 843 r.turn.com — Cisco Umbrella Rank: 4167	869 B
2	ad4mat.net static-de.ad4mat.net — Cisco Umbrella Rank: 164401 prod-rtb.ad4mat.net — Cisco Umbrella Rank: 125344	1006 B
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1376	493 B
2	ctnsnet.com 2 redirects ius.ctnsnet.com — Cisco Umbrella Rank: 7224	1 KB
2	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 707	886 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 357	297 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	130 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6518	515 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	148 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 69384	15 KB
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 55633	2 KB
1	conrad.de www.conrad.de — Cisco Umbrella Rank: 86865	492 B
1	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 16092	696 B
1	adcell.com t.adcell.com — Cisco Umbrella Rank: 57836	459 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495	759 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 856	757 B
1	microsoft.com adsdk.microsoft.com — Cisco Umbrella Rank: 4271	38 KB
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 608	363 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5893	598 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3445	104 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	598 B
112	32

	Domain	Requested by
22	weloveelephants.club	weloveelephants.club
11	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net
10	pagead2.googlesyndication.com	weloveelephants.club pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
7	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	assets.ad4m.at	as.ad4m.at
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
4	www.google.com	weloveelephants.club tpc.googlesyndication.com googleads.g.doubleclick.net
3	ams3-ib.adnxs.com	googleads.g.doubleclick.net cdn.adnxs.com
3	www.bing.com	1 redirects googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
2	api.webgains.io	analytics.webgains.io
2	c1.adform.net	1 redirects googleads.g.doubleclick.net
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	ius.ctnsnet.com	2 redirects
2	onetag-sys.com	2 redirects
2	match.adsrvr.org	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	www.google.de	weloveelephants.club
2	region1.analytics.google.com	www.googletagmanager.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	weloveelephants.club www.googletagmanager.com
1	cdn.track.production.webgains.team	as.ad4m.at
1	analytics.webgains.io	track.webgains.com
1	track.webgains.com	as.ad4m.at
1	www.conrad.de	as.ad4m.at
1	www.awin1.com	1 redirects
1	t.adcell.com	as.ad4m.at
1	pr-bh.ybp.yahoo.com	1 redirects
1	um.simpli.fi	1 redirects
1	r.turn.com	googleads.g.doubleclick.net
1	ad.turn.com	1 redirects
1	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
1	static-de.ad4mat.net	as.ad4m.at
1	cdn.adnxs.com	googleads.g.doubleclick.net
1	adsdk.microsoft.com	googleads.g.doubleclick.net
1	dis.criteo.com	googleads.g.doubleclick.net
1	ads.travelaudience.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	weloveelephants.club
112	42

This site contains links to these domains. Also see Links.

Domain
store.weloveelephants.club
www.facebook.com
www.youtube.com

Subject Issuer	Validity	Valid
weloveelephants.club R3	`2024-01-09` - `2024-04-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
adsdk.microsoft.com Microsoft Azure RSA TLS Issuing CA 03	`2024-01-08` - `2024-07-06`	6 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2023-08-24` - `2024-08-24`	a year	crt.sh
ad4mat.net GTS CA 1P5	`2024-01-16` - `2024-04-15`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2024-01-18` - `2024-04-17`	3 months	crt.sh
r.bing.com Microsoft Azure ECC TLS Issuing CA 05	`2023-10-18` - `2024-06-27`	8 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
adcell.com Certum Domain Validation CA SHA2	`2023-07-28` - `2024-07-27`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://weloveelephants.club/?bypass-cdn=1
Frame ID: 8721609C06D25F10E90F5D9B657789A2
Requests: 43 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup.html
Frame ID: 3D50BE5226E2AA54BB25580C0495FBC3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&adk=1812271804&adf=3025194257&lmt=1705958235&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x675_l%7C140x675_r&format=0x0&url=https%3A%2F%2Fweloveelephants.club%2F%3Fbypass-cdn%3D1&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705958234721&bpp=28&bdt=622&idt=236&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1254468008163&frm=20&pv=2&ga_vid=345899656.1705958235&ga_sid=1705958235&ga_hid=220994473&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080589%2C44798934%2C31080601%2C95322184%2C95321627%2C95322166&oid=2&pvsid=1263584814593530&tmod=149749906&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=312
Frame ID: B343C39FEA693EA48C1B328DFF049910
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=2293688473&adf=1133003084&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705958235&rafmt=1&to=qs&pwprc=8050174172&format=1200x280&url=https%3A%2F%2Fweloveelephants.club%2F%3Fbypass-cdn%3D1&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705958234749&bpp=2&bdt=649&idt=299&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1254468008163&frm=20&pv=1&ga_vid=345899656.1705958235&ga_sid=1705958235&ga_hid=220994473&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080589%2C44798934%2C31080601%2C95322184%2C95321627%2C95322166&oid=2&pvsid=1263584814593530&tmod=149749906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=336
Frame ID: 2D74C5E4CE5F2704F4BAB492078B861F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=1910187367&pi=t.aa~a.3674262249~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1705958235&rafmt=1&to=qs&pwprc=8050174172&format=387x280&url=https%3A%2F%2Fweloveelephants.club%2F%3Fbypass-cdn%3D1&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705958235716&bpp=8&bdt=1617&idt=-M&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D12f4e2ba8ed95eac%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MZpmh3FK-IerHKf5R8tfCGTE2GRZA&gpic=UID%3D00000d47adb2c5ed%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MY1DtGqi_Qxl44cgeoz6seUkDSLNw&prev_fmts=0x0%2C1200x280&nras=3&correlator=1254468008163&frm=20&pv=1&ga_vid=345899656.1705958235&ga_sid=1705958235&ga_hid=220994473&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080589%2C44798934%2C31080601%2C95322184%2C95321627%2C95322166&oid=2&pvsid=1263584814593530&tmod=149749906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&fsb=1&dtd=17
Frame ID: 84256DEFB58B02AEF6F5FDC013854FBB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=2501308132&pi=t.aa~a.132921631~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1705958235&rafmt=1&to=qs&pwprc=8050174172&format=387x280&url=https%3A%2F%2Fweloveelephants.club%2F%3Fbypass-cdn%3D1&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705958235716&bpp=6&bdt=1617&idt=6&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D12f4e2ba8ed95eac%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MZpmh3FK-IerHKf5R8tfCGTE2GRZA&gpic=UID%3D00000d47adb2c5ed%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MY1DtGqi_Qxl44cgeoz6seUkDSLNw&prev_fmts=0x0%2C1200x280%2C387x280&nras=4&correlator=1254468008163&frm=20&pv=1&ga_vid=345899656.1705958235&ga_sid=1705958235&ga_hid=220994473&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=1315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080589%2C44798934%2C31080601%2C95322184%2C95321627%2C95322166&oid=2&pvsid=1263584814593530&tmod=149749906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=49
Frame ID: 9487CAB11240E61F281B16F22AB13820
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EA6B3FB41A335E82A328DCE624FE5EE3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7FC2E79B0B94F675A06FFC6397A2E078
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jftejmbqad7cqsyzqe1avz56z0jx9s8qxw2q6q3n7qktx4akh829cvnba3xghnvw9pvbp4nc77nhy7q26dpbzdsq23a20085mbtspbnngmhb5jah363tcn45pek1jrrtwjd8zpfc7fkp3qa69593kqjtfen1gaznprhfndgep7pmrjrdg84d2xrf3h3jn7n0c2z4rvs30frnb202j34sjr81xs8cbgm3azfefq7dbnkf80a5nknk7wd5brdxqrcnj8z9kqtf8kx3f811cgp9jh5k6e3z76h088e6j7brbngpex18p4v8ywrszrmsndsz1gv69p0bvf33fksg0v84wsa1ya1f5dfcvdabjkt4s26q2ssb7jfhme5qey0bh3qwcdgp78wt4bdft91tveqpww2ankg1pk0j6t9e78h7qj5rgn8m8pzx9rja1zq06r78g2d2swm88&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCckpfW9uuZfa4MtOC5LcP15qnmAiQ4YGEXLaoworwAsCNtwEQASAAYJWCoIKwB4IBF2NhLXB1Yi0xODcwNzc1NTI2MjE1MTI2yAEJqQL0O5NAUkSyPqgDAcgDAqoE2wFP0B92Ws2diRo2qn25p1LlbKzppyrsUAUiYDSzSSNn-C1LQFKsxvjIcFAsFq_eGNl02gIRladTXWE8j7Uk2uCUWotX8KhAiUjzk-MTuOZGkAgwUE9mpc7LyzPaldSPMVYlQkeB96gwhjr-3ktik7-CukhrO7Nb2pWGi5UxIacx9aQka_iT9VBY0rkogir0hDYYDJwC4FbbGrjn2GihRhpZ7yoL9Wd7f6sl99n8OFBXhoI4t24b5RXlDSFm0kQAMFGXJ8ULOcvobCjmI6B4dh7MpSJfXsl8W3x1Wm6ABvyTrIfyyaeCK6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliK6pLV9fGDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0S6aTocxatD0Us52U4T52Zqi-xLA%26client%3Dca-pub-1870775526215126%26adurl%3D
Frame ID: 9B18A9A0A45C935E35AE119FC27CFB13
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus.js
Frame ID: 9AD33AC690716938BAFC2584CCDDB8EF
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7AB6E3DCE7AB253C4F50CEA83E033840
Requests: 9 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 975BB6EBE2310D89084D10F78ACDF0AC
Requests: 12 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: A70F08D631259F8615641970292B19DE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4DC229EAE06A89D3AAC1643B9C54113E
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862%2C765%2C14019&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=300&d=250&e=&g=947376e209a6fb2926654c58c6e62db7%2F1814712148864387678&i=71725%2C1676%2C21596&j=21%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705958236644&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gzdvgsw563xzf768fj5v1mw8cv9ftcp1ypev68vjjza9k1fa8j4pv72j2k6w8dfw56ykfgfz59n0tjyzs5dc9q0eq6j0snr9kcc9rjd0w9p2echeh4mky72np7rsmcq1920dapjyt6f0kcfzm949s63qk6yc4wg7xvearxk01p45321wgs8vqcw9gbbmzhdy6rnvsnj5nb2rv62bjf9r6yh48rcyrw6bkgv0kgrkk25btzpj3nbv518k5eyvec098nnty1j54tdyhet2qq2sjm4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCckpfW9uuZfa4MtOC5LcP15qnmAiQ4YGEXLaoworwAsCNtwEQASAAYJWCoIKwB4IBF2NhLXB1Yi0xODcwNzc1NTI2MjE1MTI2yAEJqQL0O5NAUkSyPqgDAcgDAqoE2wFP0B92Ws2diRo2qn25p1LlbKzppyrsUAUiYDSzSSNn-C1LQFKsxvjIcFAsFq_eGNl02gIRladTXWE8j7Uk2uCUWotX8KhAiUjzk-MTuOZGkAgwUE9mpc7LyzPaldSPMVYlQkeB96gwhjr-3ktik7-CukhrO7Nb2pWGi5UxIacx9aQka_iT9VBY0rkogir0hDYYDJwC4FbbGrjn2GihRhpZ7yoL9Wd7f6sl99n8OFBXhoI4t24b5RXlDSFm0kQAMFGXJ8ULOcvobCjmI6B4dh7MpSJfXsl8W3x1Wm6ABvyTrIfyyaeCK6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliK6pLV9fGDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0S6aTocxatD0Us52U4T52Zqi-xLA%2526client%253Dca-pub-1870775526215126%2526adurl%253D&y=1&s=&z=0
Frame ID: D4BBFA7CB017434A539C03EC29B1718B
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

We Love Elephants - Photos, Articles, Facts and Everything Elephant!SearchFacebookYouTubeFacebook GroupToggle MenuContinueContinueContinueContinueContinueContinueContinueContinueContinueContinueContinueContinueNextFacebookYouTubeFacebook GroupToggle Menu CloseSearch

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

Page Statistics

112
Requests

89 %
HTTPS

56 %
IPv6

32
Domains

42
Subdomains

33
IPs

9
Countries

3651 kB
Transfer

5069 kB
Size

22
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://store.weloveelephants.club/
Title: Store

Search URL Search Domain Scan URL

URL: https://www.facebook.com/weloveelephantspage
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCM_fu_OIMt2iCBcJdjXosWA
Title: YouTube

Search URL Search Domain Scan URL

URL: http://www.facebook.com/groups/weloveelephantsgroup/
Title: Facebook Group

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://ads.travelaudience.com/google_pixel?google_gid=CAESEFstXcQjc59UOP0OH1LbX08&google_cver=1&google_push=AXcoOmSWk6d0KBL10yQJdvfyrCBlMc954u3HIdePajp8vcC0xE-NxBALUqFHj4HO9Li9qEt7q27NJ32HZSkBS_U6CjY7mx2dKkJCDrcWTSwjnLTO4CvES3XmWhFv1jwBvaE_6snJCUC40FT1ljVMOJuV4UdAeQ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=M2Nio9c1SgA1WPTNMQnTvw&google_push=AXcoOmSWk6d0KBL10yQJdvfyrCBlMc954u3HIdePajp8vcC0xE-NxBALUqFHj4HO9Li9qEt7q27NJ32HZSkBS_U6CjY7mx2dKkJCDrcWTSwjnLTO4CvES3XmWhFv1jwBvaE_6snJCUC40FT1ljVMOJuV4UdAeQ

Request Chain 60

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPZJRIZUOH3394RTmQkL85Y&google_cver=1&google_push=AXcoOmQoKkBW2GruaO-O1gElkRvPbHYjC_jfcTyJDIVPGV1RSfnQRo1yldg2m03YV6dU1_s_-9jOsU77aKniTV997iD1YydOa7E7863k_kR3ePzY0eDPlqZxcg4aS3b1Hj7-kS9oWlABf9WNRLFYltaJdsmcgWI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQoKkBW2GruaO-O1gElkRvPbHYjC_jfcTyJDIVPGV1RSfnQRo1yldg2m03YV6dU1_s_-9jOsU77aKniTV997iD1YydOa7E7863k_kR3ePzY0eDPlqZxcg4aS3b1Hj7-kS9oWlABf9WNRLFYltaJdsmcgWI

Request Chain 61

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEBK37KdsDJ6oppobZqBNKJQ&google_cver=1&google_push=AXcoOmTn766tqnVxaLGjBCH46XScs5ndosxb23slmpZQ3cXi6tx6wYcVpuhOyPlK0VMXaynSiVYW6ZzLK33LdK0RQXk4koG-PqJreglR94Ub9rAy4hMW4sImLvdkFuh97E6SF9nZuN20nvmxXKE6yZVbpNKq5Y1v HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmTn766tqnVxaLGjBCH46XScs5ndosxb23slmpZQ3cXi6tx6wYcVpuhOyPlK0VMXaynSiVYW6ZzLK33LdK0RQXk4koG-PqJreglR94Ub9rAy4hMW4sImLvdkFuh97E6SF9nZuN20nvmxXKE6yZVbpNKq5Y1v&google_hm=CIm5FL1QRza45qWATu_spIY

Request Chain 62

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPd7O0noEQ5ZsRMYDFkOh6I&google_cver=1&google_push=AXcoOmQP2RfOoifwwSK95fwCYU7864Qk2h6FZkWpINqBFoowr2C4-37sscSopIauK0aIwCizegoiLcAht2gAml27i8K5DImCwWjn7TEvex8g4tWKye1coz-I501GKjq2SDpx-nwa6pqK5PgTaeVVf36uMY5qfoDZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQP2RfOoifwwSK95fwCYU7864Qk2h6FZkWpINqBFoowr2C4-37sscSopIauK0aIwCizegoiLcAht2gAml27i8K5DImCwWjn7TEvex8g4tWKye1coz-I501GKjq2SDpx-nwa6pqK5PgTaeVVf36uMY5qfoDZ HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 76

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=3c357fd4-f4cb-4707-86b6-70144206d4b4&bidId=1&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=69d13c5c-be9b-4bcf-826c-0f40107686be&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_1-1-0%3F%26RG%3D7791f2bdb83041ba8a44bb51f8ce18af%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=1610617794973088896 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=7791f2bdb83041ba8a44bb51f8ce18af&SNR=1&GV=2&med=10

Request Chain 85

https://ad.turn.com/r/cs?pid=3&google_gid=CAESED7RtH5KNWt_rrpwPp04PWc&google_cver=1&google_push=AXcoOmSyqqS0NY-SSnX8Imb-2CFWWZaFivEVJ9T0eJYiZP6wV6Zq2QjU4kVWXs4ic9v4NqNqaJ3R-CYAdRoYOv-dbIImF0j87BTnrw0U52VfK8G8XLHjC-oYqp2HfnwwABSzTCscCbThUIuYKeUrhlFLQZGsAic HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDQ3MDIxNjQ2MjczMzI5NDk5MA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED7RtH5KNWt_rrpwPp04PWc&google_cver=1

Request Chain 86

https://um.simpli.fi/gp_match?google_gid=CAESEBknlSZ4r6bmkevcCEX6Eqg&google_cver=1&google_push=AXcoOmQ4rSj4UCrYykR0ffOjNBAz6T95lFgOMqD_5NzAS7hLxwsBRscAygazsarNyUkdKeDrn-ad0fv2sqjkBAdGfmoquwO6Zqvs81qscp7DppSins2D6IrUjEooa5-OeUrB6kD7bGa9YRaEbwvRLJorwM6ErKo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B0EF1CF62A3F418ABFF7531F16775234&google_push=AXcoOmQ4rSj4UCrYykR0ffOjNBAz6T95lFgOMqD_5NzAS7hLxwsBRscAygazsarNyUkdKeDrn-ad0fv2sqjkBAdGfmoquwO6Zqvs81qscp7DppSins2D6IrUjEooa5-OeUrB6kD7bGa9YRaEbwvRLJorwM6ErKo

Request Chain 88

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBvrXjLweNP4OMUD1GuuN6Q&google_cver=1&google_push=AXcoOmTHAmXtPGA-L1bz9N0vwm0lgJIH-U6IE4JeB1VB72LkG-rcPWGq1ICrFn4xhblLLSizB52Zrg1cY6sD98A8_qgHve0iUpOGr9DRP0yq-L7qSxlsLSsIgSgqRMv2Shn_KC6Tm2I5Vat9AzrTV-WnEpcAyPE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTHAmXtPGA-L1bz9N0vwm0lgJIH-U6IE4JeB1VB72LkG-rcPWGq1ICrFn4xhblLLSizB52Zrg1cY6sD98A8_qgHve0iUpOGr9DRP0yq-L7qSxlsLSsIgSgqRMv2Shn_KC6Tm2I5Vat9AzrTV-WnEpcAyPE&google_hm=eS1CTWFlY3AxRTJwRnVQWkNUcnZ6amVfQXNtUmJiSkhWQX5B

Request Chain 89

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIJJCRC3huT9l4zxuiDclKs&google_cver=1&google_push=AXcoOmQhOqFdiBPANv_jOL8xr90hEa3_qgJZbvHhPUqI4oECA5H2xCc4mMhhM86OlY7e6fOmMf_70xyFYXnhVkgM72GvRGHO9y-zz8uS0no7T-ygLl4Ueza5lNQHLbNg5cX6pOAgI5WW0Lsu7K1jmYfrit2Fgw HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIJJCRC3huT9l4zxuiDclKs&google_cver=1&google_push=AXcoOmQhOqFdiBPANv_jOL8xr90hEa3_qgJZbvHhPUqI4oECA5H2xCc4mMhhM86OlY7e6fOmMf_70xyFYXnhVkgM72GvRGHO9y-zz8uS0no7T-ygLl4Ueza5lNQHLbNg5cX6pOAgI5WW0Lsu7K1jmYfrit2Fgw

Request Chain 90

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEACPIlp3qcefsvF-thvmU7Y&google_cver=1&google_push=AXcoOmQkSsMVbqs81U1wkKTQewISOy6yPjudIYf2lSpKSzjrisB-Ed0j2MnamERbLVPNBw2AjSfaSZXT8I1PNh3bh86myHo4Uy_J33ZcZto3TUb-fawYLvssckQDJQpeiFWEztOZLJjj--tCCfmPKAwCgHSQLA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQkSsMVbqs81U1wkKTQewISOy6yPjudIYf2lSpKSzjrisB-Ed0j2MnamERbLVPNBw2AjSfaSZXT8I1PNh3bh86myHo4Uy_J33ZcZto3TUb-fawYLvssckQDJQpeiFWEztOZLJjj--tCCfmPKAwCgHSQLA

Request Chain 91

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEJLdPZc48IUdLY867ZolUBE&google_cver=1&google_push=AXcoOmQ7qUb11TRuXbfvaqXO54gJeh_7Sm1c0yfbSzLXCBYZ5EGQrrXi-K6O9aqpQBusbWar1F3_UgH0uAQdCgKWASs0oJoQctYukRfjHdbeNFaj3S9Eu8NR1S5JQv9r0d_tZEm7qZ1MWePAQSChlFQ7wi818R-M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQ7qUb11TRuXbfvaqXO54gJeh_7Sm1c0yfbSzLXCBYZ5EGQrrXi-K6O9aqpQBusbWar1F3_UgH0uAQdCgKWASs0oJoQctYukRfjHdbeNFaj3S9Eu8NR1S5JQv9r0d_tZEm7qZ1MWePAQSChlFQ7wi818R-M&google_hm=CIm5FL1QRza45qWATu_spIY

Request Chain 101

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1705958236_9e9b9660-b96b-11ee-a4ff-226608db104b&insert=AW&&gdpr=0&gdpr_consent=

112 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
weloveelephants.club/ 108 KB
19 KB 2665ms
896ms Document
text/html 169.150.247.38
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://weloveelephants.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

169-150-247-38.bunnyinfra.net

Software

BunnyCDN-DE1-1081 /

Resource Hash

52711d4dbb38a1186145fc65b4396d653217a3c7c9f8aaf520b443550a3f6dab

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=0
cdn-cache: BYPASS
cdn-cachedat: 01/22/2024 21:17:14
cdn-edgestorageid: 1081
cdn-proxyver: 1.04
cdn-pullzone: 1353039
cdn-requestcountrycode: DE
cdn-requestid: 4f922113cb656765dd320e709496d52a
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-status: 200
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 22 Jan 2024 21:17:14 GMT
link: <https://weloveelephants.club/wp-json/>; rel="https://api.w.org/"
server: BunnyCDN-DE1-1081
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 style.min.css
weloveelephants.club/wp-includes/css/dist/block-library/ 93 KB
15 KB 15ms
14ms Stylesheet
text/css 169.150.247.38
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://weloveelephants.club/wp-includes/css/dist/block-library/style.min.css?ver=6.1.4

Requested by

Host: weloveelephants.club
URL: https://weloveelephants.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

169-150-247-38.bunnyinfra.net

Software

BunnyCDN-DE1-1081 /

Resource Hash

b041e7b08a99e947327a5faf96e5ab7aeef39a467c0ef2240710a19857743da3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weloveelephants.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:14 GMT
content-encoding: br
cdn-edgestorageid: 1081
cdn-cachedat: 07/07/2023 16:46:06
cdn-pullzone: 1353039
last-modified: Sat, 20 May 2023 14:55:08 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"6468df4c-1732d"
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 641f8ba2cba1a1caf849faea4940fcaf
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 classic-themes.min.css
weloveelephants.club/wp-includes/css/ 217 B
900 B 20ms
20ms Stylesheet
text/css 169.150.247.38
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://weloveelephants.club/wp-includes/css/classic-themes.min.css?ver=1

Requested by

Host: weloveelephants.club
URL: https://weloveelephants.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

169-150-247-38.bunnyinfra.net

Software

BunnyCDN-DE1-1081 /

Resource Hash

5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weloveelephants.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:14 GMT
content-encoding: br
cdn-edgestorageid: 1080
cdn-cachedat: 01/16/2024 17:37:07
cdn-pullzone: 1353039
last-modified: Fri, 04 Nov 2022 15:27:28 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"63652f60-d9"
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 4491263ed78f92dc73d64f297bcc1c19
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 wp-emoji-release.min.js Show response
weloveelephants.club/wp-includes/js/ 18 KB
6 KB 43ms
8ms Script
application/javascript 169.150.247.38
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://weloveelephants.club/wp-includes/js/wp-emoji-release.min.js?ver=6.1.4

Requested by

Host: weloveelephants.club
URL: https://weloveelephants.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

169-150-247-38.bunnyinfra.net

Software

BunnyCDN-DE1-1081 /

Resource Hash

5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weloveelephants.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:14 GMT
content-encoding: br
cdn-edgestorageid: 1081
cdn-cachedat: 01/21/2024 21:09:32
cdn-pullzone: 1353039
last-modified: Thu, 20 Oct 2022 10:56:44 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"6351296c-48b9"
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
cache-control: public, max-age=31536000
cdn-requestid: 05a220bf0ef0f6139422befaf6ae2688
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 global.min.css
weloveelephants.club/wp-content/themes/kadence/assets/css/ 19 KB
6 KB 22ms
21ms Stylesheet
text/css 169.150.247.38
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://weloveelephants.club/wp-content/themes/kadence/assets/css/global.min.css?ver=1.1.31

Requested by

Host: weloveelephants.club
URL: https://weloveelephants.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

169-150-247-38.bunnyinfra.net

Software

BunnyCDN-DE1-1081 /

Resource Hash

f008162fa330a82dceb974a8e4e0ab2bfdeef1e3c2a417a0a517ccbfe4674505

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weloveelephants.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:14 GMT
content-encoding: br
cdn-edgestorageid: 1081
cdn-cachedat: 07/07/2023 16:46:06
cdn-pullzone: 1353039
last-modified: Mon, 23 Jan 2023 08:31:37 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"63ce45e9-4bb7"
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 1e79583be355e7d66335bd2a4a1c4d70
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 header.min.css
weloveelephants.club/wp-content/themes/kadence/assets/css/ 27 KB
6 KB 19ms
18ms Stylesheet
text/css 169.150.247.38
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://weloveelephants.club/wp-content/themes/kadence/assets/css/header.min.css?ver=1.1.31

Requested by

Host: weloveelephants.club
URL: https://weloveelephants.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

169-150-247-38.bunnyinfra.net

Software

BunnyCDN-DE1-1081 /

Resource Hash

5dac274ec554db66ab7a95c4a389f1ecb3652da803eaf68cc3cae511fa44f7ff

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weloveelephants.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:14 GMT
content-encoding: br
cdn-edgestorageid: 1082
cdn-cachedat: 12/26/2023 21:07:22
cdn-pullzone: 1353039
last-modified: Mon, 23 Jan 2023 08:31:37 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"63ce45e9-6c84"
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: ebd141b55c463815635b74d9b9ee8906
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 content.min.css
weloveelephants.club/wp-content/themes/kadence/assets/css/ 32 KB
7 KB 42ms
42ms Stylesheet
text/css 169.150.247.38
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://weloveelephants.club/wp-content/themes/kadence/assets/css/content.min.css?ver=1.1.31

Requested by

Host: weloveelephants.club
URL: https://weloveelephants.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

169-150-247-38.bunnyinfra.net

Software

BunnyCDN-DE1-1081 /

Resource Hash

6819e416761ad3319c68fbf6ddb662fcb50a010a734bf6ead4be2aa49ba830b1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weloveelephants.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:14 GMT
content-encoding: br
cdn-edgestorageid: 1082
cdn-cachedat: 07/07/2023 16:46:06
cdn-pullzone: 1353039
last-modified: Mon, 23 Jan 2023 08:31:37 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"63ce45e9-7fcd"
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: c51a6f044ab25db15b1e6e935f1709a8
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 footer.min.css
weloveelephants.club/wp-content/themes/kadence/assets/css/ 18 KB
3 KB 18ms
17ms Stylesheet
text/css 169.150.247.38
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://weloveelephants.club/wp-content/themes/kadence/assets/css/footer.min.css?ver=1.1.31

Requested by

Host: weloveelephants.club
URL: https://weloveelephants.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

169-150-247-38.bunnyinfra.net

Software

BunnyCDN-DE1-1081 /

Resource Hash

41107b3cd820a6c6a8f93fed73dca66867b14a64769ec41fccb2a214a354e3f0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weloveelephants.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:14 GMT
content-encoding: br
cdn-edgestorageid: 1080
cdn-cachedat: 11/29/2023 20:56:15
cdn-pullzone: 1353039
last-modified: Mon, 23 Jan 2023 08:31:37 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"63ce45e9-49c0"
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 4e165164549f4fc35e738b45d3c32a94
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 189 KB
68 KB 105ms
54ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-100342941-1

Requested by

Host: weloveelephants.club
URL: https://weloveelephants.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e70d961940d132457277e183d58b597bc3b5521a7175864b3c215c8ccac93b9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weloveelephants.club/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69414
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 Jan 2024 21:17:14 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 182 KB
182 KB 193ms
70ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1870775526215126&host=ca-host-pub-2644536267352236

Requested by

Host: weloveelephants.club
URL: https://weloveelephants.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c857705f7277ff50001efcec81e6e561e38f2eaf60a4e8b5dfa7fdc6a673e4d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://weloveelephants.club/
Origin: https://weloveelephants.club
accept-language: de-DE,de;q=0.9
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:14 GMT
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 186202
x-xss-protection: 0
server: cafe
etag: 14154627381709040597
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 22 Jan 2024 21:17:14 GMT

GET
H2 200 css
fonts.googleapis.com/ 642 B
598 B 95ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Karla:regular,700%7CRubik:700&display=swap

Requested by

Host: weloveelephants.club
URL: https://weloveelephants.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

900c064667e28c705ad2be69c21d56ae970546beab96bd721a85a27eea62fb43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weloveelephants.club/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 22 Jan 2024 21:17:14 GMT

GET
H2 200 Elephants-Positive.png
weloveelephants.club/wp-content/uploads/2021/08/ 37 KB
38 KB 17ms
0ms Image
image/png 169.150.247.38
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weloveelephants.club/wp-content/uploads/2021/08/Elephants-Positive.png

Requested by

Host: weloveelephants.club
URL: https://weloveelephants.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

169-150-247-38.bunnyinfra.net

Software

BunnyCDN-DE1-1081 /

Resource Hash

b792129986c623097f0918289a754d5ed1214f2e173a738032a2eb6eefade79b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weloveelephants.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:14 GMT
cdn-edgestorageid: 1080
cdn-cachedat: 01/16/2024 21:14:11
cdn-pullzone: 1353039
content-length: 38277
last-modified: Thu, 20 Oct 2022 11:44:19 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "63513493-9585"
x-frame-options: SAMEORIGIN
content-type: image/png
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
cache-control: public, max-age=31536000
cdn-requestid: f53930557b60f687776293b6e422fe7e
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Screen-Shot-2023-10-09-at-7.43.48-AM-768x481.jpg
weloveelephants.club/wp-content/uploads/2023/10/ 49 KB
50 KB 32ms
15ms Image
image/jpeg 169.150.247.38
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weloveelephants.club/wp-content/uploads/2023/10/Screen-Shot-2023-10-09-at-7.43.48-AM-768x481.jpg

Requested by

Host: weloveelephants.club
URL: https://weloveelephants.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

169-150-247-38.bunnyinfra.net

Software

BunnyCDN-DE1-1081 /

Resource Hash

5564d2e8b331d86dcc654572d2087cbce326c89553cb655fdb29317a97a429b6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weloveelephants.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:14 GMT
cdn-edgestorageid: 1082
cdn-cachedat: 01/16/2024 21:14:10
cdn-pullzone: 1353039
content-length: 50381
last-modified: Mon, 09 Oct 2023 11:44:47 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "6523e7af-c4cd"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
cache-control: public, max-age=31536000
cdn-requestid: e52d004cb6f583973030817e40882143
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 navigation.min.js Show response
weloveelephants.club/wp-content/themes/kadence/assets/js/ 21 KB
6 KB 13ms
10ms Script
application/javascript 169.150.247.38
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://weloveelephants.club/wp-content/themes/kadence/assets/js/navigation.min.js?ver=1.1.31

Requested by

Host: weloveelephants.club
URL: https://weloveelephants.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

169-150-247-38.bunnyinfra.net

Software

BunnyCDN-DE1-1081 /

Resource Hash

dcc19958809bc3db2abb40ba313906fe1bfa2c235357f39da400709e9c79c1e7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weloveelephants.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:14 GMT
content-encoding: br
cdn-edgestorageid: 1082
cdn-cachedat: 07/07/2023 16:46:06
cdn-pullzone: 1353039
last-modified: Mon, 23 Jan 2023 08:31:37 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"63ce45e9-543e"
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
cache-control: public, max-age=31536000
cdn-requestid: 809dd8efa2c2bf228ef7bb1ec584d956
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lP.ttf
fonts.gstatic.com/s/karla/v31/ 26 KB
17 KB 114ms
17ms Font
font/ttf 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/karla/v31/qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lP.ttf

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Karla:regular,700%7CRubik:700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5366cb9693295f3a5b3139c2019e453ce7b13618768cfd53f534135bfb95d9bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://weloveelephants.club
accept-language: de-DE,de;q=0.9
User-Agent: FreshStoreAva/1.0

Response headers

date: Tue, 16 Jan 2024 14:44:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 541938
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17145
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 15:40:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jan 2025 14:44:56 GMT

GET
H2 200 qkBIXvYC6trAT55ZBi1ueQVIjQTDH52aE0lP.ttf
fonts.gstatic.com/s/karla/v31/ 26 KB
17 KB 130ms
36ms Font
font/ttf 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/karla/v31/qkBIXvYC6trAT55ZBi1ueQVIjQTDH52aE0lP.ttf

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Karla:regular,700%7CRubik:700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51ac6181d4f3f2c537c5761f642158c593b61f0fbb57675ba1340603f148cbdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://weloveelephants.club
accept-language: de-DE,de;q=0.9
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 18:38:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9504
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17319
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 15:41:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Jan 2025 18:38:50 GMT

GET
H2 200 iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-4I-FV0Uw.ttf
fonts.gstatic.com/s/rubik/v28/ 47 KB
25 KB 119ms
26ms Font
font/ttf 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-4I-FV0Uw.ttf

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Karla:regular,700%7CRubik:700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd824ca47370640d99212636ddd97cbe07c530e398ee7806fef090abbdb8b433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://weloveelephants.club
accept-language: de-DE,de;q=0.9
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 04:16:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61268
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25871
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 16:07:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Jan 2025 04:16:06 GMT

GET
H2 200 Elephants-Trivia-768x432.jpg
weloveelephants.club/wp-content/uploads/2023/09/ 80 KB
81 KB 79ms
44ms Image
image/jpeg 169.150.247.38
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weloveelephants.club/wp-content/uploads/2023/09/Elephants-Trivia-768x432.jpg

Requested by

Host: weloveelephants.club
URL: https://weloveelephants.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

169-150-247-38.bunnyinfra.net

Software

BunnyCDN-DE1-1081 /

Resource Hash

0bd4409523b12ffa2ccaafa37f73ce697bd52422dc472b9bc3d98fe6a72724df

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weloveelephants.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:14 GMT
cdn-edgestorageid: 1080
cdn-cachedat: 09/03/2023 20:34:09
cdn-pullzone: 1353039
content-length: 82358
last-modified: Sun, 03 Sep 2023 17:26:32 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "64f4c1c8-141b6"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
cache-control: public, max-age=31536000
cdn-requestid: d8db7c4a9cb59041991ae58fb8defbf1
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Sri-Lankan-elephant-trivia-768x432.jpg
weloveelephants.club/wp-content/uploads/2023/08/ 74 KB
74 KB 78ms
45ms Image
image/jpeg 169.150.247.38
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weloveelephants.club/wp-content/uploads/2023/08/Sri-Lankan-elephant-trivia-768x432.jpg

Requested by

Host: weloveelephants.club
URL: https://weloveelephants.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

169-150-247-38.bunnyinfra.net

Software

BunnyCDN-DE1-1081 /

Resource Hash

d24ccde1796f04bd561b2ea22ab0ee0c302bf8993bb2a92e04dc603f76925241

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weloveelephants.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:14 GMT
cdn-edgestorageid: 1082
cdn-cachedat: 09/03/2023 20:34:09
cdn-pullzone: 1353039
content-length: 75313
last-modified: Sun, 03 Sep 2023 17:32:20 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "64f4c324-12631"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
cache-control: public, max-age=31536000
cdn-requestid: 02374e78bd35c774e828a772f50c44af
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 African-forest-elephant-trivia-768x432.jpg
weloveelephants.club/wp-content/uploads/2023/08/ 76 KB
76 KB 86ms
54ms Image
image/jpeg 169.150.247.38
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weloveelephants.club/wp-content/uploads/2023/08/African-forest-elephant-trivia-768x432.jpg

Requested by

Host: weloveelephants.club
URL: https://weloveelephants.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

169-150-247-38.bunnyinfra.net

Software

BunnyCDN-DE1-1081 /

Resource Hash

c8faf7f38ee221f9873d767ed691048c11cc0d0edc9e5ff629b5e9ec543e2c9c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weloveelephants.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:14 GMT
cdn-edgestorageid: 1082
cdn-cachedat: 09/03/2023 20:34:09
cdn-pullzone: 1353039
content-length: 77492
last-modified: Sun, 03 Sep 2023 17:40:45 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "64f4c51d-12eb4"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
cache-control: public, max-age=31536000
cdn-requestid: 93fb8378dd95dbfc6159919807e47960
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Borneo-elephant-trivia-game-768x432.jpg
weloveelephants.club/wp-content/uploads/2023/08/ 61 KB
62 KB 61ms
29ms Image
image/jpeg 169.150.247.38
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weloveelephants.club/wp-content/uploads/2023/08/Borneo-elephant-trivia-game-768x432.jpg

Requested by

Host: weloveelephants.club
URL: https://weloveelephants.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

169-150-247-38.bunnyinfra.net

Software

BunnyCDN-DE1-1081 /

Resource Hash

dc5baf728c37a8dc571221d2d23c9c81b072792df028708721fc9bd44d159a8d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weloveelephants.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:14 GMT
cdn-edgestorageid: 1082
cdn-cachedat: 09/03/2023 20:34:09
cdn-pullzone: 1353039
content-length: 62724
last-modified: Sun, 03 Sep 2023 17:46:09 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "64f4c661-f504"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
cache-control: public, max-age=31536000
cdn-requestid: 92852e8b81ca23b45fd2f1723ed8d17d
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 African-bush-elephant-trivia-768x432.jpg
weloveelephants.club/wp-content/uploads/2023/08/ 52 KB
53 KB 77ms
46ms Image
image/jpeg 169.150.247.38
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weloveelephants.club/wp-content/uploads/2023/08/African-bush-elephant-trivia-768x432.jpg

Requested by

Host: weloveelephants.club
URL: https://weloveelephants.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

169-150-247-38.bunnyinfra.net

Software

BunnyCDN-DE1-1081 /

Resource Hash

0c5e01ce490153610e2b5a12be850b4a8b119ff4d6bc4304cf9c35e58ad3d648

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weloveelephants.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:14 GMT
cdn-edgestorageid: 1080
cdn-cachedat: 09/03/2023 20:34:09
cdn-pullzone: 1353039
content-length: 53461
last-modified: Sun, 03 Sep 2023 17:50:30 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "64f4c766-d0d5"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
cache-control: public, max-age=31536000
cdn-requestid: 77ff0e9727263129e147dbe8f16e746b
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Asian-elephant-trivia-768x432.png
weloveelephants.club/wp-content/uploads/2023/08/ 573 KB
574 KB 61ms
31ms Image
image/png 169.150.247.38
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weloveelephants.club/wp-content/uploads/2023/08/Asian-elephant-trivia-768x432.png

Requested by

Host: weloveelephants.club
URL: https://weloveelephants.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

169-150-247-38.bunnyinfra.net

Software

BunnyCDN-DE1-1081 /

Resource Hash

a122fb1c1bde709a5d3ebc528fed10bd0ca7f3e1b5eecafc46bafff99ec5976a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weloveelephants.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:14 GMT
cdn-edgestorageid: 1082
cdn-cachedat: 09/03/2023 20:34:09
cdn-pullzone: 1353039
content-length: 586622
last-modified: Sun, 03 Sep 2023 17:52:45 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "64f4c7ed-8f37e"
x-frame-options: SAMEORIGIN
content-type: image/png
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
cache-control: public, max-age=31536000
cdn-requestid: 078d50de78d16a24a9e0ee749b28c020
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Indian-elephant-Trivia-768x432.jpg
weloveelephants.club/wp-content/uploads/2023/09/ 75 KB
75 KB 77ms
48ms Image
image/jpeg 169.150.247.38
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weloveelephants.club/wp-content/uploads/2023/09/Indian-elephant-Trivia-768x432.jpg

Requested by

Host: weloveelephants.club
URL: https://weloveelephants.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

169-150-247-38.bunnyinfra.net

Software

BunnyCDN-DE1-1081 /

Resource Hash

66f016aae2e12e5c4c5221d5df8e0befd05bd9b76f46b45dcc42d00d77b77710

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weloveelephants.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:14 GMT
cdn-edgestorageid: 1080
cdn-cachedat: 09/03/2023 20:34:09
cdn-pullzone: 1353039
content-length: 76674
last-modified: Sun, 03 Sep 2023 17:57:11 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "64f4c8f7-12b82"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
cache-control: public, max-age=31536000
cdn-requestid: 40ab72989962f7de6d347b85a89fd625
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 hd-wallpaper-4477530_1920-768x512.jpg
weloveelephants.club/wp-content/uploads/2022/12/ 98 KB
98 KB 76ms
47ms Image
image/jpeg 169.150.247.38
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weloveelephants.club/wp-content/uploads/2022/12/hd-wallpaper-4477530_1920-768x512.jpg

Requested by

Host: weloveelephants.club
URL: https://weloveelephants.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

169-150-247-38.bunnyinfra.net

Software

BunnyCDN-DE1-1081 /

Resource Hash

f2884ba951d56bbdb42c94d9002f5cb215c4ab29b2c2f420a3f683ac95182b9c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weloveelephants.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:14 GMT
cdn-edgestorageid: 1080
cdn-cachedat: 07/07/2023 16:46:07
cdn-pullzone: 1353039
content-length: 100162
last-modified: Tue, 20 Dec 2022 02:42:13 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "63a12105-18742"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
cache-control: public, max-age=31536000
cdn-requestid: 8f18de50cf3b789af2ac368eb9804716
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 African-elephant-family-768x512.jpg
weloveelephants.club/wp-content/uploads/2022/10/ 117 KB
118 KB 68ms
49ms Image
image/jpeg 169.150.247.38
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weloveelephants.club/wp-content/uploads/2022/10/African-elephant-family-768x512.jpg

Requested by

Host: weloveelephants.club
URL: https://weloveelephants.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

169-150-247-38.bunnyinfra.net

Software

BunnyCDN-DE1-1081 /

Resource Hash

61da0f167754c2093443a8eaa64b5c061f559a9acd50fd8fa2a32ff659a3cfa5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weloveelephants.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:14 GMT
cdn-edgestorageid: 1082
cdn-cachedat: 07/07/2023 16:46:07
cdn-pullzone: 1353039
content-length: 120167
last-modified: Sat, 29 Oct 2022 00:41:23 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "635c76b3-1d567"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
cache-control: public, max-age=31536000
cdn-requestid: 5ab439196c6b36e4fcd53fd1af565cc8
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Screen-Shot-2022-08-25-at-6.28.46-AM-768x567.png
weloveelephants.club/wp-content/uploads/2022/08/ 755 KB
756 KB 63ms
47ms Image
image/png 169.150.247.38
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weloveelephants.club/wp-content/uploads/2022/08/Screen-Shot-2022-08-25-at-6.28.46-AM-768x567.png

Requested by

Host: weloveelephants.club
URL: https://weloveelephants.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

169-150-247-38.bunnyinfra.net

Software

BunnyCDN-DE1-1081 /

Resource Hash

f9a801ca8df621a3431394329efc40a5587c4d3e28d48aa184579addc80c47e7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weloveelephants.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:14 GMT
cdn-edgestorageid: 1081
cdn-cachedat: 12/23/2023 21:06:11
cdn-pullzone: 1353039
content-length: 772681
last-modified: Thu, 20 Oct 2022 11:44:19 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "63513493-bca49"
x-frame-options: SAMEORIGIN
content-type: image/png
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
cache-control: public, max-age=31536000
cdn-requestid: ca479694467a6c3e4dbc669f0855201b
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 happy-mothers-day-g4e2a0530c_1280-768x512.jpg
weloveelephants.club/wp-content/uploads/2022/08/ 146 KB
146 KB 69ms
53ms Image
image/jpeg 169.150.247.38
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weloveelephants.club/wp-content/uploads/2022/08/happy-mothers-day-g4e2a0530c_1280-768x512.jpg

Requested by

Host: weloveelephants.club
URL: https://weloveelephants.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

169-150-247-38.bunnyinfra.net

Software

BunnyCDN-DE1-1081 /

Resource Hash

8d153f30f42c0731ee0830650386a04d1ff2cf8398770e1c2a678f477002163a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weloveelephants.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:14 GMT
cdn-edgestorageid: 1081
cdn-cachedat: 06/09/2023 21:05:20
cdn-pullzone: 1353039
content-length: 149152
last-modified: Thu, 20 Oct 2022 11:44:19 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "63513493-246a0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
cache-control: public, max-age=31536000
cdn-requestid: a959e08c4bb6b2cf3d8673a088b99a3c
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
80 KB 53ms
33ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7SGVF7L4G2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-100342941-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

162e1fdf4d524da5d3de1951c43337f3c25f8f400a8c9cf1be9328c3e33e6328

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weloveelephants.club/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81928
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 22 Jan 2024 21:17:14 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 93ms
17ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-100342941-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weloveelephants.club/
User-Agent: FreshStoreAva/1.0

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 22 Jan 2024 19:26:34 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6640
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 22 Jan 2024 21:26:34 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
210 B 15ms
14ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=220994473&t=pageview&_s=1&dl=https%3A%2F%2Fweloveelephants.club%2F%3Fbypass-cdn%3D1&ul=en-us&de=UTF-8&dt=We%20Love%20Elephants%20-%20Photos%2C%20Articles%2C%20Facts%20and%20Everything%20Elephant!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAACAAI~&jid=1718184281&gjid=1700179995&cid=345899656.1705958235&tid=UA-100342941-1&_gid=1294364538.1705958235&_r=1&gtm=457e41h0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=697314751

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://weloveelephants.club/
accept-language: de-DE,de;q=0.9
User-Agent: FreshStoreAva/1.0
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 21:17:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://weloveelephants.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/ 464 KB
464 KB 85ms
46ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama.js?client=ca-pub-1870775526215126&plah=weloveelephants.club&bust=31080601

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1870775526215126&host=ca-host-pub-2644536267352236

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89f45a96666d09bf4d23d29e5af9fb5bc07b395c6940255583b0c62812b52c32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weloveelephants.club/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:14 GMT
x-content-type-options: nosniff
server: cafe
etag: 6755624990620184717
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 474914
x-xss-protection: 0
expires: Mon, 22 Jan 2024 21:17:14 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/ Frame 3D50 10 KB
5 KB 42ms
7ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1870775526215126&host=ca-host-pub-2644536267352236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06a4985ddeefbd112b1f64b1db40a32f7a1b22fddf810aa12ae57ebfaca8fcb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://weloveelephants.club/
Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

age: 74616
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4511
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 00:33:38 GMT
etag: 14902866265712643852
expires: Mon, 05 Feb 2024 00:33:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 57ms
17ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-100342941-1&cid=345899656.1705958235&jid=1718184281&gjid=1700179995&_gid=1294364538.1705958235&_u=YGBACUAABAAAACAAI~&z=740047710

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://weloveelephants.club/
accept-language: de-DE,de;q=0.9
User-Agent: FreshStoreAva/1.0
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 22 Jan 2024 21:17:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://weloveelephants.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 70ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-7SGVF7L4G2&_ono=1&gtm=45je41h0v9108620532&_p=1705958234272&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=345899656.1705958235&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1705958234&sct=1&seg=0&dl=https%3A%2F%2Fweloveelephants.club%2F%3Fbypass-cdn%3D1&dt=We%20Love%20Elephants%20-%20Photos%2C%20Articles%2C%20Facts%20and%20Everything%20Elephant!&en=page_view&_fv=1&_ss=1&tfd=3363
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7SGVF7L4G2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weloveelephants.club/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 21:17:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://weloveelephants.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 40ms
18ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-7SGVF7L4G2&cid=345899656.1705958235&gtm=45je41h0v9108620532&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7SGVF7L4G2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weloveelephants.club/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 21:17:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://weloveelephants.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 80ms
42ms Image
image/gif 2a00:1450:4005:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-7SGVF7L4G2&cid=345899656.1705958235&gtm=45je41h0v9108620532&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1889980419

Requested by

Host: weloveelephants.club
URL: https://weloveelephants.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4005:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weloveelephants.club/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 21:17:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 115ms
43ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-100342941-1&cid=345899656.1705958235&jid=1718184281&_u=YGBACUAABAAAACAAI~&z=1775970112

Requested by

Host: weloveelephants.club
URL: https://weloveelephants.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weloveelephants.club/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 21:17:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 57ms
56ms Image
image/gif 2a00:1450:4005:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-100342941-1&cid=345899656.1705958235&jid=1718184281&_u=YGBACUAABAAAACAAI~&z=1775970112

Requested by

Host: weloveelephants.club
URL: https://weloveelephants.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4005:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weloveelephants.club/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 21:17:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B343 33 KB
7 KB 550ms
542ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&adk=1812271804&adf=3025194257&lmt=1705958235&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x675_l%7C140x675_r&format=0x0&url=https%3A%2F%2Fweloveelephants.club%2F%3Fbypass-cdn%3D1&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705958234721&bpp=28&bdt=622&idt=236&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1254468008163&frm=20&pv=2&ga_vid=345899656.1705958235&ga_sid=1705958235&ga_hid=220994473&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080589%2C44798934%2C31080601%2C95322184%2C95321627%2C95322166&oid=2&pvsid=1263584814593530&tmod=149749906&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=312

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama.js?client=ca-pub-1870775526215126&plah=weloveelephants.club&bust=31080601

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04dba87def9e9882c4eff6098d2b38f55b5bdf088a7e411424b893cb92b4bc6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://weloveelephants.club/
Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: gzip
content-length: 7206
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 21:17:15 GMT
expires: Mon, 22 Jan 2024 21:17:15 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2D74 736 B
644 B 509ms
508ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=2293688473&adf=1133003084&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705958235&rafmt=1&to=qs&pwprc=8050174172&format=1200x280&url=https%3A%2F%2Fweloveelephants.club%2F%3Fbypass-cdn%3D1&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705958234749&bpp=2&bdt=649&idt=299&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1254468008163&frm=20&pv=1&ga_vid=345899656.1705958235&ga_sid=1705958235&ga_hid=220994473&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080589%2C44798934%2C31080601%2C95322184%2C95321627%2C95322166&oid=2&pvsid=1263584814593530&tmod=149749906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=336

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4022e881968ef3f71372e29bdf2ac20c58412a8fdf425e18d98b88bbf95a41f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://weloveelephants.club/
Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: gzip
content-length: 419
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 21:17:15 GMT
expires: Mon, 22 Jan 2024 21:17:15 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 54ms
53ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240118&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef9b37573bedeb9be3bac31cdbc40ceb76e86d7de96172004f45194f2849c1ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weloveelephants.club/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=ISO-8859-1
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11867
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8425 46 KB
18 KB 528ms
527ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=1910187367&pi=t.aa~a.3674262249~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1705958235&rafmt=1&to=qs&pwprc=8050174172&format=387x280&url=https%3A%2F%2Fweloveelephants.club%2F%3Fbypass-cdn%3D1&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705958235716&bpp=8&bdt=1617&idt=-M&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D12f4e2ba8ed95eac%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MZpmh3FK-IerHKf5R8tfCGTE2GRZA&gpic=UID%3D00000d47adb2c5ed%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MY1DtGqi_Qxl44cgeoz6seUkDSLNw&prev_fmts=0x0%2C1200x280&nras=3&correlator=1254468008163&frm=20&pv=1&ga_vid=345899656.1705958235&ga_sid=1705958235&ga_hid=220994473&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080589%2C44798934%2C31080601%2C95322184%2C95321627%2C95322166&oid=2&pvsid=1263584814593530&tmod=149749906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&fsb=1&dtd=17

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

52fefe7ddd181a553d3706e5a314d55be008df3691653304c223b111d9b170b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://weloveelephants.club/
Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: gzip
content-length: 18454
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 21:17:16 GMT
expires: Mon, 22 Jan 2024 21:17:16 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9487 57 KB
21 KB 560ms
559ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=2501308132&pi=t.aa~a.132921631~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1705958235&rafmt=1&to=qs&pwprc=8050174172&format=387x280&url=https%3A%2F%2Fweloveelephants.club%2F%3Fbypass-cdn%3D1&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705958235716&bpp=6&bdt=1617&idt=6&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D12f4e2ba8ed95eac%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MZpmh3FK-IerHKf5R8tfCGTE2GRZA&gpic=UID%3D00000d47adb2c5ed%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MY1DtGqi_Qxl44cgeoz6seUkDSLNw&prev_fmts=0x0%2C1200x280%2C387x280&nras=4&correlator=1254468008163&frm=20&pv=1&ga_vid=345899656.1705958235&ga_sid=1705958235&ga_hid=220994473&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=1315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080589%2C44798934%2C31080601%2C95322184%2C95321627%2C95322166&oid=2&pvsid=1263584814593530&tmod=149749906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=49

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04610b32a2692eb301e0bff843bfb9f41dc2c4223d133130795ae49b11fff68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://weloveelephants.club/
Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: gzip
content-length: 21873
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 21:17:16 GMT
expires: Mon, 22 Jan 2024 21:17:16 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
39ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfno&evt=place&vh=1200&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080589%2C44798934%2C31080601%2C95322184%2C95321627%2C95322166&hl=en&pvc=1263584814593530

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weloveelephants.club/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 21:17:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 98ms
51ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weloveelephants.club/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Jan 2024 21:17:15 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EA6B 13 KB
5 KB 10ms
8ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://weloveelephants.club/
Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 41722
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 09:41:53 GMT
expires: Tue, 21 Jan 2025 09:41:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7FC2 829 B
984 B 28ms
27ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

595e83d10b22398d62ce4a7edf8da59f33648a3ba177b38981ae28b1d07ab216

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-e2SBxNcjrVSEtcfAIWsnuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://weloveelephants.club/
Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'nonce-e2SBxNcjrVSEtcfAIWsnuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 21:17:15 GMT
expires: Mon, 22 Jan 2024 21:17:15 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame EA6B 39 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 10:08:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40123
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Jan 2025 10:08:32 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7FC2 0
0 39ms
38ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240118&jk=1263584814593530&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: FreshStoreAva/1.0

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EA6B 0
10 B 19ms
18ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?xHAEHw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:16 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 9B18 2 KB
3 KB 67ms
30ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jftejmbqad7cqsyzqe1avz56z0jx9s8qxw2q6q3n7qktx4akh829cvnba3xghnvw9pvbp4nc77nhy7q26dpbzdsq23a20085mbtspbnngmhb5jah363tcn45pek1jrrtwjd8zpfc7fkp3qa69593kqjtfen1gaznprhfndgep7pmrjrdg84d2xrf3h3jn7n0c2z4rvs30frnb202j34sjr81xs8cbgm3azfefq7dbnkf80a5nknk7wd5brdxqrcnj8z9kqtf8kx3f811cgp9jh5k6e3z76h088e6j7brbngpex18p4v8ywrszrmsndsz1gv69p0bvf33fksg0v84wsa1ya1f5dfcvdabjkt4s26q2ssb7jfhme5qey0bh3qwcdgp78wt4bdft91tveqpww2ankg1pk0j6t9e78h7qj5rgn8m8pzx9rja1zq06r78g2d2swm88&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCckpfW9uuZfa4MtOC5LcP15qnmAiQ4YGEXLaoworwAsCNtwEQASAAYJWCoIKwB4IBF2NhLXB1Yi0xODcwNzc1NTI2MjE1MTI2yAEJqQL0O5NAUkSyPqgDAcgDAqoE2wFP0B92Ws2diRo2qn25p1LlbKzppyrsUAUiYDSzSSNn-C1LQFKsxvjIcFAsFq_eGNl02gIRladTXWE8j7Uk2uCUWotX8KhAiUjzk-MTuOZGkAgwUE9mpc7LyzPaldSPMVYlQkeB96gwhjr-3ktik7-CukhrO7Nb2pWGi5UxIacx9aQka_iT9VBY0rkogir0hDYYDJwC4FbbGrjn2GihRhpZ7yoL9Wd7f6sl99n8OFBXhoI4t24b5RXlDSFm0kQAMFGXJ8ULOcvobCjmI6B4dh7MpSJfXsl8W3x1Wm6ABvyTrIfyyaeCK6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliK6pLV9fGDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0S6aTocxatD0Us52U4T52Zqi-xLA%26client%3Dca-pub-1870775526215126%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=1910187367&pi=t.aa~a.3674262249~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1705958235&rafmt=1&to=qs&pwprc=8050174172&format=387x280&url=https%3A%2F%2Fweloveelephants.club%2F%3Fbypass-cdn%3D1&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705958235716&bpp=8&bdt=1617&idt=-M&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D12f4e2ba8ed95eac%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MZpmh3FK-IerHKf5R8tfCGTE2GRZA&gpic=UID%3D00000d47adb2c5ed%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MY1DtGqi_Qxl44cgeoz6seUkDSLNw&prev_fmts=0x0%2C1200x280&nras=3&correlator=1254468008163&frm=20&pv=1&ga_vid=345899656.1705958235&ga_sid=1705958235&ga_hid=220994473&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080589%2C44798934%2C31080601%2C95322184%2C95321627%2C95322166&oid=2&pvsid=1263584814593530&tmod=149749906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&fsb=1&dtd=17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f9cd6097c8a28f5722e2508221f35e7ce23bfce4e958a692ddde84b1cf534e6

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 849ad2a108058fee-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 21:17:16 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 9AD3 3 KB
1 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88a577b7767cbe34315ff67366be5530949df573931dd9c762c2c2e0434c5b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 18:29:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10088
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1307
x-xss-protection: 0
server: cafe
etag: 18393213423120915576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Feb 2024 18:29:08 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7AB6 1 KB
643 B 9ms
8ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

age: 14792
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 17:10:44 GMT
etag: 48472445140208031
expires: Tue, 23 Jan 2024 17:10:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 9AD3 30 KB
12 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3aed07cd7e0c674c424c7439f396fe5c58183c35152b7d0d3d2471e0eb85203a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 18:29:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10088
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11765
x-xss-protection: 0
server: cafe
etag: 17307378317729694211
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Feb 2024 18:29:08 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9AD3 0
0 15ms
14ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRwgC8aEhFTSyBapSrB4Gbp3ZAZDSpKoakdV9AwOncuQ2SW_ZxmMCexrAO5w98nEm-ygcocCiC26QjoLoszay7nriuR6A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=1910187367&pi=t.aa~a.3674262249~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1705958235&rafmt=1&to=qs&pwprc=8050174172&format=387x280&url=https%3A%2F%2Fweloveelephants.club%2F%3Fbypass-cdn%3D1&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705958235716&bpp=8&bdt=1617&idt=-M&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D12f4e2ba8ed95eac%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MZpmh3FK-IerHKf5R8tfCGTE2GRZA&gpic=UID%3D00000d47adb2c5ed%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MY1DtGqi_Qxl44cgeoz6seUkDSLNw&prev_fmts=0x0%2C1200x280&nras=3&correlator=1254468008163&frm=20&pv=1&ga_vid=345899656.1705958235&ga_sid=1705958235&ga_hid=220994473&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080589%2C44798934%2C31080601%2C95322184%2C95321627%2C95322166&oid=2&pvsid=1263584814593530&tmod=149749906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&fsb=1&dtd=17
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9AD3 206 KB
65 KB 81ms
67ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jan 2024 21:17:16 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 7AB6 0
104 B 231ms
141ms Image
text/plain 2a02:fa8:8806:21::1720
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEGxgX-QL1N-9bWWnu2IWqJI&google_cver=1&google_push=AXcoOmReWp1CMpnqONjoaaCxRLrJGY7O4N-tVAq3LAbWui_A2A1_dA9Jh5Z_DfAJpawUpcTiq5fuvcepfMPWHieUfeMdxHiOvukzNAxxioLmRPinyXPckT8LVP05BpbhjHnVfP_vSnWT1Iberi5aUTaw2MvCzTw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=1910187367&pi=t.aa~a.3674262249~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1705958235&rafmt=1&to=qs&pwprc=8050174172&format=387x280&url=https%3A%2F%2Fweloveelephants.club%2F%3Fbypass-cdn%3D1&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705958235716&bpp=8&bdt=1617&idt=-M&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D12f4e2ba8ed95eac%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MZpmh3FK-IerHKf5R8tfCGTE2GRZA&gpic=UID%3D00000d47adb2c5ed%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MY1DtGqi_Qxl44cgeoz6seUkDSLNw&prev_fmts=0x0%2C1200x280&nras=3&correlator=1254468008163&frm=20&pv=1&ga_vid=345899656.1705958235&ga_sid=1705958235&ga_hid=220994473&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080589%2C44798934%2C31080601%2C95322184%2C95321627%2C95322166&oid=2&pvsid=1263584814593530&tmod=149749906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&fsb=1&dtd=17
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:21::1720 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 21:17:16 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 7AB6 70 B
149 B 167ms
96ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFQ4IaEMqpz18W_sXuiYVLQ&google_cver=1&google_push=AXcoOmRmhxeqmtVQp4adrLSuVeXro9Fg7Vp6w855g46JMS8l6cbIf1Qt3_t2oeOCxZTuKc7zfHP2BHxPvScceprMqJeMalltj4d0VEgU7smk9qtitYppar0lhh16P-RKCc7I-OexSKQnJEBeJAIC_UncgOu4s2U
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=1910187367&pi=t.aa~a.3674262249~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1705958235&rafmt=1&to=qs&pwprc=8050174172&format=387x280&url=https%3A%2F%2Fweloveelephants.club%2F%3Fbypass-cdn%3D1&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705958235716&bpp=8&bdt=1617&idt=-M&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D12f4e2ba8ed95eac%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MZpmh3FK-IerHKf5R8tfCGTE2GRZA&gpic=UID%3D00000d47adb2c5ed%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MY1DtGqi_Qxl44cgeoz6seUkDSLNw&prev_fmts=0x0%2C1200x280&nras=3&correlator=1254468008163&frm=20&pv=1&ga_vid=345899656.1705958235&ga_sid=1705958235&ga_hid=220994473&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080589%2C44798934%2C31080601%2C95322184%2C95321627%2C95322166&oid=2&pvsid=1263584814593530&tmod=149749906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&fsb=1&dtd=17
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:16 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7AB6
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEFstXcQjc59UOP0OH1LbX08&google_cver=1&google_push=AXcoOmSWk6d0KBL10yQJdvfyrCBlMc954u3HIdePajp8vcC0xE-NxBALUqFHj4HO9Li9qEt7q27NJ32HZSkBS_U6...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=M2Nio9c1SgA1WPTNMQnTvw&google_push=AXcoOmSWk6d0KBL10yQJdvfyrCBlMc954u3HIdePajp8vcC0xE-NxBALUqFHj4HO9Li9qEt7q27NJ32HZSkBS_U6CjY7mx2dKkJCDrc...

170 B
232 B

20ms
17ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=M2Nio9c1SgA1WPTNMQnTvw&google_push=AXcoOmSWk6d0KBL10yQJdvfyrCBlMc954u3HIdePajp8vcC0xE-NxBALUqFHj4HO9Li9qEt7q27NJ32HZSkBS_U6CjY7mx2dKkJCDrcWTSwjnLTO4CvES3XmWhFv1jwBvaE_6snJCUC40FT1ljVMOJuV4UdAeQ

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 21:17:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 22 Jan 2024 21:17:16 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=M2Nio9c1SgA1WPTNMQnTvw&google_push=AXcoOmSWk6d0KBL10yQJdvfyrCBlMc954u3HIdePajp8vcC0xE-NxBALUqFHj4HO9Li9qEt7q27NJ32HZSkBS_U6CjY7mx2dKkJCDrcWTSwjnLTO4CvES3XmWhFv1jwBvaE_6snJCUC40FT1ljVMOJuV4UdAeQ
x-host: tde-deliveryengine-production-5db7bf8975-x6sc9
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 7AB6 43 B
363 B 74ms
13ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQIuuuzJ3cQToGnHZsgYXoxj69MhlbpeX80cV3mQPdLxUn3NrYNn8iWU1xISCPiw9WDyJap2_awazE6CBt0E94XV6FcpDzcXU2JBNLLjiJGNYC9Y-v5bN1wrtOYDtg0loFfE84l0wgWmsfhh4nzJC05Cg&google_gid=CAESEN8lhL7PTk64k-V0YvzocZA&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 21:17:15 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 272119
expires: Mon, 22 Jan 2024 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7AB6
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPZJRIZUOH3394RTmQkL85Y&google_cver=1&google_push=AXcoOmQoKkBW2GruaO-O1gElkRvPbHYjC_jfcTyJDIVPGV1RSfnQRo1yldg2m03YV6dU1_s_-9jOsU77aKni...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQoKkBW2GruaO-O1gElkRvPbHYjC_jfcTyJDIVPGV1RSfnQRo1yldg2m03YV6dU1_s_-9jOsU77aKniTV997iD1YydOa7E7863k_kR3ePzY0eDPlqZx...

170 B
232 B

33ms
20ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQoKkBW2GruaO-O1gElkRvPbHYjC_jfcTyJDIVPGV1RSfnQRo1yldg2m03YV6dU1_s_-9jOsU77aKniTV997iD1YydOa7E7863k_kR3ePzY0eDPlqZxcg4aS3b1Hj7-kS9oWlABf9WNRLFYltaJdsmcgWI

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 21:17:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQoKkBW2GruaO-O1gElkRvPbHYjC_jfcTyJDIVPGV1RSfnQRo1yldg2m03YV6dU1_s_-9jOsU77aKniTV997iD1YydOa7E7863k_kR3ePzY0eDPlqZxcg4aS3b1Hj7-kS9oWlABf9WNRLFYltaJdsmcgWI
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7AB6
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEBK37KdsDJ6oppobZqBNKJQ&google_cver=1&google_push=AXcoOmTn766tqnVxaLGjBCH46XScs5ndosxb23slmpZQ3cXi6tx6wYcVpuhOyPlK0V...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmTn766tqnVxaLGjBCH46XScs5ndosxb23slmpZQ3cXi6tx6wYcVpuhOyPlK0VMXaynSiVYW6ZzLK33LdK0RQXk4koG-PqJreglR94Ub9rAy4h...

170 B
329 B

20ms
19ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmTn766tqnVxaLGjBCH46XScs5ndosxb23slmpZQ3cXi6tx6wYcVpuhOyPlK0VMXaynSiVYW6ZzLK33LdK0RQXk4koG-PqJreglR94Ub9rAy4hMW4sImLvdkFuh97E6SF9nZuN20nvmxXKE6yZVbpNKq5Y1v&google_hm=CIm5FL1QRza45qWATu_spIY

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 21:17:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 21:17:15 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmTn766tqnVxaLGjBCH46XScs5ndosxb23slmpZQ3cXi6tx6wYcVpuhOyPlK0VMXaynSiVYW6ZzLK33LdK0RQXk4koG-PqJreglR94Ub9rAy4hMW4sImLvdkFuh97E6SF9nZuN20nvmxXKE6yZVbpNKq5Y1v&google_hm=CIm5FL1QRza45qWATu_spIY
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 7AB6
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPd7O0noEQ5Z...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQP2RfOoifwwSK95fwCYU7864Qk2h6FZkWpINqBFoowr2C4-37sscSopIauK0aIwCizegoiLcAht2gAml27i8K5DImCwWjn7TEvex8g4tWKye1co...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

75ms
74ms

Image
image/gif

23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=1910187367&pi=t.aa~a.3674262249~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1705958235&rafmt=1&to=qs&pwprc=8050174172&format=387x280&url=https%3A%2F%2Fweloveelephants.club%2F%3Fbypass-cdn%3D1&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705958235716&bpp=8&bdt=1617&idt=-M&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D12f4e2ba8ed95eac%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MZpmh3FK-IerHKf5R8tfCGTE2GRZA&gpic=UID%3D00000d47adb2c5ed%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MY1DtGqi_Qxl44cgeoz6seUkDSLNw&prev_fmts=0x0%2C1200x280&nras=3&correlator=1254468008163&frm=20&pv=1&ga_vid=345899656.1705958235&ga_sid=1705958235&ga_hid=220994473&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080589%2C44798934%2C31080601%2C95322184%2C95321627%2C95322166&oid=2&pvsid=1263584814593530&tmod=149749906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&fsb=1&dtd=17
Protocol: H2
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

expires: Mon, 22 Jan 2024 21:17:16 GMT
pragma: no-cache
date: Mon, 22 Jan 2024 21:17:16 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 21:17:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 7AB6 0
139 B 73ms
15ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lo5sY6Tx9yVw2ZnvQkWKJc76obVdfYzKX-m4w4lRLwgAHq0axZFXyY7iu8c08tr10TEtkU8Bo

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:16 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 975B 94 KB
38 KB 157ms
14ms Script
application/javascript 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=2501308132&pi=t.aa~a.132921631~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1705958235&rafmt=1&to=qs&pwprc=8050174172&format=387x280&url=https%3A%2F%2Fweloveelephants.club%2F%3Fbypass-cdn%3D1&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705958235716&bpp=6&bdt=1617&idt=6&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D12f4e2ba8ed95eac%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MZpmh3FK-IerHKf5R8tfCGTE2GRZA&gpic=UID%3D00000d47adb2c5ed%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MY1DtGqi_Qxl44cgeoz6seUkDSLNw&prev_fmts=0x0%2C1200x280%2C387x280&nras=4&correlator=1254468008163&frm=20&pv=1&ga_vid=345899656.1705958235&ga_sid=1705958235&ga_hid=220994473&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=1315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080589%2C44798934%2C31080601%2C95322184%2C95321627%2C95322166&oid=2&pvsid=1263584814593530&tmod=149749906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=49
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 759ce2a2ce00d61d23c78b075f72880dba5cec69876073fc1313ccfe536c7101

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: FreshStoreAva/1.0

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 22 Jan 2024 21:17:16 GMT
content-encoding: br
last-modified: Mon, 08 Jan 2024 22:48:38 GMT
vary: Accept-Encoding
x-azure-ref: 20240122T211716Z-atmc4yuq6t3h9ck18gmgwnn76w00000000wg000000003q0a
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 0d8d93b8-a01e-00ad-6e8a-4c73c3000000
cache-control: private, max-age=3600, stale-while-revalidate=86400
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 63535151

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/240/ Frame 975B 80 KB
27 KB 157ms
15ms Script
application/x-javascript 23.35.228.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/240/trk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=2501308132&pi=t.aa~a.132921631~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1705958235&rafmt=1&to=qs&pwprc=8050174172&format=387x280&url=https%3A%2F%2Fweloveelephants.club%2F%3Fbypass-cdn%3D1&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705958235716&bpp=6&bdt=1617&idt=6&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D12f4e2ba8ed95eac%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MZpmh3FK-IerHKf5R8tfCGTE2GRZA&gpic=UID%3D00000d47adb2c5ed%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MY1DtGqi_Qxl44cgeoz6seUkDSLNw&prev_fmts=0x0%2C1200x280%2C387x280&nras=4&correlator=1254468008163&frm=20&pv=1&ga_vid=345899656.1705958235&ga_sid=1705958235&ga_hid=220994473&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=1315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080589%2C44798934%2C31080601%2C95322184%2C95321627%2C95322166&oid=2&pvsid=1263584814593530&tmod=149749906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=49
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.228.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

Date: Mon, 22 Jan 2024 21:17:16 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 14:06:46 GMT
Server: AkamaiNetStorage
ETag: "ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27680
Expires: Tue, 21 Jan 2025 21:17:16 GMT

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 975B 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=2501308132&pi=t.aa~a.132921631~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1705958235&rafmt=1&to=qs&pwprc=8050174172&format=387x280&url=https%3A%2F%2Fweloveelephants.club%2F%3Fbypass-cdn%3D1&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705958235716&bpp=6&bdt=1617&idt=6&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D12f4e2ba8ed95eac%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MZpmh3FK-IerHKf5R8tfCGTE2GRZA&gpic=UID%3D00000d47adb2c5ed%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MY1DtGqi_Qxl44cgeoz6seUkDSLNw&prev_fmts=0x0%2C1200x280%2C387x280&nras=4&correlator=1254468008163&frm=20&pv=1&ga_vid=345899656.1705958235&ga_sid=1705958235&ga_hid=220994473&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=1315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080589%2C44798934%2C31080601%2C95322184%2C95321627%2C95322166&oid=2&pvsid=1263584814593530&tmod=149749906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=49

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88a577b7767cbe34315ff67366be5530949df573931dd9c762c2c2e0434c5b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 18:29:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10088
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1307
x-xss-protection: 0
server: cafe
etag: 18393213423120915576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Feb 2024 18:29:08 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 975B 30 KB
12 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=2501308132&pi=t.aa~a.132921631~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1705958235&rafmt=1&to=qs&pwprc=8050174172&format=387x280&url=https%3A%2F%2Fweloveelephants.club%2F%3Fbypass-cdn%3D1&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705958235716&bpp=6&bdt=1617&idt=6&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D12f4e2ba8ed95eac%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MZpmh3FK-IerHKf5R8tfCGTE2GRZA&gpic=UID%3D00000d47adb2c5ed%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MY1DtGqi_Qxl44cgeoz6seUkDSLNw&prev_fmts=0x0%2C1200x280%2C387x280&nras=4&correlator=1254468008163&frm=20&pv=1&ga_vid=345899656.1705958235&ga_sid=1705958235&ga_hid=220994473&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=1315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080589%2C44798934%2C31080601%2C95322184%2C95321627%2C95322166&oid=2&pvsid=1263584814593530&tmod=149749906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=49

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3aed07cd7e0c674c424c7439f396fe5c58183c35152b7d0d3d2471e0eb85203a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 18:29:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10088
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11765
x-xss-protection: 0
server: cafe
etag: 17307378317729694211
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Feb 2024 18:29:08 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 975B 0
0 18ms
16ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSRthP56q4PZBGdaoSQxu0_Z1hhfmmeE5BLAVUDzz6fiQjpOPWV3x2aKNR8Pncfg2TV_3nLzSpugS5q1N9yHmebaT2l2w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=2501308132&pi=t.aa~a.132921631~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1705958235&rafmt=1&to=qs&pwprc=8050174172&format=387x280&url=https%3A%2F%2Fweloveelephants.club%2F%3Fbypass-cdn%3D1&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705958235716&bpp=6&bdt=1617&idt=6&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D12f4e2ba8ed95eac%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MZpmh3FK-IerHKf5R8tfCGTE2GRZA&gpic=UID%3D00000d47adb2c5ed%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MY1DtGqi_Qxl44cgeoz6seUkDSLNw&prev_fmts=0x0%2C1200x280%2C387x280&nras=4&correlator=1254468008163&frm=20&pv=1&ga_vid=345899656.1705958235&ga_sid=1705958235&ga_hid=220994473&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=1315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080589%2C44798934%2C31080601%2C95322184%2C95321627%2C95322166&oid=2&pvsid=1263584814593530&tmod=149749906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=49
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 975B 206 KB
65 KB 122ms
121ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=2501308132&pi=t.aa~a.132921631~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1705958235&rafmt=1&to=qs&pwprc=8050174172&format=387x280&url=https%3A%2F%2Fweloveelephants.club%2F%3Fbypass-cdn%3D1&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705958235716&bpp=6&bdt=1617&idt=6&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D12f4e2ba8ed95eac%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MZpmh3FK-IerHKf5R8tfCGTE2GRZA&gpic=UID%3D00000d47adb2c5ed%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MY1DtGqi_Qxl44cgeoz6seUkDSLNw&prev_fmts=0x0%2C1200x280%2C387x280&nras=4&correlator=1254468008163&frm=20&pv=1&ga_vid=345899656.1705958235&ga_sid=1705958235&ga_hid=220994473&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=1315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080589%2C44798934%2C31080601%2C95322184%2C95321627%2C95322166&oid=2&pvsid=1263584814593530&tmod=149749906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=49

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jan 2024 21:17:16 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 9B18 115 KB
14 KB 21ms
16ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jftejmbqad7cqsyzqe1avz56z0jx9s8qxw2q6q3n7qktx4akh829cvnba3xghnvw9pvbp4nc77nhy7q26dpbzdsq23a20085mbtspbnngmhb5jah363tcn45pek1jrrtwjd8zpfc7fkp3qa69593kqjtfen1gaznprhfndgep7pmrjrdg84d2xrf3h3jn7n0c2z4rvs30frnb202j34sjr81xs8cbgm3azfefq7dbnkf80a5nknk7wd5brdxqrcnj8z9kqtf8kx3f811cgp9jh5k6e3z76h088e6j7brbngpex18p4v8ywrszrmsndsz1gv69p0bvf33fksg0v84wsa1ya1f5dfcvdabjkt4s26q2ssb7jfhme5qey0bh3qwcdgp78wt4bdft91tveqpww2ankg1pk0j6t9e78h7qj5rgn8m8pzx9rja1zq06r78g2d2swm88&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCckpfW9uuZfa4MtOC5LcP15qnmAiQ4YGEXLaoworwAsCNtwEQASAAYJWCoIKwB4IBF2NhLXB1Yi0xODcwNzc1NTI2MjE1MTI2yAEJqQL0O5NAUkSyPqgDAcgDAqoE2wFP0B92Ws2diRo2qn25p1LlbKzppyrsUAUiYDSzSSNn-C1LQFKsxvjIcFAsFq_eGNl02gIRladTXWE8j7Uk2uCUWotX8KhAiUjzk-MTuOZGkAgwUE9mpc7LyzPaldSPMVYlQkeB96gwhjr-3ktik7-CukhrO7Nb2pWGi5UxIacx9aQka_iT9VBY0rkogir0hDYYDJwC4FbbGrjn2GihRhpZ7yoL9Wd7f6sl99n8OFBXhoI4t24b5RXlDSFm0kQAMFGXJ8ULOcvobCjmI6B4dh7MpSJfXsl8W3x1Wm6ABvyTrIfyyaeCK6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliK6pLV9fGDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0S6aTocxatD0Us52U4T52Zqi-xLA%26client%3Dca-pub-1870775526215126%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jftejmbqad7cqsyzqe1avz56z0jx9s8qxw2q6q3n7qktx4akh829cvnba3xghnvw9pvbp4nc77nhy7q26dpbzdsq23a20085mbtspbnngmhb5jah363tcn45pek1jrrtwjd8zpfc7fkp3qa69593kqjtfen1gaznprhfndgep7pmrjrdg84d2xrf3h3jn7n0c2z4rvs30frnb202j34sjr81xs8cbgm3azfefq7dbnkf80a5nknk7wd5brdxqrcnj8z9kqtf8kx3f811cgp9jh5k6e3z76h088e6j7brbngpex18p4v8ywrszrmsndsz1gv69p0bvf33fksg0v84wsa1ya1f5dfcvdabjkt4s26q2ssb7jfhme5qey0bh3qwcdgp78wt4bdft91tveqpww2ankg1pk0j6t9e78h7qj5rgn8m8pzx9rja1zq06r78g2d2swm88&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCckpfW9uuZfa4MtOC5LcP15qnmAiQ4YGEXLaoworwAsCNtwEQASAAYJWCoIKwB4IBF2NhLXB1Yi0xODcwNzc1NTI2MjE1MTI2yAEJqQL0O5NAUkSyPqgDAcgDAqoE2wFP0B92Ws2diRo2qn25p1LlbKzppyrsUAUiYDSzSSNn-C1LQFKsxvjIcFAsFq_eGNl02gIRladTXWE8j7Uk2uCUWotX8KhAiUjzk-MTuOZGkAgwUE9mpc7LyzPaldSPMVYlQkeB96gwhjr-3ktik7-CukhrO7Nb2pWGi5UxIacx9aQka_iT9VBY0rkogir0hDYYDJwC4FbbGrjn2GihRhpZ7yoL9Wd7f6sl99n8OFBXhoI4t24b5RXlDSFm0kQAMFGXJ8ULOcvobCjmI6B4dh7MpSJfXsl8W3x1Wm6ABvyTrIfyyaeCK6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliK6pLV9fGDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0S6aTocxatD0Us52U4T52Zqi-xLA%26client%3Dca-pub-1870775526215126%26adurl%3D
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1348559
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QsC%2FCBCCogippm4a12BZzQ8wjLvW%2FPTfgmFrrCRHbREMM3u%2FppAni%2BSHWBFaHCDlGlYYUUlWGJkrL%2Bx6KhtUrwX1h0E%2BzzesB90OCpmXXN0b8yQNLmpNaZQK0z8B4L2yydlV0rt4b8w%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 849ad2a158358fee-FRA
expires: Tue, 23 Jan 2024 21:17:16 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 9B18 24 KB
10 KB 36ms
17ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jftejmbqad7cqsyzqe1avz56z0jx9s8qxw2q6q3n7qktx4akh829cvnba3xghnvw9pvbp4nc77nhy7q26dpbzdsq23a20085mbtspbnngmhb5jah363tcn45pek1jrrtwjd8zpfc7fkp3qa69593kqjtfen1gaznprhfndgep7pmrjrdg84d2xrf3h3jn7n0c2z4rvs30frnb202j34sjr81xs8cbgm3azfefq7dbnkf80a5nknk7wd5brdxqrcnj8z9kqtf8kx3f811cgp9jh5k6e3z76h088e6j7brbngpex18p4v8ywrszrmsndsz1gv69p0bvf33fksg0v84wsa1ya1f5dfcvdabjkt4s26q2ssb7jfhme5qey0bh3qwcdgp78wt4bdft91tveqpww2ankg1pk0j6t9e78h7qj5rgn8m8pzx9rja1zq06r78g2d2swm88&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCckpfW9uuZfa4MtOC5LcP15qnmAiQ4YGEXLaoworwAsCNtwEQASAAYJWCoIKwB4IBF2NhLXB1Yi0xODcwNzc1NTI2MjE1MTI2yAEJqQL0O5NAUkSyPqgDAcgDAqoE2wFP0B92Ws2diRo2qn25p1LlbKzppyrsUAUiYDSzSSNn-C1LQFKsxvjIcFAsFq_eGNl02gIRladTXWE8j7Uk2uCUWotX8KhAiUjzk-MTuOZGkAgwUE9mpc7LyzPaldSPMVYlQkeB96gwhjr-3ktik7-CukhrO7Nb2pWGi5UxIacx9aQka_iT9VBY0rkogir0hDYYDJwC4FbbGrjn2GihRhpZ7yoL9Wd7f6sl99n8OFBXhoI4t24b5RXlDSFm0kQAMFGXJ8ULOcvobCjmI6B4dh7MpSJfXsl8W3x1Wm6ABvyTrIfyyaeCK6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliK6pLV9fGDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0S6aTocxatD0Us52U4T52Zqi-xLA%26client%3Dca-pub-1870775526215126%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Jan 2024 06:20:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 572179
etag: W/"ea6b8b5621410c697cbfca30307bc4ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ENGWNj3CILZdiEVAEgTWH5rBgTRMXWCahfTx9AwYamgUQvO%2BjA9XCt37nuLWFIT2kKKiloGab%2FrvILOa85XC%2BWfRnU8EORZNhR0ywclbTHzWpjsrnBSD2SqK1b%2FgVZCbaVG5Q4c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 849ad2a168518fee-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 16 Jan 2024 06:20:57 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 9B18 350 B
903 B 65ms
26ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4642081
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GsB91gaYxXjnqqO5vePKa3Xyprj09nxNwqSEOIiNwUtgMTZWY1hiXPXhpaNFPY58v1MWHnnsoPK4G51mzao1zX7r4aKOv7AsF6ANszwhuD%2BaDUf10xy8UP1mo44rx5d7mxNeboI31qhmKN61DwtGp8y2"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 849ad2a22fb75c68-FRA
expires: Fri, 29 Nov 2024 03:49:15 GMT

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame A70F 2 KB
2 KB 25ms
25ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

age: 2094841
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 849ad2a1f8429188-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Mon, 22 Jan 2024 21:17:16 GMT
expires: Wed, 29 Nov 2023 11:19:10 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=flc6mm6V%2BdfboUOfNvymIz4%2B%2Bll7mUUwpusmpdoDMmT1%2BliKsA9MtYUcNE7QP3ZJkiH%2BC3%2FJKo%2BxuvxueZs7DmcWN7H21RviLE%2BXvPYhY7TrwRUxx3ryfls8h0wq2fiMmh495yg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9AD3 0
19 B 51ms
50ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CRn9yW9uuZfa4MtOC5LcP15qnmAiQ4YGEXLaoworwAsCNtwEQASAAYJWCoIKwB4IBF2NhLXB1Yi0xODcwNzc1NTI2MjE1MTI2yAEJqQL0O5NAUkSyPqgDAcgDAqoE2AFP0B92Ws2diRo2qn25p1LlbKzppyrsUAUiYDSzSSNn-C1LQFKsxvjIcFAsFq_eGNl02gIRladTXWE8j7Uk2uCUWotX8KhAiUjzk-MTuOZGkAgwUE9mpc7LyzPaldSPMVYlQkeB96gwhjr-3ktik7-CukhrO7Nb2pWGi5UxIacx9aQka_iT9VBY0rkogir0hDYYDJwC4FbbGrjn2GihRhpZ7yoL9Wd7f6sl99n8OFBXhoI49Ww6d8IcimGuVQyW6hgF1fwfM2biQjA7o2Ix5OZYuw5HixXjG7SABvyTrIfyyaeCK6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliK6pLV9fGDA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0xODcwNzc1NTI2MjE1MTI2GAA&sigh=gaID4ozx5fE&uach_m=%5BUACH%5D&cid=CAQSOwAvHhf_btfoGqy6lisvyv0DN_m9SIkzKS9FrFv16IIsn_zXYuqL7SPuF5ApJpI0afZNW7HxHbJ3zKbSGAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=1910187367&pi=t.aa~a.3674262249~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1705958235&rafmt=1&to=qs&pwprc=8050174172&format=387x280&url=https%3A%2F%2Fweloveelephants.club%2F%3Fbypass-cdn%3D1&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705958235716&bpp=8&bdt=1617&idt=-M&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D12f4e2ba8ed95eac%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MZpmh3FK-IerHKf5R8tfCGTE2GRZA&gpic=UID%3D00000d47adb2c5ed%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MY1DtGqi_Qxl44cgeoz6seUkDSLNw&prev_fmts=0x0%2C1200x280&nras=3&correlator=1254468008163&frm=20&pv=1&ga_vid=345899656.1705958235&ga_sid=1705958235&ga_hid=220994473&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080589%2C44798934%2C31080601%2C95322184%2C95321627%2C95322166&oid=2&pvsid=1263584814593530&tmod=149749906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&fsb=1&dtd=17
User-Agent: FreshStoreAva/1.0

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 22 Jan 2024 21:17:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=ISO-8859-1
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 9AD3 0
103 B 80ms
25ms Image
image/gif 2600:1901:0:76b9::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jseg3e5xnrebx6bz5q1q9da03bnhjzzcxnfjxgyc4z98rds5xfxwgbaya5444em0wetk9f48hjz8ntz2rbegx4rc07rx0vwpe4x6gba672kbe5tt59j6ttfdnd1k17e7yekxvn351dahgqgbf39c268vsf6dppkbq0gdwfhdygvy0gkrh0ha2brv6sxh16nwx54ez0ywsef29jzpfc8p45gbhvntewte5d9b2k70ccnw0kddc4pqkak5nm0mp6q69fqw814eka45kwaqedkc3ejazr283z79cxpgm1rvyw1wkqt878cfefjsacz4zxshxr3eftsr5hgrtkzybfep2wme20c96fhm04jz4j8yw50skbvyd2rjpebvd7yap331ndk77frqjfg0y0&b=Za7bWwAMnHYA-QFTAAnNV10wVa0oQTieg-C4zA&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=1910187367&pi=t.aa~a.3674262249~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1705958235&rafmt=1&to=qs&pwprc=8050174172&format=387x280&url=https%3A%2F%2Fweloveelephants.club%2F%3Fbypass-cdn%3D1&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705958235716&bpp=8&bdt=1617&idt=-M&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D12f4e2ba8ed95eac%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MZpmh3FK-IerHKf5R8tfCGTE2GRZA&gpic=UID%3D00000d47adb2c5ed%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MY1DtGqi_Qxl44cgeoz6seUkDSLNw&prev_fmts=0x0%2C1200x280&nras=3&correlator=1254468008163&frm=20&pv=1&ga_vid=345899656.1705958235&ga_sid=1705958235&ga_hid=220994473&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080589%2C44798934%2C31080601%2C95322184%2C95321627%2C95322166&oid=2&pvsid=1263584814593530&tmod=149749906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&fsb=1&dtd=17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

access-control-allow-origin: *
date: Mon, 22 Jan 2024 21:17:16 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2

200

c.gif
www.bing.com/aes/ Frame 975B
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=3c357fd4-f4cb-4707-86b6-70144206d4b4&bidId=1&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=69d13c5c-be9b-4bcf-826...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=7791f2bdb83041ba8a44bb51f8ce18af&SNR=1&GV=2&med=10

0
547 B

133ms
132ms

Image
text/plain

2a02:26f0:480:22::1726:62d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=7791f2bdb83041ba8a44bb51f8ce18af&SNR=1&GV=2&med=10
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=2501308132&pi=t.aa~a.132921631~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1705958235&rafmt=1&to=qs&pwprc=8050174172&format=387x280&url=https%3A%2F%2Fweloveelephants.club%2F%3Fbypass-cdn%3D1&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705958235716&bpp=6&bdt=1617&idt=6&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D12f4e2ba8ed95eac%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MZpmh3FK-IerHKf5R8tfCGTE2GRZA&gpic=UID%3D00000d47adb2c5ed%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MY1DtGqi_Qxl44cgeoz6seUkDSLNw&prev_fmts=0x0%2C1200x280%2C387x280&nras=4&correlator=1254468008163&frm=20&pv=1&ga_vid=345899656.1705958235&ga_sid=1705958235&ga_hid=220994473&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=1315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080589%2C44798934%2C31080601%2C95322184%2C95321627%2C95322166&oid=2&pvsid=1263584814593530&tmod=149749906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=49
Protocol: H2
Server: 2a02:26f0:480:22::1726:62d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 21:17:17 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A2DCEAC46088421BA5E1A8C0CE222623 Ref B: FRA31EDGE0605 Ref C: 2024-01-22T21:17:17Z
x-cdn-traceid: 0.13d53e17.1705958237.1f98e14a
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Mon, 22 Jan 2024 21:17:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2B035A6067DF4C9580CC290A459148FD Ref B: FRA31EDGE0517 Ref C: 2024-01-22T21:17:16Z
x-cdn-traceid: 0.13d53e17.1705958236.1f98de5b
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=7791f2bdb83041ba8a44bb51f8ce18af&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 150
expires: 0

GET
H2 200 th
www.bing.com/ Frame 975B 5 KB
6 KB 397ms
372ms Image
image/jpeg 2a02:26f0:480:22::1726:62d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OAIP.296d74613ad5ede958c8e9ef31537714&pid=AdsNative&c=3&w=336&h=176&qlt=90
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=2501308132&pi=t.aa~a.132921631~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1705958235&rafmt=1&to=qs&pwprc=8050174172&format=387x280&url=https%3A%2F%2Fweloveelephants.club%2F%3Fbypass-cdn%3D1&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705958235716&bpp=6&bdt=1617&idt=6&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D12f4e2ba8ed95eac%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MZpmh3FK-IerHKf5R8tfCGTE2GRZA&gpic=UID%3D00000d47adb2c5ed%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MY1DtGqi_Qxl44cgeoz6seUkDSLNw&prev_fmts=0x0%2C1200x280%2C387x280&nras=4&correlator=1254468008163&frm=20&pv=1&ga_vid=345899656.1705958235&ga_sid=1705958235&ga_hid=220994473&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=1315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080589%2C44798934%2C31080601%2C95322184%2C95321627%2C95322166&oid=2&pvsid=1263584814593530&tmod=149749906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=49
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:22::1726:62d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e48301d7a1f1914c82dac6a857cfef7f4995d0ce6e6b939d01a57992da91ca42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:16 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.13d53e17.1705958236.1f98de5a
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 5489
alt-svc: h3=":443"; ma=93600

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 975B 0
535 B 76ms
26ms Script
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fweloveelephants.club&e=wqT_3QLuA-juAQAAAwDWAAUBCNy2u60GEID5rJKei4StFhgAKjYJ_ZTsP8EysT8RKKXaEHzCsD8ZAAAAIFyP8j8hKA0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4zvUFgAEBigEDVVNEkgUG8MmYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCHGh0dHBzOi8vd2Vsb3ZlZWxlcGhhbnRzLmNsdWKAAwCIAwGQAwCYAwmgAwGqAwDAA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFr-jukeWXrLElwAUAyQUAAAAAAADwP9IFCQkACQ1sANgFAeAFAfAFCPoFBAgAEACQBgCYBgC4BgDBBgkiLPA_0AbCjQTaBhYKEAkSGQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAfO9QXSBw0JESgBJgjaBwYBXqQYAOAHAOoHAggA8AeJ4wKKCAIQAJUIAACAP5gIAcAI8AbSCAYIABAAGAA.&s=a225349ab6252f202a7385451491f3485a4e3479&bdref=https%3A%2F%2Fweloveelephants.club%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fweloveelephants.club%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-1870775526215126%26output%3Dhtml%26h%3D280%26adk%3D4110419616%26adf%3D2501308132%26pi%3Dt.aa~a.132921631~rp.4%26w%3D387%26fwrn%3D1%26fwrnh%3D100%26lmt%3D1705958235%26rafmt%3D1%26to%3Dqs%26pwprc%3D8050174172%26format%3D387x280%26url%3Dhttps%253A%252F%252Fweloveelephants.club%252F%253Fbypass-cdn%253D1%26host%3Dca-host-pub-2644536267352236%26fwr%3D0%26fwrattr%3Dfalse%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1705958235716%26bpp%3D6%26bdt%3D1617%26idt%3D6%26shv%3Dr20240118%26mjsv%3Dm202401180101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D12f4e2ba8ed95eac%253AT%253D1705958235%253ART%253D1705958235%253AS%253DALNI_MZpmh3FK-IerHKf5R8tfCGTE2GRZA%26gpic%3DUID%253D00000d47adb2c5ed%253AT%253D1705958235%253ART%253D1705958235%253AS%253DALNI_MY1DtGqi_Qxl44cgeoz6seUkDSLNw%26prev_fmts%3D0x0%252C1200x280%252C387x280%26nras%3D4%26correlator%3D1254468008163%26frm%3D20%26pv%3D1%26ga_vid%3D345899656.1705958235%26ga_sid%3D1705958235%26ga_hid%3D220994473%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D606%26ady%3D1315%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D95320239%252C44759875%252C44759926%252C44759837%252C31080589%252C44798934%252C31080601%252C95322184%252C95321627%252C95322166%26oid%3D2%26pvsid%3D1263584814593530%26tmod%3D149749906%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26bz%3D1%26ifi%3D4%26uci%3Da!4%26btvi%3D1%26fsb%3D1%26dtd%3D49,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-1870775526215126%26output%3Dhtml%26h%3D280%26adk%3D4110419616%26adf%3D2501308132%26pi%3Dt.aa~a.132921631~rp.4%26w%3D387%26fwrn%3D1%26fwrnh%3D100%26lmt%3D1705958235%26rafmt%3D1%26to%3Dqs%26pwprc%3D8050174172%26format%3D387x280%26url%3Dhttps%253A%252F%252Fweloveelephants.club%252F%253Fbypass-cdn%253D1%26host%3Dca-host-pub-2644536267352236%26fwr%3D0%26fwrattr%3Dfalse%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1705958235716%26bpp%3D6%26bdt%3D1617%26idt%3D6%26shv%3Dr20240118%26mjsv%3Dm202401180101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D12f4e2ba8ed95eac%253AT%253D1705958235%253ART%253D1705958235%253AS%253DALNI_MZpmh3FK-IerHKf5R8tfCGTE2GRZA%26gpic%3DUID%253D00000d47adb2c5ed%253AT%253D1705958235%253ART%253D1705958235%253AS%253DALNI_MY1DtGqi_Qxl44cgeoz6seUkDSLNw%26prev_fmts%3D0x0%252C1200x280%252C387x280%26nras%3D4%26correlator%3D1254468008163%26frm%3D20%26pv%3D1%26ga_vid%3D345899656.1705958235%26ga_sid%3D1705958235%26ga_hid%3D220994473%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D606%26ady%3D1315%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D95320239%252C44759875%252C44759926%252C44759837%252C31080589%252C44798934%252C31080601%252C95322184%252C95321627%252C95322166%26oid%3D2%26pvsid%3D1263584814593530%26tmod%3D149749906%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26bz%3D1%26ifi%3D4%26uci%3Da!4%26btvi%3D1%26fsb%3D1%26dtd%3D49&

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=2501308132&pi=t.aa~a.132921631~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1705958235&rafmt=1&to=qs&pwprc=8050174172&format=387x280&url=https%3A%2F%2Fweloveelephants.club%2F%3Fbypass-cdn%3D1&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705958235716&bpp=6&bdt=1617&idt=6&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D12f4e2ba8ed95eac%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MZpmh3FK-IerHKf5R8tfCGTE2GRZA&gpic=UID%3D00000d47adb2c5ed%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MY1DtGqi_Qxl44cgeoz6seUkDSLNw&prev_fmts=0x0%2C1200x280%2C387x280&nras=4&correlator=1254468008163&frm=20&pv=1&ga_vid=345899656.1705958235&ga_sid=1705958235&ga_hid=220994473&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=1315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080589%2C44798934%2C31080601%2C95322184%2C95321627%2C95322166&oid=2&pvsid=1263584814593530&tmod=149749906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=49

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 21:17:16 GMT
an-x-request-uuid: 35ebfd1b-abe1-4648-a9e8-6afdf8cffdd4
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.134; 178.162.209.134; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 46ms
34ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: FreshStoreAva/1.0

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 849ad2a2db1b4d3e-FRA
content-length: 24
content-type: text/plain
date: Mon, 22 Jan 2024 21:17:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4zTEWeBmt26RWmhrhLBSaorUxvjnSpjYibvmHWBS2%2BUybFVsjoUEgGuauc1GrxHCiuraoh10wKnChegR50x2cAd%2B4zjeseStsdkt4tX6fyfgbryTuKqOHqWE%2FifgNQjNrhzTeLI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-73gj

POST
H3 200 rs Show response
ad4m.at/ Frame 9B18 2 KB
2 KB 35ms
34ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f93ea5ec70ad5c04556a67a5fafbc443622c1173f8880aacb2392d443c2ab69

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: FreshStoreAva/1.0
Content-Type: application/json

Response headers

date: Mon, 22 Jan 2024 21:17:16 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5GPl8OfQBo%2Blc%2Fqd7IAWPogUTwZxJ9suCYnt%2B6kbVsVBt9L7Pced15WLemfXHddAXT4hD0Crj32dCqhjNCg4iBkXZ0Nj%2FhljZVqmFzlZvWPBqwS7lmDPBPKflTDOc8b5qf6gHIw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 849ad2a30b464d3e-FRA
x-backend-server: aa-reachservice-group-europe-west1-73gj
alt-svc: h3=":443"; ma=86400

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 46ms
45ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240118&jk=1263584814593530&bg=!GRqlGlXNAAa8BdJLnAU7ADQBe5WfOGNgYNMUKoms76Qm1ZUE0LPY6t7eqi6_FtkGirBa73bDmgNAcrI8SV98IDLAt6FAAgAAAGtSAAAAB2gBB5kCp3SlM8c4-uUCa8uoWp5m4rLkqwCiwVThxrhfEYlmhR0JUSVRyJx2S2qqaesOUg6BhfVvTKsl6tYfOhorIDxo-TwJB6XYRgoqzqPhgS1iy9x_mqZlCH0TD7K-Rb-MzQcpcBxzFygUhwtavbW45zp4gbKKzgCeyNFO0VZiaZIAh3zCsjVHV6xvr94kAlmAehvMb2gQBW6jDj5kj5FIT0EjSKLfSJy2iB7h-dh8nbnIjCy-_D4fmOR0-9dgQWhusClOKTf4os1QaS7_079UUVtNDkWxra3dQHvzPgTtZAmrjtUUTtwCxYrFRD6k2hmg0YX6kEy0WGjrS61sGHhsyrB_uSZCsVsuupevGhJqMOz77WlBF6HB6f1y42EM6VUmGthL--1glYXuq2ai1VGxTCv-GFtiYGiWRskGq_heI3tJKvZPpVMflLxDb0_-NhVzLi8NgMGhkWQw6P0ze87zQYNeYMrjY-MwrhxEfK431fwhXtmYbxoV6jMNgEpT4K1wFtuFUhfwN1El1EIcd8kTWOn0kdI6n2d_L8944wnoas5zLASGczcIOuAKp4PkXOyB6Hgxp5EFq_rmq7ThvhOA_th-6Fa16lUCrCScDDhZt2vssi45msJZmxSbCAM62_6JteP_5qgfaeHDr7Gp2_nlNgCkS5kjsuHKGuMG0VpBSD0MgFb1-pkCNW9Z-rgJUyr9DAUzAzD2zS-aVNO3ncEty5HuISezjxkUziptTiH5EAZoFVQUACGgIYNoLUzIP9R0AJ3R6AEPLjdQv7vxxjVna_Bz3uz6ikMVYyxQpHY0N89i4SQt0XyrLlod02D0_xkwWvBzBoGFTtdQaVL990t1msklbX1eBLL5p4ORteOiWX5ppY2BhoqPa18V-ssDc1EiBHtELjrTWkoQ4Ww
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weloveelephants.club/
User-Agent: FreshStoreAva/1.0

Response headers

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4DC2 1 KB
643 B 7ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=2501308132&pi=t.aa~a.132921631~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1705958235&rafmt=1&to=qs&pwprc=8050174172&format=387x280&url=https%3A%2F%2Fweloveelephants.club%2F%3Fbypass-cdn%3D1&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705958235716&bpp=6&bdt=1617&idt=6&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D12f4e2ba8ed95eac%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MZpmh3FK-IerHKf5R8tfCGTE2GRZA&gpic=UID%3D00000d47adb2c5ed%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MY1DtGqi_Qxl44cgeoz6seUkDSLNw&prev_fmts=0x0%2C1200x280%2C387x280&nras=4&correlator=1254468008163&frm=20&pv=1&ga_vid=345899656.1705958235&ga_sid=1705958235&ga_hid=220994473&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=1315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080589%2C44798934%2C31080601%2C95322184%2C95321627%2C95322166&oid=2&pvsid=1263584814593530&tmod=149749906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=49

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

age: 14792
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 17:10:44 GMT
etag: 48472445140208031
expires: Tue, 23 Jan 2024 17:10:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 975B 0
558 B 13ms
13ms Ping
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fweloveelephants.club&e=wqT_3QKEB-iEAwAAAwDWAAUBCNy2u60GEID5rJKei4StFhgAKjYJ_ZTsP8EysT8RKKXaEHzCsD8ZAAAAIFyP8j8hKA0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4zvUFgAEBigEDVVNEkgUG8O2YAdACoAGYAqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCHGh0dHBzOi8vd2Vsb3ZlZWxlcGhhbnRzLmNsdWKAAwCIAwGQAwCYAwmgAwGqA5IDCqwCaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9NjlkMTNjNWMtYmU5Yi00YmNmLTgyNmMtMGY0MDEwNzY4NmJlJmJpZElkPTEmYmlkZGVySWQ9NCZjbUV4cElkPUxWMyZvQWRVbml0EVhUcHVibGlzaGVySWQ9MTYyNjQ1MzMwJgEOBDY5im0ANHJ0eXBlPW51cmwmdGFnBaNoMjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRnwaWVyZnJlaXImYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhMxNjEwNjE3Nzk0OTczMDg4ODk2IgkzODE4NDY3MTQqBGJpbmc6NFUyVmhjbU5vUVdRak56VXlORGM1T0RVM016UTVOREVqTnoBFPBSZ3dPVEEzTURNNU5EWT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8ARFV1iIBQGYBQCgBa_o7pHll6yxJcAFAMkFAAUBFPA_0gUJCQULdAAAANgFAeAFAfAFCPoFBAgAEACQBgCYBgC4BgDBBgEfNAAA8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB871BdIHDRVjASYI2gcGAV6wGADgBwDqBwIIAPAHieMCiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=0acc54edc122a95931144ccc5fec1314fd6ace63&type=nv&nvt=5&jm=1003&px=26&py=0&bw=336&bh=176&sid=3865743511247017845&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=unknown&pl=unknown&x=v&tag_id=6929499&sw=1600&sh=1200&pw=387&ph=280&ww=387&wh=280&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 21:17:16 GMT
an-x-request-uuid: bb3bbf55-0227-4d53-a2d8-9e7f2a9152fc
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.134; 178.162.209.134; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame D4BB 11 KB
5 KB 39ms
39ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=197862%2C765%2C14019&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=300&d=250&e=&g=947376e209a6fb2926654c58c6e62db7%2F1814712148864387678&i=71725%2C1676%2C21596&j=21%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705958236644&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gzdvgsw563xzf768fj5v1mw8cv9ftcp1ypev68vjjza9k1fa8j4pv72j2k6w8dfw56ykfgfz59n0tjyzs5dc9q0eq6j0snr9kcc9rjd0w9p2echeh4mky72np7rsmcq1920dapjyt6f0kcfzm949s63qk6yc4wg7xvearxk01p45321wgs8vqcw9gbbmzhdy6rnvsnj5nb2rv62bjf9r6yh48rcyrw6bkgv0kgrkk25btzpj3nbv518k5eyvec098nnty1j54tdyhet2qq2sjm4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCckpfW9uuZfa4MtOC5LcP15qnmAiQ4YGEXLaoworwAsCNtwEQASAAYJWCoIKwB4IBF2NhLXB1Yi0xODcwNzc1NTI2MjE1MTI2yAEJqQL0O5NAUkSyPqgDAcgDAqoE2wFP0B92Ws2diRo2qn25p1LlbKzppyrsUAUiYDSzSSNn-C1LQFKsxvjIcFAsFq_eGNl02gIRladTXWE8j7Uk2uCUWotX8KhAiUjzk-MTuOZGkAgwUE9mpc7LyzPaldSPMVYlQkeB96gwhjr-3ktik7-CukhrO7Nb2pWGi5UxIacx9aQka_iT9VBY0rkogir0hDYYDJwC4FbbGrjn2GihRhpZ7yoL9Wd7f6sl99n8OFBXhoI4t24b5RXlDSFm0kQAMFGXJ8ULOcvobCjmI6B4dh7MpSJfXsl8W3x1Wm6ABvyTrIfyyaeCK6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliK6pLV9fGDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0S6aTocxatD0Us52U4T52Zqi-xLA%2526client%253Dca-pub-1870775526215126%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a48d9d8c5aebbb9bb2c45f0af45b3576b7fac6021d44d8db3c86c57739e1a155

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1jftejmbqad7cqsyzqe1avz56z0jx9s8qxw2q6q3n7qktx4akh829cvnba3xghnvw9pvbp4nc77nhy7q26dpbzdsq23a20085mbtspbnngmhb5jah363tcn45pek1jrrtwjd8zpfc7fkp3qa69593kqjtfen1gaznprhfndgep7pmrjrdg84d2xrf3h3jn7n0c2z4rvs30frnb202j34sjr81xs8cbgm3azfefq7dbnkf80a5nknk7wd5brdxqrcnj8z9kqtf8kx3f811cgp9jh5k6e3z76h088e6j7brbngpex18p4v8ywrszrmsndsz1gv69p0bvf33fksg0v84wsa1ya1f5dfcvdabjkt4s26q2ssb7jfhme5qey0bh3qwcdgp78wt4bdft91tveqpww2ankg1pk0j6t9e78h7qj5rgn8m8pzx9rja1zq06r78g2d2swm88&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCckpfW9uuZfa4MtOC5LcP15qnmAiQ4YGEXLaoworwAsCNtwEQASAAYJWCoIKwB4IBF2NhLXB1Yi0xODcwNzc1NTI2MjE1MTI2yAEJqQL0O5NAUkSyPqgDAcgDAqoE2wFP0B92Ws2diRo2qn25p1LlbKzppyrsUAUiYDSzSSNn-C1LQFKsxvjIcFAsFq_eGNl02gIRladTXWE8j7Uk2uCUWotX8KhAiUjzk-MTuOZGkAgwUE9mpc7LyzPaldSPMVYlQkeB96gwhjr-3ktik7-CukhrO7Nb2pWGi5UxIacx9aQka_iT9VBY0rkogir0hDYYDJwC4FbbGrjn2GihRhpZ7yoL9Wd7f6sl99n8OFBXhoI4t24b5RXlDSFm0kQAMFGXJ8ULOcvobCjmI6B4dh7MpSJfXsl8W3x1Wm6ABvyTrIfyyaeCK6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliK6pLV9fGDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0S6aTocxatD0Us52U4T52Zqi-xLA%26client%3Dca-pub-1870775526215126%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 849ad2a369989188-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 21:17:16 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 4DC2
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESED7RtH5KNWt_rrpwPp04PWc&google_cver=1&google_push=AXcoOmSyqqS0NY-SSnX8Imb-2CFWWZaFivEVJ9T0eJYiZP6wV6Zq2QjU4kVWXs4ic9v4NqNqaJ3R-CYAdRoYOv-dbIImF0j87BTnr...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDQ3MDIxNjQ2MjczMzI5NDk5MA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED7RtH5KNWt_rrpwPp04PWc&google_cver=1

43 B
398 B

63ms
14ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED7RtH5KNWt_rrpwPp04PWc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=2501308132&pi=t.aa~a.132921631~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1705958235&rafmt=1&to=qs&pwprc=8050174172&format=387x280&url=https%3A%2F%2Fweloveelephants.club%2F%3Fbypass-cdn%3D1&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705958235716&bpp=6&bdt=1617&idt=6&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D12f4e2ba8ed95eac%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MZpmh3FK-IerHKf5R8tfCGTE2GRZA&gpic=UID%3D00000d47adb2c5ed%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MY1DtGqi_Qxl44cgeoz6seUkDSLNw&prev_fmts=0x0%2C1200x280%2C387x280&nras=4&correlator=1254468008163&frm=20&pv=1&ga_vid=345899656.1705958235&ga_sid=1705958235&ga_hid=220994473&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=1315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080589%2C44798934%2C31080601%2C95322184%2C95321627%2C95322166&oid=2&pvsid=1263584814593530&tmod=149749906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=49
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 22 Jan 2024 21:17:16 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 21:17:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED7RtH5KNWt_rrpwPp04PWc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4DC2
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEBknlSZ4r6bmkevcCEX6Eqg&google_cver=1&google_push=AXcoOmQ4rSj4UCrYykR0ffOjNBAz6T95lFgOMqD_5NzAS7hLxwsBRscAygazsarNyUkdKeDrn-ad0fv2sqjkBAdGfmoquwO6Zqvs81...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B0EF1CF62A3F418ABFF7531F16775234&google_push=AXcoOmQ4rSj4UCrYykR0ffOjNBAz6T95lFgOMqD_5NzAS7hLxwsBRscAygazsarNyUkdKeDrn-ad0fv2sqjkBAd...

170 B
188 B

20ms
19ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B0EF1CF62A3F418ABFF7531F16775234&google_push=AXcoOmQ4rSj4UCrYykR0ffOjNBAz6T95lFgOMqD_5NzAS7hLxwsBRscAygazsarNyUkdKeDrn-ad0fv2sqjkBAdGfmoquwO6Zqvs81qscp7DppSins2D6IrUjEooa5-OeUrB6kD7bGa9YRaEbwvRLJorwM6ErKo

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=2501308132&pi=t.aa~a.132921631~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1705958235&rafmt=1&to=qs&pwprc=8050174172&format=387x280&url=https%3A%2F%2Fweloveelephants.club%2F%3Fbypass-cdn%3D1&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705958235716&bpp=6&bdt=1617&idt=6&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D12f4e2ba8ed95eac%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MZpmh3FK-IerHKf5R8tfCGTE2GRZA&gpic=UID%3D00000d47adb2c5ed%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MY1DtGqi_Qxl44cgeoz6seUkDSLNw&prev_fmts=0x0%2C1200x280%2C387x280&nras=4&correlator=1254468008163&frm=20&pv=1&ga_vid=345899656.1705958235&ga_sid=1705958235&ga_hid=220994473&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=1315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080589%2C44798934%2C31080601%2C95322184%2C95321627%2C95322166&oid=2&pvsid=1263584814593530&tmod=149749906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=49

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 21:17:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 22 Jan 2024 21:17:16 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B0EF1CF62A3F418ABFF7531F16775234&google_push=AXcoOmQ4rSj4UCrYykR0ffOjNBAz6T95lFgOMqD_5NzAS7hLxwsBRscAygazsarNyUkdKeDrn-ad0fv2sqjkBAdGfmoquwO6Zqvs81qscp7DppSins2D6IrUjEooa5-OeUrB6kD7bGa9YRaEbwvRLJorwM6ErKo
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 21 Jan 2024 21:17:16 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 4DC2 70 B
148 B 36ms
30ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEH7RT_j-t1LHHi-IarkePq4&google_cver=1&google_push=AXcoOmRHco6HL8WSq7B1JM-IhPTsYGsM8sEvoQBF5U3sC5aNC9evjs1Xc1JdIlDPozxrT4IE4Tb-FUjqVCzbovS9tucmf6JSyOYIblMx4eTD_KQDPJob0h_6lzImRSTlDEjcxxhSGnu4LiHDqvdiSDdhw1aCcA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=2501308132&pi=t.aa~a.132921631~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1705958235&rafmt=1&to=qs&pwprc=8050174172&format=387x280&url=https%3A%2F%2Fweloveelephants.club%2F%3Fbypass-cdn%3D1&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705958235716&bpp=6&bdt=1617&idt=6&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D12f4e2ba8ed95eac%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MZpmh3FK-IerHKf5R8tfCGTE2GRZA&gpic=UID%3D00000d47adb2c5ed%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MY1DtGqi_Qxl44cgeoz6seUkDSLNw&prev_fmts=0x0%2C1200x280%2C387x280&nras=4&correlator=1254468008163&frm=20&pv=1&ga_vid=345899656.1705958235&ga_sid=1705958235&ga_hid=220994473&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=1315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080589%2C44798934%2C31080601%2C95322184%2C95321627%2C95322166&oid=2&pvsid=1263584814593530&tmod=149749906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=49
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:16 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4DC2
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBvrXjLweNP4OMUD1GuuN6Q&google_cver=1&google_push=AXcoOmTHAmXtPGA-L1bz9N0vwm0lgJIH-U6IE4JeB1VB72LkG-rcPWGq1ICrFn4xhblLLSizB52Zrg1cY6sD98A8_qgHve0...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTHAmXtPGA-L1bz9N0vwm0lgJIH-U6IE4JeB1VB72LkG-rcPWGq1ICrFn4xhblLLSizB52Zrg1cY6sD98A8_qgHve0iUpOGr9DRP0yq-L7qSxlsLSsIgSgqRMv2Shn_K...

170 B
188 B

18ms
18ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTHAmXtPGA-L1bz9N0vwm0lgJIH-U6IE4JeB1VB72LkG-rcPWGq1ICrFn4xhblLLSizB52Zrg1cY6sD98A8_qgHve0iUpOGr9DRP0yq-L7qSxlsLSsIgSgqRMv2Shn_KC6Tm2I5Vat9AzrTV-WnEpcAyPE&google_hm=eS1CTWFlY3AxRTJwRnVQWkNUcnZ6amVfQXNtUmJiSkhWQX5B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=2501308132&pi=t.aa~a.132921631~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1705958235&rafmt=1&to=qs&pwprc=8050174172&format=387x280&url=https%3A%2F%2Fweloveelephants.club%2F%3Fbypass-cdn%3D1&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705958235716&bpp=6&bdt=1617&idt=6&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D12f4e2ba8ed95eac%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MZpmh3FK-IerHKf5R8tfCGTE2GRZA&gpic=UID%3D00000d47adb2c5ed%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MY1DtGqi_Qxl44cgeoz6seUkDSLNw&prev_fmts=0x0%2C1200x280%2C387x280&nras=4&correlator=1254468008163&frm=20&pv=1&ga_vid=345899656.1705958235&ga_sid=1705958235&ga_hid=220994473&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=1315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080589%2C44798934%2C31080601%2C95322184%2C95321627%2C95322166&oid=2&pvsid=1263584814593530&tmod=149749906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=49

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 21:17:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 22 Jan 2024 21:17:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTHAmXtPGA-L1bz9N0vwm0lgJIH-U6IE4JeB1VB72LkG-rcPWGq1ICrFn4xhblLLSizB52Zrg1cY6sD98A8_qgHve0iUpOGr9DRP0yq-L7qSxlsLSsIgSgqRMv2Shn_KC6Tm2I5Vat9AzrTV-WnEpcAyPE&google_hm=eS1CTWFlY3AxRTJwRnVQWkNUcnZ6amVfQXNtUmJiSkhWQX5B
content-length: 0

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame 4DC2
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIJJCRC3huT9l4zxuiDclKs&google_cver=1&google_push=AXcoOmQhOqFdiBPANv_jOL8xr90hEa3_qgJZbvHhPUqI4oECA5H2xCc4mMhhM86OlY7e6fOmMf_70xyF...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIJJCRC3huT9l4zxuiDclKs&google_cver=1&google_push=AXcoOmQhOqFdiBPANv_jOL8xr90hEa3_qgJZbvHhPUqI4oECA5H2xCc4mMhhM86OlY7e6fOmMf_...

35 B
499 B

22ms
22ms

Image
image/gif

37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIJJCRC3huT9l4zxuiDclKs&google_cver=1&google_push=AXcoOmQhOqFdiBPANv_jOL8xr90hEa3_qgJZbvHhPUqI4oECA5H2xCc4mMhhM86OlY7e6fOmMf_70xyFYXnhVkgM72GvRGHO9y-zz8uS0no7T-ygLl4Ueza5lNQHLbNg5cX6pOAgI5WW0Lsu7K1jmYfrit2Fgw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=2501308132&pi=t.aa~a.132921631~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1705958235&rafmt=1&to=qs&pwprc=8050174172&format=387x280&url=https%3A%2F%2Fweloveelephants.club%2F%3Fbypass-cdn%3D1&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705958235716&bpp=6&bdt=1617&idt=6&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D12f4e2ba8ed95eac%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MZpmh3FK-IerHKf5R8tfCGTE2GRZA&gpic=UID%3D00000d47adb2c5ed%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MY1DtGqi_Qxl44cgeoz6seUkDSLNw&prev_fmts=0x0%2C1200x280%2C387x280&nras=4&correlator=1254468008163&frm=20&pv=1&ga_vid=345899656.1705958235&ga_sid=1705958235&ga_hid=220994473&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=1315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080589%2C44798934%2C31080601%2C95322184%2C95321627%2C95322166&oid=2&pvsid=1263584814593530&tmod=149749906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=49

Protocol

Server

37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 21:17:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 21:17:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIJJCRC3huT9l4zxuiDclKs&google_cver=1&google_push=AXcoOmQhOqFdiBPANv_jOL8xr90hEa3_qgJZbvHhPUqI4oECA5H2xCc4mMhhM86OlY7e6fOmMf_70xyFYXnhVkgM72GvRGHO9y-zz8uS0no7T-ygLl4Ueza5lNQHLbNg5cX6pOAgI5WW0Lsu7K1jmYfrit2Fgw
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4DC2
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEACPIlp3qcefsvF-thvmU7Y&google_cver=1&google_push=AXcoOmQkSsMVbqs81U1wkKTQewISOy6yPjudIYf2lSpKSzjrisB-Ed0j2MnamERbLVPNBw2AjSfaSZXT8I1P...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQkSsMVbqs81U1wkKTQewISOy6yPjudIYf2lSpKSzjrisB-Ed0j2MnamERbLVPNBw2AjSfaSZXT8I1PNh3bh86myHo4Uy_J33ZcZto3TUb-fawYLvss...

170 B
188 B

17ms
16ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQkSsMVbqs81U1wkKTQewISOy6yPjudIYf2lSpKSzjrisB-Ed0j2MnamERbLVPNBw2AjSfaSZXT8I1PNh3bh86myHo4Uy_J33ZcZto3TUb-fawYLvssckQDJQpeiFWEztOZLJjj--tCCfmPKAwCgHSQLA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=2501308132&pi=t.aa~a.132921631~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1705958235&rafmt=1&to=qs&pwprc=8050174172&format=387x280&url=https%3A%2F%2Fweloveelephants.club%2F%3Fbypass-cdn%3D1&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705958235716&bpp=6&bdt=1617&idt=6&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D12f4e2ba8ed95eac%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MZpmh3FK-IerHKf5R8tfCGTE2GRZA&gpic=UID%3D00000d47adb2c5ed%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MY1DtGqi_Qxl44cgeoz6seUkDSLNw&prev_fmts=0x0%2C1200x280%2C387x280&nras=4&correlator=1254468008163&frm=20&pv=1&ga_vid=345899656.1705958235&ga_sid=1705958235&ga_hid=220994473&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=1315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080589%2C44798934%2C31080601%2C95322184%2C95321627%2C95322166&oid=2&pvsid=1263584814593530&tmod=149749906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=49

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 21:17:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQkSsMVbqs81U1wkKTQewISOy6yPjudIYf2lSpKSzjrisB-Ed0j2MnamERbLVPNBw2AjSfaSZXT8I1PNh3bh86myHo4Uy_J33ZcZto3TUb-fawYLvssckQDJQpeiFWEztOZLJjj--tCCfmPKAwCgHSQLA
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4DC2
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEJLdPZc48IUdLY867ZolUBE&google_cver=1&google_push=AXcoOmQ7qUb11TRuXbfvaqXO54gJeh_7Sm1c0yfbSzLXCBYZ5EGQrrXi-K6O9aqpQB...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQ7qUb11TRuXbfvaqXO54gJeh_7Sm1c0yfbSzLXCBYZ5EGQrrXi-K6O9aqpQBusbWar1F3_UgH0uAQdCgKWASs0oJoQctYukRfjHdbeNFaj3S...

170 B
188 B

17ms
17ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQ7qUb11TRuXbfvaqXO54gJeh_7Sm1c0yfbSzLXCBYZ5EGQrrXi-K6O9aqpQBusbWar1F3_UgH0uAQdCgKWASs0oJoQctYukRfjHdbeNFaj3S9Eu8NR1S5JQv9r0d_tZEm7qZ1MWePAQSChlFQ7wi818R-M&google_hm=CIm5FL1QRza45qWATu_spIY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=2501308132&pi=t.aa~a.132921631~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1705958235&rafmt=1&to=qs&pwprc=8050174172&format=387x280&url=https%3A%2F%2Fweloveelephants.club%2F%3Fbypass-cdn%3D1&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705958235716&bpp=6&bdt=1617&idt=6&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D12f4e2ba8ed95eac%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MZpmh3FK-IerHKf5R8tfCGTE2GRZA&gpic=UID%3D00000d47adb2c5ed%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MY1DtGqi_Qxl44cgeoz6seUkDSLNw&prev_fmts=0x0%2C1200x280%2C387x280&nras=4&correlator=1254468008163&frm=20&pv=1&ga_vid=345899656.1705958235&ga_sid=1705958235&ga_hid=220994473&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=1315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080589%2C44798934%2C31080601%2C95322184%2C95321627%2C95322166&oid=2&pvsid=1263584814593530&tmod=149749906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=49

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 21:17:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 21:17:16 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQ7qUb11TRuXbfvaqXO54gJeh_7Sm1c0yfbSzLXCBYZ5EGQrrXi-K6O9aqpQBusbWar1F3_UgH0uAQdCgKWASs0oJoQctYukRfjHdbeNFaj3S9Eu8NR1S5JQv9r0d_tZEm7qZ1MWePAQSChlFQ7wi818R-M&google_hm=CIm5FL1QRza45qWATu_spIY
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4DC2 0
12 B 15ms
15ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K-39DTq5GRbqLXxzyPmzghTRFUCeeft4jH3qXaxg3iotLWqJFCamSUvq_0sgHyJWQQ1h-ocw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=2501308132&pi=t.aa~a.132921631~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1705958235&rafmt=1&to=qs&pwprc=8050174172&format=387x280&url=https%3A%2F%2Fweloveelephants.club%2F%3Fbypass-cdn%3D1&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705958235716&bpp=6&bdt=1617&idt=6&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D12f4e2ba8ed95eac%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MZpmh3FK-IerHKf5R8tfCGTE2GRZA&gpic=UID%3D00000d47adb2c5ed%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MY1DtGqi_Qxl44cgeoz6seUkDSLNw&prev_fmts=0x0%2C1200x280%2C387x280&nras=4&correlator=1254468008163&frm=20&pv=1&ga_vid=345899656.1705958235&ga_sid=1705958235&ga_hid=220994473&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=1315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080589%2C44798934%2C31080601%2C95322184%2C95321627%2C95322166&oid=2&pvsid=1263584814593530&tmod=149749906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=49

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:16 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame D4BB 115 KB
14 KB 19ms
19ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C765%2C14019&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=300&d=250&e=&g=947376e209a6fb2926654c58c6e62db7%2F1814712148864387678&i=71725%2C1676%2C21596&j=21%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705958236644&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gzdvgsw563xzf768fj5v1mw8cv9ftcp1ypev68vjjza9k1fa8j4pv72j2k6w8dfw56ykfgfz59n0tjyzs5dc9q0eq6j0snr9kcc9rjd0w9p2echeh4mky72np7rsmcq1920dapjyt6f0kcfzm949s63qk6yc4wg7xvearxk01p45321wgs8vqcw9gbbmzhdy6rnvsnj5nb2rv62bjf9r6yh48rcyrw6bkgv0kgrkk25btzpj3nbv518k5eyvec098nnty1j54tdyhet2qq2sjm4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCckpfW9uuZfa4MtOC5LcP15qnmAiQ4YGEXLaoworwAsCNtwEQASAAYJWCoIKwB4IBF2NhLXB1Yi0xODcwNzc1NTI2MjE1MTI2yAEJqQL0O5NAUkSyPqgDAcgDAqoE2wFP0B92Ws2diRo2qn25p1LlbKzppyrsUAUiYDSzSSNn-C1LQFKsxvjIcFAsFq_eGNl02gIRladTXWE8j7Uk2uCUWotX8KhAiUjzk-MTuOZGkAgwUE9mpc7LyzPaldSPMVYlQkeB96gwhjr-3ktik7-CukhrO7Nb2pWGi5UxIacx9aQka_iT9VBY0rkogir0hDYYDJwC4FbbGrjn2GihRhpZ7yoL9Wd7f6sl99n8OFBXhoI4t24b5RXlDSFm0kQAMFGXJ8ULOcvobCjmI6B4dh7MpSJfXsl8W3x1Wm6ABvyTrIfyyaeCK6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliK6pLV9fGDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0S6aTocxatD0Us52U4T52Zqi-xLA%2526client%253Dca-pub-1870775526215126%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=197862%2C765%2C14019&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=300&d=250&e=&g=947376e209a6fb2926654c58c6e62db7%2F1814712148864387678&i=71725%2C1676%2C21596&j=21%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705958236644&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gzdvgsw563xzf768fj5v1mw8cv9ftcp1ypev68vjjza9k1fa8j4pv72j2k6w8dfw56ykfgfz59n0tjyzs5dc9q0eq6j0snr9kcc9rjd0w9p2echeh4mky72np7rsmcq1920dapjyt6f0kcfzm949s63qk6yc4wg7xvearxk01p45321wgs8vqcw9gbbmzhdy6rnvsnj5nb2rv62bjf9r6yh48rcyrw6bkgv0kgrkk25btzpj3nbv518k5eyvec098nnty1j54tdyhet2qq2sjm4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCckpfW9uuZfa4MtOC5LcP15qnmAiQ4YGEXLaoworwAsCNtwEQASAAYJWCoIKwB4IBF2NhLXB1Yi0xODcwNzc1NTI2MjE1MTI2yAEJqQL0O5NAUkSyPqgDAcgDAqoE2wFP0B92Ws2diRo2qn25p1LlbKzppyrsUAUiYDSzSSNn-C1LQFKsxvjIcFAsFq_eGNl02gIRladTXWE8j7Uk2uCUWotX8KhAiUjzk-MTuOZGkAgwUE9mpc7LyzPaldSPMVYlQkeB96gwhjr-3ktik7-CukhrO7Nb2pWGi5UxIacx9aQka_iT9VBY0rkogir0hDYYDJwC4FbbGrjn2GihRhpZ7yoL9Wd7f6sl99n8OFBXhoI4t24b5RXlDSFm0kQAMFGXJ8ULOcvobCjmI6B4dh7MpSJfXsl8W3x1Wm6ABvyTrIfyyaeCK6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliK6pLV9fGDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0S6aTocxatD0Us52U4T52Zqi-xLA%2526client%253Dca-pub-1870775526215126%2526adurl%253D&y=1&s=&z=0
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 577996
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G10gQhp0AK39wm5bXL0hsYGz0%2B%2BWE0Vul122B1iiHGo0NFGx0saxT0bfi65fhY7ThB0EGjL%2Bec9yVd7DAOatDhE21sqHaytUvanr4NvNVZg2Hh1OnkjGxblDxAsDoWBrfhRpQpWgsnM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 849ad2a3b9df9188-FRA
expires: Tue, 23 Jan 2024 21:17:16 GMT

GET
H2 200 AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111
assets.ad4m.at/logo/ Frame D4BB 8 KB
8 KB 47ms
18ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C765%2C14019&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=300&d=250&e=&g=947376e209a6fb2926654c58c6e62db7%2F1814712148864387678&i=71725%2C1676%2C21596&j=21%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705958236644&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gzdvgsw563xzf768fj5v1mw8cv9ftcp1ypev68vjjza9k1fa8j4pv72j2k6w8dfw56ykfgfz59n0tjyzs5dc9q0eq6j0snr9kcc9rjd0w9p2echeh4mky72np7rsmcq1920dapjyt6f0kcfzm949s63qk6yc4wg7xvearxk01p45321wgs8vqcw9gbbmzhdy6rnvsnj5nb2rv62bjf9r6yh48rcyrw6bkgv0kgrkk25btzpj3nbv518k5eyvec098nnty1j54tdyhet2qq2sjm4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCckpfW9uuZfa4MtOC5LcP15qnmAiQ4YGEXLaoworwAsCNtwEQASAAYJWCoIKwB4IBF2NhLXB1Yi0xODcwNzc1NTI2MjE1MTI2yAEJqQL0O5NAUkSyPqgDAcgDAqoE2wFP0B92Ws2diRo2qn25p1LlbKzppyrsUAUiYDSzSSNn-C1LQFKsxvjIcFAsFq_eGNl02gIRladTXWE8j7Uk2uCUWotX8KhAiUjzk-MTuOZGkAgwUE9mpc7LyzPaldSPMVYlQkeB96gwhjr-3ktik7-CukhrO7Nb2pWGi5UxIacx9aQka_iT9VBY0rkogir0hDYYDJwC4FbbGrjn2GihRhpZ7yoL9Wd7f6sl99n8OFBXhoI4t24b5RXlDSFm0kQAMFGXJ8ULOcvobCjmI6B4dh7MpSJfXsl8W3x1Wm6ABvyTrIfyyaeCK6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliK6pLV9fGDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0S6aTocxatD0Us52U4T52Zqi-xLA%2526client%253Dca-pub-1870775526215126%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1126261762db36bce53560ac36f5ede1954662d33a6d6eeb62d84b715070e7bc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 258172
cf-polished: qual=85, origFmt=jpeg, origSize=10446
alt-svc: h3=":443"; ma=86400
content-length: 7728
cf-bgj: imgq:85,h2pri
last-modified: Sat, 04 Nov 2023 16:41:23 GMT
server: cloudflare
etag: "bddcb815cd8abad672404f9cdec6f97c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AWDd3EyB4bokSLen%2F2rxTzAmL6tLEBUjfNCYUbRHl8WCT%2F9jhUBuiCOi%2FAqG09tabMHFNHk9oswtNgMnivE7XIV6JB%2Bxl1r%2Fohtr6j5njrjdWcNOiBmiCyjsg2S%2BZEkKWyctvQmQLZoCYBCO"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 849ad2a3da348fee-FRA

GET
H2 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame D4BB 11 KB
11 KB 48ms
20ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C765%2C14019&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=300&d=250&e=&g=947376e209a6fb2926654c58c6e62db7%2F1814712148864387678&i=71725%2C1676%2C21596&j=21%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705958236644&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gzdvgsw563xzf768fj5v1mw8cv9ftcp1ypev68vjjza9k1fa8j4pv72j2k6w8dfw56ykfgfz59n0tjyzs5dc9q0eq6j0snr9kcc9rjd0w9p2echeh4mky72np7rsmcq1920dapjyt6f0kcfzm949s63qk6yc4wg7xvearxk01p45321wgs8vqcw9gbbmzhdy6rnvsnj5nb2rv62bjf9r6yh48rcyrw6bkgv0kgrkk25btzpj3nbv518k5eyvec098nnty1j54tdyhet2qq2sjm4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCckpfW9uuZfa4MtOC5LcP15qnmAiQ4YGEXLaoworwAsCNtwEQASAAYJWCoIKwB4IBF2NhLXB1Yi0xODcwNzc1NTI2MjE1MTI2yAEJqQL0O5NAUkSyPqgDAcgDAqoE2wFP0B92Ws2diRo2qn25p1LlbKzppyrsUAUiYDSzSSNn-C1LQFKsxvjIcFAsFq_eGNl02gIRladTXWE8j7Uk2uCUWotX8KhAiUjzk-MTuOZGkAgwUE9mpc7LyzPaldSPMVYlQkeB96gwhjr-3ktik7-CukhrO7Nb2pWGi5UxIacx9aQka_iT9VBY0rkogir0hDYYDJwC4FbbGrjn2GihRhpZ7yoL9Wd7f6sl99n8OFBXhoI4t24b5RXlDSFm0kQAMFGXJ8ULOcvobCjmI6B4dh7MpSJfXsl8W3x1Wm6ABvyTrIfyyaeCK6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliK6pLV9fGDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0S6aTocxatD0Us52U4T52Zqi-xLA%2526client%253Dca-pub-1870775526215126%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7f7f5265aeb0202ce88e8a6dfcc0ca25a7b990bb9ffac2f9e430ae6af2b6154

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 332195
cf-polished: qual=85, origFmt=jpeg, origSize=13532
alt-svc: h3=":443"; ma=86400
content-length: 11268
cf-bgj: imgq:85,h2pri
last-modified: Fri, 03 Nov 2023 22:13:51 GMT
server: cloudflare
etag: "d9fd29c7a268fd485230a60f0d2e0192"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kx19S3k3g%2BEnffZ1lxoKq80zeqOGKHi1LTufP9yzIChj9tyCHjINkluoLIIDak0cgKEwJllPse0UBJvrvOnNmHBywra6W%2BGLe3mnRrmo%2FMObVe%2FsmTFzHbATLwMgRgTMdzIZxI%2F3wofAIwWM"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 849ad2a3da318fee-FRA

GET
H2 200 5BEA37F6D446D4C03B5B8A479BAA7B5322DEA7B4FA3695C41DD3E6D3E6347B5DE247A601FDF909E0717C08186D3BBFC9B7677AEC046BA8D01CF57DDA0A0AE7A5
assets.ad4m.at/logo/ Frame D4BB 6 KB
6 KB 53ms
27ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/5BEA37F6D446D4C03B5B8A479BAA7B5322DEA7B4FA3695C41DD3E6D3E6347B5DE247A601FDF909E0717C08186D3BBFC9B7677AEC046BA8D01CF57DDA0A0AE7A5
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C765%2C14019&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=300&d=250&e=&g=947376e209a6fb2926654c58c6e62db7%2F1814712148864387678&i=71725%2C1676%2C21596&j=21%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705958236644&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gzdvgsw563xzf768fj5v1mw8cv9ftcp1ypev68vjjza9k1fa8j4pv72j2k6w8dfw56ykfgfz59n0tjyzs5dc9q0eq6j0snr9kcc9rjd0w9p2echeh4mky72np7rsmcq1920dapjyt6f0kcfzm949s63qk6yc4wg7xvearxk01p45321wgs8vqcw9gbbmzhdy6rnvsnj5nb2rv62bjf9r6yh48rcyrw6bkgv0kgrkk25btzpj3nbv518k5eyvec098nnty1j54tdyhet2qq2sjm4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCckpfW9uuZfa4MtOC5LcP15qnmAiQ4YGEXLaoworwAsCNtwEQASAAYJWCoIKwB4IBF2NhLXB1Yi0xODcwNzc1NTI2MjE1MTI2yAEJqQL0O5NAUkSyPqgDAcgDAqoE2wFP0B92Ws2diRo2qn25p1LlbKzppyrsUAUiYDSzSSNn-C1LQFKsxvjIcFAsFq_eGNl02gIRladTXWE8j7Uk2uCUWotX8KhAiUjzk-MTuOZGkAgwUE9mpc7LyzPaldSPMVYlQkeB96gwhjr-3ktik7-CukhrO7Nb2pWGi5UxIacx9aQka_iT9VBY0rkogir0hDYYDJwC4FbbGrjn2GihRhpZ7yoL9Wd7f6sl99n8OFBXhoI4t24b5RXlDSFm0kQAMFGXJ8ULOcvobCjmI6B4dh7MpSJfXsl8W3x1Wm6ABvyTrIfyyaeCK6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliK6pLV9fGDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0S6aTocxatD0Us52U4T52Zqi-xLA%2526client%253Dca-pub-1870775526215126%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40803f6727061b25fdffeca62b391f51e86f4656ec71f6748e70adb24e4ef2a7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 257995
cf-polished: origFmt=png, origSize=12441
alt-svc: h3=":443"; ma=86400
content-length: 5676
cf-bgj: imgq:85,h2pri
last-modified: Thu, 12 Oct 2023 15:47:18 GMT
server: cloudflare
etag: "db74c4d3f2426619eeab7362f8f8e9a4"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JGCqxHJqz9Ovp%2Bg7Sz0kBarJqh9DwAdCti15ZSbrbFALdcF7eKdAA3wMUr87bBWoa96JADcpBkksckQmIaYSeS2H09FbROvBiB0uy5RRRtEq5EAfOEa09dbvR3p2vR6oDQdFVIiFc12rtumf"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 849ad2a3da328fee-FRA

GET
H2 200 9A6AB5B03987FD43FC0F4811D9BA44190BAE529CC9CDBC80A1EE8AEE414929F6AA6AD8AD382FDF20E7DF4F4A57A5523074CB0D4B7C5049C1CFA10DA8CFB941EF
assets.ad4m.at/product_image/ Frame D4BB 35 KB
36 KB 47ms
22ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/9A6AB5B03987FD43FC0F4811D9BA44190BAE529CC9CDBC80A1EE8AEE414929F6AA6AD8AD382FDF20E7DF4F4A57A5523074CB0D4B7C5049C1CFA10DA8CFB941EF
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C765%2C14019&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=300&d=250&e=&g=947376e209a6fb2926654c58c6e62db7%2F1814712148864387678&i=71725%2C1676%2C21596&j=21%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705958236644&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gzdvgsw563xzf768fj5v1mw8cv9ftcp1ypev68vjjza9k1fa8j4pv72j2k6w8dfw56ykfgfz59n0tjyzs5dc9q0eq6j0snr9kcc9rjd0w9p2echeh4mky72np7rsmcq1920dapjyt6f0kcfzm949s63qk6yc4wg7xvearxk01p45321wgs8vqcw9gbbmzhdy6rnvsnj5nb2rv62bjf9r6yh48rcyrw6bkgv0kgrkk25btzpj3nbv518k5eyvec098nnty1j54tdyhet2qq2sjm4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCckpfW9uuZfa4MtOC5LcP15qnmAiQ4YGEXLaoworwAsCNtwEQASAAYJWCoIKwB4IBF2NhLXB1Yi0xODcwNzc1NTI2MjE1MTI2yAEJqQL0O5NAUkSyPqgDAcgDAqoE2wFP0B92Ws2diRo2qn25p1LlbKzppyrsUAUiYDSzSSNn-C1LQFKsxvjIcFAsFq_eGNl02gIRladTXWE8j7Uk2uCUWotX8KhAiUjzk-MTuOZGkAgwUE9mpc7LyzPaldSPMVYlQkeB96gwhjr-3ktik7-CukhrO7Nb2pWGi5UxIacx9aQka_iT9VBY0rkogir0hDYYDJwC4FbbGrjn2GihRhpZ7yoL9Wd7f6sl99n8OFBXhoI4t24b5RXlDSFm0kQAMFGXJ8ULOcvobCjmI6B4dh7MpSJfXsl8W3x1Wm6ABvyTrIfyyaeCK6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliK6pLV9fGDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0S6aTocxatD0Us52U4T52Zqi-xLA%2526client%253Dca-pub-1870775526215126%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f121a336589baa8e4e36ff8e08c70847b57ad8545b693a2e4e96a0fbda38e42a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 262285
cf-polished: qual=85, origFmt=jpeg, origSize=36074
alt-svc: h3=":443"; ma=86400
content-length: 36044
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 Nov 2023 06:27:23 GMT
server: cloudflare
etag: "7850b9052be937f41ce82bc92c12f968"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pEusPLttCJQwVaB5OZemNSTzZg1osVo8JdR4VMGPmk5w1HyMPqvKyy2CbEnYMoGFPqxYWozRN%2Fyhf9eTCM7r2pgV8K9qxnUWCy09bBnWyVOyLZ%2By1PDjbgog8Cfe6l2rmzQ2YkXLDL47Rj97"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 849ad2a3da2e8fee-FRA

GET
H2 200 view
t.adcell.com/p/ Frame D4BB 42 B
459 B 101ms
51ms Image
image/gif 2a02:cb40:200::242
SOPRADO-ANY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.adcell.com/p/view?promoId=164800&slotId=46690&pv=1&subId=oneid7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1joneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C765%2C14019&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=300&d=250&e=&g=947376e209a6fb2926654c58c6e62db7%2F1814712148864387678&i=71725%2C1676%2C21596&j=21%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705958236644&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gzdvgsw563xzf768fj5v1mw8cv9ftcp1ypev68vjjza9k1fa8j4pv72j2k6w8dfw56ykfgfz59n0tjyzs5dc9q0eq6j0snr9kcc9rjd0w9p2echeh4mky72np7rsmcq1920dapjyt6f0kcfzm949s63qk6yc4wg7xvearxk01p45321wgs8vqcw9gbbmzhdy6rnvsnj5nb2rv62bjf9r6yh48rcyrw6bkgv0kgrkk25btzpj3nbv518k5eyvec098nnty1j54tdyhet2qq2sjm4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCckpfW9uuZfa4MtOC5LcP15qnmAiQ4YGEXLaoworwAsCNtwEQASAAYJWCoIKwB4IBF2NhLXB1Yi0xODcwNzc1NTI2MjE1MTI2yAEJqQL0O5NAUkSyPqgDAcgDAqoE2wFP0B92Ws2diRo2qn25p1LlbKzppyrsUAUiYDSzSSNn-C1LQFKsxvjIcFAsFq_eGNl02gIRladTXWE8j7Uk2uCUWotX8KhAiUjzk-MTuOZGkAgwUE9mpc7LyzPaldSPMVYlQkeB96gwhjr-3ktik7-CukhrO7Nb2pWGi5UxIacx9aQka_iT9VBY0rkogir0hDYYDJwC4FbbGrjn2GihRhpZ7yoL9Wd7f6sl99n8OFBXhoI4t24b5RXlDSFm0kQAMFGXJ8ULOcvobCjmI6B4dh7MpSJfXsl8W3x1Wm6ABvyTrIfyyaeCK6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliK6pLV9fGDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0S6aTocxatD0Us52U4T52Zqi-xLA%2526client%253Dca-pub-1870775526215126%2526adurl%253D&y=1&s=&z=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:cb40:200::242 , Germany, ASN20546 (SOPRADO-ANY, DE),

Reverse DNS

Software

myracloud /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 21:17:16 GMT
strict-transport-security: max-age=15768000
last-modified: Wed, 11 Jan 2006 12:59:00 GMT
server: myracloud
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 42
expires: Sat, 11 Jan 2003 12:59:00 GMT

GET
H2 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame D4BB 7 KB
7 KB 47ms
21ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C765%2C14019&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=300&d=250&e=&g=947376e209a6fb2926654c58c6e62db7%2F1814712148864387678&i=71725%2C1676%2C21596&j=21%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705958236644&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gzdvgsw563xzf768fj5v1mw8cv9ftcp1ypev68vjjza9k1fa8j4pv72j2k6w8dfw56ykfgfz59n0tjyzs5dc9q0eq6j0snr9kcc9rjd0w9p2echeh4mky72np7rsmcq1920dapjyt6f0kcfzm949s63qk6yc4wg7xvearxk01p45321wgs8vqcw9gbbmzhdy6rnvsnj5nb2rv62bjf9r6yh48rcyrw6bkgv0kgrkk25btzpj3nbv518k5eyvec098nnty1j54tdyhet2qq2sjm4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCckpfW9uuZfa4MtOC5LcP15qnmAiQ4YGEXLaoworwAsCNtwEQASAAYJWCoIKwB4IBF2NhLXB1Yi0xODcwNzc1NTI2MjE1MTI2yAEJqQL0O5NAUkSyPqgDAcgDAqoE2wFP0B92Ws2diRo2qn25p1LlbKzppyrsUAUiYDSzSSNn-C1LQFKsxvjIcFAsFq_eGNl02gIRladTXWE8j7Uk2uCUWotX8KhAiUjzk-MTuOZGkAgwUE9mpc7LyzPaldSPMVYlQkeB96gwhjr-3ktik7-CukhrO7Nb2pWGi5UxIacx9aQka_iT9VBY0rkogir0hDYYDJwC4FbbGrjn2GihRhpZ7yoL9Wd7f6sl99n8OFBXhoI4t24b5RXlDSFm0kQAMFGXJ8ULOcvobCjmI6B4dh7MpSJfXsl8W3x1Wm6ABvyTrIfyyaeCK6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliK6pLV9fGDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0S6aTocxatD0Us52U4T52Zqi-xLA%2526client%253Dca-pub-1870775526215126%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 269178
cf-polished: qual=85, origFmt=jpeg, origSize=8714
alt-svc: h3=":443"; ma=86400
content-length: 6672
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Nov 2023 08:50:26 GMT
server: cloudflare
etag: "52953af169f970e1ac17ba40d8c26548"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zAzEVFhf4%2BKzgHaHW4KZ8lOQOn7npv54fGSKq5nQ54ZHTcn5j8IQrLZvHw1gXnYf4HAdugRAjtciNHzCZ1fGWb7e7xiq%2BdqLizo97vgtXe6qG4uCDSJNr3Lwn2IB5J1nmIiKP3s8RG%2BqKbIw"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 849ad2a3da358fee-FRA

GET
H2 200 E1613AB51B8289501DC4E750FD05DAF49FBB0AEAEF6155FD81001404C0F388525557C80572BA5C3D895730DA3957A6D15AF6D079DFB5F55ED0C22B8402FC82AE
assets.ad4m.at/ Frame D4BB 25 KB
25 KB 51ms
26ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/E1613AB51B8289501DC4E750FD05DAF49FBB0AEAEF6155FD81001404C0F388525557C80572BA5C3D895730DA3957A6D15AF6D079DFB5F55ED0C22B8402FC82AE
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C765%2C14019&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=300&d=250&e=&g=947376e209a6fb2926654c58c6e62db7%2F1814712148864387678&i=71725%2C1676%2C21596&j=21%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705958236644&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gzdvgsw563xzf768fj5v1mw8cv9ftcp1ypev68vjjza9k1fa8j4pv72j2k6w8dfw56ykfgfz59n0tjyzs5dc9q0eq6j0snr9kcc9rjd0w9p2echeh4mky72np7rsmcq1920dapjyt6f0kcfzm949s63qk6yc4wg7xvearxk01p45321wgs8vqcw9gbbmzhdy6rnvsnj5nb2rv62bjf9r6yh48rcyrw6bkgv0kgrkk25btzpj3nbv518k5eyvec098nnty1j54tdyhet2qq2sjm4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCckpfW9uuZfa4MtOC5LcP15qnmAiQ4YGEXLaoworwAsCNtwEQASAAYJWCoIKwB4IBF2NhLXB1Yi0xODcwNzc1NTI2MjE1MTI2yAEJqQL0O5NAUkSyPqgDAcgDAqoE2wFP0B92Ws2diRo2qn25p1LlbKzppyrsUAUiYDSzSSNn-C1LQFKsxvjIcFAsFq_eGNl02gIRladTXWE8j7Uk2uCUWotX8KhAiUjzk-MTuOZGkAgwUE9mpc7LyzPaldSPMVYlQkeB96gwhjr-3ktik7-CukhrO7Nb2pWGi5UxIacx9aQka_iT9VBY0rkogir0hDYYDJwC4FbbGrjn2GihRhpZ7yoL9Wd7f6sl99n8OFBXhoI4t24b5RXlDSFm0kQAMFGXJ8ULOcvobCjmI6B4dh7MpSJfXsl8W3x1Wm6ABvyTrIfyyaeCK6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliK6pLV9fGDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0S6aTocxatD0Us52U4T52Zqi-xLA%2526client%253Dca-pub-1870775526215126%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d276da068fea1049fbb29d0aaeda5b9fa8a38e50b3f55741ffe2899cd52e6d5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4107179
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 25413
cf-bgj: imgq:85,h2pri
last-modified: Wed, 06 Dec 2023 08:24:17 GMT
server: cloudflare
etag: "7e811696e8763f5dce86bbb648013620"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u3Do2Kj4gykBnVKjWhBA3AG%2BKBJn2WHwM4vFDB49noL%2FdKSbPotvXUUIevbRSpLvt0WtC7j5I6vaRinw4D%2Fjrel%2BeOYKtzQ7L%2FY1W7U3VukFR9QDfuWwPLAOV5QVfBEda1KT0q37vuNOABRI"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 849ad2a3da368fee-FRA

GET
H2

200

ztpv.php
www.conrad.de/ Frame D4BB
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1705958236_9e9b9660-b96b-11ee-a4ff-226608db104b&insert=AW&&gdpr=0&gdpr_consent=

0
492 B

75ms
37ms

Image
text/html

2606:4700::6813:afbe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1705958236_9e9b9660-b96b-11ee-a4ff-226608db104b&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Protocol

Server

2606:4700::6813:afbe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:16 GMT
strict-transport-security: max-age=15552000
cf-ccp-worker: HTLPHandler-v1
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache
cf-ray: 849ad2a4db081db3-FRA
content-length: 0
expires: -1

Redirect headers

Date: Mon, 22 Jan 2024 21:17:16 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1705958236_9e9b9660-b96b-11ee-a4ff-226608db104b&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 link.html Show response
track.webgains.com/ Frame D4BB 2 KB
2 KB 162ms
78ms Script
text/html 18.132.128.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&wgprogramid=286305&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1khrhqxgd8vx1gm69t092wnjj3dyf2ez2m858ej1t9022jybawgte1kk857trzcmzcc24qj33pta9hefv0bbj4gjtza38y6tm99r5dcy1xxstyf0kwtdzjjf7vme529m9f0dvtj3a047tyfm9a0ykvkv84qe3s2kf8qdgfktsg74z6qp9n03xmrkvahzdm7k22xr6pmvr3ap9d0qpg57peb39s8bxxdtsqkrk384ns6xv0zhrvbzrgygk5pxdq662w70%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gzdvgsw563xzf768fj5v1mw8cv9ftcp1ypev68vjjza9k1fa8j4pv72j2k6w8dfw56ykfgfz59n0tjyzs5dc9q0eq6j0snr9kcc9rjd0w9p2echeh4mky72np7rsmcq1920dapjyt6f0kcfzm949s63qk6yc4wg7xvearxk01p45321wgs8vqcw9gbbmzhdy6rnvsnj5nb2rv62bjf9r6yh48rcyrw6bkgv0kgrkk25btzpj3nbv518k5eyvec098nnty1j54tdyhet2qq2sjm4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCckpfW9uuZfa4MtOC5LcP15qnmAiQ4YGEXLaoworwAsCNtwEQASAAYJWCoIKwB4IBF2NhLXB1Yi0xODcwNzc1NTI2MjE1MTI2yAEJqQL0O5NAUkSyPqgDAcgDAqoE2wFP0B92Ws2diRo2qn25p1LlbKzppyrsUAUiYDSzSSNn-C1LQFKsxvjIcFAsFq_eGNl02gIRladTXWE8j7Uk2uCUWotX8KhAiUjzk-MTuOZGkAgwUE9mpc7LyzPaldSPMVYlQkeB96gwhjr-3ktik7-CukhrO7Nb2pWGi5UxIacx9aQka_iT9VBY0rkogir0hDYYDJwC4FbbGrjn2GihRhpZ7yoL9Wd7f6sl99n8OFBXhoI4t24b5RXlDSFm0kQAMFGXJ8ULOcvobCjmI6B4dh7MpSJfXsl8W3x1Wm6ABvyTrIfyyaeCK6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliK6pLV9fGDA_oLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0S6aTocxatD0Us52U4T52Zqi-xLA%252526client%25253Dca-pub-1870775526215126%252526adurl%25253D&clickref=oneidQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5oneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C765%2C14019&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=300&d=250&e=&g=947376e209a6fb2926654c58c6e62db7%2F1814712148864387678&i=71725%2C1676%2C21596&j=21%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705958236644&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gzdvgsw563xzf768fj5v1mw8cv9ftcp1ypev68vjjza9k1fa8j4pv72j2k6w8dfw56ykfgfz59n0tjyzs5dc9q0eq6j0snr9kcc9rjd0w9p2echeh4mky72np7rsmcq1920dapjyt6f0kcfzm949s63qk6yc4wg7xvearxk01p45321wgs8vqcw9gbbmzhdy6rnvsnj5nb2rv62bjf9r6yh48rcyrw6bkgv0kgrkk25btzpj3nbv518k5eyvec098nnty1j54tdyhet2qq2sjm4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCckpfW9uuZfa4MtOC5LcP15qnmAiQ4YGEXLaoworwAsCNtwEQASAAYJWCoIKwB4IBF2NhLXB1Yi0xODcwNzc1NTI2MjE1MTI2yAEJqQL0O5NAUkSyPqgDAcgDAqoE2wFP0B92Ws2diRo2qn25p1LlbKzppyrsUAUiYDSzSSNn-C1LQFKsxvjIcFAsFq_eGNl02gIRladTXWE8j7Uk2uCUWotX8KhAiUjzk-MTuOZGkAgwUE9mpc7LyzPaldSPMVYlQkeB96gwhjr-3ktik7-CukhrO7Nb2pWGi5UxIacx9aQka_iT9VBY0rkogir0hDYYDJwC4FbbGrjn2GihRhpZ7yoL9Wd7f6sl99n8OFBXhoI4t24b5RXlDSFm0kQAMFGXJ8ULOcvobCjmI6B4dh7MpSJfXsl8W3x1Wm6ABvyTrIfyyaeCK6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliK6pLV9fGDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0S6aTocxatD0Us52U4T52Zqi-xLA%2526client%253Dca-pub-1870775526215126%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.132.128.129 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-132-128-129.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 8a204d8c14a740ce66b9d264d1c7c0ad9760d55c6f3058b9d733b903a0b4801b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 21:17:16 GMT
last-modified: Mon, 22 Jan 2024 21:17:16 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Mon, 22 Jan 2024 21:18:16 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame D4BB 54 KB
19 KB 64ms
8ms Script
application/javascript 18.66.147.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&wgprogramid=286305&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1khrhqxgd8vx1gm69t092wnjj3dyf2ez2m858ej1t9022jybawgte1kk857trzcmzcc24qj33pta9hefv0bbj4gjtza38y6tm99r5dcy1xxstyf0kwtdzjjf7vme529m9f0dvtj3a047tyfm9a0ykvkv84qe3s2kf8qdgfktsg74z6qp9n03xmrkvahzdm7k22xr6pmvr3ap9d0qpg57peb39s8bxxdtsqkrk384ns6xv0zhrvbzrgygk5pxdq662w70%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gzdvgsw563xzf768fj5v1mw8cv9ftcp1ypev68vjjza9k1fa8j4pv72j2k6w8dfw56ykfgfz59n0tjyzs5dc9q0eq6j0snr9kcc9rjd0w9p2echeh4mky72np7rsmcq1920dapjyt6f0kcfzm949s63qk6yc4wg7xvearxk01p45321wgs8vqcw9gbbmzhdy6rnvsnj5nb2rv62bjf9r6yh48rcyrw6bkgv0kgrkk25btzpj3nbv518k5eyvec098nnty1j54tdyhet2qq2sjm4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCckpfW9uuZfa4MtOC5LcP15qnmAiQ4YGEXLaoworwAsCNtwEQASAAYJWCoIKwB4IBF2NhLXB1Yi0xODcwNzc1NTI2MjE1MTI2yAEJqQL0O5NAUkSyPqgDAcgDAqoE2wFP0B92Ws2diRo2qn25p1LlbKzppyrsUAUiYDSzSSNn-C1LQFKsxvjIcFAsFq_eGNl02gIRladTXWE8j7Uk2uCUWotX8KhAiUjzk-MTuOZGkAgwUE9mpc7LyzPaldSPMVYlQkeB96gwhjr-3ktik7-CukhrO7Nb2pWGi5UxIacx9aQka_iT9VBY0rkogir0hDYYDJwC4FbbGrjn2GihRhpZ7yoL9Wd7f6sl99n8OFBXhoI4t24b5RXlDSFm0kQAMFGXJ8ULOcvobCjmI6B4dh7MpSJfXsl8W3x1Wm6ABvyTrIfyyaeCK6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliK6pLV9fGDA_oLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0S6aTocxatD0Us52U4T52Zqi-xLA%252526client%25253Dca-pub-1870775526215126%252526adurl%25253D&clickref=oneidQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5oneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-52.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5ca4b5260e5b7a45b242e3c117e96451cb1d43563baee057f0d609548a112db7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 22 Jan 2024 05:23:26 GMT
content-encoding: gzip
via: 1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jan 2024 16:01:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 57232
x-amz-server-side-encryption: AES256
etag: W/"1885e2f5560c2347761a6db4984ea717"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: -jp0FweM19MbWYbZVl8B3PXACm-nW-DpbJbjI93PIBe-wm8Ir3m9EA==

GET
H2 200 1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame D4BB 15 KB
15 KB 42ms
9ms Image
image/png 99.86.4.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1705958536&Signature=gdjwUU-Q2YrfoEyYSFNe0b~wM0RQFSmj9~KJLw5uYY4HR105NgHxJ0l~ZQwxuDue3q95xzLdNGxSQareeFPRCjjqxbu6detGQVAzYOY-wRXkSRrXxM9pwTDIv7WteEq2qz~W4rjIsfYaPq8qXgba3201Fvw69hbfS2L0lAFgAXuYChNoYHIQgV2ajLsW9tfB-bnoKL7XqhU5CBSJNxBDJNYOHYHC9n92YjH5AqUa0blzuSTMpVYLsFyMeuCkV0pssO1th4uNP6UXb12NYQ5-bQ~7YW4oPWdzXP1CSrMG3CZDL8fTkS~jGI6OI4r6B~z5OwwNlG2IWA9DGc0RCaqrqA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C765%2C14019&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=300&d=250&e=&g=947376e209a6fb2926654c58c6e62db7%2F1814712148864387678&i=71725%2C1676%2C21596&j=21%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705958236644&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gzdvgsw563xzf768fj5v1mw8cv9ftcp1ypev68vjjza9k1fa8j4pv72j2k6w8dfw56ykfgfz59n0tjyzs5dc9q0eq6j0snr9kcc9rjd0w9p2echeh4mky72np7rsmcq1920dapjyt6f0kcfzm949s63qk6yc4wg7xvearxk01p45321wgs8vqcw9gbbmzhdy6rnvsnj5nb2rv62bjf9r6yh48rcyrw6bkgv0kgrkk25btzpj3nbv518k5eyvec098nnty1j54tdyhet2qq2sjm4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCckpfW9uuZfa4MtOC5LcP15qnmAiQ4YGEXLaoworwAsCNtwEQASAAYJWCoIKwB4IBF2NhLXB1Yi0xODcwNzc1NTI2MjE1MTI2yAEJqQL0O5NAUkSyPqgDAcgDAqoE2wFP0B92Ws2diRo2qn25p1LlbKzppyrsUAUiYDSzSSNn-C1LQFKsxvjIcFAsFq_eGNl02gIRladTXWE8j7Uk2uCUWotX8KhAiUjzk-MTuOZGkAgwUE9mpc7LyzPaldSPMVYlQkeB96gwhjr-3ktik7-CukhrO7Nb2pWGi5UxIacx9aQka_iT9VBY0rkogir0hDYYDJwC4FbbGrjn2GihRhpZ7yoL9Wd7f6sl99n8OFBXhoI4t24b5RXlDSFm0kQAMFGXJ8ULOcvobCjmI6B4dh7MpSJfXsl8W3x1Wm6ABvyTrIfyyaeCK6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliK6pLV9fGDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0S6aTocxatD0Us52U4T52Zqi-xLA%2526client%253Dca-pub-1870775526215126%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-36.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: FreshStoreAva/1.0

Response headers

x-amz-version-id: null
date: Mon, 22 Jan 2024 06:58:32 GMT
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:41:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 51525
etag: "d4e8f970f24f6d19b53aa92b1907c1ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15054
x-amz-cf-id: YaW9IpCDESxJxoLy98J3t0LS3VrdxgbJmnFOImu-_2GXhIQZf42-4g==

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 975B 0
19 B 49ms
48ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CjnEDW9uuZYHuNIzA5LcPqZ-78APS4Nfgbo-ktpOTCsCNtwEQASAAYJWCoIKwB4IBF2NhLXB1Yi0xODcwNzc1NTI2MjE1MTI2yAEJqAMByAMCqgTeAU_QJgJ6472x0DtH8VmqV97TrbnAMQIb224tVpvGlyRCqZk4scUYufERZ1KyhIaqTQoVod722IUHE7KMQPKK1PBY3-peoGWdG03yLYYA27Zd5VyEsHAzlrSULSapzI_vQXYZkfNZ_bCsDo4aMg5s-szZOj30mUJqNdPutTUB9OdUOlpxrUnE9k-W7T86bq_kHY_hhC5CHBbCT_DONkJmCd6LPNTJVwSumdBRyggCWrVfCZ9-O2cL9uHjIM_1Kn8KoIWFrQTsSy031sJkueNiDc3E9yC3acI7c9B--lIot4AGwNKfhsi4sfjxAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli08ZTV9fGDA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0xODcwNzc1NTI2MjE1MTI2GAA&sigh=3iUnqElnqiQ&uach_m=%5BUACH%5D&cid=CAQSOwAvHhf_sAMVwZZl9POvPqtyTcc4KUAeiqXVurNQWlWfTCJkuqxqVEA7HsEJOArFb3ZDdBJUXY6oGSATGAE&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=2501308132&pi=t.aa~a.132921631~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1705958235&rafmt=1&to=qs&pwprc=8050174172&format=387x280&url=https%3A%2F%2Fweloveelephants.club%2F%3Fbypass-cdn%3D1&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705958235716&bpp=6&bdt=1617&idt=6&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D12f4e2ba8ed95eac%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MZpmh3FK-IerHKf5R8tfCGTE2GRZA&gpic=UID%3D00000d47adb2c5ed%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MY1DtGqi_Qxl44cgeoz6seUkDSLNw&prev_fmts=0x0%2C1200x280%2C387x280&nras=4&correlator=1254468008163&frm=20&pv=1&ga_vid=345899656.1705958235&ga_sid=1705958235&ga_hid=220994473&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=1315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080589%2C44798934%2C31080601%2C95322184%2C95321627%2C95322166&oid=2&pvsid=1263584814593530&tmod=149749906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=49

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=2501308132&pi=t.aa~a.132921631~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1705958235&rafmt=1&to=qs&pwprc=8050174172&format=387x280&url=https%3A%2F%2Fweloveelephants.club%2F%3Fbypass-cdn%3D1&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705958235716&bpp=6&bdt=1617&idt=6&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D12f4e2ba8ed95eac%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MZpmh3FK-IerHKf5R8tfCGTE2GRZA&gpic=UID%3D00000d47adb2c5ed%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MY1DtGqi_Qxl44cgeoz6seUkDSLNw&prev_fmts=0x0%2C1200x280%2C387x280&nras=4&correlator=1254468008163&frm=20&pv=1&ga_vid=345899656.1705958235&ga_sid=1705958235&ga_hid=220994473&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=1315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080589%2C44798934%2C31080601%2C95322184%2C95321627%2C95322166&oid=2&pvsid=1263584814593530&tmod=149749906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=49
User-Agent: FreshStoreAva/1.0

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 22 Jan 2024 21:17:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=ISO-8859-1
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 it
ams3-ib.adnxs.com/ Frame 975B 0
534 B 50ms
50ms Image
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fweloveelephants.club&e=wqT_3QKEB-iEAwAAAwDWAAUBCNy2u60GEID5rJKei4StFhgAKjYJ_ZTsP8EysT8RKKXaEHzCsD8ZAAAAIFyP8j8hKA0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4zvUFgAEBigEDVVNEkgUG8O2YAdACoAGYAqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCHGh0dHBzOi8vd2Vsb3ZlZWxlcGhhbnRzLmNsdWKAAwCIAwGQAwCYAwmgAwGqA5IDCqwCaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9NjlkMTNjNWMtYmU5Yi00YmNmLTgyNmMtMGY0MDEwNzY4NmJlJmJpZElkPTEmYmlkZGVySWQ9NCZjbUV4cElkPUxWMyZvQWRVbml0EVhUcHVibGlzaGVySWQ9MTYyNjQ1MzMwJgEOBDY5im0ANHJ0eXBlPW51cmwmdGFnBaNoMjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRnwaWVyZnJlaXImYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhMxNjEwNjE3Nzk0OTczMDg4ODk2IgkzODE4NDY3MTQqBGJpbmc6NFUyVmhjbU5vUVdRak56VXlORGM1T0RVM016UTVOREVqTnoBFPBSZ3dPVEEzTURNNU5EWT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8ARFV1iIBQGYBQCgBa_o7pHll6yxJcAFAMkFAAUBFPA_0gUJCQULdAAAANgFAeAFAfAFCPoFBAgAEACQBgCYBgC4BgDBBgEfNAAA8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB871BdIHDRVjASYI2gcGAV6wGADgBwDqBwIIAPAHieMCiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=0acc54edc122a95931144ccc5fec1314fd6ace63&pp=Za7bWwANNwEA-SAMAA7PqY1Kzfmhb3vf3f8EOA&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkLBHW9uuZYHuNIzA5LcPqZ-78APS4Nfgbo-ktpOTCsCNtwEQASAAYJWCoIKwB4IBF2NhLXB1Yi0xODcwNzc1NTI2MjE1MTI2yAEJqAMByAMCqgThAU_QJgJ6472x0DtH8VmqV97TrbnAMQIb224tVpvGlyRCqZk4scUYufERZ1KyhIaqTQoVod722IUHE7KMQPKK1PBY3-peoGWdG03yLYYA27Zd5VyEsHAzlrSULSapzI_vQXYZkfNZ_bCsDo4aMg5s-szZOj30mUJqNdPutTUB9OdUOlpxrUnE9k-W7T86bq_kHY_hhC5CHBbCT_DONkJmCd6LPNTJVwSumdBRyggCWrVfCZ9-O2cL9uGhIu5n6NvwzRF_2bFyEqmB0uFuPepMFRRmcXkz1UIRX8i-e7BFIxcFioAGwNKfhsi4sfjxAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli08ZTV9fGDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2H7WBBybRC5KBkwx7jKn_T8ReMmg%26client%3Dca-pub-1870775526215126%26adurl%3D&cbvp=2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=2501308132&pi=t.aa~a.132921631~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1705958235&rafmt=1&to=qs&pwprc=8050174172&format=387x280&url=https%3A%2F%2Fweloveelephants.club%2F%3Fbypass-cdn%3D1&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705958235716&bpp=6&bdt=1617&idt=6&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D12f4e2ba8ed95eac%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MZpmh3FK-IerHKf5R8tfCGTE2GRZA&gpic=UID%3D00000d47adb2c5ed%3AT%3D1705958235%3ART%3D1705958235%3AS%3DALNI_MY1DtGqi_Qxl44cgeoz6seUkDSLNw&prev_fmts=0x0%2C1200x280%2C387x280&nras=4&correlator=1254468008163&frm=20&pv=1&ga_vid=345899656.1705958235&ga_sid=1705958235&ga_hid=220994473&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=1315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080589%2C44798934%2C31080601%2C95322184%2C95321627%2C95322166&oid=2&pvsid=1263584814593530&tmod=149749906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=49

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 21:17:17 GMT
an-x-request-uuid: 6fbc8afe-7e8a-4468-a6d9-dec90888eedd
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.134; 178.162.209.134; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9AD3 42 B
64 B 42ms
41ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssQLvJ-xR5fsZ0aa1b2PVgHTGa9quKMMRcq3VHA2y-Su7tjqcaF_L73InsS50jbktAPnzmMWOoFpsgRPo0A9wqq8tlONrAkNtDo-Bn8b7CCqOV78EX_LA&sig=Cg0ArKJSzE3HVlkFef8zEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4110419616&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705958236274&rpt=177&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 21:17:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame D4BB 16 B
209 B 72ms
72ms Fetch
application/json 18.134.214.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.134.214.132 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-134-214-132.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: FreshStoreAva/1.0
Content-Type: application/json

Response headers

date: Mon, 22 Jan 2024 21:17:18 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 184ms
21ms Preflight 18.134.214.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.134.214.132 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-134-214-132.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: FreshStoreAva/1.0

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Mon, 22 Jan 2024 21:17:17 GMT
server: nginx

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 15ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-7SGVF7L4G2&_ono=1&gtm=45je41h0v9108620532&_p=1705958234272&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dZTNiMT&cid=345899656.1705958235&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEII&sid=1705958234&sct=1&seg=0&dl=https%3A%2F%2Fweloveelephants.club%2F%3Fbypass-cdn%3D1&dt=We%20Love%20Elephants%20-%20Photos%2C%20Articles%2C%20Facts%20and%20Everything%20Elephant!&_s=2&tfd=9907
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7SGVF7L4G2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://weloveelephants.club/
accept-language: de-DE,de;q=0.9
User-Agent: FreshStoreAva/1.0
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 21:17:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://weloveelephants.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ad4m.at/cookie-frame.html	1970-01-20 18:35:50	Name: userId Value: dZH_wa1tBRpIpEVh2dibx7jM_RmC_daI
.weloveelephants.club/	1970-01-20 17:54:04	Name: _gid Value: GA1.2.1294364538.1705958235
.weloveelephants.club/	1970-01-20 17:52:38	Name: _gat_gtag_UA_100342941_1 Value: 1
.weloveelephants.club/	1970-01-21 03:28:38	Name: _ga Value: GA1.1.345899656.1705958235
.weloveelephants.club/	1970-01-21 03:14:14	Name: __gads Value: ID=12f4e2ba8ed95eac:T=1705958235:RT=1705958235:S=ALNI_MZpmh3FK-IerHKf5R8tfCGTE2GRZA
.weloveelephants.club/	1970-01-21 03:14:14	Name: __gpi Value: UID=00000d47adb2c5ed:T=1705958235:RT=1705958235:S=ALNI_MY1DtGqi_Qxl44cgeoz6seUkDSLNw
.doubleclick.net/	1970-01-21 03:14:14	Name: IDE Value: AHWqTUnWE1mfjdebJEEBIeU-0J3cTklnnc1b4jHXwDXU1co5jgx3DWITkgauTNXq-tE
.ctnsnet.com/	1970-01-21 02:38:14	Name: gid_CAESEBK37KdsDJ6oppobZqBNKJQ Value: 1
.travelaudience.com/	1970-01-21 03:24:19	Name: _tracker Value: %7B%22UUID%22%3A%22336362A3-D735-4A00-3558-F4CD3109D3BF%22%7D
.weloveelephants.club/	1970-01-21 03:28:38	Name: _ga_7SGVF7L4G2 Value: GS1.1.1705958234.1.0.1705958236.58.0.0
.ctnsnet.com/	1970-01-21 02:38:14	Name: gid_CAESEJLdPZc48IUdLY867ZolUBE Value: 1
.ctnsnet.com/	1970-01-21 02:38:14	Name: cid Value: 0889b914bd504736b8e6a5804eefeca4
.simpli.fi/	1970-01-21 02:39:40	Name: suid Value: B0EF1CF62A3F418ABFF7531F16775234
.turn.com/	1970-01-20 22:11:50	Name: uid Value: 4470216462733294990
.yahoo.com/	1970-01-21 02:38:35	Name: A3 Value: d=AQABBFzbrmUCECRwS43n_PeEpMz1XelIOSsFEgEBAQEssGW4ZQAAAAAA_eMAAA&S=AQAAAu5edbNjYORvZ7k2pKneCPw
t.adcell.com/	1970-01-20 17:56:57	Name: ADCELLvpid2945 Value: 164800-46690-oneid7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1joneid__suite_Netmix_Reach118_EXTRAPUSH%23%23%23%23%40%40%40%401705958236
.awin1.com/	1970-01-20 17:56:57	Name: awpv11354 Value: 412871\|1705958236\|9e9b9660-b96b-11ee-a4ff-226608db104b
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 377129:2470185
www.conrad.de/	1970-01-20 17:56:57	Name: HTLP_timestamp Value: 1705958236953
www.conrad.de/	1970-01-20 17:56:57	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 17:52:40	Name: __cf_bm Value: PpiJSsvmv2GqVpFFhKm9VZluQmJJDxOgIC1nLcbX_W8-1705958236-1-AaL1vv06R2L6swBp6kzz0ONNFohg0pbsxCHtdFT7qjKgsnm529YGpuxD08GJeetlSDGX7woStTysU6FkbRjeUg8=
.bing.com/	1970-01-21 03:14:14	Name: MUID Value: 0E51933ED91462B00DCF8730D89F63CF

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
ad4m.at
ads.travelaudience.com
adsdk.microsoft.com
ams3-ib.adnxs.com
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
c1.adform.net
cdn.adnxs.com
cdn.track.production.webgains.team
cm.g.doubleclick.net
dclk-match.dotomi.com
dis.criteo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ius.ctnsnet.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
r.turn.com
region1.analytics.google.com
static-de.ad4mat.net
stats.g.doubleclick.net
sync.teads.tv
t.adcell.com
tpc.googlesyndication.com
track.webgains.com
um.simpli.fi
weloveelephants.club
www.awin1.com
www.bing.com
www.conrad.de
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
169.150.247.38
178.250.1.9
18.132.128.129
18.134.214.132
18.66.147.52
185.89.210.153
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
216.58.206.34
23.199.221.167
23.35.228.188
23.35.237.56
2600:1901:0:76b9::
2606:4700:20::681a:71b
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700::6813:afbe
2620:1ec:bdf::67
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:810::2002
2a00:1450:4001:810::2008
2a00:1450:4001:811::2004
2a00:1450:4001:81c::2001
2a00:1450:4001:82f::200a
2a00:1450:4001:82f::200e
2a00:1450:4005:802::2003
2a00:1450:400c:c00::9b
2a02:26f0:480:22::1726:62d3
2a02:cb40:200::242
2a02:fa8:8806:21::1720
2a05:d018:d29:3601:7d46:bd77:a0a1:96
35.186.193.173
35.190.0.66
35.204.158.49
35.71.131.137
37.157.6.254
51.75.86.98
99.86.4.36
04610b32a2692eb301e0bff843bfb9f41dc2c4223d133130795ae49b11fff68a
04dba87def9e9882c4eff6098d2b38f55b5bdf088a7e411424b893cb92b4bc6c
06a4985ddeefbd112b1f64b1db40a32f7a1b22fddf810aa12ae57ebfaca8fcb3
098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd4409523b12ffa2ccaafa37f73ce697bd52422dc472b9bc3d98fe6a72724df
0c5e01ce490153610e2b5a12be850b4a8b119ff4d6bc4304cf9c35e58ad3d648
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647
1126261762db36bce53560ac36f5ede1954662d33a6d6eeb62d84b715070e7bc
162e1fdf4d524da5d3de1951c43337f3c25f8f400a8c9cf1be9328c3e33e6328
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3aed07cd7e0c674c424c7439f396fe5c58183c35152b7d0d3d2471e0eb85203a
40803f6727061b25fdffeca62b391f51e86f4656ec71f6748e70adb24e4ef2a7
41107b3cd820a6c6a8f93fed73dca66867b14a64769ec41fccb2a214a354e3f0
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4
51ac6181d4f3f2c537c5761f642158c593b61f0fbb57675ba1340603f148cbdf
52711d4dbb38a1186145fc65b4396d653217a3c7c9f8aaf520b443550a3f6dab
52fefe7ddd181a553d3706e5a314d55be008df3691653304c223b111d9b170b8
5366cb9693295f3a5b3139c2019e453ce7b13618768cfd53f534135bfb95d9bb
5564d2e8b331d86dcc654572d2087cbce326c89553cb655fdb29317a97a429b6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
595e83d10b22398d62ce4a7edf8da59f33648a3ba177b38981ae28b1d07ab216
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5ca4b5260e5b7a45b242e3c117e96451cb1d43563baee057f0d609548a112db7
5dac274ec554db66ab7a95c4a389f1ecb3652da803eaf68cc3cae511fa44f7ff
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61da0f167754c2093443a8eaa64b5c061f559a9acd50fd8fa2a32ff659a3cfa5
66f016aae2e12e5c4c5221d5df8e0befd05bd9b76f46b45dcc42d00d77b77710
6819e416761ad3319c68fbf6ddb662fcb50a010a734bf6ead4be2aa49ba830b1
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
759ce2a2ce00d61d23c78b075f72880dba5cec69876073fc1313ccfe536c7101
7f9cd6097c8a28f5722e2508221f35e7ce23bfce4e958a692ddde84b1cf534e6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88a577b7767cbe34315ff67366be5530949df573931dd9c762c2c2e0434c5b8a
89f45a96666d09bf4d23d29e5af9fb5bc07b395c6940255583b0c62812b52c32
8a204d8c14a740ce66b9d264d1c7c0ad9760d55c6f3058b9d733b903a0b4801b
8d153f30f42c0731ee0830650386a04d1ff2cf8398770e1c2a678f477002163a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f93ea5ec70ad5c04556a67a5fafbc443622c1173f8880aacb2392d443c2ab69
900c064667e28c705ad2be69c21d56ae970546beab96bd721a85a27eea62fb43
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a122fb1c1bde709a5d3ebc528fed10bd0ca7f3e1b5eecafc46bafff99ec5976a
a48d9d8c5aebbb9bb2c45f0af45b3576b7fac6021d44d8db3c86c57739e1a155
b041e7b08a99e947327a5faf96e5ab7aeef39a467c0ef2240710a19857743da3
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b4022e881968ef3f71372e29bdf2ac20c58412a8fdf425e18d98b88bbf95a41f
b792129986c623097f0918289a754d5ed1214f2e173a738032a2eb6eefade79b
c7f7f5265aeb0202ce88e8a6dfcc0ca25a7b990bb9ffac2f9e430ae6af2b6154
c857705f7277ff50001efcec81e6e561e38f2eaf60a4e8b5dfa7fdc6a673e4d3
c8faf7f38ee221f9873d767ed691048c11cc0d0edc9e5ff629b5e9ec543e2c9c
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
d24ccde1796f04bd561b2ea22ab0ee0c302bf8993bb2a92e04dc603f76925241
d276da068fea1049fbb29d0aaeda5b9fa8a38e50b3f55741ffe2899cd52e6d5d
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8
dc5baf728c37a8dc571221d2d23c9c81b072792df028708721fc9bd44d159a8d
dcc19958809bc3db2abb40ba313906fe1bfa2c235357f39da400709e9c79c1e7
dd824ca47370640d99212636ddd97cbe07c530e398ee7806fef090abbdb8b433
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48301d7a1f1914c82dac6a857cfef7f4995d0ce6e6b939d01a57992da91ca42
e70d961940d132457277e183d58b597bc3b5521a7175864b3c215c8ccac93b9c
e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9b37573bedeb9be3bac31cdbc40ceb76e86d7de96172004f45194f2849c1ab
f008162fa330a82dceb974a8e4e0ab2bfdeef1e3c2a417a0a517ccbfe4674505
f121a336589baa8e4e36ff8e08c70847b57ad8545b693a2e4e96a0fbda38e42a
f2884ba951d56bbdb42c94d9002f5cb215c4ab29b2c2f420a3f683ac95182b9c
f9a801ca8df621a3431394329efc40a5587c4d3e28d48aa184579addc80c47e7

weloveelephants.club Open in urlscan Pro 169.150.247.38 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

112 Requests

89 %HTTPS

56 %IPv6

32 Domains

42 Subdomains

33 IPs

9 Countries

3651 kBTransfer

5069 kBSize

22 Cookies

4 Outgoing links

Redirected requests

112 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

weloveelephants.club Open in urlscan Pro
169.150.247.38 Public Scan

Screenshot
Live screenshot

Full Image

112
Requests

89 %
HTTPS

56 %
IPv6

32
Domains

42
Subdomains

33
IPs

9
Countries

3651 kB
Transfer

5069 kB
Size

22
Cookies

112 HTTP transactions
0 data transactions