www.zabasearch.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://isearch.com/searching.php?qloc&showForm=name&qname=Robin%2BKelly&refer=3338
Effective URL:
https://www.zabasearch.com/?qloc&showForm=name&qname=Robin%2BKelly&refer=3338
Submission Tags: falconsandbox
Submission: On December 14 via api (December 14th 2022, 3:23:56 pm UTC) from US — Scanned from DE

Summary HTTP 210 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 54 IPs in 10 countries across 49 domains to perform 210 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.zabasearch.com. The Cisco Umbrella rank of the primary domain is 294844.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 5th 2022. Valid for: a year.

This is the only time www.zabasearch.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	165.160.13.20 165.160.13.20	19574 (CSC) (CSC)
1 11	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	172.64.151.162 172.64.151.162	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 6	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	34.120.133.55 34.120.133.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	108.138.4.10 108.138.4.10	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	99.86.3.236 99.86.3.236	16509 (AMAZON-02) (AMAZON-02)
2 6	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2602:803:c003... 2602:803:c003:200::21	26667 (RUBICONPR...) (RUBICONPROJECT)
1	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2100	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 3	216.52.2.19 216.52.2.19	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::b 2a02:2638::b	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	98.98.134.242 98.98.134.242	21859 (ZEN-ECN) (ZEN-ECN)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
18	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
4 4	3.122.66.11 3.122.66.11	16509 (AMAZON-02) (AMAZON-02)
2 2	34.252.50.213 34.252.50.213	16509 (AMAZON-02) (AMAZON-02)
2	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
28	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	213.202.235.8 213.202.235.8	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2040	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2 2	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:2638:1::8 2a02:2638:1::8	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:1::17 2a02:2638:1::17	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	3.68.131.166 3.68.131.166	16509 (AMAZON-02) (AMAZON-02)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
6 6	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE)
4 4	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	88.99.63.132 88.99.63.132	24940 (HETZNER-AS) (HETZNER-AS)
1	46.4.41.145 46.4.41.145	24940 (HETZNER-AS) (HETZNER-AS)
2 3	184.24.12.207 184.24.12.207	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6812:7f05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	87.118.116.9 87.118.116.9	31103 (KEYWEB-AS) (KEYWEB-AS)
1	18.133.151.109 18.133.151.109	16509 (AMAZON-02) (AMAZON-02)
210	54

1 165.160.13.20 (United States) 1 redirects

ASN19574 (CSC, US)

isearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.zabasearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.zabasearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

contributor.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.138.4.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-10.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.3.236 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-236.fra6.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.33.19 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.171.85 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2100 (Singapore)

ASN41041 (VCLK-EU-SE, US)

web.hb.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.52.2.19 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

classmates-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.118 (Tuttlingen, Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.122.66.11 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-66-11.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.252.50.213 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-50-213.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.202.235.8 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.30 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.215 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::17 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.68.131.166 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-131-166.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.44 (United Kingdom) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.16.198 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 84.200.5.215 (Germany) 4 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.63.132 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads3.sunbonet.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.41.145 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads2.sunbonet.de

partner.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.24.12.207 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-12-207.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7f05 (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.118.116.9 (Germany)

ASN31103 (KEYWEB-AS, DE)
PTR: km36617.keymachine.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.133.151.109 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-133-151-109.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	doubleclick.net 6 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 77 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 192 cm.g.doubleclick.net — Cisco Umbrella Rank: 208 ad.doubleclick.net — Cisco Umbrella Rank: 161	265 KB
41	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 139 d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com	394 KB
28	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 28664 ad4m.at — Cisco Umbrella Rank: 9760 assets.ad4m.at — Cisco Umbrella Rank: 37651	1 MB
12	google.com 1 redirects contributor.google.com — Cisco Umbrella Rank: 11328 www.google.com — Cisco Umbrella Rank: 2 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1976 adservice.google.com — Cisco Umbrella Rank: 72	11 KB
11	criteo.net static.criteo.net — Cisco Umbrella Rank: 637 pix.eu.criteo.net — Cisco Umbrella Rank: 7930 csm.eu.criteo.net — Cisco Umbrella Rank: 8005	135 KB
11	zabasearch.com 1 redirects www.zabasearch.com — Cisco Umbrella Rank: 294844 assets.zabasearch.com	58 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	188 KB
7	google.de www.google.de — Cisco Umbrella Rank: 6041 adservice.google.de — Cisco Umbrella Rank: 8549	2 KB
6	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 482 as-sec.casalemedia.com — Cisco Umbrella Rank: 1488 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 419	4 KB
6	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 296 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 503	49 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	63 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 188	234 KB
4	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 89292 static-de.ad4mat.net — Cisco Umbrella Rank: 126078	8 KB
4	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 282	2 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	3 KB
3	awin1.com 2 redirects www.awin1.com — Cisco Umbrella Rank: 14058	2 KB
3	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 12162 ads.eu.criteo.com — Cisco Umbrella Rank: 7675 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9611	45 KB
3	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 581	2 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 210 secure.adnxs.com — Cisco Umbrella Rank: 414	3 KB
2	lead-alliance.net 2 redirects www.lead-alliance.net — Cisco Umbrella Rank: 71689	592 B
2	telefonica-partner.de 2 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 73979	371 B
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 497	2 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 688	2 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 279	793 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 566	1 KB
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 639	795 B
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 2234	791 B
2	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1427	1 KB
2	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 578	382 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 726 s.tribalfusion.com — Cisco Umbrella Rank: 1844	1 KB
2	dotomi.com web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 2057 dclk-match.dotomi.com — Cisco Umbrella Rank: 2338	470 B
2	rubiconproject.com 1 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 462 pixel.rubiconproject.com — Cisco Umbrella Rank: 309	1 KB
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 41190
1	congstar.de banner.congstar.de — Cisco Umbrella Rank: 84232	517 B
1	conrad.de www.conrad.de — Cisco Umbrella Rank: 59744	640 B
1	blau.de partner.blau.de — Cisco Umbrella Rank: 90883	1 KB
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 81505	1 KB
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905	574 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 759	711 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 211	5 KB
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 10374	60 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1782	173 B
1	openx.net classmates-d.openx.net — Cisco Umbrella Rank: 177683	439 B
1	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 802	362 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 315	392 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 830	698 B
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 599	41 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	68 KB
1	isearch.com 1 redirects isearch.com	178 B
210	49

	Domain	Requested by
21	tpc.googlesyndication.com	googleads.g.doubleclick.net www.zabasearch.com pagead2.googlesyndication.com tpc.googlesyndication.com d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
18	cm.g.doubleclick.net	d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
16	pagead2.googlesyndication.com	www.zabasearch.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com www.googletagservices.com
12	assets.ad4m.at	as.ad4m.at
9	securepubads.g.doubleclick.net	www.googletagmanager.com securepubads.g.doubleclick.net www.zabasearch.com
9	assets.zabasearch.com	www.zabasearch.com
8	ad4m.at	as.ad4m.at ad4m.at
8	static.criteo.net	ads.eu.criteo.com
8	as.ad4m.at	d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com as.ad4m.at ad4m.at
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	ad.doubleclick.net	6 redirects
6	www.google.com	1 redirects www.zabasearch.com tpc.googlesyndication.com d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
6	www.google-analytics.com	www.zabasearch.com www.google-analytics.com www.googletagmanager.com
5	www.googletagservices.com	googleads.g.doubleclick.net d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
4	x.bidswitch.net	4 redirects
4	d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	www.gstatic.com	googleads.g.doubleclick.net
4	c.amazon-adsystem.com	www.zabasearch.com c.amazon-adsystem.com
4	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
4	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
4	fonts.googleapis.com	www.zabasearch.com googleads.g.doubleclick.net cdnjs.cloudflare.com
3	www.awin1.com	2 redirects as.ad4m.at
3	ap.lijit.com	2 redirects js-sec.indexww.com
3	www.google.de	www.zabasearch.com
3	stats.g.doubleclick.net	www.google-analytics.com
2	www.lead-alliance.net	2 redirects
2	www.telefonica-partner.de	2 redirects
2	sync.1rx.io	2 redirects
2	pm.w55c.net	2 redirects
2	static-de.ad4mat.net	as.ad4m.at
2	csm.eu.criteo.net	ads.eu.criteo.com
2	secure.adnxs.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	c1.adform.net	2 redirects
2	cms.quantserve.com	1 redirects d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
2	prod-rtb.ad4mat.net	www.zabasearch.com
2	match.360yield.com	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	pixel-sync.sitescout.com	d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
2	as-sec.casalemedia.com	js-sec.indexww.com
2	htlb.casalemedia.com	js-sec.indexww.com
2	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
2	www.zabasearch.com	1 redirects
1	track.webgains.com	as.ad4m.at
1	banner.congstar.de	as.ad4m.at
1	www.conrad.de	as.ad4m.at
1	partner.blau.de	as.ad4m.at
1	partner.o2online.de	as.ad4m.at
1	sync.targeting.unrulymedia.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	um.simpli.fi	1 redirects
1	pix.eu.criteo.net	ads.eu.criteo.com
1	dclk-match.dotomi.com	d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	m.exactag.com	ads.eu.criteo.com
1	cat.fr.eu.criteo.com	ads.eu.criteo.com
1	tr.blismedia.com	d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
1	s.tribalfusion.com	d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
1	a.tribalfusion.com	1 redirects
1	ads.eu.criteo.com	d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
1	rtb.nl.eu.criteo.com	www.zabasearch.com
1	classmates-d.openx.net	js-sec.indexww.com
1	web.hb.ad.cpe.dotomi.com	js-sec.indexww.com
1	ib.adnxs.com	js-sec.indexww.com
1	fastlane.rubiconproject.com	js-sec.indexww.com
1	api.rlcdn.com	js-sec.indexww.com
1	match.adsrvr.org	js-sec.indexww.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	fundingchoicesmessages.google.com	www.zabasearch.com
1	js-sec.indexww.com	www.googletagmanager.com
1	contributor.google.com	www.googletagmanager.com
1	www.googletagmanager.com	www.zabasearch.com
1	isearch.com	1 redirects
210	75

This site contains links to these domains. Also see Links.

Domain
www.intelius.com
www.goodhire.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-05` - `2023-04-05`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-05-31` - `2023-07-02`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-10` - `2023-01-10`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-14` - `2023-01-13`	3 months	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2022-10-16` - `2023-01-14`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-12-13` - `2023-03-13`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-07` - `2023-03-12`	3 months	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2022-08-19` - `2023-09-15`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-01` - `2023-02-04`	3 months	crt.sh
www.awin1.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-18` - `2023-04-19`	a year	crt.sh
*.webgains.com Amazon	`2022-06-14` - `2023-07-13`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://www.zabasearch.com/?qloc&showForm=name&qname=Robin%2BKelly&refer=3338
Frame ID: 3B0A11AB7E013B965B9C14A2F45C9F54
Requests: 72 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: 545BF1076E1D8E95C78EA778FA1D2B3C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5413153010344125&output=html&adk=522671305&adf=1178619241&lmt=1671031431&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=356x810_r&format=0x0&url=https%3A%2F%2Fwww.zabasearch.com%2F%3Fqloc%26showForm%3Dname%26qname%3DRobin%252BKelly%26refer%3D3338&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671031431711&bpp=4&bdt=292&idt=184&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7413358759234&frm=20&pv=2&ga_vid=717701605.1671031432&ga_sid=1671031432&ga_hid=698594533&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071276%2C44779793%2C44780792&oid=2&pvsid=4276303655342907&tmod=1205830967&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=207
Frame ID: D7281E7D7D4A38CAC08077710D226314
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 061A58BCE79E504C05FA468E1021B2B6
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 94BA74A216FD33BF2B5B1F9619F9B335
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4C6A6ECAED83B17E61A583DE99AB967F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
Frame ID: F0C0E47BF66A332057309E7DB9F0349A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
Frame ID: 5F6D93F9916124BCC6BBC4FFFFE40C70
Requests: 1 HTTP requests in this frame

Frame: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E8A159F40D26EC1522161C00CCD405B1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DA22F295EB27449565BAE420879FB585
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A5F52D16557D1109D756B48242B60275
Requests: 2 HTTP requests in this frame

Frame: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D8F62CDD7CDA8CF13E68A9833E6CE8D4
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5nqiQADAKUHg4OKAA4DVbAZmXL9A7o0Q7V3fw&u=%7CI35o55TUqIZm0ZwACKHGM6nHyjHxU1EE7wczIB4nBc8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzIP5zplHFKH8yU0N1w9eaUlp0HESpDMJp6NMMT_kWrETFMtigH2PRHUqyg_eREEA_-X2SeaMrCFkn4IjY6CeO4Lvv0RHavs9xokfkhq1e_PJRb2l_qNsSQxMdAmtMWkODe0_fKt_Hf-jieQMdaFBB2NZiscuQLVn-mVZze4TTMbx-qx7iCvmvqXWvxP7tLnxU004LwX1RVBxxkx1Qv8vSbMwbiN0ay2NsrqFSSgdSIohsnJr4VHXhSPSNAFILsWMvMjVOr9rFA-GmiSwM18M64iYjUP6svlYdI0B_0sADHrF1poe3rfpRic7wEZg1n1iX5mDpg6gF_O5qfFDWajOVJ5xw2Lit0wIPa23WspKXm5eu4Gye9u3Dv_9zTVzFYdfn3MJygu1_LzZSZbKCOO1cdQbzUDv1ck2TM7fCIS8cH9bxuYp75cM-EA_H964DVlXVSZlEZ1_sQ-eVrbQdyNefbSKXgy_lYkXZRjrSJ33OpnAXEFIX04E63QBVhV53jsGuR2kZNusjUMIhNE7vRS8szGuilKY-MjA_zbNdumwSvAv87ueRT5i7w7lVGav76jTtcQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCctnuieqZY6WBDIqHjuwP1Ya48AXJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSJAk_Qv2KsJ2hVk7xBD0GSqrlxV9d2cG3BBZaJMn-wevnI9qL8j6L34OPajD-ekTGE27QcTybJYeZLv-DEiG3mVbRTbDESCnlgLNxbl82klU4YMBtwcK9x08M1x3CxY2jlK8RSqd7aaAsVlPo2WU3QJJIhR-l_2nggJbGWmlpJVeNsBFYpeZPaAmixVLtSQd2J78QOn-VhNuxCYGT4thSbt6M7phtraB10CHruVniTNmmu4Pnir8l5BxD1ltl7f5mcgIpQW1u82-YWOAq3FHk74vYq9DnGJYJ7YDDEBN9unUcohxbfYPSymHJte4LDYbi9FG_1ezLzFn-LiW8iboUOYruHbZfmOux_hengBAGABpyDt46vq_-3mgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_12PHIPTiWmzDinN5XfJAGxcUsV-w%26client%3Dca-pub-2040478609211323%26adurl%3D
Frame ID: 37C61A1A50C02665D385041B398C81FE
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A94ACE21DCD33249DC43330875971796
Requests: 9 HTTP requests in this frame

Frame: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EA8A934EEAEB643FEAB948E6919BEFF5
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jy6z60fd2zs4cnwvz8wy1rsfe3qya1pztscpjkv5114j7x54fywk57kdyhx1kz24km95a6mj142vcbdnj6b16x62mn3nyc69aa5xnpm4ck01ftdfka9xtqa8ay3s232y63pb197yxrdgkq2qzde4wyvhxz7rv1753panyp60tfy6xxqkyhy0f12xr4as131rft2ab0mj0ks6jsryzyvmss3dm00r9f76dzaymbbyeehsyjxgtyb2qcn4h7rsbkt3gfsdcyxgpx40jykzpytqt2ecbg71s2rzx74ea5t32e9v9nq4qkv909cmkqp98t1xdmxqw9k8hj9w8w9vkkryf6jvg9w4ptm313gbngwd14p01vb12n3ed1zmjnt2c5arr99s3sqjk3g7hc9r3pp1qg6yb6j4056kkp6jfxb7bakg7nkcht0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClYwQieqZY4n3Dsrn3gOLmJ64BJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSOAk_Qzcz1nSw-h_F2K2G6pFEk2ue_g1FtapJxG-z2CUUi2zuX0hQWH_zELnNecI6zzvgFycSY2eOXIsBlJAYVmA97d8zMTX7ZqTCH9B3A42wgC8fSTOB19u5GeWKxe2VsVlgzVXRbBTMKsuZn2eMDDaxMshQT7UqOoV3KcxjQ0J15pYKpPfIYw4D8rUIolJWz6qTauSGMw6nHjYy37i5QaBZSWYELz7fP_KqZObsQIBl7AI74pi2m6ivlJDXb_T8u-sByYQoJiW6uUi__9eQXWVB2qimLPfx5ctkwm_Edq-gPEIsuyKTD9hach8qY8JOZlRjeSj8lMGpKa9WrYGH4jEe-krJD-4c0dyDxmL3Y_eAEAYAG6JHKoZvZnt7qAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bNdkOS1BiyQHiIHxhd216-3bi2g%26client%3Dca-pub-2040478609211323%26adurl%3D
Frame ID: 515BD3B9731D7A7F6807E3219E5DEBD2
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A59D182C992E469EB947B87F523313D0
Requests: 9 HTTP requests in this frame

Frame: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BB9F24FFD8AE9B34FA0F2004279AEE92
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jvetxvhwem3q0xt6jrayjr0d9gztss3w68m4qdeytag86baz669rddhx8r51ccz71z3bx9m5tv0h0hqs5fja5j0na5zrcfqb3pjrtb3j5gh71k74dbfwefzs8v4nq188sq6p089c8z5kf6k8xn1exy3mqafs0xk1fxfb2m28466yqkpc19bntd7n1wwv4nrv3pdx166pxhbvfc1c6gqk5fwgdd5cxmschq4p47q4rrzrqnswst190sj68crf783pw6947r1b9msx6h2z7gc1ja917qvs69k15m6vvjd3t171wyf9q8zyg30szhwzwehb3vhjrpbn7aesgyc72gk50t2z6gjxvyjrdsp58her06m3c7jkqaq6bj2kjv84xz7xp13b14pnfbjwmdxvs7mcv5bcv3gvygv54n083mgcze0040x2pnew&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCE2O5ieqZY6vsG5SSrASIjb6oAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSIAk_Q92CNCsvYAvR2PKUkYE94KpKPV201PwLA363nrph24UJyXRg9-nRpJ34KVUmAu4bZmSf95JB7WOosGXGbcqrSSwRd2hIv0JqU_TxNm5ObvHhIHZnxk5ihsOVC5dg-0TNA2vF6uxb3y6zxLVQjQYoNfd1xkAUwkUa7WcsF_rAjgLAmp84dgLM7cxW5wP3b6yvnWvcGu0T-gN7i3iPoB8i_Px1DJwuNGQknmSXxVBVdUtPmoX83EPD1Ys9MDgaFEbS5nhPij-pEN57BGr7BiRAhXg0l76mHCsO4U7arKlcw7CXkaDW4uOGb9TZrccefcZTFLWQzXDvflCxlMIsefE5AGoGw16c-MeAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2fzZtZpunDHspZ36FWzYnlNgkQFQ%26client%3Dca-pub-2040478609211323%26adurl%3D
Frame ID: 97C720D2F7828D24C8A7F863D0FFD6DC
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F9920A706A729E85BCBC439B9A81B5A7
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 4E7F53C1074B2B5923AC856BC0E7B668
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 57E41666BB268F3C8F10463E048C1125
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C322829&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=300&d=250&e=&g=7afd8f23a2928bb2739d12a0598a8cea%2F2612894831386259720&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671031434125&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hjk1nvtqz1n7k6e5bart646rej6rp923ahf1v0nvgjzh9vv3swryaaz8tegj53n7arvgjdk5q7bwwas94xvax8m6vtbn7ys4hs01zn1zbyht1ejwk7rbkahe1b40jj261f128hxzpq09f9989nmj3nsvw8nb94zk03e8rqnrd1jh58gysn0h6xw3hddh6ahng57da6zyfq24w4cmcdvqq4kx3svkj32xj2chqt81s8mt6xqs9t9yechkqbw4azxgj8jpd26p72k3a2p43q0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCE2O5ieqZY6vsG5SSrASIjb6oAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSIAk_Q92CNCsvYAvR2PKUkYE94KpKPV201PwLA363nrph24UJyXRg9-nRpJ34KVUmAu4bZmSf95JB7WOosGXGbcqrSSwRd2hIv0JqU_TxNm5ObvHhIHZnxk5ihsOVC5dg-0TNA2vF6uxb3y6zxLVQjQYoNfd1xkAUwkUa7WcsF_rAjgLAmp84dgLM7cxW5wP3b6yvnWvcGu0T-gN7i3iPoB8i_Px1DJwuNGQknmSXxVBVdUtPmoX83EPD1Ys9MDgaFEbS5nhPij-pEN57BGr7BiRAhXg0l76mHCsO4U7arKlcw7CXkaDW4uOGb9TZrccefcZTFLWQzXDvflCxlMIsefE5AGoGw16c-MeAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2fzZtZpunDHspZ36FWzYnlNgkQFQ%2526client%253Dca-pub-2040478609211323%2526adurl%253D&y=1&s=&z=0
Frame ID: CC087DDD4252EFD6471A670236109320
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=321034%2C22451%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=970&d=90&e=&g=a40d0790f395cecda74506bf3992de19%2F14039298745061479039&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671031434143&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hr8skxqthhaw1xvh843jgz4xzff0mr4f61xs9rt2wbfhv73yy67k8egnst73btb1zm27zs7qhpfg46kxrmkrw0mg341dc2a09gsvn06fxa6af7cxdn99t4ctqxj1zke1wpk8s9j444hsd4z7q5afe06a5qearatj26r32knhheaawgmhmtmgra547mwhb2fz9vytke9etzzezdkrp3cevwnaj009kxsayzc4cyazk6w5kr4k5t0bndrsq53xxkfwj5y30kzd719z9y1370g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClYwQieqZY4n3Dsrn3gOLmJ64BJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSOAk_Qzcz1nSw-h_F2K2G6pFEk2ue_g1FtapJxG-z2CUUi2zuX0hQWH_zELnNecI6zzvgFycSY2eOXIsBlJAYVmA97d8zMTX7ZqTCH9B3A42wgC8fSTOB19u5GeWKxe2VsVlgzVXRbBTMKsuZn2eMDDaxMshQT7UqOoV3KcxjQ0J15pYKpPfIYw4D8rUIolJWz6qTauSGMw6nHjYy37i5QaBZSWYELz7fP_KqZObsQIBl7AI74pi2m6ivlJDXb_T8u-sByYQoJiW6uUi__9eQXWVB2qimLPfx5ctkwm_Edq-gPEIsuyKTD9hach8qY8JOZlRjeSj8lMGpKa9WrYGH4jEe-krJD-4c0dyDxmL3Y_eAEAYAG6JHKoZvZnt7qAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bNdkOS1BiyQHiIHxhd216-3bi2g%2526client%253Dca-pub-2040478609211323%2526adurl%253D&y=1&s=&z=0
Frame ID: 214D1A1E6B38CC2E7BF4268F2339EE1B
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Free* People Search Engine - Search By Name & Phone Number | ZabaSearch

Page URL History Show full URLs

http://isearch.com/searching.php?qloc&showForm=name&qname=Robin%2BKelly&refer=3338 HTTP 301
http://www.zabasearch.com/?qloc&showForm=name&qname=Robin%2BKelly&refer=3338 HTTP 301
https://www.zabasearch.com/?qloc&showForm=name&qname=Robin%2BKelly&refer=3338 Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

210
Requests

90 %
HTTPS

52 %
IPv6

49
Domains

75
Subdomains

54
IPs

10
Countries

2683 kB
Transfer

5578 kB
Size

57
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.intelius.com/

Search URL Search Domain Scan URL

URL: https://www.intelius.com/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.goodhire.com/
Title: GoodHire

Search URL Search Domain Scan URL

URL: https://www.intelius.com/ccpa
Title: Do Not Sell My Personal Information

Search URL Search Domain Scan URL

URL: https://www.intelius.com/opt-out/
Title: Suppress My Data

Search URL Search Domain Scan URL

URL: https://www.intelius.com/privacy-policy/
Title: Privacy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://isearch.com/searching.php?qloc&showForm=name&qname=Robin%2BKelly&refer=3338 HTTP 301
http://www.zabasearch.com/?qloc&showForm=name&qname=Robin%2BKelly&refer=3338 HTTP 301
https://www.zabasearch.com/?qloc&showForm=name&qname=Robin%2BKelly&refer=3338 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 115

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMlG9N5posDTLH_IVyLd1sE&google_cver=1&google_push=ASkJ3FZ5FqBs7nkBEB0Oq2cvhSLZYvPs0dPxGAloEWecbhMfTr-MVpJ9RPlkhDOPYnmnKVsuxt6co1Vk5xQkPMGBuaNQPgI1Va1Z&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FZ5FqBs7nkBEB0Oq2cvhSLZYvPs0dPxGAloEWecbhMfTr-MVpJ9RPlkhDOPYnmnKVsuxt6co1Vk5xQkPMGBuaNQPgI1Va1Z%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMlG9N5posDTLH_IVyLd1sE&google_cver=1&google_push=ASkJ3FZ5FqBs7nkBEB0Oq2cvhSLZYvPs0dPxGAloEWecbhMfTr-MVpJ9RPlkhDOPYnmnKVsuxt6co1Vk5xQkPMGBuaNQPgI1Va1Z&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FZ5FqBs7nkBEB0Oq2cvhSLZYvPs0dPxGAloEWecbhMfTr-MVpJ9RPlkhDOPYnmnKVsuxt6co1Vk5xQkPMGBuaNQPgI1Va1Z%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 118

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAoj7nNkeNhhkjejVZyHaUE&google_cver=1&google_push=ASkJ3FYlrvSJZn1mv4z-0YR1crDoybUFzGL82KW_c4KM5OfCYATgXVxc4mWFXdrNRGmZ6ThWunachajKq3FQ2q3Yg4xIzORRBCAq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3NzAyNTM1NTM0OTIyNzY2Ng%3D%3D&google_push=ASkJ3FYlrvSJZn1mv4z-0YR1crDoybUFzGL82KW_c4KM5OfCYATgXVxc4mWFXdrNRGmZ6ThWunachajKq3FQ2q3Yg4xIzORRBCAq

Request Chain 119

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDHG0nydGca3jiLc0nhABKI&google_cver=1&google_push=ASkJ3FZj2n7zsjBBF7BYNp6IyH7XjJUbcrOzk0YmdSqSUJ2d_lV91c-l___watiJze9jjH0FZDKH9gSo7XOtHtIco4aKc07FVw0 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDHG0nydGca3jiLc0nhABKI&google_cver=1&google_push=ASkJ3FZj2n7zsjBBF7BYNp6IyH7XjJUbcrOzk0YmdSqSUJ2d_lV91c-l___watiJze9jjH0FZDKH9gSo7XOtHtIco4aKc07FVw0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FZj2n7zsjBBF7BYNp6IyH7XjJUbcrOzk0YmdSqSUJ2d_lV91c-l___watiJze9jjH0FZDKH9gSo7XOtHtIco4aKc07FVw0&google_hm=wg2bAfAWS42DXNG8fNvZjQ==

Request Chain 120

https://match.360yield.com/match/ebda?google_gid=CAESEHMb4i54HmEqzgWwF98bB4M&google_cver=1&google_push=ASkJ3FZxYp7840ViNzVOxGReSqBseWL5QunA8GvnyWLJpmfEv6VbUeQ2RxoNjCQR8Fnh9BVT6q_7eMqk-WHgfofC_eok3nBYDECZ HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEHMb4i54HmEqzgWwF98bB4M&google_cver=1&google_push=ASkJ3FZxYp7840ViNzVOxGReSqBseWL5QunA8GvnyWLJpmfEv6VbUeQ2RxoNjCQR8Fnh9BVT6q_7eMqk-WHgfofC_eok3nBYDECZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CTSZzo9uSemYzdGsHxHyaA&google_push=ASkJ3FZxYp7840ViNzVOxGReSqBseWL5QunA8GvnyWLJpmfEv6VbUeQ2RxoNjCQR8Fnh9BVT6q_7eMqk-WHgfofC_eok3nBYDECZ

Request Chain 121

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESELM0J3DoJkt7onP5pkTpRAk&google_cver=1&google_push=ASkJ3FaaLZuEwpTY-53O2y1SsygaWmjJA0aSt1-ext-B8w0GgpyDKzFMO8w54oA0srxY_b7V8LK7rA1f5-b681H4D_qqAqAryQFm HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESELM0J3DoJkt7onP5pkTpRAk&google_cver=1&google_push=ASkJ3FaaLZuEwpTY-53O2y1SsygaWmjJA0aSt1-ext-B8w0GgpyDKzFMO8w54oA0srxY_b7V8LK7rA1f5-b681H4D_qqAqAryQFm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c20d9b01-f016-4b8d-835c-d1bc7cdbd98d&%%GOOGLE_PUSH_PAIR%%

Request Chain 144

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAoj7nNkeNhhkjejVZyHaUE&google_cver=1&google_push=ASkJ3FZlvSuOtzHwUPHC2g41lUoCLTtBhIQuxDFpps5iIUdlyUe3bkFxktCQgiAWT416DkR17wbwH5RAMRCof301-Lbnye_zeFE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3NzAyNTM1NTM0OTIyNzY2Ng%3D%3D&google_push=ASkJ3FZlvSuOtzHwUPHC2g41lUoCLTtBhIQuxDFpps5iIUdlyUe3bkFxktCQgiAWT416DkR17wbwH5RAMRCof301-Lbnye_zeFE

Request Chain 145

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFstPPfysNSwr0ZGSZXIywI&google_cver=1&google_push=ASkJ3FaUhxJtkMmbWeKt--fKlmZZp8Q0oHi8ynWbyRJbCBYuUhCzPW5CmaCDqE7_qPAEcGXcwRwMET4QZdK3tdKjOKDYvXyqQFIq HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFstPPfysNSwr0ZGSZXIywI&google_cver=1&google_push=ASkJ3FaUhxJtkMmbWeKt--fKlmZZp8Q0oHi8ynWbyRJbCBYuUhCzPW5CmaCDqE7_qPAEcGXcwRwMET4QZdK3tdKjOKDYvXyqQFIq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTE0NjgwNTA2MjcwMDE5NTY5OA&google_push=ASkJ3FaUhxJtkMmbWeKt--fKlmZZp8Q0oHi8ynWbyRJbCBYuUhCzPW5CmaCDqE7_qPAEcGXcwRwMET4QZdK3tdKjOKDYvXyqQFIq

Request Chain 146

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEM3T7nI8baLlm7wJ1FK0Euo&google_cver=1&google_push=ASkJ3Fa7-x2tW0wlpYrXAHSe5n6KeGFZkBa3p3ifGH_9RMIc7FSQMiEhSo8J1GQJdZlW9rYB2WVhlfTDs26kqYNF_8uMUpaMKcwd HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEM3T7nI8baLlm7wJ1FK0Euo&google_push=ASkJ3Fa7-x2tW0wlpYrXAHSe5n6KeGFZkBa3p3ifGH_9RMIc7FSQMiEhSo8J1GQJdZlW9rYB2WVhlfTDs26kqYNF_8uMUpaMKcwd&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEM3T7nI8baLlm7wJ1FK0Euo&google_hm=Y5nqiZ3VtCjIB2IrSksNUgAABJQAAAIB&google_nid=index&google_push=ASkJ3Fa7-x2tW0wlpYrXAHSe5n6KeGFZkBa3p3ifGH_9RMIc7FSQMiEhSo8J1GQJdZlW9rYB2WVhlfTDs26kqYNF_8uMUpaMKcwd

Request Chain 147

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEAarP0xxli9-Dwc9zYDyjYg&google_cver=1&google_push=ASkJ3Fausvev_t3NDoT4zD5hNCWhBPan9XHDvNN0nP0nId54XiiOXpc7xceDinhg9eVSlLNyCy5WdL0WA2WJFYqGvDvhsHh4tiI4 HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEAarP0xxli9-Dwc9zYDyjYg&google_cver=1&google_push=ASkJ3Fausvev_t3NDoT4zD5hNCWhBPan9XHDvNN0nP0nId54XiiOXpc7xceDinhg9eVSlLNyCy5WdL0WA2WJFYqGvDvhsHh4tiI4&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1ORmkxM01GRTJ1Rk5WS1JkTEU2djZqYVhyZHFMdzhEV35B&google_push=ASkJ3Fausvev_t3NDoT4zD5hNCWhBPan9XHDvNN0nP0nId54XiiOXpc7xceDinhg9eVSlLNyCy5WdL0WA2WJFYqGvDvhsHh4tiI4

Request Chain 148

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESELStar4K90hQPrVIrVblJiY&google_cver=1&google_push=ASkJ3FZJ5gryKL0yUN9fvm5UfvPim1IUMLmW-fIbGP9HNWrIh43hIKlQ6mVsWRXaKgj_3DyRbbkYdVT6qwSHcFLSpuphk2qidsrWFw HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESELStar4K90hQPrVIrVblJiY%26google_cver%3D1%26google_push%3DASkJ3FZJ5gryKL0yUN9fvm5UfvPim1IUMLmW-fIbGP9HNWrIh43hIKlQ6mVsWRXaKgj_3DyRbbkYdVT6qwSHcFLSpuphk2qidsrWFw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Mzc0NTAwNDg2MTQ2NDUwODA0OQ%3D%3D&google_gid=CAESELStar4K90hQPrVIrVblJiY&google_cver=1&google_push=ASkJ3FZJ5gryKL0yUN9fvm5UfvPim1IUMLmW-fIbGP9HNWrIh43hIKlQ6mVsWRXaKgj_3DyRbbkYdVT6qwSHcFLSpuphk2qidsrWFw

Request Chain 171

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEDYmsXmktCZGdLXwpOST3s&google_cver=1&google_push=ASkJ3FbPZ-fX7fvGnw6Zi0nLnZv2mL5sC6RtB4HtjKSpCUVrZreWGG6p6uZM0UCAToyBFaB5nk1d3BAZz9Bl79jAUKLDJ0Kv4NQB HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3FbPZ-fX7fvGnw6Zi0nLnZv2mL5sC6RtB4HtjKSpCUVrZreWGG6p6uZM0UCAToyBFaB5nk1d3BAZz9Bl79jAUKLDJ0Kv4NQB&google_hm=9UmGfC9wyp2iolGixh7UqQ

Request Chain 172

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAuOs6o7cHPt30-glAwnUiQ&google_cver=1&google_push=ASkJ3Fa0imCNBef6ZwrOP94OpDog_BQXYfGi7Oy-COpgV9rn0AnB0Mcw-pf-OEffnuc8WOsMAnss7M_Hb8YRgXg79N8rEgCKy7S6 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAuOs6o7cHPt30-glAwnUiQ&google_cver=1&google_push=ASkJ3Fa0imCNBef6ZwrOP94OpDog_BQXYfGi7Oy-COpgV9rn0AnB0Mcw-pf-OEffnuc8WOsMAnss7M_Hb8YRgXg79N8rEgCKy7S6 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YmdSQUtVYXgxUDV0QlQ1&google_gid=CAESEAuOs6o7cHPt30-glAwnUiQ&google_cver=1&google_push=ASkJ3Fa0imCNBef6ZwrOP94OpDog_BQXYfGi7Oy-COpgV9rn0AnB0Mcw-pf-OEffnuc8WOsMAnss7M_Hb8YRgXg79N8rEgCKy7S6

Request Chain 173

https://um.simpli.fi/gp_match?google_gid=CAESEOZG3vKnZ3mFbJRJH1oEi8Y&google_cver=1&google_push=ASkJ3FY23Sm51iQWBOyTiLwZy_lw-whpy4t_d23iI40jJRaBYoyKunujYuxtCd1Uopu5AHZK-ZOhwq6l1pT0BU7jPE-gAuIU_Hc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=87813C01BC394A509F34F266D169A6E4&google_push=ASkJ3FY23Sm51iQWBOyTiLwZy_lw-whpy4t_d23iI40jJRaBYoyKunujYuxtCd1Uopu5AHZK-ZOhwq6l1pT0BU7jPE-gAuIU_Hc

Request Chain 175

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEI3W9hBS5_cRXWutM77jryY&google_cver=1&google_push=ASkJ3FZyvW-PI205lRGjx7S-X928roXovLNsf31H5_Ssauo8okbGKVhU-JYBX6vyktYiMPpdOObPLLoGc-QT31AXG8k09MtiP8W6 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJOU1lYUzQtMVctSkFZOQ==&google_push=ASkJ3FZyvW-PI205lRGjx7S-X928roXovLNsf31H5_Ssauo8okbGKVhU-JYBX6vyktYiMPpdOObPLLoGc-QT31AXG8k09MtiP8W6

Request Chain 176

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEBin6gHQFAUbldCX_oFnk-A&google_cver=1&google_push=ASkJ3FYNw9sthr6hn9LtT3IAqDvhpW4TGuFOr8fe2cvX7P3_qoCpCcEXXHNl5ytIakb76A52JxkgJLr8hOWVdE2col2TgYJu_sFj HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEBin6gHQFAUbldCX_oFnk-A&google_cver=1&google_push=ASkJ3FYNw9sthr6hn9LtT3IAqDvhpW4TGuFOr8fe2cvX7P3_qoCpCcEXXHNl5ytIakb76A52JxkgJLr8hOWVdE2col2TgYJu_sFj&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3FYNw9sthr6hn9LtT3IAqDvhpW4TGuFOr8fe2cvX7P3_qoCpCcEXXHNl5ytIakb76A52JxkgJLr8hOWVdE2col2TgYJu_sFj&google_hm=F0LbsGZH71DpptCWSTm14Obs

Request Chain 177

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEKIB3WZn3BV45cjsIdhDMQE&google_cver=1&google_push=ASkJ3FZiW04IVnJTLQ7ReEV8AEtHe6C8J1undr8roZLTHNyiTRLOzhcztmmihjNka7bpeX6szecupBX3dX5CoRcD95bIvIMWqNoT HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ASkJ3FZiW04IVnJTLQ7ReEV8AEtHe6C8J1undr8roZLTHNyiTRLOzhcztmmihjNka7bpeX6szecupBX3dX5CoRcD95bIvIMWqNoT&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1671031433969 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-5396a66e-dafa-447f-94b1-aeaa7c61e17f-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DASkJ3FZiW04IVnJTLQ7ReEV8AEtHe6C8J1undr8roZLTHNyiTRLOzhcztmmihjNka7bpeX6szecupBX3dX5CoRcD95bIvIMWqNoT%26google_hm%3DA1OWpm7a-kR_lLGuqnxh4X8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FZiW04IVnJTLQ7ReEV8AEtHe6C8J1undr8roZLTHNyiTRLOzhcztmmihjNka7bpeX6szecupBX3dX5CoRcD95bIvIMWqNoT&google_hm=A1OWpm7a-kR_lLGuqnxh4X8

Request Chain 193

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dreach_SUBIDTEST_view HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=COODrZi1-fsCFUFW4AodYVsLtQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dreach_SUBIDTEST_view HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view HTTP 302
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022121416235479503132003X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2022121416235479503132003X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&partnerid=12218

Request Chain 196

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dreach_SUBIDTEST_view HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CIOJrZi1-fsCFY-adwodTVUOLQ;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dreach_SUBIDTEST_view HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view HTTP 302
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022121416235479503132001X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0

Request Chain 199

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1671031434_51f47d90-7bc3-11ed-89a3-223851067267&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 206

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CKq1r5i1-fsCFRkI4Aod3E0F4g;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1671031434_520371b0-7bc3-11ed-adce-2234a4c513ba

210 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.zabasearch.com/
Redirect Chain

http://isearch.com/searching.php?qloc&showForm=name&qname=Robin%2BKelly&refer=3338
http://www.zabasearch.com/?qloc&showForm=name&qname=Robin%2BKelly&refer=3338
https://www.zabasearch.com/?qloc&showForm=name&qname=Robin%2BKelly&refer=3338

17 KB
5 KB

501ms
467ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zabasearch.com/?qloc&showForm=name&qname=Robin%2BKelly&refer=3338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e928436f7c30666b9d29aefd50bb6847933e511b005340ddd774e28c823c9419

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7797f16b784f1e89-AMS
content-encoding: br
content-type: text/html;charset=UTF-8
date: Wed, 14 Dec 2022 15:23:51 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J6VEzssmx4EeIlIX64iyDSLtt85w%2FONrX64dpQ0ygftkMJzmjA0Ke6%2BWH%2F8mJrxdfI1Sh7VTsvq9cib1HCUF10f%2B%2BqG4jPUEO4Z%2BvqFOta7bzAKoQ%2FI59kALy7A%2F4gT8r5vk%2BaOhiWIJzLZSgI4hpcU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
via: 1.1 google

Redirect headers

CF-RAY: 7797f16b0e58b8ba-AMS
Cache-Control: max-age=3600
Connection: keep-alive
Date: Wed, 14 Dec 2022 15:23:50 GMT
Expires: Wed, 14 Dec 2022 16:23:50 GMT
Location: https://www.zabasearch.com/?qloc&showForm=name&qname=Robin%2BKelly&refer=3338
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lxhNSSyry1%2BT7otNe4TCVdCef4uh3CVO2SFep6VwFAYJQET%2FYZ0Ad9jAbqe7goOyF5PRAvlSaRckXNB9hMVgHWdMuRYdHW8IOVZ5zWlqVp44gWakjppbQy4t3nR95FIh2KUMFY06AccpRRYGyJCMzMQ%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-3.5.1.min.js Show response
assets.zabasearch.com/funnel/assets/shared/js/jquery/ 87 KB
32 KB 46ms
32ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.zabasearch.com/funnel/assets/shared/js/jquery/jquery-3.5.1.min.js
Requested by: Host: www.zabasearch.com
URL: https://www.zabasearch.com/?qloc&showForm=name&qname=Robin%2BKelly&refer=3338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:51 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3287
x-guploader-uploadid: ADPycdvysN12ocY50WTsveDG4vcT-U9QtA232GM3QPCKadjyrQATYKViQ-INoDEvsYP2-ALe4BNxhG31FNE6G6vLGHt7Wg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 06 Jan 2021 20:07:51 GMT
server: cloudflare
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary: Accept-Encoding
x-goog-generation: 1609963671866372
content-type: application/javascript
access-control-allow-origin: https://www.zabasearch.com
x-goog-hash: crc32c=W9o9Ng==, md5=3F5/GMjTasHT1HU6h8mNCg==
cache-control: public, max-age=14400
access-control-allow-credentials: false
x-goog-stored-content-length: 89476
access-control-allow-methods: GET,OPTIONS
cf-ray: 7797f16e7a6e1e89-AMS
access-control-allow-headers: Accept,Origin,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NzN9QdmLKLZIHP%2B2b%2BwZqMnWlwXIWY2Kb3J63dK%2B79YvVfUy5hhlUZ5US8jDSQYEnTaj4jbC%2BPNglZ7jNTi%2Fjp1%2BgvuMlfqcVE0LIMvtIg7AqQwG3Qbz%2BKng7cxzs6CR4LOxwTAr3FbHonBJn9DNSw8058c%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 14 Dec 2022 15:29:03 GMT

GET
H2 200 jn-02.css
assets.zabasearch.com/funnel/assets/sections/home/jn/jn-02/ 6 KB
2 KB 38ms
25ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.zabasearch.com/funnel/assets/sections/home/jn/jn-02/jn-02.css
Requested by: Host: www.zabasearch.com
URL: https://www.zabasearch.com/?qloc&showForm=name&qname=Robin%2BKelly&refer=3338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18270160aa0e0101c5793f68db2d9f6d34044e020cb7e469e5dfa8174ae555d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:51 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 786
x-guploader-uploadid: ADPycdta87Zj5WKKIhktYvlU7fSnSBwqfDzGcgcZjVCa7H4ShFbFX6ooH-fzC3FB-2wDOR_JLcJRn-cbu4KnOCcynww-xQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 12 Oct 2021 16:32:13 GMT
server: cloudflare
etag: W/"61ca37492e6c52dfee17ec4b2f2ab034"
vary: Accept-Encoding
x-goog-generation: 1634056333625568
content-type: text/css
access-control-allow-origin: https://www.zabasearch.com
x-goog-hash: crc32c=FtmnQQ==, md5=Yco3SS5sUt/uF+xLLyqwNA==
cache-control: public, max-age=14400
access-control-allow-credentials: false
x-goog-stored-content-length: 6482
access-control-allow-methods: GET,OPTIONS
cf-ray: 7797f16e7a6a1e89-AMS
access-control-allow-headers: Accept,Origin,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D4yXQeyCPcx2GUF%2BmYTp5INsMzz1dijz%2B6as15BFOvrxHuGvzDKeW7%2BLQvEM96aAVLhBDKZy5i2nyTlVEx%2BIs%2Bp9s0oY%2FHYBog3h2rjFqMgH0s4ZUA3nP8f9sb59bYoS5zeqBi1p0Jkp%2FsLJUdQAhKjLeI8%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 14 Dec 2022 16:10:45 GMT

GET
H2 200 jn-01.css
assets.zabasearch.com/funnel/assets/sections/_partials/header/jn/jn-01/ 644 B
770 B 58ms
45ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.zabasearch.com/funnel/assets/sections/_partials/header/jn/jn-01/jn-01.css
Requested by: Host: www.zabasearch.com
URL: https://www.zabasearch.com/?qloc&showForm=name&qname=Robin%2BKelly&refer=3338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e12e2fae9ab90067231b2a73af068bb9e34f651744c90cbda78674f48bca9417

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:51 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3287
x-guploader-uploadid: ADPycdvnxfIGoCeUUDT6L9e2eoVsauwRR9cxJlGuFi4B8TyINN2VmUOu4Qdeu-DI0I6Wqagj0VYq9fSj1Bsj0x-bOMnEaA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 14 May 2021 16:09:06 GMT
server: cloudflare
etag: W/"166b1df2e80a20910aba809f39399dbb"
vary: Accept-Encoding
x-goog-generation: 1621008546043015
content-type: text/css
access-control-allow-origin: https://www.zabasearch.com
x-goog-hash: crc32c=IHdApw==, md5=Fmsd8ugKIJEKuoCfOTmduw==
cache-control: public, max-age=14400
access-control-allow-credentials: false
x-goog-stored-content-length: 644
access-control-allow-methods: GET,OPTIONS
cf-ray: 7797f16e7a6d1e89-AMS
access-control-allow-headers: Accept,Origin,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6aT%2Fk83kk6QLYJ%2B6mFMRNa6N9Xkui8yAxOy6nHhPMpGcDwSC3bv60v1q5%2BQfkVHSifMqv9YspAkU%2FSIKNvhGm0EFVeyCRch%2BfzfjZkYGaE72d3dAfUsoH9OYYcuwxLYvs2n3A%2FFLWxvokcqEv2Eda3Uxgok%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 14 Dec 2022 14:55:20 GMT

GET
H2 200 jn-01.css
assets.zabasearch.com/funnel/assets/sections/_partials/footer/jn/jn-01/ 434 B
799 B 53ms
40ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.zabasearch.com/funnel/assets/sections/_partials/footer/jn/jn-01/jn-01.css
Requested by: Host: www.zabasearch.com
URL: https://www.zabasearch.com/?qloc&showForm=name&qname=Robin%2BKelly&refer=3338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 749390447bf4998f6f72f90452285b2192eabb983800895ef913549619958894

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:51 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3287
x-guploader-uploadid: ADPycdsGPTzpthhGLt0zfn-sHBNV_NBf5PAnoQdsKVNxZl4VH_tFpDQAJRm90Brpk4GRfeoRLBmoprne42dTraAL-BV9QQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 14 May 2021 16:09:06 GMT
server: cloudflare
etag: W/"3a6db74e3daae9cf947bf426e4929026"
vary: Accept-Encoding
x-goog-generation: 1621008546600667
content-type: text/css
access-control-allow-origin: https://www.zabasearch.com
x-goog-hash: crc32c=JO91vg==, md5=Om23Tj2q6c+Ue/Qm5JKQJg==
cache-control: public, max-age=14400
access-control-allow-credentials: false
x-goog-stored-content-length: 434
access-control-allow-methods: GET,OPTIONS
cf-ray: 7797f16e7a6c1e89-AMS
access-control-allow-headers: Accept,Origin,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RkskoEAat8bxhQdApwpuPEpSXCyPbCGXmlYvmFpFk3RwAiX1dKKlseUHrBV9ZtuaodoaruMwJ9kd8rqSYNju7igk4CSzWfst%2BrAGpbakRJswGTqTjeE31TMl3sVw%2FRr0lHwQuFldxj09Q5aMKaZTgJeLRI0%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 14 Dec 2022 15:29:03 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
595 B 60ms
40ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=PT+Sans:wght@400;700&display=swap

Requested by

Host: www.zabasearch.com
URL: https://www.zabasearch.com/?qloc&showForm=name&qname=Robin%2BKelly&refer=3338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

29befa3c54f05145e7e736d334b96761b64f16c4afe7c85db53d68cc73e2a803

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 14 Dec 2022 15:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 14:03:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Dec 2022 15:23:51 GMT

GET
H2 200 css2
fonts.googleapis.com/ 721 B
875 B 39ms
18ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Oxygen&display=swap

Requested by

Host: www.zabasearch.com
URL: https://www.zabasearch.com/?qloc&showForm=name&qname=Robin%2BKelly&refer=3338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ff2c9a302dc1f3bcefe0605a7fe38a85e7c712e40bd960ca5e38f93d6d3c18ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 14 Dec 2022 15:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 15:23:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Dec 2022 15:23:51 GMT

GET
H2 200 zabasearch-full-logo.svg
assets.zabasearch.com/funnel/assets/images/ 8 KB
4 KB 36ms
36ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.zabasearch.com/funnel/assets/images/zabasearch-full-logo.svg
Requested by: Host: www.zabasearch.com
URL: https://www.zabasearch.com/?qloc&showForm=name&qname=Robin%2BKelly&refer=3338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc4b96d555a919eb2d0795ee424dfb6ece2754df1ede6236cdad292841a10d05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:51 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23
x-guploader-uploadid: ADPycdsRy8fIiQZ4Qk1N-79ugvD36ag-jQWJ4I72U8AIRqtiKX3OPtz0W2rBbKMA-PBzaPY9nrensnsua2SbEH6e_62UXA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 14 May 2021 16:09:06 GMT
server: cloudflare
etag: W/"1f4d543cead7bb09eea7cff1023712a4"
vary: Accept-Encoding
x-goog-generation: 1621008546500675
content-type: image/svg+xml
access-control-allow-origin: https://www.zabasearch.com
x-goog-hash: crc32c=8VAozQ==, md5=H01UPOrXuwnup8/xAjcSpA==
cache-control: public, max-age=14400
access-control-allow-credentials: false
x-goog-stored-content-length: 8417
access-control-allow-methods: GET,OPTIONS
cf-ray: 7797f16ecab01e89-AMS
access-control-allow-headers: Accept,Origin,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IIFnfPLUInFpZRLIbFtKdQUdr3euZgvetxCQTWF4hW6IYAHAHO55T8NIcbooMWBct1gQmZyYsw8R6MleliWcRwyErF%2BNcU%2BVo9DfzFsyTamdF1utCQsQdacKA7QRMc%2FE3HMpRHbMi7tAnVqpdVoMF5T%2Br7I%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 14 Dec 2022 16:23:28 GMT

GET
H2 200 intelius-logo.svg
assets.zabasearch.com/funnel/assets/images/ 4 KB
2 KB 36ms
36ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.zabasearch.com/funnel/assets/images/intelius-logo.svg
Requested by: Host: www.zabasearch.com
URL: https://www.zabasearch.com/?qloc&showForm=name&qname=Robin%2BKelly&refer=3338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e45f9c8ed228ad9a22dc33a097086f7734ceb6da26da8cc139bf684c7f16670a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:51 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23
x-guploader-uploadid: ADPycdv7ycj5dJYfbWiTFksj2BoiQqizoCk8W2NTD6Y2qJpe4ZZBnovHJS5weDONEgD921DdLH-bBaME5kFo6YOQsESh6g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 14 May 2021 16:09:10 GMT
server: cloudflare
etag: W/"0506c8658916184153c267a2ac9d1844"
vary: Accept-Encoding
x-goog-generation: 1621008550557595
content-type: image/svg+xml
access-control-allow-origin: https://www.zabasearch.com
x-goog-hash: crc32c=9f0g3Q==, md5=BQbIZYkWGEFTwmeirJ0YRA==
cache-control: public, max-age=14400
access-control-allow-credentials: false
x-goog-stored-content-length: 4344
access-control-allow-methods: GET,OPTIONS
cf-ray: 7797f16edaba1e89-AMS
access-control-allow-headers: Accept,Origin,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=btbN3N1DoFBe6FDwvAoHvXTqbrll3iqb%2FQbcSfPdZXxzFDsrmhUvTyaLfxfrvGfKpNovgH4Xq3zh1ceTlI85CpoJ05DHfJdtsbR5dAzvmSOB6Tfd1oGlPiqUktajek6mp%2FIAi94PAolZTRX51hV8g%2FWVKic%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 14 Dec 2022 16:23:28 GMT

GET
H2 200 computers.svg
assets.zabasearch.com/funnel/assets/images/ 36 KB
6 KB 38ms
37ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.zabasearch.com/funnel/assets/images/computers.svg
Requested by: Host: www.zabasearch.com
URL: https://www.zabasearch.com/?qloc&showForm=name&qname=Robin%2BKelly&refer=3338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d881dd80c1f5d63c05448bfcae4d496f3341ca3f743d415fb0dd5e8d595c05a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:51 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19
x-guploader-uploadid: ADPycds-4tbBGiPOjrBN8SZVrsckBtm725taxPAoBe8SxLuytcT-SMpvOsLr2VlAQBTMuHVr77o57hlYwJfiVBD9K8HciA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 14 May 2021 16:09:10 GMT
server: cloudflare
etag: W/"79ff1639c3a1501350f4a3c55ee7cdfe"
vary: Accept-Encoding
x-goog-hash: crc32c=F1nHpw==, md5=ef8WOcOhUBNQ9KPFXufN/g==
x-goog-generation: 1621008550483421
content-type: image/svg+xml
access-control-allow-origin: https://www.zabasearch.com
cache-control: public, max-age=14400
access-control-allow-credentials: false
x-goog-stored-content-length: 36829
access-control-allow-methods: GET,OPTIONS
cf-ray: 7797f16edabd1e89-AMS
access-control-allow-headers: Accept,Origin,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0v2Y3SXOiskJ1ig21LBc%2FwMvTtu1lgdJXQ6zkH6WgH%2Bb50nNDnmDxcY34npfdEvorknH7fGnXCkGbXrncmgqecubuFLJP2xFWMeF%2B99PyUXMpNFs9l9H68iS9uEaGfx7%2B2o0GFsnJhVhegIjYwkhZDYwco4%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 14 Dec 2022 16:00:54 GMT

GET
H2 200 trending-arrow.svg
assets.zabasearch.com/funnel/assets/images/ 394 B
900 B 36ms
35ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.zabasearch.com/funnel/assets/images/trending-arrow.svg
Requested by: Host: www.zabasearch.com
URL: https://www.zabasearch.com/?qloc&showForm=name&qname=Robin%2BKelly&refer=3338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 246cfbbeb1edb5efa3ebabe8c9ca35184e345f430f840bc1726841f067fc2e2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:51 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10
x-guploader-uploadid: ADPycdtEJPCyJ7WGYFtppFNEyO28raxwJIWznZjwygnZ4NJlP76IQH1O7AZ8BxndWhR9G3O9Rba5dbKeJZgoZ3WFvginNg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 14 May 2021 16:09:10 GMT
server: cloudflare
etag: W/"c279adb394aa16cea52b3c5f156e4347"
vary: Accept-Encoding
x-goog-hash: crc32c=5hGN3A==, md5=wnmts5SqFs6lKzxfFW5DRw==
x-goog-generation: 1621008550580830
content-type: image/svg+xml
access-control-allow-origin: https://www.zabasearch.com
cache-control: public, max-age=14400
access-control-allow-credentials: false
x-goog-stored-content-length: 394
access-control-allow-methods: GET,OPTIONS
cf-ray: 7797f16edac01e89-AMS
access-control-allow-headers: Accept,Origin,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aPAZiJBg1Bh0iX0a2m0vq23V4EaSrdRbYrcY2ZnqT2mwI7ZY9ePOa4zN1KQirBHUwhVlGHZStUu2jwZEykEyei4hjUlbYFiCEeNoVETmyMG5BjkDXkBzA%2FCy6cTYl%2BcYAaMnZJHtWtIHuxjgGcSwLVHwmdA%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 14 Dec 2022 15:33:16 GMT

GET
H2 200 jn-02.js Show response
assets.zabasearch.com/funnel/assets/sections/home/jn/jn-02/ 7 KB
3 KB 40ms
40ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.zabasearch.com/funnel/assets/sections/home/jn/jn-02/jn-02.js
Requested by: Host: www.zabasearch.com
URL: https://www.zabasearch.com/?qloc&showForm=name&qname=Robin%2BKelly&refer=3338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a014b2ed104bc52c8a31bc37c4d8e6b061040c0cdf2774f47b16d22cdf258d1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:51 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10
x-guploader-uploadid: ADPycdsXHoXHv1Cq516CB1-HSyh0j0O_-PXZfrKmPDQ_WgP6mFjja7zv3DfKK04CUr3bVMJYHU_xS-GFGsI7GJgLZKkBVA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 12 Oct 2021 16:32:13 GMT
server: cloudflare
etag: W/"2fdc903652f17270cd70d17b2784614e"
vary: Accept-Encoding
x-goog-generation: 1634056333798182
content-type: application/javascript
access-control-allow-origin: https://www.zabasearch.com
x-goog-hash: crc32c=jO6RNg==, md5=L9yQNlLxcnDNcNF7J4RhTg==
cache-control: public, max-age=14400
access-control-allow-credentials: false
x-goog-stored-content-length: 6789
access-control-allow-methods: GET,OPTIONS
cf-ray: 7797f16edac11e89-AMS
access-control-allow-headers: Accept,Origin,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0eQeHu52MnFgw%2FGatjbRBdpOJIXTBAHvoIe7Z5gDfMqie7R%2FYh%2B1miv5RWqneWhn59y4VQ9Izk%2BT1QLUwBxSfX%2FyfzAnRLNjlTo71Oc5bQaDM7%2BJ%2Bd0BIYWOUyjrQ%2FrWzyU443BzWZrbc3Yr%2FIF5YH%2BAAdE%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 14 Dec 2022 16:23:41 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 252 KB
68 KB 60ms
38ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NCXFGZ6

Requested by

Host: www.zabasearch.com
URL: https://www.zabasearch.com/?qloc&showForm=name&qname=Robin%2BKelly&refer=3338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

876e2b901ae02afab0ce7fd1180cf74739ead99463e0cc6f7cbefc93f56bedce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68711
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 14 Dec 2022 15:23:51 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.zabasearch.com
URL: https://www.zabasearch.com/?qloc&showForm=name&qname=Robin%2BKelly&refer=3338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 15:15:46 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 485
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 14 Dec 2022 17:15:46 GMT

GET
H2 200 jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 46 KB
47 KB 29ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=PT+Sans:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.zabasearch.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:14:53 GMT
x-content-type-options: nosniff
age: 439738
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47048
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:55:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 13:14:53 GMT

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 44 KB
44 KB 34ms
14ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=PT+Sans:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.zabasearch.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 19:26:38 GMT
x-content-type-options: nosniff
age: 590233
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45300
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Dec 2023 19:26:38 GMT

GET
H2 200 2sDfZG1Wl4LcnbuKjk0m.woff2
fonts.gstatic.com/s/oxygen/v15/ 16 KB
16 KB 38ms
18ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oxygen/v15/2sDfZG1Wl4LcnbuKjk0m.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oxygen&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e64f128d5352d04ea5c87031e4cf1ad204b72a0afb003ece52eeb997d28a570

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.zabasearch.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 12:43:06 GMT
x-content-type-options: nosniff
age: 182445
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16348
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:31:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 12:43:06 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 30ms
16ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=698594533&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.zabasearch.com%2F%3Fqloc%26showForm%3Dname%26qname%3DRobin%252BKelly%26refer%3D3338&ul=en-us&de=UTF-8&dt=Free*%20People%20Search%20Engine%20-%20Search%20By%20Name%20%26%20Phone%20Number%20%7C%20ZabaSearch&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=collection&ea=choose&el=zabasearch&_u=IEBAAEABAAAAACAAI~&jid=1436504842&gjid=193808623&cid=717701605.1671031432&tid=UA-8810863-1&_gid=1907539660.1671031432&_r=1&_slc=1&z=420769091

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zabasearch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:23:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.zabasearch.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 18ms
6ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=698594533&t=pageview&_s=2&dl=https%3A%2F%2Fwww.zabasearch.com%2F%3Fqloc%26showForm%3Dname%26qname%3DRobin%252BKelly%26refer%3D3338&ul=en-us&de=UTF-8&dt=Free*%20People%20Search%20Engine%20-%20Search%20By%20Name%20%26%20Phone%20Number%20%7C%20ZabaSearch&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=717701605.1671031432&tid=UA-8810863-1&_gid=1907539660.1671031432&z=1012448190

Requested by

Host: www.zabasearch.com
URL: https://www.zabasearch.com/?qloc&showForm=name&qname=Robin%2BKelly&refer=3338

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 04:43:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 38406
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 60ms
19ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-8810863-1&cid=717701605.1671031432&jid=1436504842&gjid=193808623&_gid=1907539660.1671031432&_u=IEBAAEAAAAAAACAAI~&z=1706374007

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zabasearch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 14 Dec 2022 15:23:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.zabasearch.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 optimize.js Show response
www.google-analytics.com/gtm/ 109 KB
43 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-MHQ2SSN

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCXFGZ6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b80367299b6f92284c21ec77a652e67b04cac1d5c1f42db90857bcda7f72ad7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43921
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 14 Dec 2022 15:23:51 GMT

GET
H2 200 loader.js Show response
contributor.google.com/scripts/5b5e81128841dfc3/ 0
1 KB 63ms
28ms Script
application/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://contributor.google.com/scripts/5b5e81128841dfc3/loader.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCXFGZ6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorContributorHttp/cspreport, script-src 'report-sample' 'nonce-OeNtJ5SmV4TclbKBypffMA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorContributorHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorContributorHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:51 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorContributorHttp/cspreport, script-src 'report-sample' 'nonce-OeNtJ5SmV4TclbKBypffMA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorContributorHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorContributorHttp/cspreport/allowlist
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorContributorHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorContributorHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorContributorHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: private, max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 14 Dec 2022 15:23:51 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
49 KB 89ms
67ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.zabasearch.com
URL: https://www.zabasearch.com/?qloc&showForm=name&qname=Robin%2BKelly&refer=3338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcbd3904a258e4e73c6c4bccc5a4f2b126d1b90330883d327e2de9c0994a7eea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49639
x-xss-protection: 0
server: cafe
etag: 11598226248953574958
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 14 Dec 2022 15:23:51 GMT

GET
H2 200 185274-232463692003415.js Show response
js-sec.indexww.com/ht/p/ 152 KB
41 KB 867ms
841ms Script
text/javascript 172.64.151.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/185274-232463692003415.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCXFGZ6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c5d5cfc011a54ecccb5db833c45af3cc575eb28a34cd94c1644ea3aba09fbac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:52 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Wed, 14 Dec 2022 15:21:09 GMT
server: cloudflare
etag: W/"762460-25e7f-5efcb493d44e6"
vary: Accept-Encoding
content-type: text/javascript
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
cf-ray: 7797f16faf4a910a-FRA
expires: Wed, 14 Dec 2022 19:23:52 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
13ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=698594533&t=pageview&_s=1&dl=https%3A%2F%2Fwww.zabasearch.com%2F%3Fqloc%26showForm%3Dname%26qname%3DRobin%252BKelly%26refer%3D3338&ul=en-us&de=UTF-8&dt=Free*%20People%20Search%20Engine%20-%20Search%20By%20Name%20%26%20Phone%20Number%20%7C%20ZabaSearch&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABQAAAACAAI~&jid=94098400&gjid=1031167040&cid=717701605.1671031432&tid=UA-8810863-1&_gid=1907539660.1671031432&_r=1&gtm=2wgbu0NCXFGZ6&z=1893602017

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zabasearch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:23:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.zabasearch.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
14ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=698594533&t=pageview&_s=1&dl=https%3A%2F%2Fwww.zabasearch.com%2F%3Fqloc%26showForm%3Dname%26qname%3DRobin%252BKelly%26refer%3D3338&ul=en-us&de=UTF-8&dt=Free*%20People%20Search%20Engine%20-%20Search%20By%20Name%20%26%20Phone%20Number%20%7C%20ZabaSearch&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABRAAAACAAI~&jid=1656150771&gjid=236092444&cid=717701605.1671031432&tid=UA-74882607-4&_gid=1907539660.1671031432&_r=1&gtm=2wgbu0NCXFGZ6&cg1=Zabasearch&z=675960479

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zabasearch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:23:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.zabasearch.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 19ms
19ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-8810863-1&cid=717701605.1671031432&jid=94098400&gjid=1031167040&_gid=1907539660.1671031432&_u=aEDAAEABQAAAACAAI~&z=2047156101

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zabasearch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 14 Dec 2022 15:23:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.zabasearch.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 54ms
32ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-8810863-1&cid=717701605.1671031432&jid=1436504842&_u=IEBAAEAAAAAAACAAI~&z=1915894583

Requested by

Host: www.zabasearch.com
URL: https://www.zabasearch.com/?qloc&showForm=name&qname=Robin%2BKelly&refer=3338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:23:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 53ms
31ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-8810863-1&cid=717701605.1671031432&jid=1436504842&_u=IEBAAEAAAAAAACAAI~&z=1915894583

Requested by

Host: www.zabasearch.com
URL: https://www.zabasearch.com/?qloc&showForm=name&qname=Robin%2BKelly&refer=3338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:23:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 62ms
21ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-74882607-4&cid=717701605.1671031432&jid=1656150771&gjid=236092444&_gid=1907539660.1671031432&_u=aGDACEABRAAAACAAI~&z=769072771

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zabasearch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 14 Dec 2022 15:23:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.zabasearch.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 33ms
30ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-8810863-1&cid=717701605.1671031432&jid=94098400&_u=aEDAAEABQAAAACAAI~&z=1656568907

Requested by

Host: www.zabasearch.com
URL: https://www.zabasearch.com/?qloc&showForm=name&qname=Robin%2BKelly&refer=3338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:23:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 34ms
30ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-8810863-1&cid=717701605.1671031432&jid=94098400&_u=aEDAAEABQAAAACAAI~&z=1656568907

Requested by

Host: www.zabasearch.com
URL: https://www.zabasearch.com/?qloc&showForm=name&qname=Robin%2BKelly&refer=3338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:23:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxXwrUh9-v2JEQuN4Qs1vvQWZVKwLxAJufyIuHiofQUiebH8UUI0TCpAxzTUTj9CUxtkdj-pRBQ-rOqWgT19 Show response
fundingchoicesmessages.google.com/f/ 19 KB
8 KB 46ms
45ms Script
application/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXwrUh9-v2JEQuN4Qs1vvQWZVKwLxAJufyIuHiofQUiebH8UUI0TCpAxzTUTj9CUxtkdj-pRBQ-rOqWgT19

Requested by

Host: www.zabasearch.com
URL: https://www.zabasearch.com/?qloc&showForm=name&qname=Robin%2BKelly&refer=3338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b5ae743d1c548dfa634f14636eab6d699273730deefbe4a5747c8d655b2b7d57

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uFJqfMd7_-qAMDJO31pVew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:51 GMT
content-security-policy: script-src 'report-sample' 'nonce-uFJqfMd7_-qAMDJO31pVew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/ 355 KB
117 KB 89ms
73ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5413153010344125&plah=www.zabasearch.com&bust=31071276

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

984132a89b82871f96d20c25910a17ff852c464765fd7adc82a88ae118f39e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119797
x-xss-protection: 0
server: cafe
etag: 16093599005007572916
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 14 Dec 2022 15:23:51 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame 545B 10 KB
5 KB 193ms
6ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zabasearch.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 80261
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 17:06:10 GMT
etag: 10353107486223812946
expires: Tue, 27 Dec 2022 17:06:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 50ms
34ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-74882607-4&cid=717701605.1671031432&jid=1656150771&_u=aGDACEABRAAAACAAI~&z=1369004516

Requested by

Host: www.zabasearch.com
URL: https://www.zabasearch.com/?qloc&showForm=name&qname=Robin%2BKelly&refer=3338

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:23:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 51ms
34ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-74882607-4&cid=717701605.1671031432&jid=1656150771&_u=aGDACEABRAAAACAAI~&z=1369004516

Requested by

Host: www.zabasearch.com
URL: https://www.zabasearch.com/?qloc&showForm=name&qname=Robin%2BKelly&refer=3338

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:23:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
698 B 49ms
15ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.zabasearch.com&callback=_gfp_s_&client=ca-pub-5413153010344125&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5413153010344125&plah=www.zabasearch.com&bust=31071276

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40f44654820767f515e0271367cfc48477d63a52cd75a6a08f6be53584a02dfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 64ms
15ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.zabasearch.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 36ms
15ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zabasearch.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D728 235 KB
56 KB 660ms
660ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5413153010344125&output=html&adk=522671305&adf=1178619241&lmt=1671031431&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=356x810_r&format=0x0&url=https%3A%2F%2Fwww.zabasearch.com%2F%3Fqloc%26showForm%3Dname%26qname%3DRobin%252BKelly%26refer%3D3338&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671031431711&bpp=4&bdt=292&idt=184&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7413358759234&frm=20&pv=2&ga_vid=717701605.1671031432&ga_sid=1671031432&ga_hid=698594533&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071276%2C44779793%2C44780792&oid=2&pvsid=4276303655342907&tmod=1205830967&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=207

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0af443bbbb528771d18a4afb9c8d4961700be2146622451417f864df8b5153df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zabasearch.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 57408
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 15:23:52 GMT
expires: Wed, 14 Dec 2022 15:23:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/ 151 KB
51 KB 106ms
105ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/reactive_library_fy2021.js?bust=31071276

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79554945c3a7dfe75bdb8d211dd032864ead9c39454bccc942c0548fc3f3fc98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52377
x-xss-protection: 0
server: cafe
etag: 13702859612531547162
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Dec 2022 15:23:52 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
392 B 105ms
32ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=185274
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185274-232463692003415.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 64ee39bb09c8ce911a6f1a4e0007b075304ed2daa8603a45494dc570fbc58cce

Request headers

Referer: https://www.zabasearch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 14 Dec 2022 15:23:52 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.zabasearch.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Fri, 13 Jan 2023 15:23:52 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
362 B 40ms
15ms XHR
text/plain 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185274-232463692003415.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zabasearch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 14 Dec 2022 15:23:52 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.zabasearch.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 44
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 178 KB
45 KB 27ms
7ms Script
application/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.zabasearch.com
URL: https://www.zabasearch.com/?qloc&showForm=name&qname=Robin%2BKelly&refer=3338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa00bdc74cdf124e45f545f927f91ed9c9c1af8db39769fa302d4dbdb195a546

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:09:34 GMT
content-encoding: gzip
via: 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront), 1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront)
last-modified: Wed, 07 Dec 2022 21:39:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 859
x-amz-server-side-encryption: AES256
etag: W/"64f4b7b07dc566a98060fc55042f4433"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: bYWJeMUTgehMX0ULe10mR10Y83XRn11MN5c7krrScM-_nq41Q-U4OQ==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 47ms
25ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCXFGZ6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27542
x-xss-protection: 0
server: sffe
etag: "1421 / 75 of 1000 / last-modified: 1670587517"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 14 Dec 2022 15:23:52 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 20ms
7ms XHR
application/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: KO0V33_zzBQMkGMaMpLupHqINiAUum0D
content-encoding: gzip
via: 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
date: Wed, 14 Dec 2022 07:15:30 GMT
x-amz-cf-pop: FRA56-P6
age: 29303
x-cache: Hit from cloudfront
last-modified: Wed, 07 Dec 2022 02:43:04 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 8CeJSnEV0KJRIjli2mfpL8lOE98HZnmo1BvbhmI4LY0rnbFZB9mt6g==

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 34ms
16ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.zabasearch.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 32ms
16ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zabasearch.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame 061A 10 KB
4 KB 24ms
7ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zabasearch.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 46589
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 02:27:23 GMT
etag: 10353107486223812946
expires: Wed, 28 Dec 2022 02:27:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame 94BA 10 KB
4 KB 15ms
6ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zabasearch.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 46589
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 02:27:23 GMT
etag: 10353107486223812946
expires: Wed, 28 Dec 2022 02:27:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_2022120501.js Show response
securepubads.g.doubleclick.net/gpt/ 380 KB
129 KB 23ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 526
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131905
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 09:36:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 14 Dec 2023 15:15:06 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 99 B
97 B 60ms
45ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.zabasearch.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cb529ae2d749a7f4995766c7b3eb56cae8203b3f586f93ae018134a544d121d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72
x-xss-protection: 0
expires: Wed, 14 Dec 2022 15:23:52 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 94BA 2 KB
799 B 45ms
20ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 22:12:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61912
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 22:12:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 94BA 23 KB
10 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25066
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Dec 2022 08:26:06 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 94BA 3 KB
1 KB 41ms
19ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:14:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 553
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Dec 2022 15:14:39 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 94BA 18 KB
7 KB 31ms
9ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 22:04:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62343
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 22:04:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 94BA 153 KB
47 KB 47ms
24ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Dec 2022 15:23:52 GMT

GET
H2 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 94BA 34 KB
14 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 17:06:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80263
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 13 Mar 2023 17:06:09 GMT

GET
H2 200 1eaa1e49c6d827e7897bafa951c60a71.js Show response
www.gstatic.com/mysidia/ Frame 061A 9 KB
5 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1eaa1e49c6d827e7897bafa951c60a71.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a983ec1308781984ea4503dd1c4e1317b2b48dcb17dd1a6e68df68560951784b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 22:26:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 147430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4197
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 12 Mar 2023 22:26:42 GMT

GET
H2 200 890d6e0a5dc19f9d14ccf82aa8feec6a.js Show response
www.gstatic.com/mysidia/ Frame 061A 10 KB
4 KB 40ms
20ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/890d6e0a5dc19f9d14ccf82aa8feec6a.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981792df4c11fb32fea9720db6c7c82dd96da4247fd29ff170b53903e116eecc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 22:27:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 147407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4446
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 12 Mar 2023 22:27:05 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 061A 8 KB
895 B 41ms
25ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 14 Dec 2022 15:23:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 13:33:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Dec 2022 15:23:52 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 061A 2 KB
846 B 32ms
15ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 22:12:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61912
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 22:12:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 061A 23 KB
9 KB 28ms
12ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25066
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Dec 2022 08:26:06 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 061A 3 KB
1 KB 32ms
16ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:14:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 553
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Dec 2022 15:14:39 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 061A 18 KB
7 KB 30ms
14ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 22:04:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62343
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 22:04:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 061A 153 KB
47 KB 51ms
34ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Dec 2022 15:23:52 GMT

GET
H2 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 061A 34 KB
14 KB 27ms
10ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 17:06:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80263
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 13 Mar 2023 17:06:09 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 061A 0
0 52ms
52ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJjwHh-qZY5fBOa3K1fAP2L2FkAqIhofqbY-Aof_xDvLs0uCyARABILjnoC5gleKQgqAHoAGN7OTZAsgBAakChiUJ6_3JqD6oAwHIA8sEqgT4AU_Q27c3AHWBZyVTQ_njQ33yA5pYFTWl_x6J8-vEqwBLYlz_W8L26JxfkbL_ID65VKt092gugqg6JnxJTy5P0sFmRJjVVP6RsHDOyDnGvzfvRLpUOe9fQKM2_p2yPd4RPLy4NaqkBLc7z9eqZ7rSJIXfMgQaGKarz5S_Abj1O5108LgBr0Dpv9pn8CS-oH1hO_UyY-l0wCeYsrIq6fzVLhXf3685SPGoVXm4V1BWxHb_JRSDogg2CIyrkhIpq0h5XYYO3-cqpN3CGKG7ppKYKy3zRPF1LHR3e2pgArM-KURV__UgjyBX1cPRFlzFf3hkpPjlJcEYZzqHwASwvp3M5gOSBQQIBBgBkgUECAUYBIAH25ObpgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCKyQHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDYgUCNAVAYAXAbIXHAoaCAASFHB1Yi01NDEzMTUzMDEwMzQ0MTI1GAA&sigh=70iSqW1SXvI&uach_m=[UACH]&cid=CAQSGwDq26N9MhKdvt-jhGX5MRLQ7SDXzfebgbN8VRgBIBM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 14 Dec 2022 15:23:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 14 Dec 2022 15:23:52 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4C6A 143 B
166 B 7ms
6ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1647
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 14:56:25 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 061A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f35adef53e846c069bbb1fde815d732dcd7435151f6e3829602c999975a6abc5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
313 B 7ms
7ms XHR
text/plain 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.zabasearch.com&pubid=ed5c4ba2-d702-4c5a-8bcb-8b2a4e0cdbd9
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 12:49:07 GMT
via: 1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 9284
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.zabasearch.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: G5zkB50j4N4S1E3AP7QVGTwY6UkOWhvkUgufX6_XFYlg-C7TWU_PoA==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
464 B 69ms
47ms XHR
text/javascript 99.86.3.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.zabasearch.com%2F%3Fqloc%26showForm%3Dname%26qname%3DRobin%252BKelly%26refer%3D3338&pid=csCd9JcHkqb5m&cb=0&ws=1600x1200&v=22.1201.834&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1554920009871-sidebar-1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F77506920%2FIN_ZS_HOME_1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1554920009871-sidebar-2%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F77506920%2FIN_ZS_HOME_2%22%7D%5D&pubid=ed5c4ba2-d702-4c5a-8bcb-8b2a4e0cdbd9&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.3.236 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-3-236.fra6.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:52 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA6-C1
x-amz-rid: MRQSM85FHQK2WXS2ZYRR
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.zabasearch.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: DbmLNvRkbew7_ID7AYqP7Uk8Y6tZovYXboRVIyxmTeBuMm2N2xpwFA==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
311 B 7ms
7ms XHR
text/plain 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.zabasearch.com&pubid=ed5c4ba2-d702-4c5a-8bcb-8b2a4e0cdbd9
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 12:49:07 GMT
via: 1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 9284
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.zabasearch.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: KA_HdcJbNtpfWW4RP84gbmmy8Eyr4Ghpi_iYt7uiZLMokrb_6DHo3A==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
464 B 61ms
48ms XHR
text/javascript 99.86.3.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.3.236 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-3-236.fra6.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:52 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA6-C1
x-amz-rid: S1MY5Q60FGEM9KD5FKB5
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.zabasearch.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: ZjX1nZRiZIrAH5JUia78UYID1uzU64vpDiTCSPFUHSgkLT7FZd4BBQ==

GET
H3 200 610320724755128581
tpc.googlesyndication.com/daca_images/simgad/ Frame 94BA 12 KB
12 KB 24ms
7ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/610320724755128581?w=180&h=360

Requested by

Host: www.zabasearch.com
URL: https://www.zabasearch.com/?qloc&showForm=name&qname=Robin%2BKelly&refer=3338

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2bf6d0ec9b683eda2b7c1d211f47ed9a05c156e4b3d5c60214e0e3cf92c7eb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 08:36:22 GMT
x-content-type-options: nosniff
age: 110851
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11798
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 23:32:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 20 Dec 2022 08:36:22 GMT

GET
DATA 200
OK truncated
/ Frame 94BA 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fcb035c4f78fdd422f61764e56002a121badc52c9e60c676e5b5c332022020c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 68ms
54ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ccef04e7a32f1ba62af5660492e4ed6b0d0c6c6f85229c9cab8231992b1802c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11067
x-xss-protection: 0

GET
H3 200 3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js Show response
pagead2.googlesyndication.com/bg/ Frame F0C0 36 KB
16 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js

Requested by

Host: www.zabasearch.com
URL: https://www.zabasearch.com/?qloc&showForm=name&qname=Robin%2BKelly&refer=3338

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1285
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16071
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Dec 2023 15:02:28 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 94BA 0
17 B 52ms
51ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CFTV6h-qZY5jBOa3K1fAP2L2FkAqC2MHbbZ6IzenAEO2DpLW6KxABILjnoC5gleKQgqAHoAG_y-aFAsgBAagDAcgDywSqBIACT9DDNGJ2E3YAy5uiDT0HQsi4aZjbIlXXYxm0jbtZNA878jPdAXhqgc2jiSnhBiruZG49-2DYhPJz9X4uUVyv1Lu_v-iILdBlIibMzp9sHcv5BiUOKmkrndn1EElohwwU1nsDuJtqznZUCyq-lxBX_YS6WAvG_ACgYld0v1IzPclL1TKSg7ZfF5fKOHI382VEwMean6X8SBYGm7is4fgBpBXMpx9Kpc9pPNS_tJIFK6IvaKl9qkzFDg3LJ_rAKcIqXsoheIyT91G2j9rTZ13tnW1-YXgBPRUUYD-C0FPnZo7IZzuoylLaBX2TUmY5CoMq9ULhAVxL-YhOFEtizNLbycAE3sjv1ewDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB_-8gbMCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ8YgD0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwyIFALQFQGAFwGyFxwKGggAEhRwdWItNTQxMzE1MzAxMDM0NDEyNRgA&sigh=6W_vv93_uPk&uach_m=[UACH]&cid=CAQSGwDq26N9MhKdvt-jhGX5MRLQ7SDXzfebgbN8VRgBIBM&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 14 Dec 2022 15:23:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4C6A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

29ms
29ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 15:23:53 GMT
expires: Wed, 14 Dec 2022 15:23:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 15:23:53 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 5F6D 36 KB
16 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1285
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16071
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Dec 2023 15:02:28 GMT

POST
H2 200 cygnus Show response
htlb.casalemedia.com/ 30 B
558 B 60ms
37ms XHR
application/json 104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=236720
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185274-232463692003415.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8365e2d06e628f55e7ca6b4e91227ebc72aff9c9c363b739653d93c9800bf573

Request headers

Referer: https://www.zabasearch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:23:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wb7SNhtA1cOIbmfqfIUqupfIn2FAj41FNMvYBiQQYbVlFjAFZbuS3Mk4Q4FdNv9cgDD7tYnexsPQ8iSOcNi1g41KGogMjJCpfR5Aie9%2B0oIhFr32GkEBWmkvj%2BESAqIqoEP2CjWW"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.zabasearch.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7797f178896d9bc8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
820 B 155ms
92ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16594&size_id=2&rp_floor=0.01&rf=https%3A%2F%2Fwww.zabasearch.com%2F%3Fqloc%26showForm%3Dname%26qname%3DRobin%252BKelly%26refer%3D3338&p_screen_res=1600x1200&site_id=285876&zone_id=1436656&kw=rp.fastlane&tk_flint=index&rand=0.7821365117317114&alt_size_ids=55
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185274-232463692003415.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: dc989acfff2854a487b7737110cf48fe600a97b875583edebd7f441cd80be452

Request headers

Referer: https://www.zabasearch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:23:53 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.zabasearch.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 260
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
833 B 27ms
6ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185274-232463692003415.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

eb13cc1d397d12b3a338f926a477754455970652723dd92ffb7281f5add4097c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.zabasearch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 14 Dec 2022 15:23:53 GMT
AN-X-Request-Uuid: ed6aa255-f55c-4906-98fc-0859bda94da0
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.zabasearch.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.64.151.69; 217.64.151.69; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ 179 B
366 B 83ms
13ms XHR
application/json 2a02:fa8:8806:20::2100
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24?cb=6zbBpjep
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185274-232463692003415.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2100 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 2ac36daca28dc3ab59aeaa6c29c9a16c156b9e19fe56731e2bad325e1ab4886c

Request headers

Referer: https://www.zabasearch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:23:53 GMT
server: nginx
content-type: application/json
access-control-allow-origin: https://www.zabasearch.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 179
expires: 0

GET
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 64 B
497 B 66ms
31ms XHR
application/x-javascript 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?callback=window.headertag.SovrnHtb.adResponseCallback&br=%7B%22id%22%3A%22_hhaHzoAo%22%2C%22site%22%3A%7B%22domain%22%3A%22www.zabasearch.com%22%2C%22page%22%3A%22%2F%22%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22eVYKITxv%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22647231%22%7D%2C%7B%22id%22%3A%22y9fDgDAa%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22647232%22%7D%5D%7D
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185274-232463692003415.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: 65f6afe1600a1fdd4346da15ff00e69056b3909e13892edae9e8a2f97a96dcd3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 15:23:53 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://www.zabasearch.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 84

POST
H2 200 cygnus Show response
htlb.casalemedia.com/ 30 B
302 B 101ms
81ms XHR
application/json 104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=236720
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185274-232463692003415.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d14d726d3e016ee485cb6eb72bc5532d8988d5b75a28bca75087bdf4c534a69

Request headers

Referer: https://www.zabasearch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:23:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CrxrIQxZ6exbmxv8HDwHrWkX8qsv6%2FbaAaIm1AdJc6GwKMREPf6SsDJRh5SK5nOxG%2FRxv2ZQSMFcfyE7opTuMEqRujixTFiukfBUDaACw9sA7F2wxIuLL6LpiWsBnHAGzW1MJWTR"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.zabasearch.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7797f17889709bc8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30
expires: 0

GET
H2 200 arj Show response
classmates-d.openx.net/w/1.0/ 131 B
439 B 52ms
21ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://classmates-d.openx.net/w/1.0/arj?auid=540867691&aus=728x90%2C970x90&ju=https%3A%2F%2Fwww.zabasearch.com%2F%3Fqloc%26showForm%3Dname%26qname%3DRobin%252BKelly%26refer%3D3338&jr=&ch=UTF-8&tz=0&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._XOcnSocR&cache=1671031433025
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185274-232463692003415.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: faf64c7f4d29c2d95f228978eb931ede140d8e6ebad7c13cf3136978926cd261

Request headers

Referer: https://www.zabasearch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:23:53 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.zabasearch.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Dec 2022 15:23:53 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 18ms
17ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.zabasearch.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zabasearch.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
12 KB 319ms
319ms XHR
text/plain 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4276303655342907&correlator=962045140891642&eid=31068366%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fif&iu_parts=77506920%2CIN_ZS_HOME_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600%7C160x600&ifi=4&adks=2458138944&sfv=1-0-40&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=variant%3Dzaba_variant_3&sc=1&cookie=ID%3D6e35198d593b70b1-22dedb870fda00e1%3AT%3D1671031431%3ART%3D1671031431%3AS%3DALNI_MZrJ6-oOySCZUFQiM8Ou7r3lDpAlw&gpic=UID%3D00000b927bbe4333%3AT%3D1671031431%3ART%3D1671031431%3AS%3DALNI_MZ1aQzWsQc_FIps8Cob3yRKCsOzew&abxe=1&dt=1671031433144&lmt=1671031433&dlt=1671031431419&idt=1399&adxs=1240&adys=113&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.zabasearch.com%2F%3Fqloc%26showForm%3Dname%26qname%3DRobin%252BKelly%26refer%3D3338&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=4&ohw=1440&ga_vid=717701605.1671031432&ga_sid=1671031432&ga_hid=698594533&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b1b7f6b218c6737ec39e12699c3c81d8d6ffe2422ba4682403169ac0e8f820f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11854
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.zabasearch.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
11 KB 584ms
583ms XHR
text/plain 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4276303655342907&correlator=962045140891642&eid=31068366%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fif&iu_parts=77506920%2CIN_ZS_HOME_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600%7C160x600&ifi=5&adks=3569415776&sfv=1-0-40&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=variant%3Dzaba_variant_3&sc=1&cookie=ID%3D6e35198d593b70b1-22dedb870fda00e1%3AT%3D1671031431%3ART%3D1671031431%3AS%3DALNI_MZrJ6-oOySCZUFQiM8Ou7r3lDpAlw&gpic=UID%3D00000b927bbe4333%3AT%3D1671031431%3ART%3D1671031431%3AS%3DALNI_MZ1aQzWsQc_FIps8Cob3yRKCsOzew&abxe=1&dt=1671031433149&lmt=1671031433&dlt=1671031431419&idt=1399&adxs=1240&adys=118&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.zabasearch.com%2F%3Fqloc%26showForm%3Dname%26qname%3DRobin%252BKelly%26refer%3D3338&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=4&ohw=1440&ga_vid=717701605.1671031432&ga_sid=1671031432&ga_hid=698594533&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f679943469edd0604b390a891a8e9dac4be89d0863c5e7b9ab441a86accfb4d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11674
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.zabasearch.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E8A1 6 KB
3 KB 52ms
15ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zabasearch.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 15:23:53 GMT
expires: Thu, 14 Dec 2023 15:23:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 headerstats Show response
as-sec.casalemedia.com/ 0
505 B 54ms
28ms XHR
text/plain 104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=236720&u=https%3A%2F%2Fwww.zabasearch.com%2F%3Fqloc%26showForm%3Dname%26qname%3DRobin%252BKelly%26refer%3D3338&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185274-232463692003415.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zabasearch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:23:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oS2nzcqgQvinsfxr4MVvVLtzg0M2d7Avw4CFRI5a6uLmE9ut11LLiQXVE8%2BDwP6BCNFs8Cc%2FBjFZ28%2Bqov2jLfkX6BsjPzYa7Y%2FEwwnMqk8BdbOjXZIOS3Wef4BGzZ1WA6KBpZKtX2s%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.zabasearch.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7797f1796f2b9b9b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DA22 13 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zabasearch.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 405
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 15:17:08 GMT
expires: Thu, 14 Dec 2023 15:17:08 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A5F5 783 B
535 B 18ms
18ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a51164e356649248d18baae29760db635b74fcfe493fbb4ea65c48e9b39ff160

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oAbWwD7N0rpzryEjXRiMQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zabasearch.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-oAbWwD7N0rpzryEjXRiMQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 15:23:53 GMT
expires: Wed, 14 Dec 2022 15:23:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.zabasearch.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zabasearch.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
12 KB 342ms
341ms XHR
text/plain 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4276303655342907&correlator=4027923809399272&eid=31068366%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fif&iu_parts=77506920%2CIN_ZS_HOME_20&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&ifi=6&adks=636451550&sfv=1-0-40&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=variant%3Dzaba_variant_3&sc=1&cookie=ID%3D6e35198d593b70b1-22dedb870fda00e1%3AT%3D1671031431%3ART%3D1671031431%3AS%3DALNI_MZrJ6-oOySCZUFQiM8Ou7r3lDpAlw&gpic=UID%3D00000b927bbe4333%3AT%3D1671031431%3ART%3D1671031431%3AS%3DALNI_MZ1aQzWsQc_FIps8Cob3yRKCsOzew&abxe=1&dt=1671031433185&lmt=1671031433&dlt=1671031431419&idt=1399&adxs=315&adys=1172&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.zabasearch.com%2F%3Fqloc%26showForm%3Dname%26qname%3DRobin%252BKelly%26refer%3D3338&frm=20&vis=1&psz=1250x20&msz=1250x0&fws=4&ohw=1250&ga_vid=717701605.1671031432&ga_sid=1671031432&ga_hid=698594533&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

907877f3df82e5fbfc7e9ee84175dcc321a640772bedebcf71dc5c940f5113af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11774
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.zabasearch.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 headerstats Show response
as-sec.casalemedia.com/ 0
258 B 35ms
34ms XHR
text/plain 104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=236720&u=https%3A%2F%2Fwww.zabasearch.com%2F%3Fqloc%26showForm%3Dname%26qname%3DRobin%252BKelly%26refer%3D3338&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185274-232463692003415.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zabasearch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:23:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MWbnfethaHHzaq40Y2k5OwVhMZHpYu20xDRnZfwTmcYSiaOj3xhwKMsFDkI2mtDUpc3rBqOmlANPQVyOII98VVhhZM4gBF7WDGyfXVPTzlp%2FnKYKjKbxP3iZ32cej9UHcgvDO%2BqF1do%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.zabasearch.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7797f1797f559b9b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A5F5 0
0 108ms
107ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=4276303655342907&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js Show response
pagead2.googlesyndication.com/bg/ Frame DA22 36 KB
16 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1285
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16071
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Dec 2023 15:02:28 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DA22 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ObtXHA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:53 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 container.html Show response
d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D8F6 6 KB
3 KB 23ms
8ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zabasearch.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 15:23:53 GMT
expires: Thu, 14 Dec 2023 15:23:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D8F6 0
0 50ms
49ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CVxqHieqZY6WBDIqHjuwP1Ya48AXJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSGAk_Qv2KsJ2hVk7xBD0GSqrlxV9d2cG3BBZaJMn-wevnI9qL8j6L34OPajD-ekTGE27QcTybJYeZLv-DEiG3mVbRTbDESCnlgLNxbl82klU4YMBtwcK9x08M1x3CxY2jlK8RSqd7aaAsVlPo2WU3QJJIhR-l_2nggJbGWmlpJVeNsBFYpeZPaAmixVLtSQd2J78QOn-VhNuxCYGT4thSbt6M7phtraB10CHruVniTNmmu4Pnir8l5BxD1ltl7f5mcgIpQW1u82-YWOAq3FHk74vYq9DnGJYJ7YDDEBN9unUcoxRT-8nM9BGHS55ZgsYUb7GbhcYT5OGcJPacfyHexfJef6D1iKVPgBAGABpyDt46vq_-3mgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTIwNDA0Nzg2MDkyMTEzMjMYkJ8d&sigh=fWmSXRT21I0&uach_m=[UACH]&cid=CAQSOwDq26N9dr_YMwGBL7WEJPZJ-mTHNSVAUUV4fwavhBgaTdZD9sQdl-rgCaLx00LuAX-T1rB17G2am3brGAEgEw
Requested by: Host: www.zabasearch.com
URL: https://www.zabasearch.com/?qloc&showForm=name&qname=Robin%2BKelly&refer=3338
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame D8F6 0
0 63ms
20ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kZClCY-lBKwC2ASdg2ICAgAAAHa3oHl2S9MvPO3GgxCI6pljy3JJ9FHKQF_0UZcAEgAA&wp=Y5nqiQADAKUHg4OKAA4DVbAZmXL9A7o0Q7V3fw

Requested by

Host: www.zabasearch.com
URL: https://www.zabasearch.com/?qloc&showForm=name&qname=Robin%2BKelly&refer=3338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:52 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 310514
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 37C6 128 KB
45 KB 171ms
123ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5nqiQADAKUHg4OKAA4DVbAZmXL9A7o0Q7V3fw&u=%7CI35o55TUqIZm0ZwACKHGM6nHyjHxU1EE7wczIB4nBc8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzIP5zplHFKH8yU0N1w9eaUlp0HESpDMJp6NMMT_kWrETFMtigH2PRHUqyg_eREEA_-X2SeaMrCFkn4IjY6CeO4Lvv0RHavs9xokfkhq1e_PJRb2l_qNsSQxMdAmtMWkODe0_fKt_Hf-jieQMdaFBB2NZiscuQLVn-mVZze4TTMbx-qx7iCvmvqXWvxP7tLnxU004LwX1RVBxxkx1Qv8vSbMwbiN0ay2NsrqFSSgdSIohsnJr4VHXhSPSNAFILsWMvMjVOr9rFA-GmiSwM18M64iYjUP6svlYdI0B_0sADHrF1poe3rfpRic7wEZg1n1iX5mDpg6gF_O5qfFDWajOVJ5xw2Lit0wIPa23WspKXm5eu4Gye9u3Dv_9zTVzFYdfn3MJygu1_LzZSZbKCOO1cdQbzUDv1ck2TM7fCIS8cH9bxuYp75cM-EA_H964DVlXVSZlEZ1_sQ-eVrbQdyNefbSKXgy_lYkXZRjrSJ33OpnAXEFIX04E63QBVhV53jsGuR2kZNusjUMIhNE7vRS8szGuilKY-MjA_zbNdumwSvAv87ueRT5i7w7lVGav76jTtcQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCctnuieqZY6WBDIqHjuwP1Ya48AXJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSJAk_Qv2KsJ2hVk7xBD0GSqrlxV9d2cG3BBZaJMn-wevnI9qL8j6L34OPajD-ekTGE27QcTybJYeZLv-DEiG3mVbRTbDESCnlgLNxbl82klU4YMBtwcK9x08M1x3CxY2jlK8RSqd7aaAsVlPo2WU3QJJIhR-l_2nggJbGWmlpJVeNsBFYpeZPaAmixVLtSQd2J78QOn-VhNuxCYGT4thSbt6M7phtraB10CHruVniTNmmu4Pnir8l5BxD1ltl7f5mcgIpQW1u82-YWOAq3FHk74vYq9DnGJYJ7YDDEBN9unUcohxbfYPSymHJte4LDYbi9FG_1ezLzFn-LiW8iboUOYruHbZfmOux_hengBAGABpyDt46vq_-3mgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_12PHIPTiWmzDinN5XfJAGxcUsV-w%26client%3Dca-pub-2040478609211323%26adurl%3D

Requested by

Host: d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
URL: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

bb43a661aba1fdf5c16e76e0257991048ac487c2d9782581f2bf0197f918bce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 15:23:52 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=zuhKLQ3EKfZS5iIBKvq7M6kTjPB4up6NpRO0qAtaVEPpf70RoQCjhlE5ec0v-ZJb62nUKAdPC43zisLW8P5zC-L35usRCow2xOEK1G6SgFqmrM8Mc2czpQt1O-FtG6L8xFbNb2EeTb93OnQdx3VjFS3jV0xdnrUwuA0_10vTHxsIejxt_rOAlaUDRt4SU7fY-XmtTW_wg0saERTW_ZkhaeoRlUFaEMqDjNA4lA56JT8VLKxWp0SDYQnYrNfjoi4LP3AkGA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 97098692
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame D8F6 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
URL: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:14:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Dec 2022 15:14:39 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A94A 1 KB
643 B 9ms
8ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
URL: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5913
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 13:45:20 GMT
etag: 48472445140208031
expires: Thu, 15 Dec 2022 13:45:20 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame D8F6 18 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
URL: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 22:04:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62344
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 22:04:49 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame D8F6 24 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
URL: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 22:03:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 580816
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 07 Dec 2023 22:03:37 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D8F6 153 KB
47 KB 40ms
24ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
URL: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Dec 2022 15:23:53 GMT

GET
H3 200 container.html Show response
d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EA8A 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zabasearch.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 15:23:53 GMT
expires: Thu, 14 Dec 2023 15:23:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D8F6 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 75659fe9e165607175b6e30d3edfb986d266656db44ab8381cbbc3c2ce03181e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame A94A
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMlG9N5posDTLH_IVyLd1sE&google_cver=1&google_push=ASkJ3FZ5FqBs7nkBEB0Oq2cvhSLZYvPs0dPxGAloEWecbhMfTr-MVpJ9RPlkhDOPYnmnKVsuxt6co1Vk5xQkPMGBuaNQPgI1Va1Z&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMlG9N5posDTLH_IVyLd1sE&google_cver=1&google_push=ASkJ3FZ5FqBs7nkBEB0Oq2cvhSLZYvPs0dPxGAloEWecbhMfTr-MVpJ9RPlkhDOPYnmnKVsuxt6co1Vk5xQkPMGBuaNQPgI1Va1...

43 B
412 B

178ms
172ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMlG9N5posDTLH_IVyLd1sE&google_cver=1&google_push=ASkJ3FZ5FqBs7nkBEB0Oq2cvhSLZYvPs0dPxGAloEWecbhMfTr-MVpJ9RPlkhDOPYnmnKVsuxt6co1Vk5xQkPMGBuaNQPgI1Va1Z&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FZ5FqBs7nkBEB0Oq2cvhSLZYvPs0dPxGAloEWecbhMfTr-MVpJ9RPlkhDOPYnmnKVsuxt6co1Vk5xQkPMGBuaNQPgI1Va1Z%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
URL: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:23:53 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7797f17d5e759b37-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:23:53 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 1953
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMlG9N5posDTLH_IVyLd1sE&google_cver=1&google_push=ASkJ3FZ5FqBs7nkBEB0Oq2cvhSLZYvPs0dPxGAloEWecbhMfTr-MVpJ9RPlkhDOPYnmnKVsuxt6co1Vk5xQkPMGBuaNQPgI1Va1Z&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FZ5FqBs7nkBEB0Oq2cvhSLZYvPs0dPxGAloEWecbhMfTr-MVpJ9RPlkhDOPYnmnKVsuxt6co1Vk5xQkPMGBuaNQPgI1Va1Z%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7797f17bebad9b37-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame A94A 0
191 B 179ms
13ms Image
text/plain 98.98.134.242
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEH46L5TSSwf256yhhfmOhXw&google_cver=1&google_push=ASkJ3FYxGenqLPI7dBZgpEXdDKeOi4Mm0tcQtbdlEm7RXjxzecPj_Nqprfqy-VlTEdGmNVbfhSXgTov5-ZkUNBnckhYrHb325ulc
Requested by: Host: d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
URL: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Wed, 14 Dec 2022 15:23:53 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame A94A 0
173 B 39ms
16ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEDNYM2nZHowAusc-2Qr9920&google_cver=1&google_push=ASkJ3Fblnl1kKk4ujjQVc17nN4Q5iq0h0xk_mubF1m4Ce87MjKjK6_EWc6TqqbjJzdHxpYUPPl2FzlRwfKEUOITf129hJHhXz3LT
Requested by: Host: d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
URL: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:53 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A94A
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAoj7nNkeNhhkjejVZyHaUE&google_cver=1&google_push=ASkJ3FYlrvSJZn1mv4z-0YR1crDoybUFzGL82KW_c4KM5OfCYATgXVxc4mWFXdrNRGmZ6ThWunachajKq3FQ2q...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3NzAyNTM1NTM0OTIyNzY2Ng%3D%3D&google_push=ASkJ3FYlrvSJZn1mv4z-0YR1crDoybUFzGL82KW_c4KM5OfCYATgXVxc4mWFXdrNRGmZ6ThWunachajKq3FQ2q3Yg4...

170 B
329 B

20ms
18ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3NzAyNTM1NTM0OTIyNzY2Ng%3D%3D&google_push=ASkJ3FYlrvSJZn1mv4z-0YR1crDoybUFzGL82KW_c4KM5OfCYATgXVxc4mWFXdrNRGmZ6ThWunachajKq3FQ2q3Yg4xIzORRBCAq

Requested by

Host: d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
URL: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:23:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3NzAyNTM1NTM0OTIyNzY2Ng%3D%3D&google_push=ASkJ3FYlrvSJZn1mv4z-0YR1crDoybUFzGL82KW_c4KM5OfCYATgXVxc4mWFXdrNRGmZ6ThWunachajKq3FQ2q3Yg4xIzORRBCAq
Date: Wed, 14 Dec 2022 15:23:53 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A94A
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDHG0nydGca3jiLc0nhABKI&google_cver=1&google_push=ASkJ3FZj2n7zsjBBF7BYNp6IyH7XjJUbcrOzk0YmdSqSUJ2d_lV91c-l___watiJze9jjH0FZDKH9gSo7XOtHtIco4aK...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDHG0nydGca3jiLc0nhABKI&google_cver=1&google_push=ASkJ3FZj2n7zsjBBF7BYNp6IyH7XjJUbcrOzk0YmdSqSUJ2d_lV91c-l___watiJze9jjH0FZDKH9gSo7XOtHt...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FZj2n7zsjBBF7BYNp6IyH7XjJUbcrOzk0YmdSqSUJ2d_lV91c-l___watiJze9jjH0FZDKH9gSo7XOtHtIco4aKc07FVw0&google_hm=wg2bAfAWS42DXNG8fNvZjQ==

170 B
188 B

27ms
24ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FZj2n7zsjBBF7BYNp6IyH7XjJUbcrOzk0YmdSqSUJ2d_lV91c-l___watiJze9jjH0FZDKH9gSo7XOtHtIco4aKc07FVw0&google_hm=wg2bAfAWS42DXNG8fNvZjQ==

Requested by

Host: d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
URL: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:23:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FZj2n7zsjBBF7BYNp6IyH7XjJUbcrOzk0YmdSqSUJ2d_lV91c-l___watiJze9jjH0FZDKH9gSo7XOtHtIco4aKc07FVw0&google_hm=wg2bAfAWS42DXNG8fNvZjQ==
date: Wed, 14 Dec 2022 15:23:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A94A
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEHMb4i54HmEqzgWwF98bB4M&google_cver=1&google_push=ASkJ3FZxYp7840ViNzVOxGReSqBseWL5QunA8GvnyWLJpmfEv6VbUeQ2RxoNjCQR8Fnh9BVT6q_7eMqk-WHgfofC_eok3n...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEHMb4i54HmEqzgWwF98bB4M&google_cver=1&google_push=ASkJ3FZxYp7840ViNzVOxGReSqBseWL5QunA8GvnyWLJpmfEv6VbUeQ2RxoNjCQR8Fnh9BVT6q_7eMqk-WHgfofC...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CTSZzo9uSemYzdGsHxHyaA&google_push=ASkJ3FZxYp7840ViNzVOxGReSqBseWL5QunA8GvnyWLJpmfEv6VbUeQ2RxoNjCQR8Fnh9BVT6q_7eMqk-WHgfof...

170 B
188 B

21ms
20ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CTSZzo9uSemYzdGsHxHyaA&google_push=ASkJ3FZxYp7840ViNzVOxGReSqBseWL5QunA8GvnyWLJpmfEv6VbUeQ2RxoNjCQR8Fnh9BVT6q_7eMqk-WHgfofC_eok3nBYDECZ

Requested by

Host: d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
URL: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:23:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CTSZzo9uSemYzdGsHxHyaA&google_push=ASkJ3FZxYp7840ViNzVOxGReSqBseWL5QunA8GvnyWLJpmfEv6VbUeQ2RxoNjCQR8Fnh9BVT6q_7eMqk-WHgfofC_eok3nBYDECZ
access-control-allow-origin: *
date: Wed, 14 Dec 2022 15:23:53 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A94A
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESELM0J3DoJ...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESELM...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c20d9b01-f016-4b8d-835c-d1bc7cdbd98d&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

25ms
22ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c20d9b01-f016-4b8d-835c-d1bc7cdbd98d&%%GOOGLE_PUSH_PAIR%%

Requested by

Host: d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
URL: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:23:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c20d9b01-f016-4b8d-835c-d1bc7cdbd98d&%%GOOGLE_PUSH_PAIR%%
date: Wed, 14 Dec 2022 15:23:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame A94A 0
232 B 183ms
16ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IV11Uw3d46rVZ663pXZarZNSBM6Bpbh2buZ6csiNF311U_IZ7x9yT66QteS16eMs9C6AuNaw

Requested by

Host: d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
URL: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:53 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EA8A 0
0 51ms
50ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CO_STieqZY4n3Dsrn3gOLmJ64BJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSLAk_Qzcz1nSw-h_F2K2G6pFEk2ue_g1FtapJxG-z2CUUi2zuX0hQWH_zELnNecI6zzvgFycSY2eOXIsBlJAYVmA97d8zMTX7ZqTCH9B3A42wgC8fSTOB19u5GeWKxe2VsVlgzVXRbBTMKsuZn2eMDDaxMshQT7UqOoV3KcxjQ0J15pYKpPfIYw4D8rUIolJWz6qTauSGMw6nHjYy37i5QaBZSWYELz7fP_KqZObsQIBl7AI74pi2m6ivlJDXb_T8u-sByYQoJiW6uUi__9eQXWVB2qimLPfx5ctkwm_Edq-gPEIsuyKSB9DcOUDMfsFse3Y4EA63XCX5Axt-FeLx4Tg4saiZd15_hq7-xUOAEAYAG6JHKoZvZnt7qAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMjA0MDQ3ODYwOTIxMTMyMxiQnx0&sigh=xAC8sEiAN34&uach_m=[UACH]&cid=CAQSOwDq26N9bqPfYW4HQhksh_qgIFvxbnfIVr-2gmSnUZTkl7k8zVTTv4pcBbXZNdCcEtFqllk6s7PvA1D-GAEgEw
Requested by: Host: www.zabasearch.com
URL: https://www.zabasearch.com/?qloc&showForm=name&qname=Robin%2BKelly&refer=3338
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame EA8A 0
0 172ms
18ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kmx0g52c2wmmqphx1rrn5hbgate68wjps2r1a08knybqk7ra4c679xmf6nd3wctryaxs8ge8j3n6r1df022g8k9az47y0se1s6hkdpznnpvwr09jv9p0jazhfdwhg4myhw93cjat9zgy0tka9aava18mkn020y3ytzxe2m07chcd1w3q5xj3fs82axysh6gfyta0x4vdw23z590kjtn2nn4pzek0vnewkj6nevx8a46vwxm4r1d3bg0y2prtg1xr48sc9mdng25xxxyc4byyprzppcd2a82x1p3wb8s1ts8gdxa1sf3abj9nr14yt1jn0dsrsqw5mny4d4depkq7fek57s4tc3ef84gkajmrctwg8jctq82yvtpp6g30mtngyxjbpgpq4&b=Y5nqiQADu4kKd7PKAAeMC_6Ysa5F-IPzgpEMCw
Requested by: Host: www.zabasearch.com
URL: https://www.zabasearch.com/?qloc&showForm=name&qname=Robin%2BKelly&refer=3338
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 14 Dec 2022 15:23:53 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 515B 2 KB
3 KB 178ms
30ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jy6z60fd2zs4cnwvz8wy1rsfe3qya1pztscpjkv5114j7x54fywk57kdyhx1kz24km95a6mj142vcbdnj6b16x62mn3nyc69aa5xnpm4ck01ftdfka9xtqa8ay3s232y63pb197yxrdgkq2qzde4wyvhxz7rv1753panyp60tfy6xxqkyhy0f12xr4as131rft2ab0mj0ks6jsryzyvmss3dm00r9f76dzaymbbyeehsyjxgtyb2qcn4h7rsbkt3gfsdcyxgpx40jykzpytqt2ecbg71s2rzx74ea5t32e9v9nq4qkv909cmkqp98t1xdmxqw9k8hj9w8w9vkkryf6jvg9w4ptm313gbngwd14p01vb12n3ed1zmjnt2c5arr99s3sqjk3g7hc9r3pp1qg6yb6j4056kkp6jfxb7bakg7nkcht0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClYwQieqZY4n3Dsrn3gOLmJ64BJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSOAk_Qzcz1nSw-h_F2K2G6pFEk2ue_g1FtapJxG-z2CUUi2zuX0hQWH_zELnNecI6zzvgFycSY2eOXIsBlJAYVmA97d8zMTX7ZqTCH9B3A42wgC8fSTOB19u5GeWKxe2VsVlgzVXRbBTMKsuZn2eMDDaxMshQT7UqOoV3KcxjQ0J15pYKpPfIYw4D8rUIolJWz6qTauSGMw6nHjYy37i5QaBZSWYELz7fP_KqZObsQIBl7AI74pi2m6ivlJDXb_T8u-sByYQoJiW6uUi__9eQXWVB2qimLPfx5ctkwm_Edq-gPEIsuyKTD9hach8qY8JOZlRjeSj8lMGpKa9WrYGH4jEe-krJD-4c0dyDxmL3Y_eAEAYAG6JHKoZvZnt7qAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bNdkOS1BiyQHiIHxhd216-3bi2g%26client%3Dca-pub-2040478609211323%26adurl%3D

Requested by

Host: d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
URL: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2596db97882e2dff4eb6996199036bde575c7315ed692cee48060593b7f3c9e6

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7797f17cc86a9a24-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 15:23:53 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame EA8A 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
URL: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:14:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Dec 2022 15:14:39 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A59D 1 KB
643 B 9ms
7ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
URL: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5913
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 13:45:20 GMT
etag: 48472445140208031
expires: Thu, 15 Dec 2022 13:45:20 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame EA8A 18 KB
7 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
URL: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 22:04:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62344
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 22:04:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame EA8A 0
0 16ms
14ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT5AkCnOeu_wNgjPsApTds2jZb7iRoOXmMACirIBYE6kYHUtWXkQRtrwNZy1y9M8x5Zn1G1tR4_QbSf2NB9MrrpbAjGmg
Requested by: Host: d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
URL: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame EA8A 24 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
URL: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 22:03:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 580816
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 07 Dec 2023 22:03:37 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EA8A 153 KB
47 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
URL: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Dec 2022 15:23:53 GMT

GET
DATA 200
OK truncated
/ Frame EA8A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac2f087f3f2c30320117d2754680343d78d2c9e17aec5bfa7eeb6b389e476bfb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 37C6 2 KB
1 KB 71ms
21ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5nqiQADAKUHg4OKAA4DVbAZmXL9A7o0Q7V3fw&u=%7CI35o55TUqIZm0ZwACKHGM6nHyjHxU1EE7wczIB4nBc8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzIP5zplHFKH8yU0N1w9eaUlp0HESpDMJp6NMMT_kWrETFMtigH2PRHUqyg_eREEA_-X2SeaMrCFkn4IjY6CeO4Lvv0RHavs9xokfkhq1e_PJRb2l_qNsSQxMdAmtMWkODe0_fKt_Hf-jieQMdaFBB2NZiscuQLVn-mVZze4TTMbx-qx7iCvmvqXWvxP7tLnxU004LwX1RVBxxkx1Qv8vSbMwbiN0ay2NsrqFSSgdSIohsnJr4VHXhSPSNAFILsWMvMjVOr9rFA-GmiSwM18M64iYjUP6svlYdI0B_0sADHrF1poe3rfpRic7wEZg1n1iX5mDpg6gF_O5qfFDWajOVJ5xw2Lit0wIPa23WspKXm5eu4Gye9u3Dv_9zTVzFYdfn3MJygu1_LzZSZbKCOO1cdQbzUDv1ck2TM7fCIS8cH9bxuYp75cM-EA_H964DVlXVSZlEZ1_sQ-eVrbQdyNefbSKXgy_lYkXZRjrSJ33OpnAXEFIX04E63QBVhV53jsGuR2kZNusjUMIhNE7vRS8szGuilKY-MjA_zbNdumwSvAv87ueRT5i7w7lVGav76jTtcQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCctnuieqZY6WBDIqHjuwP1Ya48AXJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSJAk_Qv2KsJ2hVk7xBD0GSqrlxV9d2cG3BBZaJMn-wevnI9qL8j6L34OPajD-ekTGE27QcTybJYeZLv-DEiG3mVbRTbDESCnlgLNxbl82klU4YMBtwcK9x08M1x3CxY2jlK8RSqd7aaAsVlPo2WU3QJJIhR-l_2nggJbGWmlpJVeNsBFYpeZPaAmixVLtSQd2J78QOn-VhNuxCYGT4thSbt6M7phtraB10CHruVniTNmmu4Pnir8l5BxD1ltl7f5mcgIpQW1u82-YWOAq3FHk74vYq9DnGJYJ7YDDEBN9unUcohxbfYPSymHJte4LDYbi9FG_1ezLzFn-LiW8iboUOYruHbZfmOux_hengBAGABpyDt46vq_-3mgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_12PHIPTiWmzDinN5XfJAGxcUsV-w%26client%3Dca-pub-2040478609211323%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 09 Dec 2023 15:23:53 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 37C6 2 KB
1 KB 72ms
22ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 09 Dec 2023 15:23:53 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 37C6 308 B
636 B 68ms
22ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 09 Dec 2023 15:23:53 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 37C6 293 B
621 B 69ms
23ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 09 Dec 2023 15:23:53 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame 37C6 43 B
348 B 64ms
18ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=W9ajeKvPHHSSMabc4zFKuVEd8NhmoLdAvKXrbedNJ8OeFHI_EyymH4hqOQwDyvG-OqEpCh-pyTUHAP8M0Rqv53hFad6pspMiivhtWrageolwvuj0bvCsEjaTpZQUFy-N1bhGQRPzyjxOW8oVe6kwUMxeNjqPEiIWVnO2YXonMrPsLoSncsYujQtJWF8bFF1_-T95jaZNmGApzATv_P0cu_frWB9xICxNbNSLe-j43EYmvrhDaBclQMZEltDgoP_Fmq_Fm0cThgkCukqmlrJbC60kmtCKG4A77NXx5WeElNKPZTp6EHsBAw7phtSvroAyV4YfJMsYiS_GZz5ooi9Fv4cednFhUWnTtpZyFMsCuEIAjf79sHILlovhsMoMqODXByvm_SFq9k6E9DFN7AuXaJbw6gBbwMXZ_pQgCyMatMhDTGO8u0SJMMtHzdIHX6Vmdq-nWQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:23:53 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2641754
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 37C6 60 B
60 B 111ms
34ms Image
image/gif 213.202.235.8
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=15&extPu=72360-criteo&extLi=152208&rnd=6399ea8995caa0536fc124af15ad3d7a&criteoid=&consent_string=&iab=1&url=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.202.235.8 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 15:23:53 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Mi, 14 Dez 2022 03:23:53 GMT
X-ET-Code: 0
Content-Type: image/gif
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp: 1696
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 37C6 12 KB
5 KB 42ms
23ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 595085
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5w2Lyic3%2FzrjyfM4YmxhHIbcDUoDKeUNaceEkol0cNlEkW1vg16mC2U2KCoemZbRZt4FyzBZ%2BsbcEa%2FB4bdkaolUK1k3yC%2Btw%2B%2F9dbvcQ6QgZIiaqAYUXAVEthyER16vkwI26Dh0ET5rTLqf5C19DqK5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7797f17d08f291ff-FRA
expires: Mon, 04 Dec 2023 15:23:53 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 37C6 12 KB
6 KB 61ms
25ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 09 Dec 2023 15:23:53 GMT

GET
H3 200 container.html Show response
d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BB9F 6 KB
3 KB 9ms
8ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zabasearch.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 15:23:53 GMT
expires: Thu, 14 Dec 2023 15:23:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame A59D 35 B
464 B 31ms
9ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEDYmsXmktCZGdLXwpOST3s&google_cver=1&google_push=ASkJ3FblvLX2eiFZOnEGlh4n7P_4I4r4TJ2jjD4CMoNkacuuwKc5irlV-CSFnN6WCk9Qd5H3raGpCUxzQyfWKHxzfzY74vm5E1VG

Requested by

Host: d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
URL: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:23:53 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame A59D 0
104 B 114ms
34ms Image
text/plain 2a02:fa8:8806:20::2040
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEKMl79umK58FeNVkfpHdkqU&google_cver=1&google_push=ASkJ3Fara6Du6lizjDaUITkvvW27-vwlRIYqbXFhZZqp-qTJ89SFRfnQ1GWBkbzOWsJ0xDtz_gN77_Mi2R33GcsHdLEjHK6x476l
Requested by: Host: d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
URL: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:23:53 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A59D
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAoj7nNkeNhhkjejVZyHaUE&google_cver=1&google_push=ASkJ3FZlvSuOtzHwUPHC2g41lUoCLTtBhIQuxDFpps5iIUdlyUe3bkFxktCQgiAWT416DkR17wbwH5RAMRCof3...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3NzAyNTM1NTM0OTIyNzY2Ng%3D%3D&google_push=ASkJ3FZlvSuOtzHwUPHC2g41lUoCLTtBhIQuxDFpps5iIUdlyUe3bkFxktCQgiAWT416DkR17wbwH5RAMRCof301-L...

170 B
188 B

30ms
27ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3NzAyNTM1NTM0OTIyNzY2Ng%3D%3D&google_push=ASkJ3FZlvSuOtzHwUPHC2g41lUoCLTtBhIQuxDFpps5iIUdlyUe3bkFxktCQgiAWT416DkR17wbwH5RAMRCof301-Lbnye_zeFE

Requested by

Host: d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
URL: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:23:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3NzAyNTM1NTM0OTIyNzY2Ng%3D%3D&google_push=ASkJ3FZlvSuOtzHwUPHC2g41lUoCLTtBhIQuxDFpps5iIUdlyUe3bkFxktCQgiAWT416DkR17wbwH5RAMRCof301-Lbnye_zeFE
Date: Wed, 14 Dec 2022 15:23:53 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A59D
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFstPPfysNSwr0ZGSZXIywI&google_cver=1&google_push=ASkJ3FaUhxJtkMmbWeKt--fKlmZZp8Q0oHi8ynWbyRJbCBYuUhCzPW5CmaCDqE7_qPAEcGXcwRwMET4Q...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFstPPfysNSwr0ZGSZXIywI&google_cver=1&google_push=ASkJ3FaUhxJtkMmbWeKt--fKlmZZp8Q0oHi8ynWbyRJbCBYuUhCzPW5CmaCDqE7_qPAEcGXcwRw...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTE0NjgwNTA2MjcwMDE5NTY5OA&google_push=ASkJ3FaUhxJtkMmbWeKt--fKlmZZp8Q0oHi8ynWbyRJbCBYuUhCzPW5CmaCDqE7_qPAEcGXcwRwMET...

170 B
188 B

19ms
18ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTE0NjgwNTA2MjcwMDE5NTY5OA&google_push=ASkJ3FaUhxJtkMmbWeKt--fKlmZZp8Q0oHi8ynWbyRJbCBYuUhCzPW5CmaCDqE7_qPAEcGXcwRwMET4QZdK3tdKjOKDYvXyqQFIq

Requested by

Host: d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
URL: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:23:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:23:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTE0NjgwNTA2MjcwMDE5NTY5OA&google_push=ASkJ3FaUhxJtkMmbWeKt--fKlmZZp8Q0oHi8ynWbyRJbCBYuUhCzPW5CmaCDqE7_qPAEcGXcwRwMET4QZdK3tdKjOKDYvXyqQFIq
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A59D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEM3T7nI8baLlm7wJ1FK0Euo&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEM3T7nI8baLlm7wJ1FK0Euo&google_push=AS...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEM3T7nI8baLlm7wJ1FK0Euo&google_hm=Y5nqiZ3VtCjIB2IrSksNUgAABJQAAAIB&google_nid=index&google_push=ASkJ3Fa7-x2tW0wlpYrXAHSe5n6KeGFZkBa3p...

170 B
188 B

18ms
18ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEM3T7nI8baLlm7wJ1FK0Euo&google_hm=Y5nqiZ3VtCjIB2IrSksNUgAABJQAAAIB&google_nid=index&google_push=ASkJ3Fa7-x2tW0wlpYrXAHSe5n6KeGFZkBa3p3ifGH_9RMIc7FSQMiEhSo8J1GQJdZlW9rYB2WVhlfTDs26kqYNF_8uMUpaMKcwd

Requested by

Host: d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
URL: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:23:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:23:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=USzZGn%2FzhHb%2Brn1Cxfr9yuIzWqrhmGp64dG70gNg%2BN0rXTaSdTeLX5iPlHFZKfaB5bFo%2FJOQ6Gio9tmOC498Yg2A5tyupoayeXQD7bvxWeNRBkftuEXiHUjHd1z9d9Qs7%2FFFY5Anm2sBRA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEM3T7nI8baLlm7wJ1FK0Euo&google_hm=Y5nqiZ3VtCjIB2IrSksNUgAABJQAAAIB&google_nid=index&google_push=ASkJ3Fa7-x2tW0wlpYrXAHSe5n6KeGFZkBa3p3ifGH_9RMIc7FSQMiEhSo8J1GQJdZlW9rYB2WVhlfTDs26kqYNF_8uMUpaMKcwd
cache-control: no-cache
cf-ray: 7797f17dccb29188-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A59D
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEAarP0xxli9-Dwc9zYDyjYg&google_cver=1&google_push=ASkJ3Fausvev_t3NDoT4zD5hNCWhBPan9XHDvNN0nP0nId54XiiOXpc7xceDinhg9eVSlLNyCy...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEAarP0xxli9-Dwc9zYDyjYg&google_cver=1&google_push=ASkJ3Fausvev_t3NDoT4zD5hNCWhBPan9XHDvNN0nP0nId54XiiOXpc7xceDinhg9eVSlLNyCy...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1ORmkxM01GRTJ1Rk5WS1JkTEU2djZqYVhyZHFMdzhEV35B&google_push=ASkJ3Fausvev_t3NDoT4zD5hNCWhBPan9XHDvNN0nP0nId54XiiOXpc7x...

170 B
188 B

19ms
17ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1ORmkxM01GRTJ1Rk5WS1JkTEU2djZqYVhyZHFMdzhEV35B&google_push=ASkJ3Fausvev_t3NDoT4zD5hNCWhBPan9XHDvNN0nP0nId54XiiOXpc7xceDinhg9eVSlLNyCy5WdL0WA2WJFYqGvDvhsHh4tiI4

Requested by

Host: d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
URL: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:23:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1ORmkxM01GRTJ1Rk5WS1JkTEU2djZqYVhyZHFMdzhEV35B&google_push=ASkJ3Fausvev_t3NDoT4zD5hNCWhBPan9XHDvNN0nP0nId54XiiOXpc7xceDinhg9eVSlLNyCy5WdL0WA2WJFYqGvDvhsHh4tiI4
date: Wed, 14 Dec 2022 15:23:53 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A59D
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESELStar4K90hQPrVIrVblJiY&google_cver=1&google_push=ASkJ3FZJ5gryKL0yU...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESELStar4K90hQPrVIrVblJiY%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Mzc0NTAwNDg2MTQ2NDUwODA0OQ%3D%3D&google_gid=CAESELStar4K90hQPrVIrVblJiY&google_cver=1&google_push=ASkJ3FZJ5gryKL0yUN9fvm5UfvPim1IUML...

170 B
188 B

21ms
19ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Mzc0NTAwNDg2MTQ2NDUwODA0OQ%3D%3D&google_gid=CAESELStar4K90hQPrVIrVblJiY&google_cver=1&google_push=ASkJ3FZJ5gryKL0yUN9fvm5UfvPim1IUMLmW-fIbGP9HNWrIh43hIKlQ6mVsWRXaKgj_3DyRbbkYdVT6qwSHcFLSpuphk2qidsrWFw

Requested by

Host: d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
URL: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:23:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 14 Dec 2022 15:23:53 GMT
AN-X-Request-Uuid: 699e90af-afaf-418e-a3f2-0eb42e803ac0
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Mzc0NTAwNDg2MTQ2NDUwODA0OQ%3D%3D&google_gid=CAESELStar4K90hQPrVIrVblJiY&google_cver=1&google_push=ASkJ3FZJ5gryKL0yUN9fvm5UfvPim1IUMLmW-fIbGP9HNWrIh43hIKlQ6mVsWRXaKgj_3DyRbbkYdVT6qwSHcFLSpuphk2qidsrWFw
Connection: keep-alive
X-Proxy-Origin: 217.64.151.69; 217.64.151.69; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame A59D 0
12 B 35ms
15ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IAFPXvTwe699eBHjQ-4kixTOoGWxRc3SttLio90a1AhjIzC9fhhI6DvKI0V38iLnlx21oUoC0

Requested by

Host: d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
URL: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:53 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 37C6 25 KB
25 KB 74ms
24ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12719&q=80&r=0&u=https%3A%2F%2Fmedia.mey-edlich.de%2Fproducts%2Fmey-edlich%2Fimages%2F1441x1922%2FEC24_6685_FA.jpg&v=3&w=800&s=D2rtM9nv4YsjV_rdA6F8gdTG&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

60b628a1423bac8c5b2499082217f9b603de9c74ca427b6f135cd26541c54da3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=497209
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 25600
expires: Tue, 20 Dec 2022 09:30:42 GMT

GET
H2 200 3ff7c857e82a4109bac07acd81724986_cpn_300x600_1.jpeg
static.criteo.net/design/dt/12719/221129/ Frame 37C6 97 KB
97 KB 42ms
36ms Image
image/jpeg 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/12719/221129/3ff7c857e82a4109bac07acd81724986_cpn_300x600_1.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0c27a580300a77ee5fab4f8e04b2834c9716df118b04c3cc824a949230d0cd05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 29 Nov 2022 09:48:44 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6385d57c-18462"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 99426
expires: Sat, 09 Dec 2023 15:23:53 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 37C6 0
128 B 52ms
19ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=zuhKLQ3EKfZS5iIBKvq7M6kTjPB4up6NpRO0qAtaVEPpf70RoQCjhlE5ec0v-ZJb62nUKAdPC43zisLW8P5zC-L35usRCow2xOEK1G6SgFqmrM8Mc2czpQt1O-FtG6L8xFbNb2EeTb93OnQdx3VjFS3jV0xdnrUwuA0_10vTHxsIejxt_rOAlaUDRt4SU7fY-XmtTW_wg0saERTW_ZkhaeoRlUFaEMqDjNA4lA56JT8VLKxWp0SDYQnYrNfjoi4LP3AkGA&sds=2&rev=83933&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 14 Dec 2022 15:23:53 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 37C6 2 KB
1 KB 26ms
23ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 09 Dec 2023 15:23:53 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 37C6 2 KB
1 KB 25ms
24ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 09 Dec 2023 15:23:53 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame 515B 89 KB
11 KB 77ms
54ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jy6z60fd2zs4cnwvz8wy1rsfe3qya1pztscpjkv5114j7x54fywk57kdyhx1kz24km95a6mj142vcbdnj6b16x62mn3nyc69aa5xnpm4ck01ftdfka9xtqa8ay3s232y63pb197yxrdgkq2qzde4wyvhxz7rv1753panyp60tfy6xxqkyhy0f12xr4as131rft2ab0mj0ks6jsryzyvmss3dm00r9f76dzaymbbyeehsyjxgtyb2qcn4h7rsbkt3gfsdcyxgpx40jykzpytqt2ecbg71s2rzx74ea5t32e9v9nq4qkv909cmkqp98t1xdmxqw9k8hj9w8w9vkkryf6jvg9w4ptm313gbngwd14p01vb12n3ed1zmjnt2c5arr99s3sqjk3g7hc9r3pp1qg6yb6j4056kkp6jfxb7bakg7nkcht0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClYwQieqZY4n3Dsrn3gOLmJ64BJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSOAk_Qzcz1nSw-h_F2K2G6pFEk2ue_g1FtapJxG-z2CUUi2zuX0hQWH_zELnNecI6zzvgFycSY2eOXIsBlJAYVmA97d8zMTX7ZqTCH9B3A42wgC8fSTOB19u5GeWKxe2VsVlgzVXRbBTMKsuZn2eMDDaxMshQT7UqOoV3KcxjQ0J15pYKpPfIYw4D8rUIolJWz6qTauSGMw6nHjYy37i5QaBZSWYELz7fP_KqZObsQIBl7AI74pi2m6ivlJDXb_T8u-sByYQoJiW6uUi__9eQXWVB2qimLPfx5ctkwm_Edq-gPEIsuyKTD9hach8qY8JOZlRjeSj8lMGpKa9WrYGH4jEe-krJD-4c0dyDxmL3Y_eAEAYAG6JHKoZvZnt7qAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bNdkOS1BiyQHiIHxhd216-3bi2g%26client%3Dca-pub-2040478609211323%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jy6z60fd2zs4cnwvz8wy1rsfe3qya1pztscpjkv5114j7x54fywk57kdyhx1kz24km95a6mj142vcbdnj6b16x62mn3nyc69aa5xnpm4ck01ftdfka9xtqa8ay3s232y63pb197yxrdgkq2qzde4wyvhxz7rv1753panyp60tfy6xxqkyhy0f12xr4as131rft2ab0mj0ks6jsryzyvmss3dm00r9f76dzaymbbyeehsyjxgtyb2qcn4h7rsbkt3gfsdcyxgpx40jykzpytqt2ecbg71s2rzx74ea5t32e9v9nq4qkv909cmkqp98t1xdmxqw9k8hj9w8w9vkkryf6jvg9w4ptm313gbngwd14p01vb12n3ed1zmjnt2c5arr99s3sqjk3g7hc9r3pp1qg6yb6j4056kkp6jfxb7bakg7nkcht0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClYwQieqZY4n3Dsrn3gOLmJ64BJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSOAk_Qzcz1nSw-h_F2K2G6pFEk2ue_g1FtapJxG-z2CUUi2zuX0hQWH_zELnNecI6zzvgFycSY2eOXIsBlJAYVmA97d8zMTX7ZqTCH9B3A42wgC8fSTOB19u5GeWKxe2VsVlgzVXRbBTMKsuZn2eMDDaxMshQT7UqOoV3KcxjQ0J15pYKpPfIYw4D8rUIolJWz6qTauSGMw6nHjYy37i5QaBZSWYELz7fP_KqZObsQIBl7AI74pi2m6ivlJDXb_T8u-sByYQoJiW6uUi__9eQXWVB2qimLPfx5ctkwm_Edq-gPEIsuyKTD9hach8qY8JOZlRjeSj8lMGpKa9WrYGH4jEe-krJD-4c0dyDxmL3Y_eAEAYAG6JHKoZvZnt7qAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bNdkOS1BiyQHiIHxhd216-3bi2g%26client%3Dca-pub-2040478609211323%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1670930538
age: 95799
cf-polished: origSize=91628
x-guploader-uploadid: ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 11:22:46 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1670930566724484
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0tWjpz3UbgZwBldzPWaWLMcSuokdm0N0hfd6jWY0QhYqiQ0oAQ%2FsaaoKv0VCUSxhHFmm9XsaE5s4yt3yDnEEn4PvDsvaQdjmM%2FeTkyRNJwZcfBQI3dzi4mcWL8LzvTjtz%2BKmgvGVtsg%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 7797f17d5d719295-FRA
expires: Wed, 14 Dec 2022 16:23:53 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 515B 35 KB
12 KB 46ms
26ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jy6z60fd2zs4cnwvz8wy1rsfe3qya1pztscpjkv5114j7x54fywk57kdyhx1kz24km95a6mj142vcbdnj6b16x62mn3nyc69aa5xnpm4ck01ftdfka9xtqa8ay3s232y63pb197yxrdgkq2qzde4wyvhxz7rv1753panyp60tfy6xxqkyhy0f12xr4as131rft2ab0mj0ks6jsryzyvmss3dm00r9f76dzaymbbyeehsyjxgtyb2qcn4h7rsbkt3gfsdcyxgpx40jykzpytqt2ecbg71s2rzx74ea5t32e9v9nq4qkv909cmkqp98t1xdmxqw9k8hj9w8w9vkkryf6jvg9w4ptm313gbngwd14p01vb12n3ed1zmjnt2c5arr99s3sqjk3g7hc9r3pp1qg6yb6j4056kkp6jfxb7bakg7nkcht0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClYwQieqZY4n3Dsrn3gOLmJ64BJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSOAk_Qzcz1nSw-h_F2K2G6pFEk2ue_g1FtapJxG-z2CUUi2zuX0hQWH_zELnNecI6zzvgFycSY2eOXIsBlJAYVmA97d8zMTX7ZqTCH9B3A42wgC8fSTOB19u5GeWKxe2VsVlgzVXRbBTMKsuZn2eMDDaxMshQT7UqOoV3KcxjQ0J15pYKpPfIYw4D8rUIolJWz6qTauSGMw6nHjYy37i5QaBZSWYELz7fP_KqZObsQIBl7AI74pi2m6ivlJDXb_T8u-sByYQoJiW6uUi__9eQXWVB2qimLPfx5ctkwm_Edq-gPEIsuyKTD9hach8qY8JOZlRjeSj8lMGpKa9WrYGH4jEe-krJD-4c0dyDxmL3Y_eAEAYAG6JHKoZvZnt7qAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bNdkOS1BiyQHiIHxhd216-3bi2g%26client%3Dca-pub-2040478609211323%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 06:17:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 119144
etag: W/"49e3b0ffd5e74f27b691e89cf271d672"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XfZULrqD9ZfHMCUw6IYM6WsGytaLm2OletovwpziXm%2FbZFaRkwVHRGP%2F7pLl9xivnDe15GNdjTsDzZexbzFSPmUuK8frjKHr2DVF%2F66bMIBUOa7MYT%2B7EaQZcR5LF7mRgdzoJz8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7797f17d595d9a24-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 13 Dec 2022 06:18:09 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame BB9F 0
0 56ms
56ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CauDsieqZY6vsG5SSrASIjb6oAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSFAk_Q92CNCsvYAvR2PKUkYE94KpKPV201PwLA363nrph24UJyXRg9-nRpJ34KVUmAu4bZmSf95JB7WOosGXGbcqrSSwRd2hIv0JqU_TxNm5ObvHhIHZnxk5ihsOVC5dg-0TNA2vF6uxb3y6zxLVQjQYoNfd1xkAUwkUa7WcsF_rAjgLAmp84dgLM7cxW5wP3b6yvnWvcGu0T-gN7i3iPoB8i_Px1DJwuNGQknmSXxVBVdUtPmoX83EPD1Ys9MDgaFEbS5nhPij-pEN57BGr7BiRAhXg0l76mHCsO4U7arKldy7gR2v8w_-CkcvaCxOFVtSIDPgG4dROZfVmX3yB8AUFaVxh7wH-AEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0yMDQwNDc4NjA5MjExMzIzGJCfHQ&sigh=-OBF0quHcyU&uach_m=[UACH]&cid=CAQSOwDq26N9WDpfkqx14QYZGH8SuHr69PngfluFdmHXl1axRgWlFd05tC7t_n7TOqHH2CzbAFUuEIuq4MwwGAEgEw
Requested by: Host: www.zabasearch.com
URL: https://www.zabasearch.com/?qloc&showForm=name&qname=Robin%2BKelly&refer=3338
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 204 winResponse
prod-rtb.ad4mat.net/ Frame BB9F 0
0 52ms
29ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jqqpkf5aqmw7efg0h727nm6gfd22s6ck3dvjzk6fr6tkn3qabcnm5tjgh1ggt4cg1jwbkgrneqkhrmtkgbmhb3kz9wysna4kjrwafnqhw9jq7tnqakdpzfa6j4fbvsekzawrb3fxknxrtt7ztb25as7qsabnw49dke3ekdran6pnmvhrqw7d4026jswsd0vpp6fxzy557yqz23mchwtzzjjn0wcmffj13cd9e9m9sfa8jxy3sfg3gfkcz1xmwte4wag5caqd6k8cgdx7fcyjxzww383drsgfcrgdqk665ckvcvzw0ftdq2bqpz0rfq4r2gws95jzt13k63s86638at5rxym9jxt90bkhprqwqv42rexdycyyddvjp3zykf66w38hc8y5g&b=Y5nqiQAG9isKiwkUAA-GiJEXOuTC9etBwLxuTg
Requested by: Host: www.zabasearch.com
URL: https://www.zabasearch.com/?qloc&showForm=name&qname=Robin%2BKelly&refer=3338
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 14 Dec 2022 15:23:53 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 97C7 2 KB
2 KB 30ms
29ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jvetxvhwem3q0xt6jrayjr0d9gztss3w68m4qdeytag86baz669rddhx8r51ccz71z3bx9m5tv0h0hqs5fja5j0na5zrcfqb3pjrtb3j5gh71k74dbfwefzs8v4nq188sq6p089c8z5kf6k8xn1exy3mqafs0xk1fxfb2m28466yqkpc19bntd7n1wwv4nrv3pdx166pxhbvfc1c6gqk5fwgdd5cxmschq4p47q4rrzrqnswst190sj68crf783pw6947r1b9msx6h2z7gc1ja917qvs69k15m6vvjd3t171wyf9q8zyg30szhwzwehb3vhjrpbn7aesgyc72gk50t2z6gjxvyjrdsp58her06m3c7jkqaq6bj2kjv84xz7xp13b14pnfbjwmdxvs7mcv5bcv3gvygv54n083mgcze0040x2pnew&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCE2O5ieqZY6vsG5SSrASIjb6oAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSIAk_Q92CNCsvYAvR2PKUkYE94KpKPV201PwLA363nrph24UJyXRg9-nRpJ34KVUmAu4bZmSf95JB7WOosGXGbcqrSSwRd2hIv0JqU_TxNm5ObvHhIHZnxk5ihsOVC5dg-0TNA2vF6uxb3y6zxLVQjQYoNfd1xkAUwkUa7WcsF_rAjgLAmp84dgLM7cxW5wP3b6yvnWvcGu0T-gN7i3iPoB8i_Px1DJwuNGQknmSXxVBVdUtPmoX83EPD1Ys9MDgaFEbS5nhPij-pEN57BGr7BiRAhXg0l76mHCsO4U7arKlcw7CXkaDW4uOGb9TZrccefcZTFLWQzXDvflCxlMIsefE5AGoGw16c-MeAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2fzZtZpunDHspZ36FWzYnlNgkQFQ%26client%3Dca-pub-2040478609211323%26adurl%3D

Requested by

Host: d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
URL: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0984d6ef734bc9eb23bbce576d46ad18cfde8102d7682440d4259e9cf1ab9b72

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7797f17d7d919295-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 15:23:53 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame BB9F 3 KB
1 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
URL: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:14:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Dec 2022 15:14:39 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F992 1 KB
643 B 22ms
18ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
URL: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5913
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 13:45:20 GMT
etag: 48472445140208031
expires: Thu, 15 Dec 2022 13:45:20 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame BB9F 18 KB
7 KB 24ms
18ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
URL: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 22:04:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62344
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 22:04:49 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame BB9F 24 KB
6 KB 23ms
19ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
URL: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 22:03:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 580816
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 07 Dec 2023 22:03:37 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BB9F 153 KB
47 KB 35ms
30ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
URL: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Dec 2022 15:23:53 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 37C6 5 KB
667 B 21ms
17ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 14 Dec 2022 15:23:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 13:25:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Dec 2022 15:23:53 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame 97C7 89 KB
11 KB 43ms
42ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jvetxvhwem3q0xt6jrayjr0d9gztss3w68m4qdeytag86baz669rddhx8r51ccz71z3bx9m5tv0h0hqs5fja5j0na5zrcfqb3pjrtb3j5gh71k74dbfwefzs8v4nq188sq6p089c8z5kf6k8xn1exy3mqafs0xk1fxfb2m28466yqkpc19bntd7n1wwv4nrv3pdx166pxhbvfc1c6gqk5fwgdd5cxmschq4p47q4rrzrqnswst190sj68crf783pw6947r1b9msx6h2z7gc1ja917qvs69k15m6vvjd3t171wyf9q8zyg30szhwzwehb3vhjrpbn7aesgyc72gk50t2z6gjxvyjrdsp58her06m3c7jkqaq6bj2kjv84xz7xp13b14pnfbjwmdxvs7mcv5bcv3gvygv54n083mgcze0040x2pnew&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCE2O5ieqZY6vsG5SSrASIjb6oAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSIAk_Q92CNCsvYAvR2PKUkYE94KpKPV201PwLA363nrph24UJyXRg9-nRpJ34KVUmAu4bZmSf95JB7WOosGXGbcqrSSwRd2hIv0JqU_TxNm5ObvHhIHZnxk5ihsOVC5dg-0TNA2vF6uxb3y6zxLVQjQYoNfd1xkAUwkUa7WcsF_rAjgLAmp84dgLM7cxW5wP3b6yvnWvcGu0T-gN7i3iPoB8i_Px1DJwuNGQknmSXxVBVdUtPmoX83EPD1Ys9MDgaFEbS5nhPij-pEN57BGr7BiRAhXg0l76mHCsO4U7arKlcw7CXkaDW4uOGb9TZrccefcZTFLWQzXDvflCxlMIsefE5AGoGw16c-MeAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2fzZtZpunDHspZ36FWzYnlNgkQFQ%26client%3Dca-pub-2040478609211323%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jvetxvhwem3q0xt6jrayjr0d9gztss3w68m4qdeytag86baz669rddhx8r51ccz71z3bx9m5tv0h0hqs5fja5j0na5zrcfqb3pjrtb3j5gh71k74dbfwefzs8v4nq188sq6p089c8z5kf6k8xn1exy3mqafs0xk1fxfb2m28466yqkpc19bntd7n1wwv4nrv3pdx166pxhbvfc1c6gqk5fwgdd5cxmschq4p47q4rrzrqnswst190sj68crf783pw6947r1b9msx6h2z7gc1ja917qvs69k15m6vvjd3t171wyf9q8zyg30szhwzwehb3vhjrpbn7aesgyc72gk50t2z6gjxvyjrdsp58her06m3c7jkqaq6bj2kjv84xz7xp13b14pnfbjwmdxvs7mcv5bcv3gvygv54n083mgcze0040x2pnew&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCE2O5ieqZY6vsG5SSrASIjb6oAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSIAk_Q92CNCsvYAvR2PKUkYE94KpKPV201PwLA363nrph24UJyXRg9-nRpJ34KVUmAu4bZmSf95JB7WOosGXGbcqrSSwRd2hIv0JqU_TxNm5ObvHhIHZnxk5ihsOVC5dg-0TNA2vF6uxb3y6zxLVQjQYoNfd1xkAUwkUa7WcsF_rAjgLAmp84dgLM7cxW5wP3b6yvnWvcGu0T-gN7i3iPoB8i_Px1DJwuNGQknmSXxVBVdUtPmoX83EPD1Ys9MDgaFEbS5nhPij-pEN57BGr7BiRAhXg0l76mHCsO4U7arKlcw7CXkaDW4uOGb9TZrccefcZTFLWQzXDvflCxlMIsefE5AGoGw16c-MeAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2fzZtZpunDHspZ36FWzYnlNgkQFQ%26client%3Dca-pub-2040478609211323%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1670930538
age: 95799
cf-polished: origSize=91628
x-guploader-uploadid: ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 11:22:46 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1670930566724484
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TXJk%2F7XV3qxP7MQXW1OzKNEKGs1BT2d60FdDuxXNDPJ7qpWYmDlfRLyAv6V3SGFpNwyTTpl5s809M8H54fgH%2F%2B%2FXTeINWPs5K9bZ6V%2F%2B7gTfRSfSLnslaAbL527bw5L8wjaUXeoj1rk%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 7797f17dee469295-FRA
expires: Wed, 14 Dec 2022 16:23:53 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 97C7 35 KB
12 KB 36ms
35ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jvetxvhwem3q0xt6jrayjr0d9gztss3w68m4qdeytag86baz669rddhx8r51ccz71z3bx9m5tv0h0hqs5fja5j0na5zrcfqb3pjrtb3j5gh71k74dbfwefzs8v4nq188sq6p089c8z5kf6k8xn1exy3mqafs0xk1fxfb2m28466yqkpc19bntd7n1wwv4nrv3pdx166pxhbvfc1c6gqk5fwgdd5cxmschq4p47q4rrzrqnswst190sj68crf783pw6947r1b9msx6h2z7gc1ja917qvs69k15m6vvjd3t171wyf9q8zyg30szhwzwehb3vhjrpbn7aesgyc72gk50t2z6gjxvyjrdsp58her06m3c7jkqaq6bj2kjv84xz7xp13b14pnfbjwmdxvs7mcv5bcv3gvygv54n083mgcze0040x2pnew&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCE2O5ieqZY6vsG5SSrASIjb6oAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSIAk_Q92CNCsvYAvR2PKUkYE94KpKPV201PwLA363nrph24UJyXRg9-nRpJ34KVUmAu4bZmSf95JB7WOosGXGbcqrSSwRd2hIv0JqU_TxNm5ObvHhIHZnxk5ihsOVC5dg-0TNA2vF6uxb3y6zxLVQjQYoNfd1xkAUwkUa7WcsF_rAjgLAmp84dgLM7cxW5wP3b6yvnWvcGu0T-gN7i3iPoB8i_Px1DJwuNGQknmSXxVBVdUtPmoX83EPD1Ys9MDgaFEbS5nhPij-pEN57BGr7BiRAhXg0l76mHCsO4U7arKlcw7CXkaDW4uOGb9TZrccefcZTFLWQzXDvflCxlMIsefE5AGoGw16c-MeAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2fzZtZpunDHspZ36FWzYnlNgkQFQ%26client%3Dca-pub-2040478609211323%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 06:17:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 119134
etag: W/"49e3b0ffd5e74f27b691e89cf271d672"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=grpsDsfclHR6BMRocV%2BfBov%2BmhNXit7DaAb0uyug0g8wQKHOEIzWjyv2Lb6Ygiv%2FUNmIeIavBoGUPdhGuXrZ4MkEbywaMKGXAORT1i0%2B1gH87K7RZles9zLOWAH7jTelF7oHA5w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7797f17dee479295-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 13 Dec 2022 06:18:09 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 118ms
118ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=4276303655342907&bg=!HB-lH1vNAAYgquz3AKo7ACkAdvg8Wr7thIPUg-0HBwT_Z6i8aix_8LkNoVUQbuNcoLahJlM-aAp38QIAAABcUgAAAAVoAQeZAufiiP0AREAVmfphlM9GHPVKiiqAdrGG7URsbtUxfs8hhZzSfBfnctkJjume2npObAeNUizrL_bag7V5IVZ9CbE72EKhW0OKtRp_db5QJBiZaiRSrVjr2B39LfL1cvB-iZ9m5AfIEYGDQB_yFpGHcwXbFY43x3tmhtZ44jZwBCAEK46NkhLva1--Zo1mrm_TXNzra_KJ9tmUV3_Wb9IlNEHebq5uE3u5oz8k7aZlF8RFn_y3V_JVWY1VOLt89aFbVBOZ8YtivJqu_fkOsoLCdiaGhRaY_ydLCD_cBanpPnv-UcvomoCtsNYNhvEL4IP63BQxNaB-HKeagiLhUQfT5aWCLedlTTKrcK4lAi27lmhoVatFgv9AvIe37BUqVbkaHJRbrSceUe7jyf3g201ie_BAbf0Ej8HbFAbdXhrn9xaQs7Cl_6uTyG0nUqgit1JEzr1RtZTdNa1kGOKLy8Iu_9YnU6Ai9_VmbMVAjmaeZXhUx4ogP_WLWSCzraibuBTGlThw9tP3nX5kTBSqmqr_DWt2aq_8hZQY9CiV_6x4DB5tkgMxcb_eCrw6uGJKYmTR0_4eUK1JgQBziXdesP9WCQG61iyCU8Lemxz-QtkWi4fZjU1T1gN9-FwKZp3Oj7uRtalaGixEOmQC72MlcpDv_wxo052QduEQ9k7LiOYCd-nFs3FZMAzd29JtM5HApRWbvO5zxejv67RcRNCbW9Azfy_1Kope2eUWrnE18gVSVY_6BBYytqUwkZqbYey2aum82JjXMm0vW5hlKS07YAXGKd4MunuxmnuMP8_Q7Nb6uM52KuvMX3ZHo8KARh3ymQU-fySShCpvzLijuin_nBueMW2PIjVYEn6xWhoIyXzl3IFtqpqXsZocFdsgUU7psS8nIKthO7MhK2f-8bakVfuBW8a3gQwpI-cPep_13lmacLV0eaNMk89q038glI87ba7ZYdYVoNKDfdCdDrijBsNnbWBg4tdx6B0KrQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 37C6 44 KB
44 KB 23ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 16:15:31 GMT
x-content-type-options: nosniff
age: 342502
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Dec 2023 16:15:31 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 515B 3 KB
4 KB 79ms
46ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 27927929
x-guploader-uploadid: ADPycdvK0i-nNNMv3fNeMFP8ktxrB0s9Rxn1yHxNJcTu0YzGgL1oQ0J5-KUL8U_oIDMeEhRvKXfkGwmOw_rmBs79tac
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qmvqrzwhRa62fF%2BZumKMIZnRd%2FsMD1dlOqL%2Fg4w9tw0nbIvifx4%2FWwipyu8KiGSxLN1cgzX0zVm3ItArvntl6xl97jD4sXJPKX6M%2FOHqYLPwEqejowQAFXzNcJFmmytADl20hiwSQStoWaaGXRWbvmEP"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7797f17e4a9b91e1-FRA
expires: Wed, 25 Jan 2023 09:38:24 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F992
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEDYmsXmktCZGdLXwpOST3s&google_cver=1&google_push=ASkJ3FbPZ-fX7fvGnw6Zi0nLnZv2mL5sC6RtB4HtjKSpCUVrZreWGG6p6u...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3FbPZ-fX7fvGnw6Zi0nLnZv2mL5sC6RtB4HtjKSpCUVrZreWGG6p6uZM0UCAToyBFaB5nk1d3BAZz9Bl79jAUKLDJ0Kv4NQB&google_hm=9UmGfC9wyp2i...

170 B
188 B

74ms
73ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3FbPZ-fX7fvGnw6Zi0nLnZv2mL5sC6RtB4HtjKSpCUVrZreWGG6p6uZM0UCAToyBFaB5nk1d3BAZz9Bl79jAUKLDJ0Kv4NQB&google_hm=9UmGfC9wyp2iolGixh7UqQ

Requested by

Host: d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
URL: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:23:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3FbPZ-fX7fvGnw6Zi0nLnZv2mL5sC6RtB4HtjKSpCUVrZreWGG6p6uZM0UCAToyBFaB5nk1d3BAZz9Bl79jAUKLDJ0Kv4NQB&google_hm=9UmGfC9wyp2iolGixh7UqQ
pragma: no-cache
date: Wed, 14 Dec 2022 15:23:53 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F992
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAuOs6o7cHPt30-glAwnUiQ&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAuOs6o7cHPt30-glAwnUiQ&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YmdSQUtVYXgxUDV0QlQ1&google_gid=CAESEAuOs6o7cHPt30-glAwnUiQ&google_cver=1&google_push=ASkJ3Fa0imCNBef6ZwrOP94OpDog_BQXYfGi7Oy-COpgV9r...

170 B
188 B

21ms
21ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YmdSQUtVYXgxUDV0QlQ1&google_gid=CAESEAuOs6o7cHPt30-glAwnUiQ&google_cver=1&google_push=ASkJ3Fa0imCNBef6ZwrOP94OpDog_BQXYfGi7Oy-COpgV9rn0AnB0Mcw-pf-OEffnuc8WOsMAnss7M_Hb8YRgXg79N8rEgCKy7S6

Requested by

Host: d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
URL: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:23:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 14 Dec 2022 15:23:53 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-001aff4bca77297e8@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YmdSQUtVYXgxUDV0QlQ1&google_gid=CAESEAuOs6o7cHPt30-glAwnUiQ&google_cver=1&google_push=ASkJ3Fa0imCNBef6ZwrOP94OpDog_BQXYfGi7Oy-COpgV9rn0AnB0Mcw-pf-OEffnuc8WOsMAnss7M_Hb8YRgXg79N8rEgCKy7S6
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F992
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEOZG3vKnZ3mFbJRJH1oEi8Y&google_cver=1&google_push=ASkJ3FY23Sm51iQWBOyTiLwZy_lw-whpy4t_d23iI40jJRaBYoyKunujYuxtCd1Uopu5AHZK-ZOhwq6l1pT0BU7jPE-gAuIU_Hc
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=87813C01BC394A509F34F266D169A6E4&google_push=ASkJ3FY23Sm51iQWBOyTiLwZy_lw-whpy4t_d23iI40jJRaBYoyKunujYuxtCd1Uopu5AHZK-ZOhwq6l1pT0BU7...

170 B
188 B

20ms
20ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=87813C01BC394A509F34F266D169A6E4&google_push=ASkJ3FY23Sm51iQWBOyTiLwZy_lw-whpy4t_d23iI40jJRaBYoyKunujYuxtCd1Uopu5AHZK-ZOhwq6l1pT0BU7jPE-gAuIU_Hc

Requested by

Host: d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
URL: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:23:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 14 Dec 2022 15:23:53 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=87813C01BC394A509F34F266D169A6E4&google_push=ASkJ3FY23Sm51iQWBOyTiLwZy_lw-whpy4t_d23iI40jJRaBYoyKunujYuxtCd1Uopu5AHZK-ZOhwq6l1pT0BU7jPE-gAuIU_Hc
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 13 Dec 2022 15:23:53 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame F992 0
191 B 15ms
12ms Image
text/plain 98.98.134.242
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEH46L5TSSwf256yhhfmOhXw&google_cver=1&google_push=ASkJ3FYZqZg7vHl39YGWXjrna4_rs7_Uqn20ag3W3V4l9UotGR1UnLdewOSeQg3blkyNBEDC79FxQdCfcaf-u10Ge1ck9GZE2RDo
Requested by: Host: d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
URL: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Wed, 14 Dec 2022 15:23:53 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F992
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEI3W9hBS5_cRXWutM77jryY&google_cver=1&google_push=ASkJ3FZyvW-PI205lRGjx7S-X928roXovLNsf31H5_Ssauo8okbGKVhU-JYBX6vyktYiMPpdOOb...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJOU1lYUzQtMVctSkFZOQ==&google_push=ASkJ3FZyvW-PI205lRGjx7S-X928roXovLNsf31H5_Ssauo8okbGKVhU-JYBX6vyktYiMPpdOObPLLoGc-QT31AXG8k09MtiP8W6

170 B
188 B

18ms
18ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJOU1lYUzQtMVctSkFZOQ==&google_push=ASkJ3FZyvW-PI205lRGjx7S-X928roXovLNsf31H5_Ssauo8okbGKVhU-JYBX6vyktYiMPpdOObPLLoGc-QT31AXG8k09MtiP8W6

Requested by

Host: d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
URL: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:23:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJOU1lYUzQtMVctSkFZOQ==&google_push=ASkJ3FZyvW-PI205lRGjx7S-X928roXovLNsf31H5_Ssauo8okbGKVhU-JYBX6vyktYiMPpdOObPLLoGc-QT31AXG8k09MtiP8W6
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F992
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEBin6gHQFAUbldCX_oFnk-A&google_cver=1&google_push=ASkJ3FYNw9sthr6hn9LtT3IAqDvhpW4TGuFOr8fe2cvX7P3_qoCpCcEXXHNl5ytIakb76A52JxkgJLr8hOWVdE2co...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEBin6gHQFAUbldCX_oFnk-A&google_cver=1&google_push=ASkJ3FYNw9sthr6hn9LtT3IAqDvhpW4TGuFOr8fe2cvX7P3_qoCpCcEXXHNl5ytIakb76A52JxkgJLr8hOWVdE2co...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3FYNw9sthr6hn9LtT3IAqDvhpW4TGuFOr8fe2cvX7P3_qoCpCcEXXHNl5ytIakb76A52JxkgJLr8hOWVdE2col2TgYJu_sFj&google_hm=F0LbsGZH71DpptCWSTm14Obs

170 B
188 B

18ms
17ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3FYNw9sthr6hn9LtT3IAqDvhpW4TGuFOr8fe2cvX7P3_qoCpCcEXXHNl5ytIakb76A52JxkgJLr8hOWVdE2col2TgYJu_sFj&google_hm=F0LbsGZH71DpptCWSTm14Obs

Requested by

Host: d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
URL: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:23:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 14 Dec 2022 15:23:53 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3FYNw9sthr6hn9LtT3IAqDvhpW4TGuFOr8fe2cvX7P3_qoCpCcEXXHNl5ytIakb76A52JxkgJLr8hOWVdE2col2TgYJu_sFj&google_hm=F0LbsGZH71DpptCWSTm14Obs
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F992
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEK...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ASkJ3FZiW04IVnJTLQ7ReEV8AEtHe6C8J1undr8roZLTHNyiTRLOzhcztmmihjNka7bpeX6szecupBX3dX5CoRcD95bIvIMWqNoT&redir=https%3A%2F%2Fcm.g.doubl...
https://sync.targeting.unrulymedia.com/csync/RX-5396a66e-dafa-447f-94b1-aeaa7c61e17f-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DASkJ3FZiW04IVnJTLQ7ReEV8A...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FZiW04IVnJTLQ7ReEV8AEtHe6C8J1undr8roZLTHNyiTRLOzhcztmmihjNka7bpeX6szecupBX3dX5CoRcD95bIvIMWqNoT&google_hm=A1OWpm7a-kR_lLGuqnxh4X8

170 B
188 B

20ms
20ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FZiW04IVnJTLQ7ReEV8AEtHe6C8J1undr8roZLTHNyiTRLOzhcztmmihjNka7bpeX6szecupBX3dX5CoRcD95bIvIMWqNoT&google_hm=A1OWpm7a-kR_lLGuqnxh4X8

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:23:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FZiW04IVnJTLQ7ReEV8AEtHe6C8J1undr8roZLTHNyiTRLOzhcztmmihjNka7bpeX6szecupBX3dX5CoRcD95bIvIMWqNoT&google_hm=A1OWpm7a-kR_lLGuqnxh4X8
date: Wed, 14 Dec 2022 15:23:54 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX5396a66edafa447f94b1aeaa7c61e17f003
content-type: text/html

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame F992 0
12 B 16ms
15ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IP-svMJeuPOmfLQbplyI8dT915oIWIp5hyX9uSmSk0UlpJBXIuerxTIEJFZ9kw34vfDqop

Requested by

Host: d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
URL: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:53 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame BB9F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e17f6894157343b6a0e3817569d0ed57bd50ee09c607ee91a69695a4b940648

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 frame.html Show response
ad4m.at/ Frame 4E7F 2 KB
1 KB 32ms
31ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1300356
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7797f17e5eea9295-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Wed, 14 Dec 2022 15:23:53 GMT
expires: Sat, 26 Nov 2022 23:36:57 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZS828i5MszGdEju0tVIpKRr23cm1D5NOCMZaUkxh5VUuswRt3i2Jdp0aE3Xj2OjRqIiACOYRBVUDVg1lmRXF9qGQrn%2FvOKksHWiu1zYq%2BE7g9oglUGnQHjvJhHCVSYHq0ZGzhA0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 97C7 3 KB
4 KB 51ms
50ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 27927930
x-guploader-uploadid: ADPycdvK0i-nNNMv3fNeMFP8ktxrB0s9Rxn1yHxNJcTu0YzGgL1oQ0J5-KUL8U_oIDMeEhRvKXfkGwmOw_rmBs79tac
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HRbs6tRUNfDsepdv9wZ6pnqA2bAlEZ5Ft0RcH0MOPOt7gtk%2B0cBawLZGBDjZURWOFxKIPwGA63E2IzlmLZwOa%2FJqsbu%2BUn01Gq9ONvm0BkLsmIys4cw1oNscSrKGkTpFXbIYT30dgPocBNOJCyPiocd6"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7797f17e7afd91e1-FRA
expires: Wed, 25 Jan 2023 09:38:24 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 57E4 2 KB
1 KB 23ms
23ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1300357
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7797f17e7f1d9295-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Wed, 14 Dec 2022 15:23:54 GMT
expires: Sat, 26 Nov 2022 23:36:57 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eglRunCB7QbCfUbeC4MzAa4%2F4F96ltx9FUN9oDZoWtFqw23B4QnTDrtwCYVYyNQbv1Jj4bDvmIIOCY%2BKP40Tx5BSL%2Fx65HLMVJyRmRIdtIKL4vYOjH4xoTleYlebLhg1m%2Fsx8Ls%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 94BA 42 B
64 B 113ms
113ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssQX7ti92iR1EVpQTZQJsCSytQ6oNQQNqXTYjAmwSbXoY6i0JcFGUdvdop2CbUxf6zEA86qlPF8sG9i6tX3Za-ZVi_Uayx7ybi3JuUxhasqeRs7nb--5KKDy9WOb0tsVDBs3UxQCw&sai=AMfl-YQ0jYMloRq-w3ddwQRGhBPnAGGNhjWmpsc_dTDPvTTh9ONzxxHLcyBpIqQrW2VIPgGcxdJLKIJXW8ragCw&sig=Cg0ArKJSzPTHnRR7731lEAE&cid=CAQSGwDq26N9MhKdvt-jhGX5MRLQ7SDXzfebgbN8VRgBIBM&id=lidar2&mcvt=1000&p=-70,0,430,180&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=0.72&if=1&vu=1&app=0&itpl=22&adk=522671304&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671031432742&rpt=235&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:23:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 rs Show response
ad4m.at/ Frame 515B 2 KB
2 KB 38ms
38ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e094ed359084d142eb2cb5ab4a370a9a8bbd35a157835f3faeb1a5dc06991008

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 14 Dec 2022 15:23:54 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wd1QFsZ8rHM7RBapSoReRrlnFDdYlxqfvX%2FoLnFg64GoZhWnrCuc1vuk2QfozTY64GdJ0Q5ooH7H3%2FMw8FGlnnyK24mtjUIuM0uVdmclDmN6usT%2B24n0Vdm7AiUAvqjlJqyK9NY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7797f17f1eba9bd4-FRA
x-backend-server: aa-reachservice-group-europe-west1-4wk7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 66ms
53ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7797f17ebe119bd4-FRA
content-length: 24
content-type: text/plain
date: Wed, 14 Dec 2022 15:23:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mR5UCjn24TYR%2BSsrIFUPZO%2BOtjl1qfY2ix%2BZ4pt6WTXKBvG1Zp9Qqbg9H6eYzDoQ48JYGxwzqx2nS8wEYPShrcgmfcI7Yruiz7%2FZVzT6A776j4HiMoY%2FY6S5aLX6lEj4Z%2Fk69uk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-4wk7

POST
H3 200 rs Show response
ad4m.at/ Frame 97C7 2 KB
2 KB 40ms
40ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12ecfebd2791e27380d4b92346910b2c68458bdd64d21eeac2674fb6f1557ff7

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 14 Dec 2022 15:23:54 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XbHgAPoJJy8bQqCDJ%2FUrOy05s3gIBdR6OI1Vi0N0lUl8NzCa7R8xWwbkE%2FZAT1RrS%2B26VnEj9Q27OE6CPGFLvBJZIiR885VKIcLAOzbS4sT4tn%2BxX2smyL%2FvPtglPGO%2Fz39LX%2BE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7797f17efe7d9bd4-FRA
x-backend-server: aa-reachservice-group-europe-west1-4wk7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 36ms
34ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7797f17ebe0e9bd4-FRA
content-length: 24
content-type: text/plain
date: Wed, 14 Dec 2022 15:23:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2vZ9apXlO51TaD7lDv37uyxM0qIkYtIeBaYf20tikXHDO0qBsPVKd9OHw8o7pYhwAONDBqGOlHqNMJ0VvnJWRTmgzIt3d7J75HmyX%2BmHFxaBSo3ROl1eExC%2FzxlJXB0DKVulnE8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-4wk7

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame CC08 9 KB
4 KB 34ms
34ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=197101%2C197100%2C322829&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=300&d=250&e=&g=7afd8f23a2928bb2739d12a0598a8cea%2F2612894831386259720&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671031434125&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hjk1nvtqz1n7k6e5bart646rej6rp923ahf1v0nvgjzh9vv3swryaaz8tegj53n7arvgjdk5q7bwwas94xvax8m6vtbn7ys4hs01zn1zbyht1ejwk7rbkahe1b40jj261f128hxzpq09f9989nmj3nsvw8nb94zk03e8rqnrd1jh58gysn0h6xw3hddh6ahng57da6zyfq24w4cmcdvqq4kx3svkj32xj2chqt81s8mt6xqs9t9yechkqbw4azxgj8jpd26p72k3a2p43q0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCE2O5ieqZY6vsG5SSrASIjb6oAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSIAk_Q92CNCsvYAvR2PKUkYE94KpKPV201PwLA363nrph24UJyXRg9-nRpJ34KVUmAu4bZmSf95JB7WOosGXGbcqrSSwRd2hIv0JqU_TxNm5ObvHhIHZnxk5ihsOVC5dg-0TNA2vF6uxb3y6zxLVQjQYoNfd1xkAUwkUa7WcsF_rAjgLAmp84dgLM7cxW5wP3b6yvnWvcGu0T-gN7i3iPoB8i_Px1DJwuNGQknmSXxVBVdUtPmoX83EPD1Ys9MDgaFEbS5nhPij-pEN57BGr7BiRAhXg0l76mHCsO4U7arKlcw7CXkaDW4uOGb9TZrccefcZTFLWQzXDvflCxlMIsefE5AGoGw16c-MeAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2fzZtZpunDHspZ36FWzYnlNgkQFQ%2526client%253Dca-pub-2040478609211323%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09f65334b53a09a16970b820d296045e97f976aca8821f6b6b4087fb6fcb0dce

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1jvetxvhwem3q0xt6jrayjr0d9gztss3w68m4qdeytag86baz669rddhx8r51ccz71z3bx9m5tv0h0hqs5fja5j0na5zrcfqb3pjrtb3j5gh71k74dbfwefzs8v4nq188sq6p089c8z5kf6k8xn1exy3mqafs0xk1fxfb2m28466yqkpc19bntd7n1wwv4nrv3pdx166pxhbvfc1c6gqk5fwgdd5cxmschq4p47q4rrzrqnswst190sj68crf783pw6947r1b9msx6h2z7gc1ja917qvs69k15m6vvjd3t171wyf9q8zyg30szhwzwehb3vhjrpbn7aesgyc72gk50t2z6gjxvyjrdsp58her06m3c7jkqaq6bj2kjv84xz7xp13b14pnfbjwmdxvs7mcv5bcv3gvygv54n083mgcze0040x2pnew&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCE2O5ieqZY6vsG5SSrASIjb6oAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSIAk_Q92CNCsvYAvR2PKUkYE94KpKPV201PwLA363nrph24UJyXRg9-nRpJ34KVUmAu4bZmSf95JB7WOosGXGbcqrSSwRd2hIv0JqU_TxNm5ObvHhIHZnxk5ihsOVC5dg-0TNA2vF6uxb3y6zxLVQjQYoNfd1xkAUwkUa7WcsF_rAjgLAmp84dgLM7cxW5wP3b6yvnWvcGu0T-gN7i3iPoB8i_Px1DJwuNGQknmSXxVBVdUtPmoX83EPD1Ys9MDgaFEbS5nhPij-pEN57BGr7BiRAhXg0l76mHCsO4U7arKlcw7CXkaDW4uOGb9TZrccefcZTFLWQzXDvflCxlMIsefE5AGoGw16c-MeAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2fzZtZpunDHspZ36FWzYnlNgkQFQ%26client%3Dca-pub-2040478609211323%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7797f17f382d9295-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 15:23:54 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 214D 11 KB
5 KB 66ms
66ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=321034%2C22451%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=970&d=90&e=&g=a40d0790f395cecda74506bf3992de19%2F14039298745061479039&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671031434143&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hr8skxqthhaw1xvh843jgz4xzff0mr4f61xs9rt2wbfhv73yy67k8egnst73btb1zm27zs7qhpfg46kxrmkrw0mg341dc2a09gsvn06fxa6af7cxdn99t4ctqxj1zke1wpk8s9j444hsd4z7q5afe06a5qearatj26r32knhheaawgmhmtmgra547mwhb2fz9vytke9etzzezdkrp3cevwnaj009kxsayzc4cyazk6w5kr4k5t0bndrsq53xxkfwj5y30kzd719z9y1370g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClYwQieqZY4n3Dsrn3gOLmJ64BJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSOAk_Qzcz1nSw-h_F2K2G6pFEk2ue_g1FtapJxG-z2CUUi2zuX0hQWH_zELnNecI6zzvgFycSY2eOXIsBlJAYVmA97d8zMTX7ZqTCH9B3A42wgC8fSTOB19u5GeWKxe2VsVlgzVXRbBTMKsuZn2eMDDaxMshQT7UqOoV3KcxjQ0J15pYKpPfIYw4D8rUIolJWz6qTauSGMw6nHjYy37i5QaBZSWYELz7fP_KqZObsQIBl7AI74pi2m6ivlJDXb_T8u-sByYQoJiW6uUi__9eQXWVB2qimLPfx5ctkwm_Edq-gPEIsuyKTD9hach8qY8JOZlRjeSj8lMGpKa9WrYGH4jEe-krJD-4c0dyDxmL3Y_eAEAYAG6JHKoZvZnt7qAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bNdkOS1BiyQHiIHxhd216-3bi2g%2526client%253Dca-pub-2040478609211323%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eccf449fde7ccb4f50eea742f53219dbcfb374fa6f114680e9f34719d3cd9f69

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1jy6z60fd2zs4cnwvz8wy1rsfe3qya1pztscpjkv5114j7x54fywk57kdyhx1kz24km95a6mj142vcbdnj6b16x62mn3nyc69aa5xnpm4ck01ftdfka9xtqa8ay3s232y63pb197yxrdgkq2qzde4wyvhxz7rv1753panyp60tfy6xxqkyhy0f12xr4as131rft2ab0mj0ks6jsryzyvmss3dm00r9f76dzaymbbyeehsyjxgtyb2qcn4h7rsbkt3gfsdcyxgpx40jykzpytqt2ecbg71s2rzx74ea5t32e9v9nq4qkv909cmkqp98t1xdmxqw9k8hj9w8w9vkkryf6jvg9w4ptm313gbngwd14p01vb12n3ed1zmjnt2c5arr99s3sqjk3g7hc9r3pp1qg6yb6j4056kkp6jfxb7bakg7nkcht0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClYwQieqZY4n3Dsrn3gOLmJ64BJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSOAk_Qzcz1nSw-h_F2K2G6pFEk2ue_g1FtapJxG-z2CUUi2zuX0hQWH_zELnNecI6zzvgFycSY2eOXIsBlJAYVmA97d8zMTX7ZqTCH9B3A42wgC8fSTOB19u5GeWKxe2VsVlgzVXRbBTMKsuZn2eMDDaxMshQT7UqOoV3KcxjQ0J15pYKpPfIYw4D8rUIolJWz6qTauSGMw6nHjYy37i5QaBZSWYELz7fP_KqZObsQIBl7AI74pi2m6ivlJDXb_T8u-sByYQoJiW6uUi__9eQXWVB2qimLPfx5ctkwm_Edq-gPEIsuyKTD9hach8qY8JOZlRjeSj8lMGpKa9WrYGH4jEe-krJD-4c0dyDxmL3Y_eAEAYAG6JHKoZvZnt7qAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bNdkOS1BiyQHiIHxhd216-3bi2g%26client%3Dca-pub-2040478609211323%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7797f17f585a9295-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 15:23:54 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame CC08 89 KB
11 KB 30ms
29ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C322829&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=300&d=250&e=&g=7afd8f23a2928bb2739d12a0598a8cea%2F2612894831386259720&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671031434125&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hjk1nvtqz1n7k6e5bart646rej6rp923ahf1v0nvgjzh9vv3swryaaz8tegj53n7arvgjdk5q7bwwas94xvax8m6vtbn7ys4hs01zn1zbyht1ejwk7rbkahe1b40jj261f128hxzpq09f9989nmj3nsvw8nb94zk03e8rqnrd1jh58gysn0h6xw3hddh6ahng57da6zyfq24w4cmcdvqq4kx3svkj32xj2chqt81s8mt6xqs9t9yechkqbw4azxgj8jpd26p72k3a2p43q0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCE2O5ieqZY6vsG5SSrASIjb6oAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSIAk_Q92CNCsvYAvR2PKUkYE94KpKPV201PwLA363nrph24UJyXRg9-nRpJ34KVUmAu4bZmSf95JB7WOosGXGbcqrSSwRd2hIv0JqU_TxNm5ObvHhIHZnxk5ihsOVC5dg-0TNA2vF6uxb3y6zxLVQjQYoNfd1xkAUwkUa7WcsF_rAjgLAmp84dgLM7cxW5wP3b6yvnWvcGu0T-gN7i3iPoB8i_Px1DJwuNGQknmSXxVBVdUtPmoX83EPD1Ys9MDgaFEbS5nhPij-pEN57BGr7BiRAhXg0l76mHCsO4U7arKlcw7CXkaDW4uOGb9TZrccefcZTFLWQzXDvflCxlMIsefE5AGoGw16c-MeAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2fzZtZpunDHspZ36FWzYnlNgkQFQ%2526client%253Dca-pub-2040478609211323%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C322829&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=300&d=250&e=&g=7afd8f23a2928bb2739d12a0598a8cea%2F2612894831386259720&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671031434125&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hjk1nvtqz1n7k6e5bart646rej6rp923ahf1v0nvgjzh9vv3swryaaz8tegj53n7arvgjdk5q7bwwas94xvax8m6vtbn7ys4hs01zn1zbyht1ejwk7rbkahe1b40jj261f128hxzpq09f9989nmj3nsvw8nb94zk03e8rqnrd1jh58gysn0h6xw3hddh6ahng57da6zyfq24w4cmcdvqq4kx3svkj32xj2chqt81s8mt6xqs9t9yechkqbw4azxgj8jpd26p72k3a2p43q0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCE2O5ieqZY6vsG5SSrASIjb6oAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSIAk_Q92CNCsvYAvR2PKUkYE94KpKPV201PwLA363nrph24UJyXRg9-nRpJ34KVUmAu4bZmSf95JB7WOosGXGbcqrSSwRd2hIv0JqU_TxNm5ObvHhIHZnxk5ihsOVC5dg-0TNA2vF6uxb3y6zxLVQjQYoNfd1xkAUwkUa7WcsF_rAjgLAmp84dgLM7cxW5wP3b6yvnWvcGu0T-gN7i3iPoB8i_Px1DJwuNGQknmSXxVBVdUtPmoX83EPD1Ys9MDgaFEbS5nhPij-pEN57BGr7BiRAhXg0l76mHCsO4U7arKlcw7CXkaDW4uOGb9TZrccefcZTFLWQzXDvflCxlMIsefE5AGoGw16c-MeAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2fzZtZpunDHspZ36FWzYnlNgkQFQ%2526client%253Dca-pub-2040478609211323%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1670930538
age: 95800
cf-polished: origSize=91628
x-guploader-uploadid: ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 11:22:46 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1670930566724484
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gmz1bw07ZfOVliw18L9jRJTvqpIreOm61d6JHjnM8H5zKoZRveEKDcL4P1EgB6BgXnj0aGSQDjVkZD4o3PW5%2FAv3OOEd%2BGD0fSUEOlT0yCiBf0QIvxDTlDnyNvULbpFRWFBh%2FEaUi7Y%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 7797f17f789f9295-FRA
expires: Wed, 14 Dec 2022 16:23:54 GMT

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame CC08 53 KB
54 KB 36ms
28ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C322829&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=300&d=250&e=&g=7afd8f23a2928bb2739d12a0598a8cea%2F2612894831386259720&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671031434125&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hjk1nvtqz1n7k6e5bart646rej6rp923ahf1v0nvgjzh9vv3swryaaz8tegj53n7arvgjdk5q7bwwas94xvax8m6vtbn7ys4hs01zn1zbyht1ejwk7rbkahe1b40jj261f128hxzpq09f9989nmj3nsvw8nb94zk03e8rqnrd1jh58gysn0h6xw3hddh6ahng57da6zyfq24w4cmcdvqq4kx3svkj32xj2chqt81s8mt6xqs9t9yechkqbw4azxgj8jpd26p72k3a2p43q0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCE2O5ieqZY6vsG5SSrASIjb6oAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSIAk_Q92CNCsvYAvR2PKUkYE94KpKPV201PwLA363nrph24UJyXRg9-nRpJ34KVUmAu4bZmSf95JB7WOosGXGbcqrSSwRd2hIv0JqU_TxNm5ObvHhIHZnxk5ihsOVC5dg-0TNA2vF6uxb3y6zxLVQjQYoNfd1xkAUwkUa7WcsF_rAjgLAmp84dgLM7cxW5wP3b6yvnWvcGu0T-gN7i3iPoB8i_Px1DJwuNGQknmSXxVBVdUtPmoX83EPD1Ys9MDgaFEbS5nhPij-pEN57BGr7BiRAhXg0l76mHCsO4U7arKlcw7CXkaDW4uOGb9TZrccefcZTFLWQzXDvflCxlMIsefE5AGoGw16c-MeAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2fzZtZpunDHspZ36FWzYnlNgkQFQ%2526client%253Dca-pub-2040478609211323%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7278
cf-polished: origFmt=png, origSize=115129
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54564
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YgI3IH7Z5U8R9n1tz%2FjFdsS0e1I2PgiIFROzS%2FeFqhhlbQFpkncZwar7Qu3y8xBqGwNuqTButapeOPXzz%2FUm6%2F33%2Ffly8779J9etiHUgdlg332rJS9UooP0MPLhkim92S9CVLOCb%2Ft9c%2B2Ps"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7797f17f8da39a24-FRA
expires: Thu, 15 Dec 2022 15:23:54 GMT

GET
H2 200 3778CF797E3A529087D97C23A5BCA9FADE012AB01E21FB1929557E8BD70A789A1F44E5D867099979B17313F69D44515CF12B8C937634907539AB1C54C4F5334B
assets.ad4m.at/product_image/ Frame CC08 11 KB
11 KB 40ms
34ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/3778CF797E3A529087D97C23A5BCA9FADE012AB01E21FB1929557E8BD70A789A1F44E5D867099979B17313F69D44515CF12B8C937634907539AB1C54C4F5334B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C322829&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=300&d=250&e=&g=7afd8f23a2928bb2739d12a0598a8cea%2F2612894831386259720&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671031434125&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hjk1nvtqz1n7k6e5bart646rej6rp923ahf1v0nvgjzh9vv3swryaaz8tegj53n7arvgjdk5q7bwwas94xvax8m6vtbn7ys4hs01zn1zbyht1ejwk7rbkahe1b40jj261f128hxzpq09f9989nmj3nsvw8nb94zk03e8rqnrd1jh58gysn0h6xw3hddh6ahng57da6zyfq24w4cmcdvqq4kx3svkj32xj2chqt81s8mt6xqs9t9yechkqbw4azxgj8jpd26p72k3a2p43q0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCE2O5ieqZY6vsG5SSrASIjb6oAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSIAk_Q92CNCsvYAvR2PKUkYE94KpKPV201PwLA363nrph24UJyXRg9-nRpJ34KVUmAu4bZmSf95JB7WOosGXGbcqrSSwRd2hIv0JqU_TxNm5ObvHhIHZnxk5ihsOVC5dg-0TNA2vF6uxb3y6zxLVQjQYoNfd1xkAUwkUa7WcsF_rAjgLAmp84dgLM7cxW5wP3b6yvnWvcGu0T-gN7i3iPoB8i_Px1DJwuNGQknmSXxVBVdUtPmoX83EPD1Ys9MDgaFEbS5nhPij-pEN57BGr7BiRAhXg0l76mHCsO4U7arKlcw7CXkaDW4uOGb9TZrccefcZTFLWQzXDvflCxlMIsefE5AGoGw16c-MeAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2fzZtZpunDHspZ36FWzYnlNgkQFQ%2526client%253Dca-pub-2040478609211323%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fc6327e965679b41a818cf88fdaf0b16e586c0ac03bc72d49c4f47e2ed02336

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1267169
cf-polished: qual=85, origFmt=jpeg, origSize=46259
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10888
cf-bgj: imgq:85,h2pri
last-modified: Wed, 16 Nov 2022 16:09:44 GMT
server: cloudflare
etag: "b2cf554576629d98986c459034c76d1a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qQEIBQDXkLC6lCj%2F4zVqq6glL6lRG7kqCMxHqrgc51BHqkySLMzl80dCvTOc%2FBwr9r4tfr2LOpyQ8PGURGKb6OiEuXpb1Uo0RMOiGk8alF%2Fwhob1G1wsPJzXzOihrehgbhylm8Tofy%2FQ4ztr"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7797f17f8db29a24-FRA
expires: Thu, 15 Dec 2022 15:23:54 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame CC08
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=COODrZi1-fsCFUFW4AodYVsLtQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022121416235479503132003X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=202...

49 B
1 KB

93ms
25ms

Image
image/gif

88.99.63.132
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022121416235479503132003X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2022121416235479503132003X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C322829&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=300&d=250&e=&g=7afd8f23a2928bb2739d12a0598a8cea%2F2612894831386259720&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671031434125&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hjk1nvtqz1n7k6e5bart646rej6rp923ahf1v0nvgjzh9vv3swryaaz8tegj53n7arvgjdk5q7bwwas94xvax8m6vtbn7ys4hs01zn1zbyht1ejwk7rbkahe1b40jj261f128hxzpq09f9989nmj3nsvw8nb94zk03e8rqnrd1jh58gysn0h6xw3hddh6ahng57da6zyfq24w4cmcdvqq4kx3svkj32xj2chqt81s8mt6xqs9t9yechkqbw4azxgj8jpd26p72k3a2p43q0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCE2O5ieqZY6vsG5SSrASIjb6oAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSIAk_Q92CNCsvYAvR2PKUkYE94KpKPV201PwLA363nrph24UJyXRg9-nRpJ34KVUmAu4bZmSf95JB7WOosGXGbcqrSSwRd2hIv0JqU_TxNm5ObvHhIHZnxk5ihsOVC5dg-0TNA2vF6uxb3y6zxLVQjQYoNfd1xkAUwkUa7WcsF_rAjgLAmp84dgLM7cxW5wP3b6yvnWvcGu0T-gN7i3iPoB8i_Px1DJwuNGQknmSXxVBVdUtPmoX83EPD1Ys9MDgaFEbS5nhPij-pEN57BGr7BiRAhXg0l76mHCsO4U7arKlcw7CXkaDW4uOGb9TZrccefcZTFLWQzXDvflCxlMIsefE5AGoGw16c-MeAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2fzZtZpunDHspZ36FWzYnlNgkQFQ%2526client%253Dca-pub-2040478609211323%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 88.99.63.132 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads3.sunbonet.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 15:23:54 GMT
X-NODEIP: 88.99.63.132
Server: nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022121416235479503132003X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2022121416235479503132003X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&partnerid=12218
date: Wed, 14 Dec 2022 15:23:54 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame CC08 9 KB
9 KB 36ms
30ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C322829&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=300&d=250&e=&g=7afd8f23a2928bb2739d12a0598a8cea%2F2612894831386259720&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671031434125&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hjk1nvtqz1n7k6e5bart646rej6rp923ahf1v0nvgjzh9vv3swryaaz8tegj53n7arvgjdk5q7bwwas94xvax8m6vtbn7ys4hs01zn1zbyht1ejwk7rbkahe1b40jj261f128hxzpq09f9989nmj3nsvw8nb94zk03e8rqnrd1jh58gysn0h6xw3hddh6ahng57da6zyfq24w4cmcdvqq4kx3svkj32xj2chqt81s8mt6xqs9t9yechkqbw4azxgj8jpd26p72k3a2p43q0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCE2O5ieqZY6vsG5SSrASIjb6oAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSIAk_Q92CNCsvYAvR2PKUkYE94KpKPV201PwLA363nrph24UJyXRg9-nRpJ34KVUmAu4bZmSf95JB7WOosGXGbcqrSSwRd2hIv0JqU_TxNm5ObvHhIHZnxk5ihsOVC5dg-0TNA2vF6uxb3y6zxLVQjQYoNfd1xkAUwkUa7WcsF_rAjgLAmp84dgLM7cxW5wP3b6yvnWvcGu0T-gN7i3iPoB8i_Px1DJwuNGQknmSXxVBVdUtPmoX83EPD1Ys9MDgaFEbS5nhPij-pEN57BGr7BiRAhXg0l76mHCsO4U7arKlcw7CXkaDW4uOGb9TZrccefcZTFLWQzXDvflCxlMIsefE5AGoGw16c-MeAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2fzZtZpunDHspZ36FWzYnlNgkQFQ%2526client%253Dca-pub-2040478609211323%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2482200
cf-polished: origFmt=png, origSize=24833
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9258
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:57 GMT
server: cloudflare
etag: "174bb0dc35647e204b09aa120965604a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ISWj1zr3%2FekosUTBc0TXJrQki5NYJaJKB4Q2MG%2FxCRH6ieoT8gpd9bnAr2hTyLxzCV6x97IgVehMJBbv7YgCa4Ln1vCs35gYjfDjDgoGSIdK0R1klSzTv%2B7rSiXs57v%2FODxQVlKLe9va68q"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7797f17f8db09a24-FRA
expires: Thu, 15 Dec 2022 15:23:54 GMT

GET
H2 200 FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
assets.ad4m.at/product_image/ Frame CC08 20 KB
20 KB 40ms
33ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C322829&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=300&d=250&e=&g=7afd8f23a2928bb2739d12a0598a8cea%2F2612894831386259720&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671031434125&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hjk1nvtqz1n7k6e5bart646rej6rp923ahf1v0nvgjzh9vv3swryaaz8tegj53n7arvgjdk5q7bwwas94xvax8m6vtbn7ys4hs01zn1zbyht1ejwk7rbkahe1b40jj261f128hxzpq09f9989nmj3nsvw8nb94zk03e8rqnrd1jh58gysn0h6xw3hddh6ahng57da6zyfq24w4cmcdvqq4kx3svkj32xj2chqt81s8mt6xqs9t9yechkqbw4azxgj8jpd26p72k3a2p43q0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCE2O5ieqZY6vsG5SSrASIjb6oAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSIAk_Q92CNCsvYAvR2PKUkYE94KpKPV201PwLA363nrph24UJyXRg9-nRpJ34KVUmAu4bZmSf95JB7WOosGXGbcqrSSwRd2hIv0JqU_TxNm5ObvHhIHZnxk5ihsOVC5dg-0TNA2vF6uxb3y6zxLVQjQYoNfd1xkAUwkUa7WcsF_rAjgLAmp84dgLM7cxW5wP3b6yvnWvcGu0T-gN7i3iPoB8i_Px1DJwuNGQknmSXxVBVdUtPmoX83EPD1Ys9MDgaFEbS5nhPij-pEN57BGr7BiRAhXg0l76mHCsO4U7arKlcw7CXkaDW4uOGb9TZrccefcZTFLWQzXDvflCxlMIsefE5AGoGw16c-MeAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2fzZtZpunDHspZ36FWzYnlNgkQFQ%2526client%253Dca-pub-2040478609211323%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b094a140ea1c9e6edece62a54ab0d4fb5a600ba71495dc8835a12621e49204e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2412963
cf-polished: qual=85, origFmt=jpeg, origSize=85977
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20094
cf-bgj: imgq:85,h2pri
last-modified: Wed, 16 Nov 2022 16:32:10 GMT
server: cloudflare
etag: "115bea0885590f780802fd14548a1cde"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2BOEJ3ygysD77HtURbyRllJenhYlEf55wr%2FZjTalNkDwJKJXd5J1Jk0EfrF9%2Bv3LdSCDPG9yNGI6yu%2Bgfd%2BRNaefMfHmwgzmU%2BMiaw6P5UNcAECtMXL6R8Fa1kyvgnAxZb%2FUc2BQ441Bmq3C"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7797f17f8daa9a24-FRA
expires: Thu, 15 Dec 2022 15:23:54 GMT

GET
H/1.1

200
OK

/
partner.blau.de/a/ Frame CC08
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CIOJrZi1-fsCFY-adwodTVUOLQ;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022121416235479503132001X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0

49 B
1 KB

56ms
20ms

Image
image/gif

46.4.41.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022121416235479503132001X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C322829&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=300&d=250&e=&g=7afd8f23a2928bb2739d12a0598a8cea%2F2612894831386259720&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671031434125&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hjk1nvtqz1n7k6e5bart646rej6rp923ahf1v0nvgjzh9vv3swryaaz8tegj53n7arvgjdk5q7bwwas94xvax8m6vtbn7ys4hs01zn1zbyht1ejwk7rbkahe1b40jj261f128hxzpq09f9989nmj3nsvw8nb94zk03e8rqnrd1jh58gysn0h6xw3hddh6ahng57da6zyfq24w4cmcdvqq4kx3svkj32xj2chqt81s8mt6xqs9t9yechkqbw4azxgj8jpd26p72k3a2p43q0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCE2O5ieqZY6vsG5SSrASIjb6oAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSIAk_Q92CNCsvYAvR2PKUkYE94KpKPV201PwLA363nrph24UJyXRg9-nRpJ34KVUmAu4bZmSf95JB7WOosGXGbcqrSSwRd2hIv0JqU_TxNm5ObvHhIHZnxk5ihsOVC5dg-0TNA2vF6uxb3y6zxLVQjQYoNfd1xkAUwkUa7WcsF_rAjgLAmp84dgLM7cxW5wP3b6yvnWvcGu0T-gN7i3iPoB8i_Px1DJwuNGQknmSXxVBVdUtPmoX83EPD1Ys9MDgaFEbS5nhPij-pEN57BGr7BiRAhXg0l76mHCsO4U7arKlcw7CXkaDW4uOGb9TZrccefcZTFLWQzXDvflCxlMIsefE5AGoGw16c-MeAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2fzZtZpunDHspZ36FWzYnlNgkQFQ%2526client%253Dca-pub-2040478609211323%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 46.4.41.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads2.sunbonet.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 15:23:54 GMT
X-NODEIP: 46.4.41.145
Server: nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022121416235479503132001X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
date: Wed, 14 Dec 2022 15:23:54 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
assets.ad4m.at/logo/ Frame CC08 16 KB
16 KB 34ms
28ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C322829&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=300&d=250&e=&g=7afd8f23a2928bb2739d12a0598a8cea%2F2612894831386259720&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671031434125&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hjk1nvtqz1n7k6e5bart646rej6rp923ahf1v0nvgjzh9vv3swryaaz8tegj53n7arvgjdk5q7bwwas94xvax8m6vtbn7ys4hs01zn1zbyht1ejwk7rbkahe1b40jj261f128hxzpq09f9989nmj3nsvw8nb94zk03e8rqnrd1jh58gysn0h6xw3hddh6ahng57da6zyfq24w4cmcdvqq4kx3svkj32xj2chqt81s8mt6xqs9t9yechkqbw4azxgj8jpd26p72k3a2p43q0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCE2O5ieqZY6vsG5SSrASIjb6oAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSIAk_Q92CNCsvYAvR2PKUkYE94KpKPV201PwLA363nrph24UJyXRg9-nRpJ34KVUmAu4bZmSf95JB7WOosGXGbcqrSSwRd2hIv0JqU_TxNm5ObvHhIHZnxk5ihsOVC5dg-0TNA2vF6uxb3y6zxLVQjQYoNfd1xkAUwkUa7WcsF_rAjgLAmp84dgLM7cxW5wP3b6yvnWvcGu0T-gN7i3iPoB8i_Px1DJwuNGQknmSXxVBVdUtPmoX83EPD1Ys9MDgaFEbS5nhPij-pEN57BGr7BiRAhXg0l76mHCsO4U7arKlcw7CXkaDW4uOGb9TZrccefcZTFLWQzXDvflCxlMIsefE5AGoGw16c-MeAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2fzZtZpunDHspZ36FWzYnlNgkQFQ%2526client%253Dca-pub-2040478609211323%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e07d58c68b83a3c283f75063f562aadc164ebb7cf068ffaef89bdde5011c3da8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 160624
cf-polished: origFmt=png, origSize=39979
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15996
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:07:55 GMT
server: cloudflare
etag: "ad9334664514d900a0c3b76d17ca960f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WNoGo%2FmJFIV%2FKZJqdEa0ioo6zeUc6fugdRifckW8w%2BWgQ04ITIetmtVVx%2F87DdFFc9nKx5B36D90yWAR%2FdAPDo%2BPY2D1SI69ylI1VUWQaPFsrhhm%2F4pVLr6TB0L8B7ylgYUP62G4ptB3%2Be%2Bf"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7797f17f8dac9a24-FRA
expires: Thu, 15 Dec 2022 15:23:54 GMT

GET
H2 200 EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame CC08 222 KB
222 KB 25ms
20ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C322829&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=300&d=250&e=&g=7afd8f23a2928bb2739d12a0598a8cea%2F2612894831386259720&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671031434125&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hjk1nvtqz1n7k6e5bart646rej6rp923ahf1v0nvgjzh9vv3swryaaz8tegj53n7arvgjdk5q7bwwas94xvax8m6vtbn7ys4hs01zn1zbyht1ejwk7rbkahe1b40jj261f128hxzpq09f9989nmj3nsvw8nb94zk03e8rqnrd1jh58gysn0h6xw3hddh6ahng57da6zyfq24w4cmcdvqq4kx3svkj32xj2chqt81s8mt6xqs9t9yechkqbw4azxgj8jpd26p72k3a2p43q0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCE2O5ieqZY6vsG5SSrASIjb6oAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSIAk_Q92CNCsvYAvR2PKUkYE94KpKPV201PwLA363nrph24UJyXRg9-nRpJ34KVUmAu4bZmSf95JB7WOosGXGbcqrSSwRd2hIv0JqU_TxNm5ObvHhIHZnxk5ihsOVC5dg-0TNA2vF6uxb3y6zxLVQjQYoNfd1xkAUwkUa7WcsF_rAjgLAmp84dgLM7cxW5wP3b6yvnWvcGu0T-gN7i3iPoB8i_Px1DJwuNGQknmSXxVBVdUtPmoX83EPD1Ys9MDgaFEbS5nhPij-pEN57BGr7BiRAhXg0l76mHCsO4U7arKlcw7CXkaDW4uOGb9TZrccefcZTFLWQzXDvflCxlMIsefE5AGoGw16c-MeAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2fzZtZpunDHspZ36FWzYnlNgkQFQ%2526client%253Dca-pub-2040478609211323%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 160827
cf-polished: origFmt=png, origSize=342797
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 226916
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Jun 2022 14:01:11 GMT
server: cloudflare
etag: "82c7de0f42ff55fdd0acc07731664031"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fbq4l8QEuleH1sMmvzpZbxDXqloNXoFtU6RWf2tRsI8v0S6Fxq9nIRm1Kge7lLhOfdOj6EmNsdbFjWScqtqIp30HZ16To1buS3tXb7QjFFCittjR1lztnIMcAH7kZzAERWI2t9xGWF54Y%2FXE"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7797f17f8da99a24-FRA
expires: Thu, 15 Dec 2022 15:23:54 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame CC08
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1671031434_51f47d90-7bc3-11ed-89a3-223851067267&insert=AW&&gdpr=0&gdpr_consent=

0
640 B

123ms
96ms

Image
text/html

2606:4700::6812:7f05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1671031434_51f47d90-7bc3-11ed-89a3-223851067267&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C322829&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=300&d=250&e=&g=7afd8f23a2928bb2739d12a0598a8cea%2F2612894831386259720&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671031434125&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hjk1nvtqz1n7k6e5bart646rej6rp923ahf1v0nvgjzh9vv3swryaaz8tegj53n7arvgjdk5q7bwwas94xvax8m6vtbn7ys4hs01zn1zbyht1ejwk7rbkahe1b40jj261f128hxzpq09f9989nmj3nsvw8nb94zk03e8rqnrd1jh58gysn0h6xw3hddh6ahng57da6zyfq24w4cmcdvqq4kx3svkj32xj2chqt81s8mt6xqs9t9yechkqbw4azxgj8jpd26p72k3a2p43q0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCE2O5ieqZY6vsG5SSrASIjb6oAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSIAk_Q92CNCsvYAvR2PKUkYE94KpKPV201PwLA363nrph24UJyXRg9-nRpJ34KVUmAu4bZmSf95JB7WOosGXGbcqrSSwRd2hIv0JqU_TxNm5ObvHhIHZnxk5ihsOVC5dg-0TNA2vF6uxb3y6zxLVQjQYoNfd1xkAUwkUa7WcsF_rAjgLAmp84dgLM7cxW5wP3b6yvnWvcGu0T-gN7i3iPoB8i_Px1DJwuNGQknmSXxVBVdUtPmoX83EPD1Ys9MDgaFEbS5nhPij-pEN57BGr7BiRAhXg0l76mHCsO4U7arKlcw7CXkaDW4uOGb9TZrccefcZTFLWQzXDvflCxlMIsefE5AGoGw16c-MeAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2fzZtZpunDHspZ36FWzYnlNgkQFQ%2526client%253Dca-pub-2040478609211323%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:54 GMT
via: 1.1 additional-webserver-blue-115j (Varnish/7.2)
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000
age: 0
content-type: text/html; charset=UTF-8
p3p: policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish: 566660503
cache-control: no-cache
cf-ray: 7797f18048e09201-FRA
expires: -1

Redirect headers

Date: Wed, 14 Dec 2022 15:23:54 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1671031434_51f47d90-7bc3-11ed-89a3-223851067267&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 061A 42 B
64 B 114ms
114ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsufGvkNCfvgk_YpWG9yTvEBkaDjhHKJcnlZLQoqn9psqM_t_v1J7H47VPTloJzwVJoydkwvN781hGmoS6VOYZV_Mha_sN9Q4F0SO5WYBoF6dvRyQxoTkBUZ_Hn9FiDGEtVTRrc-gQ&sai=AMfl-YRI_FzEKICWnmTm1UghShohaH7l1h0qrl0hReQAMsWD3tesm-oyZBGHOKvUYy_6oT1J6XR-iSebD9paL24&sig=Cg0ArKJSzAtusUpECAa_EAE&cid=CAQSGwDq26N9MhKdvt-jhGX5MRLQ7SDXzfebgbN8VRgBIBM&id=lidar2&mcvt=1003&p=0,0,124,1005&mtos=126,809,1003,1155,1155&tos=126,683,194,152,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=522671301&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671031432734&rpt=262&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:23:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame 214D 89 KB
11 KB 52ms
50ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C22451%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=970&d=90&e=&g=a40d0790f395cecda74506bf3992de19%2F14039298745061479039&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671031434143&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hr8skxqthhaw1xvh843jgz4xzff0mr4f61xs9rt2wbfhv73yy67k8egnst73btb1zm27zs7qhpfg46kxrmkrw0mg341dc2a09gsvn06fxa6af7cxdn99t4ctqxj1zke1wpk8s9j444hsd4z7q5afe06a5qearatj26r32knhheaawgmhmtmgra547mwhb2fz9vytke9etzzezdkrp3cevwnaj009kxsayzc4cyazk6w5kr4k5t0bndrsq53xxkfwj5y30kzd719z9y1370g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClYwQieqZY4n3Dsrn3gOLmJ64BJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSOAk_Qzcz1nSw-h_F2K2G6pFEk2ue_g1FtapJxG-z2CUUi2zuX0hQWH_zELnNecI6zzvgFycSY2eOXIsBlJAYVmA97d8zMTX7ZqTCH9B3A42wgC8fSTOB19u5GeWKxe2VsVlgzVXRbBTMKsuZn2eMDDaxMshQT7UqOoV3KcxjQ0J15pYKpPfIYw4D8rUIolJWz6qTauSGMw6nHjYy37i5QaBZSWYELz7fP_KqZObsQIBl7AI74pi2m6ivlJDXb_T8u-sByYQoJiW6uUi__9eQXWVB2qimLPfx5ctkwm_Edq-gPEIsuyKTD9hach8qY8JOZlRjeSj8lMGpKa9WrYGH4jEe-krJD-4c0dyDxmL3Y_eAEAYAG6JHKoZvZnt7qAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bNdkOS1BiyQHiIHxhd216-3bi2g%2526client%253Dca-pub-2040478609211323%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=321034%2C22451%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=970&d=90&e=&g=a40d0790f395cecda74506bf3992de19%2F14039298745061479039&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671031434143&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hr8skxqthhaw1xvh843jgz4xzff0mr4f61xs9rt2wbfhv73yy67k8egnst73btb1zm27zs7qhpfg46kxrmkrw0mg341dc2a09gsvn06fxa6af7cxdn99t4ctqxj1zke1wpk8s9j444hsd4z7q5afe06a5qearatj26r32knhheaawgmhmtmgra547mwhb2fz9vytke9etzzezdkrp3cevwnaj009kxsayzc4cyazk6w5kr4k5t0bndrsq53xxkfwj5y30kzd719z9y1370g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClYwQieqZY4n3Dsrn3gOLmJ64BJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSOAk_Qzcz1nSw-h_F2K2G6pFEk2ue_g1FtapJxG-z2CUUi2zuX0hQWH_zELnNecI6zzvgFycSY2eOXIsBlJAYVmA97d8zMTX7ZqTCH9B3A42wgC8fSTOB19u5GeWKxe2VsVlgzVXRbBTMKsuZn2eMDDaxMshQT7UqOoV3KcxjQ0J15pYKpPfIYw4D8rUIolJWz6qTauSGMw6nHjYy37i5QaBZSWYELz7fP_KqZObsQIBl7AI74pi2m6ivlJDXb_T8u-sByYQoJiW6uUi__9eQXWVB2qimLPfx5ctkwm_Edq-gPEIsuyKTD9hach8qY8JOZlRjeSj8lMGpKa9WrYGH4jEe-krJD-4c0dyDxmL3Y_eAEAYAG6JHKoZvZnt7qAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bNdkOS1BiyQHiIHxhd216-3bi2g%2526client%253Dca-pub-2040478609211323%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1670930538
age: 95800
cf-polished: origSize=91628
x-guploader-uploadid: ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 11:22:46 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1670930566724484
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=thtBqy8aqh%2Bubbxg2gYr%2B8I3ZbLinWidot3Pt6LfU707jSWqmL9K10nduucDPGe8z84FqM57TYH1vATvrG5S9iXMr6UGDqaScl0X1QoDmEM0GAkVrKjHkeEGDefl7FZtPjBikTdzM60%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 7797f17fd91d9295-FRA
expires: Wed, 14 Dec 2022 16:23:54 GMT

GET
H3 200 F2696AE884D1EB814BAC836D7ECEB3E3842C890A7F3525161F7565B21132CACC0AD310A864434D76C9D56FE1B71A52BBF7870DA7440A2E17DF2B23750AE47772
assets.ad4m.at/logo/ Frame 214D 3 KB
4 KB 44ms
43ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F2696AE884D1EB814BAC836D7ECEB3E3842C890A7F3525161F7565B21132CACC0AD310A864434D76C9D56FE1B71A52BBF7870DA7440A2E17DF2B23750AE47772
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C22451%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=970&d=90&e=&g=a40d0790f395cecda74506bf3992de19%2F14039298745061479039&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671031434143&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hr8skxqthhaw1xvh843jgz4xzff0mr4f61xs9rt2wbfhv73yy67k8egnst73btb1zm27zs7qhpfg46kxrmkrw0mg341dc2a09gsvn06fxa6af7cxdn99t4ctqxj1zke1wpk8s9j444hsd4z7q5afe06a5qearatj26r32knhheaawgmhmtmgra547mwhb2fz9vytke9etzzezdkrp3cevwnaj009kxsayzc4cyazk6w5kr4k5t0bndrsq53xxkfwj5y30kzd719z9y1370g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClYwQieqZY4n3Dsrn3gOLmJ64BJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSOAk_Qzcz1nSw-h_F2K2G6pFEk2ue_g1FtapJxG-z2CUUi2zuX0hQWH_zELnNecI6zzvgFycSY2eOXIsBlJAYVmA97d8zMTX7ZqTCH9B3A42wgC8fSTOB19u5GeWKxe2VsVlgzVXRbBTMKsuZn2eMDDaxMshQT7UqOoV3KcxjQ0J15pYKpPfIYw4D8rUIolJWz6qTauSGMw6nHjYy37i5QaBZSWYELz7fP_KqZObsQIBl7AI74pi2m6ivlJDXb_T8u-sByYQoJiW6uUi__9eQXWVB2qimLPfx5ctkwm_Edq-gPEIsuyKTD9hach8qY8JOZlRjeSj8lMGpKa9WrYGH4jEe-krJD-4c0dyDxmL3Y_eAEAYAG6JHKoZvZnt7qAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bNdkOS1BiyQHiIHxhd216-3bi2g%2526client%253Dca-pub-2040478609211323%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6151c6cb78b2f0ced663b5e32e13658236477225b4416c52e57142f3d610f058

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2414500
cf-polished: origFmt=png, origSize=11554
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3224
cf-bgj: imgq:85,h2pri
last-modified: Wed, 09 Nov 2022 07:30:35 GMT
server: cloudflare
etag: "1ca6a79380ae53c080c2e12b38bdb5eb"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cJvyAuTIFT0kLwRJU09ndGVKQWFl8XAw38W%2BmaM8RM4%2F56Iq2HLM%2B12LYDqA%2FW2tAI6S6ggmH0Kz3lmSWgs1N4uUPybTNsv%2BsBbzb4769tuhFo4A%2FNB9%2BbAFFPmN1ZS%2BahWGKxwHYVPMBZ8H"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7797f17fd91f9295-FRA
expires: Thu, 15 Dec 2022 15:23:54 GMT

GET
H3 200 43EB8D27EDF06982A1CDF7B120851C41F9AE11B7D734EE12251DEFFB51C17BC6EAEB7A2F2E7C750E0DD6FDA73367D0F20B75F513B858755E76942F713443F3B9
assets.ad4m.at/product_image/ Frame 214D 296 KB
296 KB 20ms
19ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/43EB8D27EDF06982A1CDF7B120851C41F9AE11B7D734EE12251DEFFB51C17BC6EAEB7A2F2E7C750E0DD6FDA73367D0F20B75F513B858755E76942F713443F3B9
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C22451%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=970&d=90&e=&g=a40d0790f395cecda74506bf3992de19%2F14039298745061479039&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671031434143&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hr8skxqthhaw1xvh843jgz4xzff0mr4f61xs9rt2wbfhv73yy67k8egnst73btb1zm27zs7qhpfg46kxrmkrw0mg341dc2a09gsvn06fxa6af7cxdn99t4ctqxj1zke1wpk8s9j444hsd4z7q5afe06a5qearatj26r32knhheaawgmhmtmgra547mwhb2fz9vytke9etzzezdkrp3cevwnaj009kxsayzc4cyazk6w5kr4k5t0bndrsq53xxkfwj5y30kzd719z9y1370g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClYwQieqZY4n3Dsrn3gOLmJ64BJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSOAk_Qzcz1nSw-h_F2K2G6pFEk2ue_g1FtapJxG-z2CUUi2zuX0hQWH_zELnNecI6zzvgFycSY2eOXIsBlJAYVmA97d8zMTX7ZqTCH9B3A42wgC8fSTOB19u5GeWKxe2VsVlgzVXRbBTMKsuZn2eMDDaxMshQT7UqOoV3KcxjQ0J15pYKpPfIYw4D8rUIolJWz6qTauSGMw6nHjYy37i5QaBZSWYELz7fP_KqZObsQIBl7AI74pi2m6ivlJDXb_T8u-sByYQoJiW6uUi__9eQXWVB2qimLPfx5ctkwm_Edq-gPEIsuyKTD9hach8qY8JOZlRjeSj8lMGpKa9WrYGH4jEe-krJD-4c0dyDxmL3Y_eAEAYAG6JHKoZvZnt7qAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bNdkOS1BiyQHiIHxhd216-3bi2g%2526client%253Dca-pub-2040478609211323%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 262be405d24e2c19dc4e3ecce75466f864fd5959649e39b8b97fd1c83c54087f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 251597
cf-polished: origFmt=png, origSize=466926
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 302728
cf-bgj: imgq:85,h2pri
last-modified: Wed, 09 Nov 2022 12:39:43 GMT
server: cloudflare
etag: "45f5fed59fc1f13fbebb41146459eb81"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5x7E%2Fyl7bOp%2FXVNWPTPKWENIZZPABITRkL8a39UTu1cjHfoCDYBJ7TKA%2Fm%2Finjpe0MNXnwWcNMFXcXB%2BewCed6yst1xkcw%2Bv6oh%2BgHn%2FUv4PIhFq7sfMgOGJ%2F5AaOy8zIpkKlIf064f8xgDR"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7797f17fd9239295-FRA
expires: Thu, 15 Dec 2022 15:23:54 GMT

GET
H3 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 214D 8 KB
9 KB 61ms
59ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C22451%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=970&d=90&e=&g=a40d0790f395cecda74506bf3992de19%2F14039298745061479039&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671031434143&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hr8skxqthhaw1xvh843jgz4xzff0mr4f61xs9rt2wbfhv73yy67k8egnst73btb1zm27zs7qhpfg46kxrmkrw0mg341dc2a09gsvn06fxa6af7cxdn99t4ctqxj1zke1wpk8s9j444hsd4z7q5afe06a5qearatj26r32knhheaawgmhmtmgra547mwhb2fz9vytke9etzzezdkrp3cevwnaj009kxsayzc4cyazk6w5kr4k5t0bndrsq53xxkfwj5y30kzd719z9y1370g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClYwQieqZY4n3Dsrn3gOLmJ64BJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSOAk_Qzcz1nSw-h_F2K2G6pFEk2ue_g1FtapJxG-z2CUUi2zuX0hQWH_zELnNecI6zzvgFycSY2eOXIsBlJAYVmA97d8zMTX7ZqTCH9B3A42wgC8fSTOB19u5GeWKxe2VsVlgzVXRbBTMKsuZn2eMDDaxMshQT7UqOoV3KcxjQ0J15pYKpPfIYw4D8rUIolJWz6qTauSGMw6nHjYy37i5QaBZSWYELz7fP_KqZObsQIBl7AI74pi2m6ivlJDXb_T8u-sByYQoJiW6uUi__9eQXWVB2qimLPfx5ctkwm_Edq-gPEIsuyKTD9hach8qY8JOZlRjeSj8lMGpKa9WrYGH4jEe-krJD-4c0dyDxmL3Y_eAEAYAG6JHKoZvZnt7qAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bNdkOS1BiyQHiIHxhd216-3bi2g%2526client%253Dca-pub-2040478609211323%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1109612
cf-polished: qual=85, origFmt=jpeg, origSize=16723
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8354
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G95Kkd5WOuNmWQ7gySjKjNQDhZ2dmbiuNQgkFF8TRyvPwdlN7VkSsbKosL2IRmGtql5sG1kfvCN8O7bapdPIdwtjHlzL35QFujsWUts%2F9VkybEKXAA7bfoRC%2BmlMtk2avLMzXpTbiCFqNjs9"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7797f17fd9269295-FRA
expires: Thu, 15 Dec 2022 15:23:54 GMT

GET
H3 200 FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
assets.ad4m.at/product_image/ Frame 214D 30 KB
30 KB 61ms
60ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C22451%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=970&d=90&e=&g=a40d0790f395cecda74506bf3992de19%2F14039298745061479039&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671031434143&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hr8skxqthhaw1xvh843jgz4xzff0mr4f61xs9rt2wbfhv73yy67k8egnst73btb1zm27zs7qhpfg46kxrmkrw0mg341dc2a09gsvn06fxa6af7cxdn99t4ctqxj1zke1wpk8s9j444hsd4z7q5afe06a5qearatj26r32knhheaawgmhmtmgra547mwhb2fz9vytke9etzzezdkrp3cevwnaj009kxsayzc4cyazk6w5kr4k5t0bndrsq53xxkfwj5y30kzd719z9y1370g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClYwQieqZY4n3Dsrn3gOLmJ64BJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSOAk_Qzcz1nSw-h_F2K2G6pFEk2ue_g1FtapJxG-z2CUUi2zuX0hQWH_zELnNecI6zzvgFycSY2eOXIsBlJAYVmA97d8zMTX7ZqTCH9B3A42wgC8fSTOB19u5GeWKxe2VsVlgzVXRbBTMKsuZn2eMDDaxMshQT7UqOoV3KcxjQ0J15pYKpPfIYw4D8rUIolJWz6qTauSGMw6nHjYy37i5QaBZSWYELz7fP_KqZObsQIBl7AI74pi2m6ivlJDXb_T8u-sByYQoJiW6uUi__9eQXWVB2qimLPfx5ctkwm_Edq-gPEIsuyKTD9hach8qY8JOZlRjeSj8lMGpKa9WrYGH4jEe-krJD-4c0dyDxmL3Y_eAEAYAG6JHKoZvZnt7qAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bNdkOS1BiyQHiIHxhd216-3bi2g%2526client%253Dca-pub-2040478609211323%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2057527
cf-polished: qual=85, origFmt=jpeg, origSize=81547
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30226
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Apr 2020 08:50:22 GMT
server: cloudflare
etag: "f7c8b1c28756e1f042414e043a02e1fa"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uzS7VVrHsjSjL6lJBu%2Bel0KDzorcNyN0HN7Kgg4pf5eti%2FU9SIwDXzf4i%2Bp3s33R8i635dmo5Ur3PHRp4D%2FJ5qUMvFYepfAFzRC6YDqNYX%2FefxAoZR4Vo6wugGb7LNCk0FTLBcb5VEQQ2oXq"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7797f17fd9279295-FRA
expires: Thu, 15 Dec 2022 15:23:54 GMT

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 214D
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CKq1r5i1-fsCFRkI4Aod3E0F4g;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1671031434_520371b0-7bc3-11ed-adce-2234a4c513ba

0
517 B

50ms
12ms

Image
text/plain

87.118.116.9
KEYWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1671031434_520371b0-7bc3-11ed-adce-2234a4c513ba
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C22451%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=970&d=90&e=&g=a40d0790f395cecda74506bf3992de19%2F14039298745061479039&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671031434143&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hr8skxqthhaw1xvh843jgz4xzff0mr4f61xs9rt2wbfhv73yy67k8egnst73btb1zm27zs7qhpfg46kxrmkrw0mg341dc2a09gsvn06fxa6af7cxdn99t4ctqxj1zke1wpk8s9j444hsd4z7q5afe06a5qearatj26r32knhheaawgmhmtmgra547mwhb2fz9vytke9etzzezdkrp3cevwnaj009kxsayzc4cyazk6w5kr4k5t0bndrsq53xxkfwj5y30kzd719z9y1370g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClYwQieqZY4n3Dsrn3gOLmJ64BJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSOAk_Qzcz1nSw-h_F2K2G6pFEk2ue_g1FtapJxG-z2CUUi2zuX0hQWH_zELnNecI6zzvgFycSY2eOXIsBlJAYVmA97d8zMTX7ZqTCH9B3A42wgC8fSTOB19u5GeWKxe2VsVlgzVXRbBTMKsuZn2eMDDaxMshQT7UqOoV3KcxjQ0J15pYKpPfIYw4D8rUIolJWz6qTauSGMw6nHjYy37i5QaBZSWYELz7fP_KqZObsQIBl7AI74pi2m6ivlJDXb_T8u-sByYQoJiW6uUi__9eQXWVB2qimLPfx5ctkwm_Edq-gPEIsuyKTD9hach8qY8JOZlRjeSj8lMGpKa9WrYGH4jEe-krJD-4c0dyDxmL3Y_eAEAYAG6JHKoZvZnt7qAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bNdkOS1BiyQHiIHxhd216-3bi2g%2526client%253Dca-pub-2040478609211323%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 87.118.116.9 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: km36617.keymachine.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Dec 2022 15:23:54 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Wed, 14 Dec 2022 15:23:54 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1671031434_520371b0-7bc3-11ed-adce-2234a4c513ba
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 214D 2 KB
3 KB 65ms
64ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C22451%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=970&d=90&e=&g=a40d0790f395cecda74506bf3992de19%2F14039298745061479039&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671031434143&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hr8skxqthhaw1xvh843jgz4xzff0mr4f61xs9rt2wbfhv73yy67k8egnst73btb1zm27zs7qhpfg46kxrmkrw0mg341dc2a09gsvn06fxa6af7cxdn99t4ctqxj1zke1wpk8s9j444hsd4z7q5afe06a5qearatj26r32knhheaawgmhmtmgra547mwhb2fz9vytke9etzzezdkrp3cevwnaj009kxsayzc4cyazk6w5kr4k5t0bndrsq53xxkfwj5y30kzd719z9y1370g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClYwQieqZY4n3Dsrn3gOLmJ64BJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSOAk_Qzcz1nSw-h_F2K2G6pFEk2ue_g1FtapJxG-z2CUUi2zuX0hQWH_zELnNecI6zzvgFycSY2eOXIsBlJAYVmA97d8zMTX7ZqTCH9B3A42wgC8fSTOB19u5GeWKxe2VsVlgzVXRbBTMKsuZn2eMDDaxMshQT7UqOoV3KcxjQ0J15pYKpPfIYw4D8rUIolJWz6qTauSGMw6nHjYy37i5QaBZSWYELz7fP_KqZObsQIBl7AI74pi2m6ivlJDXb_T8u-sByYQoJiW6uUi__9eQXWVB2qimLPfx5ctkwm_Edq-gPEIsuyKTD9hach8qY8JOZlRjeSj8lMGpKa9WrYGH4jEe-krJD-4c0dyDxmL3Y_eAEAYAG6JHKoZvZnt7qAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bNdkOS1BiyQHiIHxhd216-3bi2g%2526client%253Dca-pub-2040478609211323%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2407769
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2330
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OqAsVLVRHDp7SCHAfviYvhHvc0IMNfmGR9Mayz6EV2oiT6nz0q%2FWxvNrPihDZOT3ALtXZukFnF6A6QLev9TqBB7uHakupRe0Z2Z5qSQ1XE0l0lZPACsVHNWA3HmsT2dCfjyN2DCivOPHio0b"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7797f17fd9319295-FRA
expires: Thu, 15 Dec 2022 15:23:54 GMT

GET
H3 200 B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame 214D 339 KB
340 KB 65ms
64ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C22451%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=970&d=90&e=&g=a40d0790f395cecda74506bf3992de19%2F14039298745061479039&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671031434143&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hr8skxqthhaw1xvh843jgz4xzff0mr4f61xs9rt2wbfhv73yy67k8egnst73btb1zm27zs7qhpfg46kxrmkrw0mg341dc2a09gsvn06fxa6af7cxdn99t4ctqxj1zke1wpk8s9j444hsd4z7q5afe06a5qearatj26r32knhheaawgmhmtmgra547mwhb2fz9vytke9etzzezdkrp3cevwnaj009kxsayzc4cyazk6w5kr4k5t0bndrsq53xxkfwj5y30kzd719z9y1370g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClYwQieqZY4n3Dsrn3gOLmJ64BJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSOAk_Qzcz1nSw-h_F2K2G6pFEk2ue_g1FtapJxG-z2CUUi2zuX0hQWH_zELnNecI6zzvgFycSY2eOXIsBlJAYVmA97d8zMTX7ZqTCH9B3A42wgC8fSTOB19u5GeWKxe2VsVlgzVXRbBTMKsuZn2eMDDaxMshQT7UqOoV3KcxjQ0J15pYKpPfIYw4D8rUIolJWz6qTauSGMw6nHjYy37i5QaBZSWYELz7fP_KqZObsQIBl7AI74pi2m6ivlJDXb_T8u-sByYQoJiW6uUi__9eQXWVB2qimLPfx5ctkwm_Edq-gPEIsuyKTD9hach8qY8JOZlRjeSj8lMGpKa9WrYGH4jEe-krJD-4c0dyDxmL3Y_eAEAYAG6JHKoZvZnt7qAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bNdkOS1BiyQHiIHxhd216-3bi2g%2526client%253Dca-pub-2040478609211323%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1711269
cf-polished: origFmt=png, origSize=563367
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 347098
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Apr 2021 07:22:09 GMT
server: cloudflare
etag: "ff5ac113643d20bec15acfffe32cb75e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OfEB2KWrsFZHltewE6yOvw9OdBrNfa%2F0RBiWuFYsQI9gCaQ5fRDNpb4y0qBO%2BVpDSMZd8SeKvrkixPaNCmw7OW9teOPSFZ4sOqcIcr4n9qn5fhw9l1GdTVa9sbXX37f28Fxe7J%2FVdZpuZl%2Bh"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7797f17fd9339295-FRA
expires: Thu, 15 Dec 2022 15:23:54 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 214D 43 B
702 B 76ms
59ms Image
image/gif 184.24.12.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2767075&v=20044&q=402224&r=412871&pv=1&pref3=oneidz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSWoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C22451%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=970&d=90&e=&g=a40d0790f395cecda74506bf3992de19%2F14039298745061479039&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671031434143&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hr8skxqthhaw1xvh843jgz4xzff0mr4f61xs9rt2wbfhv73yy67k8egnst73btb1zm27zs7qhpfg46kxrmkrw0mg341dc2a09gsvn06fxa6af7cxdn99t4ctqxj1zke1wpk8s9j444hsd4z7q5afe06a5qearatj26r32knhheaawgmhmtmgra547mwhb2fz9vytke9etzzezdkrp3cevwnaj009kxsayzc4cyazk6w5kr4k5t0bndrsq53xxkfwj5y30kzd719z9y1370g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClYwQieqZY4n3Dsrn3gOLmJ64BJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSOAk_Qzcz1nSw-h_F2K2G6pFEk2ue_g1FtapJxG-z2CUUi2zuX0hQWH_zELnNecI6zzvgFycSY2eOXIsBlJAYVmA97d8zMTX7ZqTCH9B3A42wgC8fSTOB19u5GeWKxe2VsVlgzVXRbBTMKsuZn2eMDDaxMshQT7UqOoV3KcxjQ0J15pYKpPfIYw4D8rUIolJWz6qTauSGMw6nHjYy37i5QaBZSWYELz7fP_KqZObsQIBl7AI74pi2m6ivlJDXb_T8u-sByYQoJiW6uUi__9eQXWVB2qimLPfx5ctkwm_Edq-gPEIsuyKTD9hach8qY8JOZlRjeSj8lMGpKa9WrYGH4jEe-krJD-4c0dyDxmL3Y_eAEAYAG6JHKoZvZnt7qAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bNdkOS1BiyQHiIHxhd216-3bi2g%2526client%253Dca-pub-2040478609211323%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

184.24.12.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-12-207.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Dec 2022 15:23:54 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 429 link.html
track.webgains.com/ Frame 214D 0
0 100ms
38ms Script
text/html 18.133.151.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=4366768&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j5d9fy5ybk0e3eg7nwxqnrmf59ty7s4mc46p7eyr31svrqfvsk3wyj19mbkxvcd0nm9xvm46sj2143ezcegwytvajs9bpneq7nwkw2vvw4enmtv04cvgc7t4jc9xfqcfa6yapk5tyxz40c5cfjcjnz8p8wmtner5j4ztenv1zv5ys19804mgcht9g4407rj3a9fen3s5ncbby75s732ptj4bqznfc9fhxsft1r4w86bdy4x92ftjpca81psn6rypfamjnpz%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hr8skxqthhaw1xvh843jgz4xzff0mr4f61xs9rt2wbfhv73yy67k8egnst73btb1zm27zs7qhpfg46kxrmkrw0mg341dc2a09gsvn06fxa6af7cxdn99t4ctqxj1zke1wpk8s9j444hsd4z7q5afe06a5qearatj26r32knhheaawgmhmtmgra547mwhb2fz9vytke9etzzezdkrp3cevwnaj009kxsayzc4cyazk6w5kr4k5t0bndrsq53xxkfwj5y30kzd719z9y1370g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DClYwQieqZY4n3Dsrn3gOLmJ64BJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSOAk_Qzcz1nSw-h_F2K2G6pFEk2ue_g1FtapJxG-z2CUUi2zuX0hQWH_zELnNecI6zzvgFycSY2eOXIsBlJAYVmA97d8zMTX7ZqTCH9B3A42wgC8fSTOB19u5GeWKxe2VsVlgzVXRbBTMKsuZn2eMDDaxMshQT7UqOoV3KcxjQ0J15pYKpPfIYw4D8rUIolJWz6qTauSGMw6nHjYy37i5QaBZSWYELz7fP_KqZObsQIBl7AI74pi2m6ivlJDXb_T8u-sByYQoJiW6uUi__9eQXWVB2qimLPfx5ctkwm_Edq-gPEIsuyKTD9hach8qY8JOZlRjeSj8lMGpKa9WrYGH4jEe-krJD-4c0dyDxmL3Y_eAEAYAG6JHKoZvZnt7qAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1bNdkOS1BiyQHiIHxhd216-3bi2g%252526client%25253Dca-pub-2040478609211323%252526adurl%25253D&clickref=oneidgzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ceoneid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidwbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5oneid__suite_Netmix_Reach43_TopRotaMonth
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C22451%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=970&d=90&e=&g=a40d0790f395cecda74506bf3992de19%2F14039298745061479039&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671031434143&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hr8skxqthhaw1xvh843jgz4xzff0mr4f61xs9rt2wbfhv73yy67k8egnst73btb1zm27zs7qhpfg46kxrmkrw0mg341dc2a09gsvn06fxa6af7cxdn99t4ctqxj1zke1wpk8s9j444hsd4z7q5afe06a5qearatj26r32knhheaawgmhmtmgra547mwhb2fz9vytke9etzzezdkrp3cevwnaj009kxsayzc4cyazk6w5kr4k5t0bndrsq53xxkfwj5y30kzd719z9y1370g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClYwQieqZY4n3Dsrn3gOLmJ64BJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSOAk_Qzcz1nSw-h_F2K2G6pFEk2ue_g1FtapJxG-z2CUUi2zuX0hQWH_zELnNecI6zzvgFycSY2eOXIsBlJAYVmA97d8zMTX7ZqTCH9B3A42wgC8fSTOB19u5GeWKxe2VsVlgzVXRbBTMKsuZn2eMDDaxMshQT7UqOoV3KcxjQ0J15pYKpPfIYw4D8rUIolJWz6qTauSGMw6nHjYy37i5QaBZSWYELz7fP_KqZObsQIBl7AI74pi2m6ivlJDXb_T8u-sByYQoJiW6uUi__9eQXWVB2qimLPfx5ctkwm_Edq-gPEIsuyKTD9hach8qY8JOZlRjeSj8lMGpKa9WrYGH4jEe-krJD-4c0dyDxmL3Y_eAEAYAG6JHKoZvZnt7qAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bNdkOS1BiyQHiIHxhd216-3bi2g%2526client%253Dca-pub-2040478609211323%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.133.151.109 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-133-151-109.eu-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:23:54 GMT
server: awselb/2.0
content-length: 45
content-type: text/html

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D8F6 42 B
64 B 108ms
108ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstwUIGJl6xjQ6y7ECHxD9caKT9GlFNUKWP5S773eHjed941owve26KywDmEJNOnv6YD-coCdWX2U7MUPnnL4itTJsY&sig=Cg0ArKJSzMWFySDZsNbYEAE&cid=CAASF-Roq8mJm_3rMJ6b9iSGRkjnp-zz6lpS&id=lidar2&mcvt=1000&p=113,1240,713,1540&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=0.93&if=1&vu=1&app=0&itpl=20&adk=2458138944&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671031433481&rpt=113&isd=0&lsd=0&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:23:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 37C6 0
127 B 14ms
14ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 14 Dec 2022 15:23:54 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BB9F 42 B
64 B 108ms
108ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssLGJ6q1JASIy823F34zEmLIx7ym9BMTO1NMLNcJE6co8KSBrGmplhcdj4Ut5laLsVD6L_G5VL1L9BrSTdFTJk0O36h&sig=Cg0ArKJSzNmnBFQVcylVEAE&cid=CAASF-RoVoH9DZqU38d6V3R1Nba2mM5b2EYp&id=lidar2&mcvt=1000&p=718,1240,968,1540&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=0.93&if=1&vu=1&app=0&itpl=20&adk=3569415776&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671031433757&rpt=206&isd=0&lsd=0&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:23:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

57 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.zabasearch.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: o9ts11p5i4nmqskksoudqeh8i5
www.zabasearch.com/	1970-01-20 16:56:07	Name: device-id Value: 5fda971a-995d-4e63-9ed0-03b5c948c38c
.zabasearch.com/	1970-01-20 17:46:31	Name: _ga Value: GA1.2.717701605.1671031432
.zabasearch.com/	1970-01-20 08:11:57	Name: _gid Value: GA1.2.1907539660.1671031432
.zabasearch.com/	1970-01-20 08:10:31	Name: _gat Value: 1
.zabasearch.com/	1970-01-20 08:10:31	Name: _gat_UA-8810863-1 Value: 1
.zabasearch.com/	1970-01-20 08:10:31	Name: _gat_UA-74882607-4 Value: 1
.google.com/	1970-01-20 12:34:02	Name: NID Value: 511=q1ius85XJUxT1vbMtAvJPqYB4ms5gKQcnanbRV9V-Lqs0poDlE_AYQYNT2EB5WxQipiBk0PlkRULWgLLu4xajTgpsj_02shTNjWmWT1G8QQjDqzZQzLFGwPtmP1i81KhTOhH7Gzggoo6m74ghu3NrbO8PWVieTMh9a-sLXWZyQc
.zabasearch.com/	1970-01-20 17:32:07	Name: __gpi Value: UID=00000b927bbe4333:T=1671031431:RT=1671031431:S=ALNI_MZ1aQzWsQc_FIps8Cob3yRKCsOzew
.doubleclick.net/	1970-01-20 17:32:07	Name: IDE Value: AHWqTUkzCixnnIoqlHYUhbkiBDic7IUD8DQsSbRYFiGhLLgWGAzwJweMdKVIsrtAZ48
.doubleclick.net/	1970-01-20 08:10:35	Name: DSID Value: NO_DATA
.rubiconproject.com/	1970-01-20 16:56:07	Name: khaos Value: LBNSYXS4-1W-JAY9
.rubiconproject.com/	1970-01-20 16:56:07	Name: audit Value: 1\|naVuGyos1qpq02mon8VQsGWQ0NNjmqbPd94gXYLevqKePzsaxN2h5rl8WihtRb4yk6CXo5o5xnVhcgo8GeoW4uCAnekPgJiba2SYjm7TQJ7QD5U7tEfUTQ==
.zabasearch.com/	1970-01-20 17:32:07	Name: __gads Value: ID=6e35198d593b70b1-22dedb870fda00e1:T=1671031431:S=ALNI_MZrJ6-oOySCZUFQiM8Ou7r3lDpAlw
.blismedia.com/	1970-01-20 16:56:11	Name: b Value: 6399EA891726430190DAE5A7BLIS
.adfarm1.adition.com/	1970-01-20 10:20:07	Name: UserID1 Value: 7177025355349227666
.bidswitch.net/	1970-01-20 16:56:07	Name: c Value: 1671031433
.bidswitch.net/	1970-01-20 16:56:07	Name: tuuid_lu Value: 1671031433
.bidswitch.net/	1970-01-20 16:56:07	Name: tuuid Value: c20d9b01-f016-4b8d-835c-d1bc7cdbd98d
.360yield.com/	1970-01-20 10:20:07	Name: tuuid Value: 093499ce-8f6e-49e9-98cd-d1ac1f11f268
.360yield.com/	1970-01-20 10:20:07	Name: tuuid_lu Value: 1671031433
.bidswitch.net/	1970-01-20 08:10:31	Name: google_push Value: ASkJ3FZj2n7zsjBBF7BYNp6IyH7XjJUbcrOzk0YmdSqSUJ2d_lV91c-l___watiJze9jjH0FZDKH9gSo7XOtHtIco4aKc07FVw0
.adnxs.com/	1970-01-20 10:20:07	Name: uuid2 Value: 3745004861464508049
.quantserve.com/	1970-01-20 10:20:07	Name: d Value: EFgBCQHnJ4EA
.quantserve.com/	1970-01-20 17:40:45	Name: mc Value: 6399ea89-c00d2-4911d-24976
.yahoo.com/	1970-01-20 16:56:29	Name: A3 Value: d=AQABBInqmWMCEEfrqMKm7yGP2leSrckK6EIFEgEBAQE8m2OjYwAAAAAA_eMAAA&S=AQAAAkrZz7Vb_DPaUW_-ZbKjXQ8
m.exactag.com/	1970-01-20 10:20:07	Name: exactag_new_gk Value: 0503547701cc4ae4bab7ae87ed3a7784%7C12.02.2023%2015%3A23%3A53
m.exactag.com/	1970-01-20 12:29:43	Name: exactag_new_uk Value: b172316179814af39a5ed4c087a7c744%7C
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 5c458209b0324009ad50ec34
.casalemedia.com/	1970-01-20 16:56:07	Name: CMID Value: Y5nqiZ3VtCjIB2IrSksNUgAA
.casalemedia.com/	1970-01-20 10:20:07	Name: CMPS Value: 1172
.casalemedia.com/	1970-01-20 10:20:07	Name: CMPRO Value: 1172
.adform.net/	1970-01-20 08:55:09	Name: C Value: 1
.analytics.yahoo.com/	1970-01-20 16:56:07	Name: IDSYNC Value: 18yx~28uf
.adform.net/	1970-01-20 09:36:55	Name: uid Value: 9146805062700195698
.lijit.com/	1970-01-20 16:56:07	Name: ljt_reader Value: F0LbsGZH71DpptCWSTm14Obs
.casalemedia.com/	1970-01-20 10:20:07	Name: CMTS Value: 2164
.tribalfusion.com/	1970-01-20 10:20:07	Name: ANON_ID Value: annseFoZdUQcR2Hp9vcggFdmjajALqncOgPtbAx8DGuQhak38ZaZaPV9HB3grJgGw9MAm2OER0FDqNnrA8MP7B9
.simpli.fi/	1970-01-20 16:57:33	Name: suid Value: 87813C01BC394A509F34F266D169A6E4
.1rx.io/	1970-01-20 16:56:07	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-5396a66e-dafa-447f-94b1-aeaa7c61e17f-003%22%7D
.w55c.net/	1970-01-20 17:40:45	Name: wfivefivec Value: bgRAKUax1P5tBT5
.w55c.net/	1970-01-20 08:53:43	Name: matchgoogle Value: 5
.targeting.unrulymedia.com/	1970-01-20 16:56:07	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-5396a66e-dafa-447f-94b1-aeaa7c61e17f-003%22%7D
.awin1.com/	1970-01-20 08:14:50	Name: awpv11354 Value: 412871\|1671031434\|51f47d90-7bc3-11ed-89a3-223851067267
.awin1.com/	1970-01-20 08:13:24	Name: awpv20044 Value: 412871\|1671031434\|51fba980-7bc3-11ed-9f2f-2266c0ccb091
.awin1.com/	1970-01-20 08:20:36	Name: awpv11938 Value: 412871\|1671031434\|520371b0-7bc3-11ed-adce-2234a4c513ba
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 367022:2542680
www.conrad.de/	1970-01-20 08:17:43	Name: HTLP_timestamp Value: 1671031434
www.conrad.de/	1970-01-20 08:17:43	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 08:10:33	Name: __cf_bm Value: aCFerkx89pYj4sVDfYAB.N.MCjSNiYXBWemdjWzjTGw-1671031434-0-AVW3hABFrAeg+R9vjOjKUulHrKpa+S0199umpf7MAyQFHKnI+YelltnHim4HG132wa7rF6ArjR1yD7ESX0i0Uno=
.congstar.de/	1970-01-20 08:20:39	Name: staticentry Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1671031434_520371b0-7bc3-11ed-adce-2234a4c513ba%22%2C%22sp%22%3A%22awin%22%7D
.blau.de/	1970-01-20 08:20:36	Name: nscT486 Value: v01MTQyMTExMjExMTExMTExMTEwMTQyNjUwMDAwMDAwMDYxNjcxMDMxNDM0dmxlYTFkZTIwMjIxMjE0MTYyMzU0Nzk1MDMxMzIwMDFYMTE3NjYzVjEyMjUxMzExMDZNU3JlYWNoX1NVQklEVEVTVF92aWV3MTE3NjYz
.blau.de/	1970-01-20 08:20:36	Name: nscQ486 Value: V
.blau.de/	1970-01-20 08:20:36	Name: webShopPV Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2022121416235479503132001X117663V1225131106MSreach_SUBIDTEST_view&wfid=117663
.o2online.de/	1970-01-20 08:20:36	Name: nscT485 Value: v01MTQyMTExMjExMTExMTExMTEwMTQyNjUwMDAwMDAwMDYxNjcxMDMxNDM0dmxlYTFkZTIwMjIxMjE0MTYyMzU0Nzk1MDMxMzIwMDNYMTE3NzAzVjEyMjYxMzI3MDJNU3JlYWNoX1NVQklEVEVTVF92aWV3MTE3NzAz
.o2online.de/	1970-01-20 08:20:36	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 08:20:36	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117703_-HTLP&utm_term=AFF_la_117703_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2022121416235479503132003X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&affiliateId=v01MTQyMTExMjExMTExMTExMTEwMTQyNjUwMDAwMDAwMDYxNjcxMDMxNDM0dmxlYTFkZTIwMjIxMjE0MTYyMzU0Nzk1MDMxMzIwMDNYMTE3NzAzVjEyMjYxMzI3MDJNU

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
other	warning	URL: https://d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://track.webgains.com/link.html?wglinkid=4366768&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j5d9fy5ybk0e3eg7nwxqnrmf59ty7s4mc46p7eyr31svrqfvsk3wyj19mbkxvcd0nm9xvm46sj2143ezcegwytvajs9bpneq7nwkw2vvw4enmtv04cvgc7t4jc9xfqcfa6yapk5tyxz40c5cfjcjnz8p8wmtner5j4ztenv1zv5ys19804mgcht9g4407rj3a9fen3s5ncbby75s732ptj4bqznfc9fhxsft1r4w86bdy4x92ftjpca81psn6rypfamjnpz%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hr8skxqthhaw1xvh843jgz4xzff0mr4f61xs9rt2wbfhv73yy67k8egnst73btb1zm27zs7qhpfg46kxrmkrw0mg341dc2a09gsvn06fxa6af7cxdn99t4ctqxj1zke1wpk8s9j444hsd4z7q5afe06a5qearatj26r32knhheaawgmhmtmgra547mwhb2fz9vytke9etzzezdkrp3cevwnaj009kxsayzc4cyazk6w5kr4k5t0bndrsq53xxkfwj5y30kzd719z9y1370g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DClYwQieqZY4n3Dsrn3gOLmJ64BJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIwNDA0Nzg2MDkyMTEzMjPIAQmpAggA_7J41bE-4AIAqAMBqgSOAk_Qzcz1nSw-h_F2K2G6pFEk2ue_g1FtapJxG-z2CUUi2zuX0hQWH_zELnNecI6zzvgFycSY2eOXIsBlJAYVmA97d8zMTX7ZqTCH9B3A42wgC8fSTOB19u5GeWKxe2VsVlgzVXRbBTMKsuZn2eMDDaxMshQT7UqOoV3KcxjQ0J15pYKpPfIYw4D8rUIolJWz6qTauSGMw6nHjYy37i5QaBZSWYELz7fP_KqZObsQIBl7AI74pi2m6ivlJDXb_T8u-sByYQoJiW6uUi__9eQXWVB2qimLPfx5ctkwm_Edq-gPEIsuyKTD9hach8qY8JOZlRjeSj8lMGpKa9WrYGH4jEe-krJD-4c0dyDxmL3Y_eAEAYAG6JHKoZvZnt7qAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1bNdkOS1BiyQHiIHxhd216-3bi2g%252526client%25253Dca-pub-2040478609211323%252526adurl%25253D&clickref=oneidgzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ceoneid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidwbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5oneid__suite_Netmix_Reach43_TopRotaMonth Message: Failed to load resource: the server responded with a status of 429 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
aax-dtb-cf.amazon-adsystem.com
ad.doubleclick.net
ad4m.at
ads.eu.criteo.com
adservice.google.com
adservice.google.de
ap.lijit.com
api.rlcdn.com
as-sec.casalemedia.com
as.ad4m.at
assets.ad4m.at
assets.zabasearch.com
banner.congstar.de
c.amazon-adsystem.com
c1.adform.net
cat.fr.eu.criteo.com
cdnjs.cloudflare.com
classmates-d.openx.net
cm.g.doubleclick.net
cms.quantserve.com
contributor.google.com
csm.eu.criteo.net
d342bc8f87ab0bb7b3d496430e2b82f8.safeframe.googlesyndication.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
htlb.casalemedia.com
ib.adnxs.com
isearch.com
js-sec.indexww.com
m.exactag.com
match.360yield.com
match.adsrvr.org
pagead2.googlesyndication.com
partner.blau.de
partner.googleadservices.com
partner.o2online.de
pix.eu.criteo.net
pixel-sync.sitescout.com
pixel.rubiconproject.com
pm.w55c.net
prod-rtb.ad4mat.net
rtb.nl.eu.criteo.com
s.tribalfusion.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.criteo.net
stats.g.doubleclick.net
sync.1rx.io
sync.targeting.unrulymedia.com
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
um.simpli.fi
ups.analytics.yahoo.com
web.hb.ad.cpe.dotomi.com
www.awin1.com
www.conrad.de
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
www.zabasearch.com
x.bidswitch.net
104.18.33.19
108.138.4.10
15.197.193.217
165.160.13.20
172.217.16.130
172.217.16.198
172.64.151.162
178.250.0.160
18.133.151.109
184.24.12.207
213.19.147.44
213.202.235.8
216.52.2.19
2600:1901:0:76b9::
2602:803:c003:200::21
2606:4700:20::681a:71b
2606:4700:20::681a:ad1
2606:4700::6811:190e
2606:4700::6812:19ad
2606:4700::6812:7f05
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:800::2002
2a00:1450:4001:806::2002
2a00:1450:4001:808::2003
2a00:1450:4001:809::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:811::200a
2a00:1450:4001:828::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2008
2a00:1450:4001:82f::200e
2a00:1450:400c:c00::9d
2a02:2638:1::17
2a02:2638:1::2
2a02:2638:1::8
2a02:2638::3
2a02:2638::b
2a02:fa8:8806:20::2040
2a02:fa8:8806:20::2100
2a06:98c1:3121::3
3.122.66.11
3.126.56.137
3.68.131.166
34.120.133.55
34.252.50.213
34.91.62.186
34.96.105.8
35.244.159.8
37.157.3.30
37.252.171.85
37.252.173.215
46.4.41.145
69.173.144.165
84.200.5.215
85.114.159.118
87.118.116.9
88.99.63.132
98.98.134.242
99.86.3.236
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0984d6ef734bc9eb23bbce576d46ad18cfde8102d7682440d4259e9cf1ab9b72
09f65334b53a09a16970b820d296045e97f976aca8821f6b6b4087fb6fcb0dce
0af443bbbb528771d18a4afb9c8d4961700be2146622451417f864df8b5153df
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c27a580300a77ee5fab4f8e04b2834c9716df118b04c3cc824a949230d0cd05
0c5d5cfc011a54ecccb5db833c45af3cc575eb28a34cd94c1644ea3aba09fbac
0fc6327e965679b41a818cf88fdaf0b16e586c0ac03bc72d49c4f47e2ed02336
12ecfebd2791e27380d4b92346910b2c68458bdd64d21eeac2674fb6f1557ff7
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18270160aa0e0101c5793f68db2d9f6d34044e020cb7e469e5dfa8174ae555d2
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
246cfbbeb1edb5efa3ebabe8c9ca35184e345f430f840bc1726841f067fc2e2c
2596db97882e2dff4eb6996199036bde575c7315ed692cee48060593b7f3c9e6
262be405d24e2c19dc4e3ecce75466f864fd5959649e39b8b97fd1c83c54087f
29befa3c54f05145e7e736d334b96761b64f16c4afe7c85db53d68cc73e2a803
2ac36daca28dc3ab59aeaa6c29c9a16c156b9e19fe56731e2bad325e1ab4886c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e17f6894157343b6a0e3817569d0ed57bd50ee09c607ee91a69695a4b940648
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
40f44654820767f515e0271367cfc48477d63a52cd75a6a08f6be53584a02dfd
41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358
4b1b7f6b218c6737ec39e12699c3c81d8d6ffe2422ba4682403169ac0e8f820f
4cb529ae2d749a7f4995766c7b3eb56cae8203b3f586f93ae018134a544d121d
4ccef04e7a32f1ba62af5660492e4ed6b0d0c6c6f85229c9cab8231992b1802c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
60b628a1423bac8c5b2499082217f9b603de9c74ca427b6f135cd26541c54da3
6151c6cb78b2f0ced663b5e32e13658236477225b4416c52e57142f3d610f058
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64ee39bb09c8ce911a6f1a4e0007b075304ed2daa8603a45494dc570fbc58cce
65f6afe1600a1fdd4346da15ff00e69056b3909e13892edae9e8a2f97a96dcd3
6b094a140ea1c9e6edece62a54ab0d4fb5a600ba71495dc8835a12621e49204e
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
749390447bf4998f6f72f90452285b2192eabb983800895ef913549619958894
75659fe9e165607175b6e30d3edfb986d266656db44ab8381cbbc3c2ce03181e
79554945c3a7dfe75bdb8d211dd032864ead9c39454bccc942c0548fc3f3fc98
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8365e2d06e628f55e7ca6b4e91227ebc72aff9c9c363b739653d93c9800bf573
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
876e2b901ae02afab0ce7fd1180cf74739ead99463e0cc6f7cbefc93f56bedce
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8d14d726d3e016ee485cb6eb72bc5532d8988d5b75a28bca75087bdf4c534a69
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
907877f3df82e5fbfc7e9ee84175dcc321a640772bedebcf71dc5c940f5113af
910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649
9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190
981792df4c11fb32fea9720db6c7c82dd96da4247fd29ff170b53903e116eecc
984132a89b82871f96d20c25910a17ff852c464765fd7adc82a88ae118f39e0c
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e64f128d5352d04ea5c87031e4cf1ad204b72a0afb003ece52eeb997d28a570
a014b2ed104bc52c8a31bc37c4d8e6b061040c0cdf2774f47b16d22cdf258d1e
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a51164e356649248d18baae29760db635b74fcfe493fbb4ea65c48e9b39ff160
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a983ec1308781984ea4503dd1c4e1317b2b48dcb17dd1a6e68df68560951784b
aa00bdc74cdf124e45f545f927f91ed9c9c1af8db39769fa302d4dbdb195a546
ac2f087f3f2c30320117d2754680343d78d2c9e17aec5bfa7eeb6b389e476bfb
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
b2bf6d0ec9b683eda2b7c1d211f47ed9a05c156e4b3d5c60214e0e3cf92c7eb2
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5ae743d1c548dfa634f14636eab6d699273730deefbe4a5747c8d655b2b7d57
b80367299b6f92284c21ec77a652e67b04cac1d5c1f42db90857bcda7f72ad7c
bb43a661aba1fdf5c16e76e0257991048ac487c2d9782581f2bf0197f918bce2
bc4b96d555a919eb2d0795ee424dfb6ece2754df1ede6236cdad292841a10d05
d881dd80c1f5d63c05448bfcae4d496f3341ca3f743d415fb0dd5e8d595c05a3
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dc989acfff2854a487b7737110cf48fe600a97b875583edebd7f441cd80be452
dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e07d58c68b83a3c283f75063f562aadc164ebb7cf068ffaef89bdde5011c3da8
e094ed359084d142eb2cb5ab4a370a9a8bbd35a157835f3faeb1a5dc06991008
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e12e2fae9ab90067231b2a73af068bb9e34f651744c90cbda78674f48bca9417
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45f9c8ed228ad9a22dc33a097086f7734ceb6da26da8cc139bf684c7f16670a
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e928436f7c30666b9d29aefd50bb6847933e511b005340ddd774e28c823c9419
eb13cc1d397d12b3a338f926a477754455970652723dd92ffb7281f5add4097c
eccf449fde7ccb4f50eea742f53219dbcfb374fa6f114680e9f34719d3cd9f69
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
f35adef53e846c069bbb1fde815d732dcd7435151f6e3829602c999975a6abc5
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f679943469edd0604b390a891a8e9dac4be89d0863c5e7b9ab441a86accfb4d7
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
faf64c7f4d29c2d95f228978eb931ede140d8e6ebad7c13cf3136978926cd261
fcb035c4f78fdd422f61764e56002a121badc52c9e60c676e5b5c332022020c2
fcbd3904a258e4e73c6c4bccc5a4f2b126d1b90330883d327e2de9c0994a7eea
ff2c9a302dc1f3bcefe0605a7fe38a85e7c712e40bd960ca5e38f93d6d3c18ee

www.zabasearch.com Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

210 Requests

90 %HTTPS

52 %IPv6

49 Domains

75 Subdomains

54 IPs

10 Countries

2683 kBTransfer

5578 kBSize

57 Cookies

6 Outgoing links

Page URL History

Redirected requests

210 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.zabasearch.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

210
Requests

90 %
HTTPS

52 %
IPv6

49
Domains

75
Subdomains

54
IPs

10
Countries

2683 kB
Transfer

5578 kB
Size

57
Cookies

210 HTTP transactions
5 data transactions