a2zapk.io Open in urlscan Pro
2606:4700:20::681a:69a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://a2zapk.com/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
Effective URL:
https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
Submission: On August 23 via manual (August 23rd 2023, 4:55:41 am UTC) from BR — Scanned from DE

Summary HTTP 329 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 39 IPs in 6 countries across 29 domains to perform 329 HTTP transactions. The main IP is 2606:4700:20::681a:69a, located in United States and belongs to CLOUDFLARENET, US. The main domain is a2zapk.io.
TLS certificate: Issued by GTS CA 1P5 on August 4th 2023. Valid for: 3 months.

This is the only time a2zapk.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3035::ac43:8d79	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 35	2606:4700:20:... 2606:4700:20::681a:69a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:81c::2016	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	199.232.192.134 199.232.192.134	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	204.79.197.203 204.79.197.203	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
70	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
33	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
12	2a02:26f0:350... 2a02:26f0:3500:d::1732:83c8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
18 30	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
12 24	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
15 21	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
13	138.201.84.245 138.201.84.245	24940 (HETZNER-AS) (HETZNER-AS)
1 4	176.9.26.250 176.9.26.250	24940 (HETZNER-AS) (HETZNER-AS)
9	130.211.44.5 130.211.44.5	15169 (GOOGLE) (GOOGLE)
6	136.243.149.243 136.243.149.243	24940 (HETZNER-AS) (HETZNER-AS)
6 8	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
6	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
2	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
3	23.56.205.163 23.56.205.163	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	24940 (HETZNER-AS) (HETZNER-AS)
1	167.233.14.134 167.233.14.134	24940 (HETZNER-AS) (HETZNER-AS)
3 6	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
3	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
2	3.9.22.61 3.9.22.61	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:81c::2006	15169 (GOOGLE) (GOOGLE)
2	108.138.36.89 108.138.36.89	16509 (AMAZON-02) (AMAZON-02)
2	108.138.36.69 108.138.36.69	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
4	18.135.31.191 18.135.31.191	16509 (AMAZON-02) (AMAZON-02)
329	39

1 2606:4700:3035::ac43:8d79 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a2zapk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2606:4700:20::681a:69a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a2zapk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:81c::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play-lh.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.192.134 (United States)

ASN54113 (FASTLY, US)

a2zapk.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.79.197.203 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0003.a-msedge.net

srtb.msn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

70 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:26f0:3500:d::1732:83c8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 142.250.184.226 (Grosse Pointe, United States) 18 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 185.80.39.216 (Canada) 12 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 185.89.211.116 (Frankfurt am Main, Germany) 15 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 138.201.84.245 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.245.84.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 176.9.26.250 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.250.26.9.176.clients.your-server.de

hal900014.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 130.211.44.5 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 5.44.211.130.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-ew1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 136.243.149.243 (Sindelfingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.243.149.243.136.clients.your-server.de

hal900030.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 145.239.193.130 (Valence, France) 6 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.56.205.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-205-163.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:d0a:2321::2 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.233.14.134 (Ismaning, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-2.futalis.de

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.181.230 (Grosse Pointe, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.70 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.9.22.61 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-9-22-61.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.36.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-89.muc50.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.36.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-69.muc50.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.135.31.191 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-135-31-191.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
110	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 125 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 163	662 KB
56	doubleclick.net 21 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 228 cm.g.doubleclick.net — Cisco Umbrella Rank: 261 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 179726 ad.doubleclick.net — Cisco Umbrella Rank: 187 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 371	393 KB
35	a2zapk.io 1 redirects a2zapk.io	94 KB
26	googleusercontent.com play-lh.googleusercontent.com — Cisco Umbrella Rank: 528	168 KB
24	casalemedia.com 12 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 760	17 KB
23	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 40248 hal900014.redintelligence.net — Cisco Umbrella Rank: 383870 hal900030.redintelligence.net — Cisco Umbrella Rank: 340246	165 KB
21	adnxs.com 15 redirects ib.adnxs.com — Cisco Umbrella Rank: 275	16 KB
21	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 599 rtb0.doubleverify.com — Cisco Umbrella Rank: 965 tps.doubleverify.com — Cisco Umbrella Rank: 609 tpsc-ew1.doubleverify.com — Cisco Umbrella Rank: 10563	376 KB
12	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 225	419 KB
8	medialead.de 6 redirects pv.medialead.de — Cisco Umbrella Rank: 44946	5 KB
6	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 27613 api.webgains.io — Cisco Umbrella Rank: 58267	37 KB
6	media01.eu pb.media01.eu — Cisco Umbrella Rank: 44216	1 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 76	354 KB
4	gstatic.com fonts.gstatic.com	59 KB
4	google.com www.google.com — Cisco Umbrella Rank: 3 adservice.google.com — Cisco Umbrella Rank: 126	2 KB
3	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 352	391 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 73	2 KB
3	awin1.com www.awin1.com — Cisco Umbrella Rank: 17983	2 KB
2	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 74227	4 KB
2	webgains.com track.webgains.com — Cisco Umbrella Rank: 43802	4 KB
2	retailads.net 1 redirects cdn.retailads.net — Cisco Umbrella Rank: 145371	6 KB
2	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 199945	2 KB
2	disqus.com a2zapk.disqus.com	2 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 277	28 KB
1	futalis.de futalis.de — Cisco Umbrella Rank: 225438	401 B
1	msn.com srtb.msn.com — Cisco Umbrella Rank: 821
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2102	250 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1212	7 KB
1	a2zapk.com 1 redirects a2zapk.com	536 B
329	29

	Domain	Requested by
70	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com a2zapk.io pagead2.googlesyndication.com googleads.g.doubleclick.net ad.doubleclick.net www.googletagservices.com
35	a2zapk.io	1 redirects a2zapk.io cdnjs.cloudflare.com static.cloudflareinsights.com
33	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com a2zapk.io googleads.g.doubleclick.net ad.doubleclick.net
26	play-lh.googleusercontent.com	a2zapk.io
24	dsum-sec.casalemedia.com	12 redirects googleads.g.doubleclick.net
24	cm.g.doubleclick.net	18 redirects googleads.g.doubleclick.net
21	ib.adnxs.com	15 redirects googleads.g.doubleclick.net
13	hal9000.redintelligence.net	798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com hal900030.redintelligence.net hal900014.redintelligence.net
13	googleads.g.doubleclick.net	a2zapk.io 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com pagead2.googlesyndication.com
12	cdn.doubleverify.com	798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com a2zapk.io cdn.doubleverify.com
12	www.googletagservices.com	798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com a2zapk.io cdn.doubleverify.com www.googletagservices.com
8	pv.medialead.de	6 redirects hal900014.redintelligence.net hal900030.redintelligence.net
7	798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
6	googleads4.g.doubleclick.net	ad.doubleclick.net
6	5994599.fls.doubleclick.net	3 redirects a2zapk.io 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
6	pb.media01.eu	hal900014.redintelligence.net 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com hal900030.redintelligence.net
6	hal900030.redintelligence.net	hal9000.redintelligence.net hal900030.redintelligence.net 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
5	www.googletagmanager.com	a2zapk.io adv.office-partner.de www.googletagmanager.com
4	api.webgains.io	analytics.webgains.io
4	fonts.gstatic.com	fonts.googleapis.com
4	hal900014.redintelligence.net	1 redirects 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com hal900014.redintelligence.net
4	securepubads.g.doubleclick.net	a2zapk.io securepubads.g.doubleclick.net
3	tpsc-ew1.doubleverify.com	cdn.doubleverify.com
3	tps.doubleverify.com	cdn.doubleverify.com
3	s0.2mdn.net	798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com ad.doubleclick.net
3	adservice.google.com	5994599.fls.doubleclick.net
3	ad.doubleclick.net	www.googletagservices.com
3	fonts.googleapis.com	hal900030.redintelligence.net hal900014.redintelligence.net
3	www.awin1.com	hal900014.redintelligence.net 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
3	rtb0.doubleverify.com	cdn.doubleverify.com
2	cdn.track.production.webgains.team	798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
2	analytics.webgains.io	track.webgains.com
2	track.webgains.com	798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
2	cdn.retailads.net	1 redirects futalis.de
2	adv.office-partner.de	hal900014.redintelligence.net hal900030.redintelligence.net
2	a2zapk.disqus.com	a2zapk.io a2zapk.disqus.com
2	cdnjs.cloudflare.com	a2zapk.io
1	futalis.de	hal900030.redintelligence.net
1	www.google.com	tpc.googlesyndication.com
1	srtb.msn.com	a2zapk.io
1	region1.google-analytics.com	www.googletagmanager.com
1	static.cloudflareinsights.com	a2zapk.io
1	a2zapk.com	1 redirects
329	43

This site contains links to these domains. Also see Links.

Domain
unlockapk.com
t.me
plus.google.com
www.youtube.com
telegram.me
www.facebook.com
twitter.com
www.digg.com
www.linkedin.com
reddit.com
www.stumbleupon.com
www.tumblr.com

Subject Issuer	Validity	Valid
a2zapk.io GTS CA 1P5	`2023-08-04` - `2023-11-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.disqus.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-13` - `2024-04-20`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.msn.com Microsoft RSA TLS CA 01	`2022-09-08` - `2023-09-08`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-07` - `2024-05-07`	a year	crt.sh
redintelligence.net R3	`2023-08-11` - `2023-11-09`	3 months	crt.sh
*.media01.eu RapidSSL TLS RSA CA G1	`2023-05-16` - `2024-05-15`	a year	crt.sh
adv.office-partner.de R3	`2023-06-30` - `2023-09-28`	3 months	crt.sh
pv.medialead.de R3	`2023-08-13` - `2023-11-11`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.futalis.de R3	`2023-08-15` - `2023-11-13`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G2	`2023-05-18` - `2024-05-17`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2022-09-28` - `2023-10-30`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh

This page contains 43 frames:

Primary Page: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
Frame ID: 99D2A05C75C6D6AF42D5B7A66BA19D0B
Requests: 74 HTTP requests in this frame

Frame: https://a2zapk.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
Frame ID: 383C4079C553C7F0D6E00A4E95690916
Requests: 2 HTTP requests in this frame

Frame: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3A2A2C5E91F8F1576D4952BEC975A69C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7537A2ABE64E9F0D6866CC3FCE22DAED
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 83D617384BD3E4C5052505445E03C10A
Requests: 2 HTTP requests in this frame

Frame: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 894AABCD045497E1BB37B3EAC6A2E5D0
Requests: 22 HTTP requests in this frame

Frame: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D88ECBD3B443969BE4C72684691D759A
Requests: 28 HTTP requests in this frame

Frame: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C4173088AE8563EFA4BB973CE9BD93BD
Requests: 28 HTTP requests in this frame

Frame: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DBE4CFCDF885765522B8607EECDCA935
Requests: 21 HTTP requests in this frame

Frame: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 846252C49AE754CA339130D64CF96324
Requests: 1 HTTP requests in this frame

Frame: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 25E5E46438E4A0CE432A291C29476D63
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj3oLvGATAB&v=APEucNUZNxJTwEe-bj9aNdz5bzES9GHZz0TwcpFWpz-98KNp5MhNm4Hp4T0GdJZ19apHhNx1bTv3Xm4CONCOXlAQTBVf0l7rNNDSD3tep9sspgrGo3GE_7oKcjdkCEgueoVjRKfKkOnzX6WbsAEIPz6jT10BVD2UHcaw-B5YX6lZ4F_wH2L9zjw
Frame ID: 75AE1BD501A582229332A936E7EAA170
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQt92T3QQYjM257AEwAQ&v=APEucNWgaC2wRGUis35KmUbCMiI-mruyjGSQRLcWmICvYz1sV7_Z0tJ-xYw_fnn2MPUNcg1yHgqi2RtdKsj-hiSY-AZthytmnfgwq0W14iQfwFKA6cyoShOwX2DWi2RGX7-NzT60dIO2QjCwkIYGwDx0kdryLYL6orZMjjrBMWvz3Y48dvMfGNs
Frame ID: E2A01549D5AE7404C1D7978A3724B4EB
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQt92T3QQYoMy57AEwAQ&v=APEucNXp13kbVJJTUxxqEh_6jVp7842wks8tBGxAv4WJLIkzeS8R0UZf4Kwse6Nk0oiADVq3HFhVntrQxOL5LoyCIi7_ZV70zDjoZdBtRTrlWLO84cODb5KWU7efp5fnZBmPTQ-9sGEP_havJgoldBeLQVE31trms2YyXQOsbLw5GLPNEWnoB9c
Frame ID: 7C524EF80273C9350AD5C7F394719E0D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNWrsyDxMGinUXywJdFp7cHW810xEsDR_a1xkzUrOf_5LJfz7xpv5NrrOKBbmjx5tF3ugU0oo3EyFfYiPyKEF2DyvI0wR3nQaC7cbUQWEumMuL7_qr0qdP80u9pGQvOsUTkN24HWpyPQNSA2-_0t_neTEpkDhfUS-4755xJa2aXobm97fcw
Frame ID: D812DC37ED5E304304237CA16FF30A3A
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQt92T3QQYjM257AEwAQ&v=APEucNXgy-2VZ39d4twXMP_Aje9syQcwSUQI6B4OCRkeuWHwdKg9HNueuZ_H1AOJOIkuPD9ReHx0Iw2hOq_dpUDa2O444IGnHFty0k2gXrc6I8BfcYDT60DeyCzj2PvwVytkAdST0zWIxJqq_iiP--kaNzZc8a2PJ38TGLoD267OoyB83p2epd0
Frame ID: 394A0CEBEEFE64ED52FC38EAE437B66D
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 4B2E092FE438D3451CA5BF12CCA9771F
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNVwz6dRnYSNAmCzJIE2hHL-pfKCH8qudIhQoni79qe6N9XREXzAxvks8XU8YhY2WUyUeu7mMUNbZRONIppMBfSWPSF7qnGScHfTIkD092qpaGLgiZtWpCeh4Z_-fC916orUufnVxnqQIenDCb-NzjKQU32-vALZ2nPlCfZPWg6I33z6o0I
Frame ID: 83F62353F87F6878465A77D3751E05D4
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CAA3E00B17D941BE2DB9B3D260DBD3F3
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F0AE190138C97DEEB8A111E363738071
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 30C940B442E4196AC2C27359FA7919AA
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 79C36F15F75ACC5B5E133DCF2A309917
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F63E8CB645A3840AEF9A86C69CF0C49D
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1C6926BE8CECC9FD45FFCE64DF12B2C5
Requests: 3 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=92116400014479904445008012425014&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: DB0038972E4D0BFE73C5D9ED481612FE
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 7B04F7C45D92690C1A842294076A2CE5
Requests: 3 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=64e59146e7656cda16e372a8&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=
Frame ID: 22F8B34C87373EE4DFCB2B1454BC954F
Requests: 1 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=73793400014949504444554012425030&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: B4E8A4C42DCC0996DC27A739A8345A9A
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 0A25B311DDCCF7D714C95A9103F21BF5
Requests: 3 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=64e59146e7656cda16e372ac&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=
Frame ID: DE6E61A3752D25F0B3B4CC8055A37483
Requests: 1 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3013416770
Frame ID: 74D3E64E97593D939D8B7B226E60E77E
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJzz79_-8YADFUIFewoddzwDVQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8979077678682.422
Frame ID: 6D43E754061F697253017542729AAF4D
Requests: 2 HTTP requests in this frame

Frame: https://hal900030.redintelligence.net/request_content.php?s=90351500014949604444550012425030&a=59d576dd
Frame ID: CD7F2BA8071BE99215905C07F74F1719
Requests: 6 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CIOMgeD-8YADFUMKogMdkVENgw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3807128083153.009
Frame ID: 4E2F9F091006DF9175A04AF498E2C924
Requests: 2 HTTP requests in this frame

Frame: https://hal900014.redintelligence.net/request_content.php?s=92116400014479904445008012425014&a=f6fe653d
Frame ID: 71B5E088A4D1DF5CA7ECDEE6E5E78812
Requests: 9 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLnIguD-8YADFXAPogMdmbsCWA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1863186862975.6921
Frame ID: D7C5D02C020A87410EFC1225A27B9C61
Requests: 2 HTTP requests in this frame

Frame: https://hal900030.redintelligence.net/request_content.php?s=73793400014949504444554012425030&a=9f5c91e2
Frame ID: 74BE97C7BDB312B2A0DC694EAD085F3A
Requests: 8 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements4547.js
Frame ID: 0D77CE125E257753CEC31714BDB4B825
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements4547.js
Frame ID: 0E5BA871CD0487FDDF1884379FDDDAEF
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements4547.js
Frame ID: 7EEEEBA4F38AE6FA14271927922517C4
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0A518B51B5A35568EC3846ABBD8B4701
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 933013DBCB6E9E430481EC56B995678B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5A9D320017087CE87D6D6FC0C3122EB7
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CAIXA Tem 1.52.1 APK for Android

Page URL History Show full URLs

https://a2zapk.com/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html HTTP 301
https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

329
Requests

91 %
HTTPS

51 %
IPv6

29
Domains

43
Subdomains

39
IPs

6
Countries

3187 kB
Transfer

7892 kB
Size

21
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://unlockapk.com/tool/
Title: AdFree Tool(Remove Ads Online)

Search URL Search Domain Scan URL

URL: https://t.me/joinchat/AAAAAESkO8aXp9DwuS7O7Q

Search URL Search Domain Scan URL

URL: https://plus.google.com/u/0/103172325778829268165

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCIPgMksz38ODT5OU4a8py_w/

Search URL Search Domain Scan URL

URL: https://telegram.me/a2zapkofficial

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Search URL Search Domain Scan URL

URL: https://www.digg.com/submit?url=https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Search URL Search Domain Scan URL

URL: https://reddit.com/submit?url=https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Search URL Search Domain Scan URL

URL: https://www.stumbleupon.com/submit?url=https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Search URL Search Domain Scan URL

URL: https://www.tumblr.com/share/link?url=https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://a2zapk.com/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html HTTP 301
https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://a2zapk.io/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://a2zapk.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

Request Chain 132

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOPUjxpmlnDbBWgrNzvLzd0&google_cver=1

Request Chain 133

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOWRRfG7bKYZfnCV3dyREwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEXIj3j8h_Ll5a-GzmKLq8E&google_cver=1

Request Chain 134

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEL-E6Z-awHL7BeZWdawK-PQ&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEL-E6Z-awHL7BeZWdawK-PQ%26google_cver%3D1

Request Chain 135

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU4NjcwMjcxNDgwMzcxMjUzOQ%3D%3D

Request Chain 136

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOPUjxpmlnDbBWgrNzvLzd0&google_cver=1

Request Chain 137

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOWRRfG7bKYZfnCV3dyREwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEXIj3j8h_Ll5a-GzmKLq8E&google_cver=1

Request Chain 138

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEL-E6Z-awHL7BeZWdawK-PQ&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEL-E6Z-awHL7BeZWdawK-PQ%26google_cver%3D1

Request Chain 139

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIxMjQxNDIzNTQ2NjY1NzQxOA%3D%3D

Request Chain 140

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOPUjxpmlnDbBWgrNzvLzd0&google_cver=1

Request Chain 141

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOWRRfG7bKYZfnCV3dyREwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEXIj3j8h_Ll5a-GzmKLq8E&google_cver=1

Request Chain 142

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEL-E6Z-awHL7BeZWdawK-PQ&google_cver=1

Request Chain 143

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIxMjQxNDIzNTQ2NjY1NzQxOA%3D%3D

Request Chain 144

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOPUjxpmlnDbBWgrNzvLzd0&google_cver=1

Request Chain 145

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOWRRfG7bKYZfnCV3dyREwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEXIj3j8h_Ll5a-GzmKLq8E&google_cver=1

Request Chain 146

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEL-E6Z-awHL7BeZWdawK-PQ&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEL-E6Z-awHL7BeZWdawK-PQ%26google_cver%3D1

Request Chain 147

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIxMjQxNDIzNTQ2NjY1NzQxOA%3D%3D

Request Chain 148

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEXIj3j8h_Ll5a-GzmKLq8E&google_cver=1

Request Chain 149

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOWRRfyP-4e7z6mMUreSggAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEXIj3j8h_Ll5a-GzmKLq8E&google_cver=1

Request Chain 150

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGwDXbeHhHdx7bEjcBtfFUU&google_cver=1

Request Chain 151

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIxMjQxNDIzNTQ2NjY1NzQxOA%3D%3D

Request Chain 152

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEXIj3j8h_Ll5a-GzmKLq8E&google_cver=1

Request Chain 153

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOWRRfyP-4e7z6mMUreSggAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEXIj3j8h_Ll5a-GzmKLq8E&google_cver=1

Request Chain 154

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGwDXbeHhHdx7bEjcBtfFUU&google_cver=1

Request Chain 155

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIxMjQxNDIzNTQ2NjY1NzQxOA%3D%3D

Request Chain 180

https://hal900014.redintelligence.net/request.php?zone=e95xao572jml&nw=20&renderingType=javascript&namespace=da49a32bff&subid=&uid=41ee49c2a454dd87&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x480&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCFtQwRZHlZJDBCdaB1PIPlbSiKKblvaBp5Zicp8kP8C4QASDeuKidAWCVqrOCwAfIAQmpAhc_Ao6RMrI-qAMByAObBKoE4wFP0BaMQ1FcCKS78F7E2PelYG0fpgfLRer_lwrHpnn0zav9PRFSWVSm4n97JTkmAX76EAgokOFGMSYzQQiBDVCQFJhAstcgmuCALCbTIIebQ03O5RB4Pc0fYxUFx1qBD1JFitBkvUs6Vu0oP7kfkKpY5D_6GgyKF9pGynNeq3AXeUX4fGbsFbApO4HmDUmklHPEZFsnIUL_aB6iUqo-IMS9hWNuqPdpK9CApFtrjLGi1d0Gs9MCkpb8Y6QT47ugT2Tw5AYfwrbwpZu69gv0y-b6fZuzBYxENUrf_c7VkcKRuxLFEsAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMI0PeV3_7xgAMV1gBVCB0VmggFEAEYASAAEgKmzPD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJW23LWUjj9XcvYueloz1hGweZ-YFvXHZFDctb0gZWlav6PZ03evFi-FSdfg_NMHNh9WyufiKe9eY4-Az4OoP_XsCelyHa90BgB%26sig%3DAOD64_1Ii5isXkVjA2RuysmNgRY2wmdjbg%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-BK_I9oZbl2bBuF1HXOEDkOg2RnClmcjCjUu9Rmry9ENCTvehxXZYTae0XeGy-Vt7JCRviFWANzpZPQibPjVJG-J1JGv5T1c4YhJLBMS08N42g_lzyDJRIQUQWUa5bWnQaAPsjIPgP28nF3yzAGLc5Ykp7fKubda1YOKjaBq7HDhMUTgYU%26cry%3D1%26dbm_d%3DAKAmf-D7qNrwNLUciWkuhQOzQt_8Lp9vo_GuI6nK6kHrpHz_bBQUp2wNepe6_DhM8KK0e5Pf1e5Uv6tUTJMOLbHPEL_s1FjfdrDoNWlXlNH6Fdz2T2CCxlDjddPNr8VAW88rnNWpuWAP7MpWihum1tk91SAzb9E-3JzwvhWQS7E4nA8QNZzKF5gUQ9Ly7cgOKClxtHn-UjHZ2gDcqajhHVlkPLIMGiD1bacMz9kbFBNTDS_jZBLl7zpRPvV2cUR-kWvQAarpKqhAjSPYEug6sdb0MJR2pnePvogTLvcgYO8mHsq8ERxsdmNn0qtIvZMDkcsuBaXe4OeWsQW2bAh5iAJbb3ZmlPBuEfFAYSX-C9OnHxY3CJ_p3qKuBuBZdhq21cTpzKofaG3xIKpcxvPHfFVZbG4yxEd56blqYcBt1QVU2eY3SVT-344QFUUMlCJmkjQX48GuFDv22uViMfTh__I3s8Z2sg8iJk6MbJ-YqTjOsA5U9jwotX0GnlnwVYoV-9EOLBkWcJYbyKqqbRNmcfIJxQq66trqi5MS92uNFiNsFFNtBJuQevuCgROI-VtVFfJTL4JlD9bAKxtiP7_DP35eItE-CZSkpB-suvisEtXVacynothwwMHGeFDUgwnuzNkNPtJY25Up%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=5952984581379&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900014.redintelligence.net/request.php?zone=e95xao572jml&nw=20&renderingType=javascript&namespace=da49a32bff&subid=&uid=41ee49c2a454dd87&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x480&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCFtQwRZHlZJDBCdaB1PIPlbSiKKblvaBp5Zicp8kP8C4QASDeuKidAWCVqrOCwAfIAQmpAhc_Ao6RMrI-qAMByAObBKoE4wFP0BaMQ1FcCKS78F7E2PelYG0fpgfLRer_lwrHpnn0zav9PRFSWVSm4n97JTkmAX76EAgokOFGMSYzQQiBDVCQFJhAstcgmuCALCbTIIebQ03O5RB4Pc0fYxUFx1qBD1JFitBkvUs6Vu0oP7kfkKpY5D_6GgyKF9pGynNeq3AXeUX4fGbsFbApO4HmDUmklHPEZFsnIUL_aB6iUqo-IMS9hWNuqPdpK9CApFtrjLGi1d0Gs9MCkpb8Y6QT47ugT2Tw5AYfwrbwpZu69gv0y-b6fZuzBYxENUrf_c7VkcKRuxLFEsAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMI0PeV3_7xgAMV1gBVCB0VmggFEAEYASAAEgKmzPD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJW23LWUjj9XcvYueloz1hGweZ-YFvXHZFDctb0gZWlav6PZ03evFi-FSdfg_NMHNh9WyufiKe9eY4-Az4OoP_XsCelyHa90BgB%26sig%3DAOD64_1Ii5isXkVjA2RuysmNgRY2wmdjbg%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-BK_I9oZbl2bBuF1HXOEDkOg2RnClmcjCjUu9Rmry9ENCTvehxXZYTae0XeGy-Vt7JCRviFWANzpZPQibPjVJG-J1JGv5T1c4YhJLBMS08N42g_lzyDJRIQUQWUa5bWnQaAPsjIPgP28nF3yzAGLc5Ykp7fKubda1YOKjaBq7HDhMUTgYU%26cry%3D1%26dbm_d%3DAKAmf-D7qNrwNLUciWkuhQOzQt_8Lp9vo_GuI6nK6kHrpHz_bBQUp2wNepe6_DhM8KK0e5Pf1e5Uv6tUTJMOLbHPEL_s1FjfdrDoNWlXlNH6Fdz2T2CCxlDjddPNr8VAW88rnNWpuWAP7MpWihum1tk91SAzb9E-3JzwvhWQS7E4nA8QNZzKF5gUQ9Ly7cgOKClxtHn-UjHZ2gDcqajhHVlkPLIMGiD1bacMz9kbFBNTDS_jZBLl7zpRPvV2cUR-kWvQAarpKqhAjSPYEug6sdb0MJR2pnePvogTLvcgYO8mHsq8ERxsdmNn0qtIvZMDkcsuBaXe4OeWsQW2bAh5iAJbb3ZmlPBuEfFAYSX-C9OnHxY3CJ_p3qKuBuBZdhq21cTpzKofaG3xIKpcxvPHfFVZbG4yxEd56blqYcBt1QVU2eY3SVT-344QFUUMlCJmkjQX48GuFDv22uViMfTh__I3s8Z2sg8iJk6MbJ-YqTjOsA5U9jwotX0GnlnwVYoV-9EOLBkWcJYbyKqqbRNmcfIJxQq66trqi5MS92uNFiNsFFNtBJuQevuCgROI-VtVFfJTL4JlD9bAKxtiP7_DP35eItE-CZSkpB-suvisEtXVacynothwwMHGeFDUgwnuzNkNPtJY25Up%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=5952984581379&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 213

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=92116400014479904445008012425014&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=92116400014479904445008012425014&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 215

https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=92116400014479904445008012425014&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=64e59146e7656cda16e372a8&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=

Request Chain 216

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=92116400014479904445008012425014&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=92116400014479904445008012425014&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 219

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=73793400014949504444554012425030&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=73793400014949504444554012425030&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 221

https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=73793400014949504444554012425030&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=64e59146e7656cda16e372ac&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=

Request Chain 222

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=73793400014949504444554012425030&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=73793400014949504444554012425030&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 225

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=90351500014949604444550012425030&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3013416770

Request Chain 226

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8979077678682.422 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJzz79_-8YADFUIFewoddzwDVQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8979077678682.422

Request Chain 250

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3807128083153.009 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CIOMgeD-8YADFUMKogMdkVENgw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3807128083153.009

Request Chain 254

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1863186862975.6921 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLnIguD-8YADFXAPogMdmbsCWA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1863186862975.6921

329 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html Show response
a2zapk.io/
Redirect Chain

https://a2zapk.com/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html?
https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

70 KB
18 KB

306ms
241ms

Document
text/html

2606:4700:20::681a:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:69a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef5e20178aa040c0827ae59e5c6f24224da38f0e32974b8395d7f1d1af0ada1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=16070400, must-revalidate
cf-cache-status: MISS
cf-ray: 7fb0c3896dda35f0-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 23 Aug 2023 04:55:32 GMT
expires: Wed, 23 Aug 2023 08:55:32 GMT
last-modified: Wed, 23 Aug 2023 04:55:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2BDwFkDFoM4GbGPGPMChTMz20OC56epqOVcnWQg0ncoHnrTcrkObM1YbCChKQQ6cAWMcX2HWpU8QXqChQLBl2ltLJPnElf5C84vkPTqrDg18gH0%2FX6xAxn9oRGyhkqu4ge6t54edTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-frame-options: ALLOWALL
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 7fb0c388d9e9372e-FRA
date: Wed, 23 Aug 2023 04:55:31 GMT
expires: Wed, 23 Aug 2023 05:55:31 GMT
location: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yGN3e%2F3mPX%2FaPqPvQHZyCbNOT4TJWJx%2FvFNY86LJOjjqQ0bPjepRsOFMjULzSyDuDsTfrVbM3iLvJYN4tk4LdTt9FOLuI7S4%2BXbtmmSMCCcsYbv3NgEyh5uyAPKM1RZYn98D0z2%2FciU4"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=2592000; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 mainstyle15.css
a2zapk.io/css/ 35 KB
7 KB 32ms
32ms Stylesheet
text/css 2606:4700:20::681a:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/css/mainstyle15.css

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:69a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

856b7627332054da5d97c14110a9d32817707ce60898c83d97004a7268858d60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 489374
cf-polished: origSize=36363
content-encoding: br
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Wed, 15 Apr 2020 09:10:20 GMT
server: cloudflare
etag: W/"8e0b-5a350af75d700"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QZbLpWUo10hB8F%2Bd9IePeFIoBgXW0LIvugk1wAlBtHoswacAUmCPibPBML%2BPJVAYqyCYyRw%2F3jCrE1ARBwb6W6CLR5pKDRynRAQ%2FGOwrl47H3VZbE5Mv0ZCvCo3e%2FRIKPKl6%2B4XzSw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2678400
cf-ray: 7fb0c38aff3d35f0-FRA
expires: Fri, 16 Aug 2024 12:59:18 GMT

GET
H2 200 styleMenuIcon2020.css
a2zapk.io/css/StyleMenuIcon/ 2 KB
950 B 31ms
31ms Stylesheet
text/css 2606:4700:20::681a:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/css/StyleMenuIcon/styleMenuIcon2020.css

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:69a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03c3cdc21d2bff5ce75dcf0a2eff01acefe9a72463d18631dbd8e92adfb194a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 489374
cf-polished: origSize=1712
content-encoding: br
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Tue, 21 Jan 2020 01:25:14 GMT
server: cloudflare
etag: W/"6b0-59c9c479f3280"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NN0pTSRL%2BDXwax9TWY4S1ADhOom5pTv2ptXoN34cl%2BfSBPNKgTvpyD301QDdmNR8yZNdT%2FIMcDmQjIMoGNPmrn5OMkXAcCRHwMKV152YNEovh2hSpiaA2ZEKN8kEKtExQ1lbtP59Qg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2678400
cf-ray: 7fb0c38aff3e35f0-FRA
expires: Fri, 16 Aug 2024 12:59:18 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
87 KB 89ms
38ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SS5VJ1BTPE

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0adb31c5cc2a29488e90d8682baaa114da5b69c6950e0155139d962bf302bccc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89021
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 23 Aug 2023 04:55:32 GMT

GET
H2 200 fb.png
a2zapk.io/images/SocialIcon/ 436 B
877 B 35ms
32ms Image
image/webp 2606:4700:20::681a:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/fb.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:69a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

272f2244814e649578b0ea90e4cc0ba8c97752f5ee3d6dbbb32082a1dce382fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:32 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 489373
cf-polished: origFmt=png, origSize=906
content-disposition: inline; filename="fb.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"38a-571c5d524ad80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eq2DjOLpRi%2F1vIx7btExg%2Ff%2FNN5OsYlPsXnceCWuS7p2lnMpG8wAXwD4tpCn3IofFQeXJLE0ZdPmpvBiBrFvWZCCXHQcJSIBljyQgwykDlaMudmwq8i2TEgnTrrZYzdavewO7YtwfA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fb0c38b4f8935f0-FRA
expires: Sat, 16 Sep 2023 12:59:19 GMT

GET
H2 200 telegram.jpg
a2zapk.io/images/SocialIcon/ 1 KB
2 KB 39ms
35ms Image
image/jpeg 2606:4700:20::681a:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/telegram.jpg

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:69a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0d0cfc322eef2504a71973cdccf2a6b0d2ed6cadf8c2ee812b0f57cfc91f49a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:32 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 489373
cf-polished: origSize=1875
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Fri, 06 Sep 2019 14:17:12 GMT
server: cloudflare
etag: W/"753-591e318216a00"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=poGIhb4ihun7rx4iYE13UeT9JQTqRYvU0EW2CGZESAZSI%2B9aQiSL7GKXO0JB4UsCfiZrKR%2BCrCDHhYXA2dDZw2zJPxIpCSkG1paZb5zxXhb8rXZFj9MweTcRfIrsfUoZy1QekazXtA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fb0c38b4f8b35f0-FRA
expires: Sat, 16 Sep 2023 12:59:19 GMT

GET
H2 200 goog.png
a2zapk.io/images/SocialIcon/ 986 B
1 KB 42ms
39ms Image
image/webp 2606:4700:20::681a:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/goog.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:69a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb41b019613aa88688529bdb45c6496a238f4496d51e9077e2b69ba01102006a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:32 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 489373
cf-polished: origFmt=png, origSize=2328
content-disposition: inline; filename="goog.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"918-571c5d524ad80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D0W2YcNLi%2F46XM9Ok1FaMAZFsRvh3REe%2FB7alLHYVtB57Y%2FkiumgPosu8EA4hUL%2F9lanP8B8w3qNwEp4H6wm9f%2Ft%2BHRvs%2F8%2FSUAewfB8IRQsW3vKASc39ByfQO2h7xKYZMqXQKCjWw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fb0c38b4f8c35f0-FRA
expires: Sat, 16 Sep 2023 12:59:19 GMT

GET
H2 200 yout.png
a2zapk.io/images/SocialIcon/ 1 KB
2 KB 40ms
37ms Image
image/webp 2606:4700:20::681a:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/yout.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:69a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d331fb82724f45c59327c435134c753bc5a07be33b7c94b621d5401d2156fab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:32 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 489373
cf-polished: origFmt=png, origSize=2692
content-disposition: inline; filename="yout.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"a84-571c5d524ad80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XhmxI%2FHuV3bl4y4LLOmsdn1xINb0zw4Pw%2BR%2FhjasdHArBK17QhUND9CTfO%2FKrThfMpjZ2CBvWHLhUPcBb11k4H%2F8CysBJmrmCtpHUGxRutVuEWgfs6s4vk6jQC4yHRd3fIZTLVK5Ug%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fb0c38b4f8e35f0-FRA
expires: Sat, 16 Sep 2023 12:59:19 GMT

GET
H2 200 empty.png
a2zapk.io/images/ 68 B
568 B 37ms
34ms Image
image/png 2606:4700:20::681a:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/empty.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:69a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eba7a7a39459c37cc784afeb2ef1613d0b046b4e1988984fd2f801b568cb7a08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:32 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 489373
cf-polished: origSize=70, status=webp_bigger
content-length: 68
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Mon, 16 Mar 2020 03:51:06 GMT
server: cloudflare
etag: "46-5a0f0ba8dbe80"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mYZQ%2F8pkUumqMOUjBhf0r%2FKO9KLWEqjcPTSmUMXSsrc31wGFra%2BioGq4zKfBMXV80px8Hsdlfrg8757rJUQV0TJIn1cWEB1NSp9%2FGsyVw31P%2F1v8DZN4OrUU4DL0KT4jOTWP3rQ5EQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 7fb0c38b4f9035f0-FRA
expires: Sat, 16 Sep 2023 12:59:19 GMT

GET
H2 200 Loading.gif
a2zapk.io/images/ 13 KB
13 KB 39ms
36ms Image
image/gif 2606:4700:20::681a:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/Loading.gif

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:69a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9f24416dc04e9b661270520183a4080ef0bc4862be4043278716f6debe2d0ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:32 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 489366
cf-polished: origSize=13999, status=webp_bigger
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"36af-571c5d524ad80"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/gif
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fJXfQ8gervY92%2Bz5MgEFGQ9bc%2Fx6FbXN%2FJ4aGyUDsZ%2B5g6eKKhfEjT1UJG9DFNODpVJvoM2ynMABbyvBw93VnBq6jvs1BlWSor0yKxn%2Fzc2xVirNTmgZMh5ZVpDtHh1LJYWsPsvMGA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fb0c38b4f9135f0-FRA
expires: Sat, 16 Sep 2023 12:59:26 GMT

GET
H2 200 laeKBCF2fUwtRr-6YSvnzWxKVpHek9-tNg5hQ4wUVaUEKc9I7sTH2Ekco80_J1UUsQ=w70
play-lh.googleusercontent.com/ 7 KB
7 KB 82ms
31ms Image
image/png 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/laeKBCF2fUwtRr-6YSvnzWxKVpHek9-tNg5hQ4wUVaUEKc9I7sTH2Ekco80_J1UUsQ=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2987f8ce761dbdafa880a50e06360cb287d2db365d490eb5ef0ddfdf9d8cab45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:32 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6673
x-xss-protection: 0
expires: Thu, 24 Aug 2023 04:55:32 GMT

GET
H2 200 ajax-loader.gif
a2zapk.io/images/ 634 B
994 B 35ms
33ms Image
image/gif 2606:4700:20::681a:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/ajax-loader.gif

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:69a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffe96b98423bb7a4e0ca465361afca090f1896831face3abdbd51365e6675c1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:32 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 489366
cf-polished: origSize=673, status=webp_bigger
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"2a1-571c5d524ad80"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/gif
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFyzoQ04mAGCOi3GLvCKmKGRffZOV7i7NZyWQG%2Bx3qrdycPpjvGfibNtGfslob5xw26v%2BmDkTAFboUZZ3NrlpDAmlzUKuLCW38i5h3OigT05zmLaxb0O2WCSp9NF8ZiBJGbhL4LWqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fb0c38b4f9235f0-FRA
expires: Sat, 16 Sep 2023 12:59:26 GMT

GET
H2 200 off.png
a2zapk.io/images/ 2 KB
2 KB 55ms
52ms Image
image/webp 2606:4700:20::681a:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/off.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:69a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fd93de5dab28bfc6583e39bdaac6a7a4b610e0c5c9560984a4ec04f84099f99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:32 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 489373
cf-polished: origFmt=png, origSize=2671
content-disposition: inline; filename="off.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Wed, 21 Nov 2018 11:23:42 GMT
server: cloudflare
etag: W/"a6f-57b2afb820b80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fw%2BI1dXdGw2Ct%2FoNTcEXU81bjMVP3fVKi2inmfVB0j4Hka8vOho6dd1PrN6Bt7sVle0P9Ye6aELrsZc6c84N0ngevDUX26JZ6i9fzo0o9qkwz0i6XR6TzlNglrsiR2clhjExMuvOow%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fb0c38b6fad35f0-FRA
expires: Sat, 16 Sep 2023 12:59:19 GMT

GET
H2 200 fd3cf7dfeb25dbee1baa6483c36bf27f.png
a2zapk.io/images/ 6 KB
6 KB 62ms
59ms Image
image/webp 2606:4700:20::681a:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/fd3cf7dfeb25dbee1baa6483c36bf27f.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:69a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

061dd6591dde25591931dc9470fd0bc3b63f4bf0ed8696af047f5a020c50c542

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:32 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 489373
cf-polished: origFmt=png, origSize=9359
content-disposition: inline; filename="fd3cf7dfeb25dbee1baa6483c36bf27f.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Fri, 07 May 2021 08:36:00 GMT
server: cloudflare
etag: W/"248f-5c1b95142dc00"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dDKtFVOL3sLHn6JKxxMuH7fN4ABbhbqpL8yE1A56AQQPBL7BvDVAD3%2BM5TWl2VXAF4qbASFb58D%2B7P7IfwSMNTCeWTR2XtJOVsjMqCAHiJlffKgUdlErGXdM%2B8J%2BEHXcE2iEkMJYWA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fb0c38b6faf35f0-FRA
expires: Sat, 16 Sep 2023 12:59:19 GMT

GET
H2 200 facebook.png
a2zapk.io/images/SocialIcon/ 514 B
887 B 60ms
57ms Image
image/webp 2606:4700:20::681a:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/facebook.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:69a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bae9fc3e57c860103d1e03360ba3246e3b6c5bcaa6f3183ce8066cc69843a5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:32 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 489366
cf-polished: origFmt=png, origSize=603
content-disposition: inline; filename="facebook.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"25b-571c5d524ad80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=33vxO22gHoYDTieb%2FElcoXOn3Ya%2FWHZCu5qZUEvKQT5IdpEW8uqa0Y4B%2BmuOWM%2FfG4OMmgBunTlKD6KVM3yN%2Bovn1WBhCilaOk2AsbnAzuqsW7u10YIZDb2Mf7cOZkg%2F5mVZLpttpg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fb0c38b6fb035f0-FRA
expires: Sat, 16 Sep 2023 12:59:26 GMT

GET
H2 200 twitter.png
a2zapk.io/images/SocialIcon/ 654 B
1 KB 56ms
54ms Image
image/webp 2606:4700:20::681a:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/twitter.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:69a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7560081f09d7c7cc914628f0d6f9bd2f91a1c33ccd0403e130c441c607d06f33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:32 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 489366
cf-polished: origFmt=png, origSize=710
content-disposition: inline; filename="twitter.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"2c6-571c5d524ad80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jqN4K1ZwecivuyNRT9z7AVUFr%2FkhCrqj3%2BqmrBM9WAJ%2BawS3mOQusLJ6gtKIO0k6lSJXrAFo9xIqGpqU5IBwvj0GBoNev2SmjG04ShVjQ3YlM5k4dXRsOC6pEQbAXfZMYX1O%2FNRPMA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fb0c38b6fb135f0-FRA
expires: Sat, 16 Sep 2023 12:59:26 GMT

GET
H2 200 google.png
a2zapk.io/images/SocialIcon/ 856 B
1 KB 60ms
58ms Image
image/webp 2606:4700:20::681a:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/google.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:69a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b257d5d9d3e857f54d63ff3c6139e086e5c8ca31ab501a7da4b21edd22bdf78a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:32 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 489366
cf-polished: origFmt=png, origSize=929
content-disposition: inline; filename="google.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"3a1-571c5d524ad80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7AjjA6tTWKUP2nyQEM%2B7rqobrRfRwQua3e%2FIqQtueuvYMlgfmBW%2ByywMOE%2BScDfNjyTuQ7AJJ7Suddy6c%2FuK99A5rkdEn5T%2BA%2B7XWjA1M6mkXUtbGbx1uD%2BkJ9aMYUNXMkKEN4HN3A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fb0c38b6fb235f0-FRA
expires: Sat, 16 Sep 2023 12:59:26 GMT

GET
H2 200 diggit.png
a2zapk.io/images/SocialIcon/ 664 B
1 KB 54ms
51ms Image
image/webp 2606:4700:20::681a:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/diggit.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:69a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc1f5610c96200875fb98043688653e3edeb19c69d4037823918a573eca2c9ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:32 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 489366
cf-polished: origFmt=png, origSize=743
content-disposition: inline; filename="diggit.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"2e7-571c5d524ad80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QrJuY%2BvmCgK2VhkG4s%2B3kt%2BJndKo6yb0cnghYoMqo91lmwknv%2BDcziYfD8BenFoP001%2FcL8eg5zQ%2FPOU%2Bk7%2FWClMN2B7QcZzEQsEtDT3%2Fv797iNcRZa6xSF6NY1yQYx4JBHSsXR8JA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fb0c38b6fb435f0-FRA
expires: Sat, 16 Sep 2023 12:59:26 GMT

GET
H2 200 linkedin.png
a2zapk.io/images/SocialIcon/ 600 B
988 B 55ms
53ms Image
image/webp 2606:4700:20::681a:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/linkedin.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:69a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b582acaf161db1ef436343a487e95a35a5ee579d35893ad726dce7fa4b85b4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:32 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 489366
cf-polished: origFmt=png, origSize=676
content-disposition: inline; filename="linkedin.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"2a4-571c5d524ad80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X6%2FbKQd%2FhnxYLWz4es2R5u1zZDdlr4TBGQl%2BzmOlYMrqyz%2BWQYAxNUb9hgnnE05HxcPV4OaUq857MnrwWwJn6b8ACKv4cbGlAA2LMW5McIOvsnRF%2B3z56U1UriEKAMWRD%2BK2lzLKcg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fb0c38b6fb535f0-FRA
expires: Sat, 16 Sep 2023 12:59:26 GMT

GET
H2 200 reddit.png
a2zapk.io/images/SocialIcon/ 1 KB
1 KB 57ms
55ms Image
image/webp 2606:4700:20::681a:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/reddit.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:69a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ae11b8d7458ea7d87d6889e190ad6b5701aaf6072f54df327f745c997c3a0d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:32 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 489366
cf-polished: origFmt=png, origSize=1109
content-disposition: inline; filename="reddit.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"455-571c5d524ad80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ASIu6AAcdQXE4zWR0mxnNcwar6f9iNCBmzp4pEz3jSpuxv1kvowIYKh88xfqUxkWMUnooMgBglleokjEjXWbp6olDB7qMVgEwysqeJ0hHPMAOXVPDJw%2FA2ddmvcDulLoHTYt3ZH1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fb0c38b6fb635f0-FRA
expires: Sat, 16 Sep 2023 12:59:26 GMT

GET
H2 200 stumbleupon.png
a2zapk.io/images/SocialIcon/ 670 B
1 KB 58ms
56ms Image
image/webp 2606:4700:20::681a:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/stumbleupon.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:69a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40973a3e0be1b19f1d4a5c766421814dc51eaa807a8568e95619bebe2903473d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:32 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 489366
cf-polished: origFmt=png, origSize=759
content-disposition: inline; filename="stumbleupon.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"2f7-571c5d524ad80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FMJtRvlL6FuB%2Bh0zk9%2FJ%2BiJCEeTuXPjrBiIsAH9TEYWH88hjs8IF1inuePY7gTJLoLzhM0BYlwZ4vvj03lwfTq1RDzbb6B517Sbbix%2BGYbQ3deMMnV3leBpn2CCD2lg1ysV5eHy6jg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fb0c38b6fb835f0-FRA
expires: Sat, 16 Sep 2023 12:59:26 GMT

GET
H2 200 tumblr.png
a2zapk.io/images/SocialIcon/ 568 B
948 B 60ms
58ms Image
image/webp 2606:4700:20::681a:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/tumblr.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:69a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa300a570cc50f33f0dbe6fa43169017bb99a2518e002f72b5a445ae07f7edc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:32 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 489366
cf-polished: origFmt=png, origSize=641
content-disposition: inline; filename="tumblr.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"281-571c5d524ad80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BCl%2FLPEvyPFY3AAyIIyNH5l%2FbD8EEXhDshy7vs%2BsG0j%2BBnU62D3trZHvbrg9xamBhJKCkmvTxwgO%2Be4i7YEP50HpOUXIa023YvW2wpp7oGSjM9qyjysiUhYqY0EMoWdqM9wiWT1tIA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fb0c38b6fba35f0-FRA
expires: Sat, 16 Sep 2023 12:59:26 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/ 82 KB
27 KB 68ms
25ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1166167
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 26657
last-modified: Thu, 22 Jun 2023 11:06:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942b1e-6821"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kegk%2FJ2CmmplKT7baFm%2BKjO8DR%2BWaC%2F9LqcPVR6fuy51i6un7XFDcn%2BMaN2wIhLJgbLDXbKJzrCBLIaBdDi5dJMOz41QYyjdHv0zuN5Sk96ExxZM2tcZZTJPogAfy3J57nMmpEJFx6nRaiPgiNNHqQDo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fb0c38b6f392c27-FRA
expires: Mon, 12 Aug 2024 04:55:32 GMT

GET
H2 200 jquery.lazyload.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery_lazyload/1.9.7/ 3 KB
1 KB 69ms
27ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery_lazyload/1.9.7/jquery.lazyload.min.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80351098c2478918bb80008d7836499305bf6f4d4b2abf742b8823255bbb0d8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 7290892
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1120
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-d35"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G4UwW4rz3Cs4HBi4unbUhCDeGa2kVpBFW55erqFMzXKuFJMxDaHGRjYIknsQd6Suh653xSnG6NXFldIjxJuX3FjsL9xazJ8cUZF78cNnj%2BvmdM%2BOuOFETwT40S%2BJFrRiuHpvZ%2BBW3tZmE560y1eHlOMb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fb0c38b6f3f2c27-FRA
expires: Mon, 12 Aug 2024 04:55:32 GMT

GET
H2 200 main2019.js Show response
a2zapk.io/js/ 7 KB
2 KB 38ms
35ms Script
application/javascript 2606:4700:20::681a:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/js/main2019.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:69a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8555fd4d9b084d0196daff5bcd75bff3931dec40f27ba33b5ab400ac9d90ceb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 489374
cf-polished: origSize=7007
content-encoding: br
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 09 May 2019 10:35:22 GMT
server: cloudflare
etag: W/"1b5f-5887201d5ee80"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xWxfummFuRpBljAyBfq5qJeHZ8Y25GuUbv2ubOSDEZPe1F0BWuM76AY1NMxXeX58X%2BnhwWKl9APcT5ZIRBlPscbxW6CKwmiRiWQRf7gT1GZNs5qBmIhwtBdhy952m7AifqcQwbgDfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fb0c38b4f8235f0-FRA
expires: Fri, 16 Aug 2024 12:59:18 GMT

GET
H2 200 apk2019.js Show response
a2zapk.io/js/ 4 KB
2 KB 41ms
38ms Script
application/javascript 2606:4700:20::681a:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/js/apk2019.js?v=07-26-2023

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:69a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2925735552eb35109c7d23a42579810b5f46bad2bc1b602fd0a1aff0d215eda9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 489367
cf-polished: origSize=4702
content-encoding: br
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Tue, 04 Jul 2023 15:14:26 GMT
server: cloudflare
etag: W/"125e-5ffaabd256f06"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rp4RTzKUbhjmNYBCJiYXlCRbKpusE7MkTZAE1QpDNlip5wjjA1tYFLCh76hAN7nav1LlA6sO8cC9hTsoNXKzfKE2JxccSJop7lR29QHYuGElTZyRxEchfdQvPCKUkiA6oMq%2Fe2COug%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fb0c38b4f8635f0-FRA
expires: Fri, 16 Aug 2024 12:59:25 GMT

GET
H2 200 notification.js Show response
a2zapk.io/js/ 9 KB
2 KB 42ms
38ms Script
application/javascript 2606:4700:20::681a:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/js/notification.js?v=06012019

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:69a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56b2ee5bf0628946267ddcaf4be02035e2f89ec2d050157614a6e99e0375e94d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 489374
cf-polished: origSize=13287
content-encoding: br
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 04 Jul 2019 01:48:42 GMT
server: cloudflare
etag: W/"33e7-58cd12d713280"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A3HQRh9CZlorVi%2FVYsc%2BcqGqq0tARlynA1gI2ICZ68d59HL5Mhn1RqekJLNfd6iVoyNf32cFi3sPv1BU3nvqdJNThbtUsziXpyZXhJPwumu3MPhnDTlyXiT4L3yzMpVWa4Q7Zj3gsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: public, max-age=16070400
cf-ray: 7fb0c38b4f8835f0-FRA
expires: Fri, 16 Aug 2024 12:59:18 GMT

GET
H/1.1 200
OK count.js Show response
a2zapk.disqus.com/ 1 KB
2 KB 96ms
22ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.disqus.com/count.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 04:55:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=300; includeSubdomains
X-Amz-Cf-Pop: DFW3-C1
Age: 28
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 22 Aug 2023 21:55:40 GMT
Server: nginx
ETag: "64e52edc-367"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: 9iZmEyeVWj4zcp9NXKovsCSTHKWFxwIfjmGyhbmlspgEuiauSLL1-g==

GET
H2 200 v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 100ms
57ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by: Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer: https://a2zapk.io/
Origin: https://a2zapk.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:32 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 18:10:27 GMT
server: cloudflare
etag: W/"2023.7.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7fb0c38b8c6e696f-FRA

GET
H2 200 adgpt.js Show response
a2zapk.io/ 21 KB
5 KB 166ms
165ms Script
application/javascript 2606:4700:20::681a:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/adgpt.js?v=1.40.8835631893833265

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:69a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43ce40fa9fd479e9c17711fbccf948b53993cf7489d1a46f6586b0bed40660c5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:32 GMT
content-security-policy: frame-ancestors 'self'
content-encoding: br
strict-transport-security: max-age=31536000
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iTipl9A%2BpfhmG0OVvDlmhf%2BZKOBR%2BwVrtAuca7QMbExwuo5zR2JkaUtlEshxai4GM2oh07yVy3c1B4XV3uUNPIemuTHvU%2B1Y5C5xnxATZ3RmoMji%2F0Pya0ZRoELFk1D4YFdrRRwRxw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate, public
cf-ray: 7fb0c38b6fbb35f0-FRA
expires: 0

GET
H2 200 star.svg
a2zapk.io/images/ 762 B
818 B 52ms
51ms Image
image/svg+xml 2606:4700:20::681a:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/star.svg

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/css/mainstyle15.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:69a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de16fd70e645265335ce7453f787726ee7c95d9d379d9759eea0a48d99d28913

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/css/mainstyle15.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:32 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 489367
x-xss-protection: 1; mode=block
last-modified: Thu, 23 Aug 2018 15:56:52 GMT
server: cloudflare
etag: W/"2fa-5741c4eb5d900"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8fwuovUvM7iAmxJuqmzt1u2ui81eHSCJ9pOIErh2kzEbYSLOOBJVGvKg321QceA7WOTz03K2ovAOezHPYKmzN2l1ljO%2BHdO5RWPZJvahISnYvRh2Vl2smOIBnYksY9ecceoLVAi5eQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 7fb0c38b6fbc35f0-FRA
expires: Fri, 16 Aug 2024 12:59:25 GMT

GET
H2 200 stars.svg
a2zapk.io/images/ 901 B
809 B 54ms
54ms Image
image/svg+xml 2606:4700:20::681a:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/stars.svg

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/css/mainstyle15.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:69a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc60e6f6e60e1cc56e2ebfc8d51811b55fc04a29e0a383dfceba765c2e870ba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/css/mainstyle15.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:32 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 489367
x-xss-protection: 1; mode=block
last-modified: Thu, 23 Aug 2018 15:56:52 GMT
server: cloudflare
etag: W/"385-5741c4eb5d900"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n5bieAyzAvslwlxAvx0cqTzqm20CdoitNnLuZYa%2FuBbp1cYTp0dEKtwk32IL%2FPSuBPGYKhtIGFdjVnOOlDJoGCt04RhclvZXULsT4JlYMdGD0TYoHXdzpC8WIT%2BiUDQj%2BFcr2FKcSA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 7fb0c38b6fbd35f0-FRA
expires: Fri, 16 Aug 2024 12:59:25 GMT

GET
H2 200 icomoon.woff
a2zapk.io/css/StyleMenuIcon/ 6 KB
4 KB 51ms
50ms Font
application/font-woff 2606:4700:20::681a:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/css/StyleMenuIcon/icomoon.woff

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/css/StyleMenuIcon/styleMenuIcon2020.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:69a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6135796cbdc91d896457d04e673761aaf6e3b54f51b8dc2162c30a523a81b64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://a2zapk.io/css/StyleMenuIcon/styleMenuIcon2020.css
Origin: https://a2zapk.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:32 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 489374
x-xss-protection: 1; mode=block
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"19bc-571c5d524ad80"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iABDKbXjRFj5HXOvMvJkUYbM3l%2BXroqE9%2BW3hKof8vVwraNRRS3db31FyoY%2F6cQRpOZUvUwy5voxsEYRO2c1yXQ7uZnqZnUooP0e1YY2IyUTj0VrJH07IhJzTlLk1qNbtFHve4QT1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=2678400
vary: Accept-Encoding
cf-ray: 7fb0c38b6fbe35f0-FRA

GET
H2 200 br.gov.caixa.tem.html Show response
a2zapk.io/reviews/ 29 KB
8 KB 1621ms
1621ms XHR
text/html 2606:4700:20::681a:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/reviews/br.gov.caixa.tem.html

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:69a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6314a56f8073aea8790aedca4c3d0e076e08f2b77ead2dbef8bb59083ee47bf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html, */*; q=0.01
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:34 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 23 Aug 2023 04:55:34 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HcgEiM0zXN31V3KnJ3LpbJ%2BsVU6Auv%2F2U6nans%2FfCw2SaKnzUkEHgr6cQRU6GmQhYPGJTB%2FHMg2rDhBJGFcj92vgKttqonQdpeebQE1ewYwYK3QA4aOt3FjlXSWvDeFoam%2BQocpV2w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=16070400, must-revalidate
cf-ray: 7fb0c38bc80735f0-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK count-data.js Show response
a2zapk.disqus.com/ 213 B
794 B 125ms
125ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.disqus.com/count-data.js?2=https%3A%2F%2Fa2zapk.io%2F1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Requested by

Host: a2zapk.disqus.com
URL: https://a2zapk.disqus.com/count.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

ffe0a5b83049b3395df4e98eeac04e5fce824815bc4ba32faf3c7e6b5690a420

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 04:55:32 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 213
X-XSS-Protection: 1; mode=block

GET
H2 200 count.php Show response
a2zapk.io/dl/ 2 B
488 B 155ms
155ms XHR
text/html 2606:4700:20::681a:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/dl/count.php?id=1162999

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:69a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:32 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN, DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n0%2F90aEp7GM7gsgbiMGuNz5l8EK5qMpcQwaRfY90SG6SLqZmY9Q%2FUJLqWGqhoBumVYelXv9KEMTTO%2BxZi4cTUGI9XYDaRfCxeu1%2FW%2FoQMnwubX28VjNpKY7iQlfWZZNsvOXQisJ%2BLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 7fb0c38bf83835f0-FRA
x-xss-protection: 1; mode=block
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 uY7YCS5M6ZlMcAFHMfR2vSLM3rb-_j304I-q54Pw7tHfONoTSxMkf6THzIm1KtbHTuk=w70
play-lh.googleusercontent.com/ 5 KB
5 KB 23ms
19ms Image
image/png 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/uY7YCS5M6ZlMcAFHMfR2vSLM3rb-_j304I-q54Pw7tHfONoTSxMkf6THzIm1KtbHTuk=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c784ecc6cb0492bd4f432b733f0b780026ae16b975dd82d7a951a9f3044d79fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:36:05 GMT
x-content-type-options: nosniff
age: 4767
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4918
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 24 Aug 2023 03:36:05 GMT

GET
H2 200 JdR28cdvmQla9dEW_G6c0ST_75eGtLHj0A3zPehz3aqD_Q__I1WPLWtm1lLANNL5AEXp=w70
play-lh.googleusercontent.com/ 5 KB
5 KB 26ms
21ms Image
image/png 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/JdR28cdvmQla9dEW_G6c0ST_75eGtLHj0A3zPehz3aqD_Q__I1WPLWtm1lLANNL5AEXp=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fb3a4c9440211608ff55f933356f04cdb0a629575902dc4fd80db26b25b45eb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:36:05 GMT
x-content-type-options: nosniff
age: 4767
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4682
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 24 Aug 2023 03:36:05 GMT

GET
H2 200 IcEWj9GdJhsnzYP0lsJEanmmMvvwYNKcKLan6OGZyghOTfdHKuuDKj_zx5T2qdbvUl0=w70
play-lh.googleusercontent.com/ 9 KB
9 KB 48ms
43ms Image
image/png 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/IcEWj9GdJhsnzYP0lsJEanmmMvvwYNKcKLan6OGZyghOTfdHKuuDKj_zx5T2qdbvUl0=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

afcb75952f910e74a87f9c7154e98bd1d3321452a2ff7ddf63eb22dd5f652c7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:36:05 GMT
x-content-type-options: nosniff
age: 4767
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8870
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 24 Aug 2023 03:36:05 GMT

GET
H2 200 3b9eSR7q5p9htVhgRhfSaIM3fmPH57t0awCDzSWtKRKbZ435qUspwwLvqPuGVMWWNw=w70
play-lh.googleusercontent.com/ 5 KB
5 KB 30ms
25ms Image
image/png 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/3b9eSR7q5p9htVhgRhfSaIM3fmPH57t0awCDzSWtKRKbZ435qUspwwLvqPuGVMWWNw=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d21803ddac2c626338f5740a636fe951da54ff17a683b3333dcfeb8addc46edd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:36:05 GMT
x-content-type-options: nosniff
age: 4767
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5478
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 24 Aug 2023 03:36:05 GMT

GET
H2 200 u9o17JyCxjqZIFWIPeWm-kQb7lB5BG6K-5z60pP8LqPEFbdXYdn-lMyTLbdry_DCMyY=w70
play-lh.googleusercontent.com/ 3 KB
3 KB 29ms
24ms Image
image/png 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/u9o17JyCxjqZIFWIPeWm-kQb7lB5BG6K-5z60pP8LqPEFbdXYdn-lMyTLbdry_DCMyY=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0b6cc6eee0743ef299f09a0ff0bada2ffaa3303697b329656903536e1408ea99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:36:05 GMT
x-content-type-options: nosniff
age: 4767
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2904
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 24 Aug 2023 03:36:05 GMT

GET
H2 200 RSu_Yble-5MgqnXbuqaYdj9r97Wv3yE0ICX2vDGAw2QCZPF4wZLA71Q1cEndjR1WpDM=w70
play-lh.googleusercontent.com/ 1 KB
1 KB 27ms
23ms Image
image/png 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/RSu_Yble-5MgqnXbuqaYdj9r97Wv3yE0ICX2vDGAw2QCZPF4wZLA71Q1cEndjR1WpDM=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1d8a10f707df99a7e5d84aeb947777a8daf1be07007780b0c0bf8d0d88707ae9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:36:05 GMT
x-content-type-options: nosniff
age: 4767
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1447
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 24 Aug 2023 03:36:05 GMT

GET
H2 200 I2S025jaYCRIfRLhtXGXK9yTB2pMwhT0sqpjcXfueVWMFsAf0F--c7xEg8u2A8fvBw=w70
play-lh.googleusercontent.com/ 2 KB
3 KB 50ms
46ms Image
image/png 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/I2S025jaYCRIfRLhtXGXK9yTB2pMwhT0sqpjcXfueVWMFsAf0F--c7xEg8u2A8fvBw=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

dd6d8c66459f7e8833acec381118440961ddd6c8f1aa8ca79a39aab3408bd3d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:36:05 GMT
x-content-type-options: nosniff
age: 4767
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2526
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 24 Aug 2023 03:36:05 GMT

GET
H2 200 9qvURM6fXHS_uMSfWemRVdAWGBSSzgG6QF2vbeL12qPnChfry4MR5fuuKiq-8ZrS4p0=w70
play-lh.googleusercontent.com/ 2 KB
2 KB 27ms
23ms Image
image/png 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/9qvURM6fXHS_uMSfWemRVdAWGBSSzgG6QF2vbeL12qPnChfry4MR5fuuKiq-8ZrS4p0=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fd9c717d65bdd2c413a308a962206a19211a04412b5ab2cbac25d34ebadf7434

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:36:05 GMT
x-content-type-options: nosniff
age: 4767
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2165
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 24 Aug 2023 03:36:05 GMT

GET
H2 200 scjTdynpiYyP1aLS8InNR0NLmCh1TyjaEqcFE6UbHDoOx7UGOG9wi2L-URI30UIPWg=w70
play-lh.googleusercontent.com/ 13 KB
13 KB 41ms
37ms Image
image/png 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/scjTdynpiYyP1aLS8InNR0NLmCh1TyjaEqcFE6UbHDoOx7UGOG9wi2L-URI30UIPWg=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

80752a6725c62468e79fec444b115bcbaca5c8d9c84b8328dd297193a89cb23b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:36:05 GMT
x-content-type-options: nosniff
age: 4767
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13213
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 24 Aug 2023 03:36:05 GMT

GET
H2 200 1YI3AZb3qJw020xpKMANKV6XdAzjvz1wAUJHPeljiNdTpvnaB5ziPDvRx1JBCuUHRg=w70
play-lh.googleusercontent.com/ 11 KB
11 KB 32ms
28ms Image
image/png 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/1YI3AZb3qJw020xpKMANKV6XdAzjvz1wAUJHPeljiNdTpvnaB5ziPDvRx1JBCuUHRg=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fff7144fa7e0efc47824ffc51e4c5dbaffaacfd04b89193aaebdb226ca1e3494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:36:05 GMT
x-content-type-options: nosniff
age: 4767
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10998
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 24 Aug 2023 03:36:05 GMT

GET
H2 200 GwYfabKJSuh3ZZic55C9LLvPrud93lyQaVRTrurCxTb68w03I9YRmVcwa_X7K8xc3w=w70
play-lh.googleusercontent.com/ 11 KB
11 KB 61ms
57ms Image
image/png 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/GwYfabKJSuh3ZZic55C9LLvPrud93lyQaVRTrurCxTb68w03I9YRmVcwa_X7K8xc3w=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a231c8c9b85655bd11127d15c1fe0692cf75405dfb436a2614a581caf175453b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:36:05 GMT
x-content-type-options: nosniff
age: 4767
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10897
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 24 Aug 2023 03:36:05 GMT

GET
H2 200 TFb-k4sKePYriyNidES5UD1HDZrVGw7oGtvX1xqGqC8gSijIvpbbPS2qy1jvxZ4wbg=w70
play-lh.googleusercontent.com/ 3 KB
3 KB 57ms
54ms Image
image/jpeg 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/TFb-k4sKePYriyNidES5UD1HDZrVGw7oGtvX1xqGqC8gSijIvpbbPS2qy1jvxZ4wbg=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00067a13f6ac6be3ee460d799be2e268e0973d1f49e6a2737868e3231fb2698a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:36:05 GMT
x-content-type-options: nosniff
age: 4767
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3369
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 24 Aug 2023 03:36:05 GMT

GET
H2 200 HBi_9CAOrQD2fAPf3alES3VEvx7P240-QrpIYcY1-ide-25vfpDSaBrJLD_K5vNKDWec=w70
play-lh.googleusercontent.com/ 6 KB
6 KB 58ms
55ms Image
image/jpeg 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/HBi_9CAOrQD2fAPf3alES3VEvx7P240-QrpIYcY1-ide-25vfpDSaBrJLD_K5vNKDWec=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

03ed6e30bee0904aa1c18913cf4ea46865b9f13c339ef3f0ec6a76feff369c39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:36:05 GMT
x-content-type-options: nosniff
age: 4767
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5759
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 24 Aug 2023 03:36:05 GMT

GET
H2 200 AGUNGOb0JJF0nB4eVJbao8NlZh-W3D-dM0nu8BLuDIL3CUrMtwuCqFUIC7zMACjtiY8=w70
play-lh.googleusercontent.com/ 8 KB
8 KB 63ms
59ms Image
image/png 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/AGUNGOb0JJF0nB4eVJbao8NlZh-W3D-dM0nu8BLuDIL3CUrMtwuCqFUIC7zMACjtiY8=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c438c413fbad7c509b936b0866b354ca6efc56e64bac35fa2127ea1339210a4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:36:05 GMT
x-content-type-options: nosniff
age: 4767
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7922
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 24 Aug 2023 03:36:05 GMT

GET
H2 200 uA2SPkUUN4feau4S-JtJrxjTfjQ7s5_9vTA2dj1ECSPQy_GrQXGzSp_PH0eTibmymsM=w70
play-lh.googleusercontent.com/ 9 KB
9 KB 54ms
51ms Image
image/png 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/uA2SPkUUN4feau4S-JtJrxjTfjQ7s5_9vTA2dj1ECSPQy_GrQXGzSp_PH0eTibmymsM=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a41620a90c460d71993a408748ecc6be5bd243708f42d7289fbb45a2860dc153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:36:05 GMT
x-content-type-options: nosniff
age: 4767
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9206
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 24 Aug 2023 03:36:05 GMT

GET
H2 200 KJ8_UwiIpZ8gbrs2RNXOHy61x-KJqlK8cwYyiJWaw2KFJWbQMimBwyYjwxS6ishBejg=w70
play-lh.googleusercontent.com/ 9 KB
9 KB 69ms
66ms Image
image/png 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/KJ8_UwiIpZ8gbrs2RNXOHy61x-KJqlK8cwYyiJWaw2KFJWbQMimBwyYjwxS6ishBejg=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

29932df8708f3e15ece0c65e81318246162e6fae0fd2cd808b7b37671f151589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:36:05 GMT
x-content-type-options: nosniff
age: 4767
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9069
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 24 Aug 2023 03:36:05 GMT

GET
H2 200 ma7-o27RKC5TIsV_gfiUAhjCIjENCOvTzYqgnzow8b_ObRY-n-BiDxM1nwY4kiB-gO4=w70
play-lh.googleusercontent.com/ 4 KB
4 KB 52ms
49ms Image
image/png 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/ma7-o27RKC5TIsV_gfiUAhjCIjENCOvTzYqgnzow8b_ObRY-n-BiDxM1nwY4kiB-gO4=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4d0bf361440a9dbf3920e1dd043533144b7833ce4d21492ca5464ae72d223c64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:36:05 GMT
x-content-type-options: nosniff
age: 4767
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4411
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 24 Aug 2023 03:36:05 GMT

GET
H2 200 xlB5jNMzKsEWYIa-OgNZzomvoA5jrCYeQTqEN1jXid5DVvZ6riK-ghUewrCvfurM3g=w70
play-lh.googleusercontent.com/ 5 KB
5 KB 50ms
47ms Image
image/png 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/xlB5jNMzKsEWYIa-OgNZzomvoA5jrCYeQTqEN1jXid5DVvZ6riK-ghUewrCvfurM3g=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

16a026e871f95e9662b3e3ed398e5130fa52c26d51a6a39852d79523522e5d57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 02:05:44 GMT
x-content-type-options: nosniff
age: 10188
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4743
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 24 Aug 2023 02:05:44 GMT

GET
H2 200 H_NW9AHAstvavC4btbdThXbWho0-RltR6Y9voF6fBwdS6rPEMgL9aabKtwAjwh0pNQ=w70
play-lh.googleusercontent.com/ 2 KB
2 KB 68ms
65ms Image
image/png 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/H_NW9AHAstvavC4btbdThXbWho0-RltR6Y9voF6fBwdS6rPEMgL9aabKtwAjwh0pNQ=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

05d161ff3a5d195fc70366fa828ac91eec94ed9533a1d65b76af45b8590a4a8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:36:05 GMT
x-content-type-options: nosniff
age: 4767
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1968
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 24 Aug 2023 03:36:05 GMT

GET
H2 200 MbRklIdvQpZqGF6NCStzHYl5-Z8cVq074YaZuuWRCRcE0yB88OHp3AaoNwpKT0xWo_0=w70
play-lh.googleusercontent.com/ 2 KB
2 KB 66ms
63ms Image
image/png 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/MbRklIdvQpZqGF6NCStzHYl5-Z8cVq074YaZuuWRCRcE0yB88OHp3AaoNwpKT0xWo_0=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a8abb6be6c28056ebd4a1fb150f0408b20fa0fd5bee4ca71895ad00f35587269

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:07:56 GMT
x-content-type-options: nosniff
age: 6456
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2417
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 24 Aug 2023 03:07:56 GMT

GET
H2 200 hexunszQESgaMxZdfuGvYdNnS6fRebRqW5lECqadoqlTL3fbJbLL6NKceHlQ58ALXcE=w70
play-lh.googleusercontent.com/ 6 KB
6 KB 64ms
61ms Image
image/png 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/hexunszQESgaMxZdfuGvYdNnS6fRebRqW5lECqadoqlTL3fbJbLL6NKceHlQ58ALXcE=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ce546da4d1f8073e758d6e93363d2bed279008da91f770a2e2d3500ef162ec20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:07:56 GMT
x-content-type-options: nosniff
age: 6456
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6077
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 24 Aug 2023 03:07:56 GMT

GET
H2 200 uWzv2V9qnzDIQ4sM8C0RPMsGS_DnSxt1ZFETCjCTuSDlj__8d2Yq2vmvsIs5KADmZQ=w70
play-lh.googleusercontent.com/ 9 KB
9 KB 66ms
64ms Image
image/png 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/uWzv2V9qnzDIQ4sM8C0RPMsGS_DnSxt1ZFETCjCTuSDlj__8d2Yq2vmvsIs5KADmZQ=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7ff50a60d167f90caf90345162489e4427beb21d5ef393f7703425211f2363d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:36:05 GMT
x-content-type-options: nosniff
age: 4767
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8860
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 24 Aug 2023 03:36:05 GMT

GET
H2 200 dXHAPuotkFlTQlLtrwstPxj4MvbUgKHUKTWGN4Zy_CgiPm7TiNj4jJYN1NOlj6MCDCI=w70
play-lh.googleusercontent.com/ 3 KB
3 KB 65ms
62ms Image
image/jpeg 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/dXHAPuotkFlTQlLtrwstPxj4MvbUgKHUKTWGN4Zy_CgiPm7TiNj4jJYN1NOlj6MCDCI=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

12e99e6da8349480c5038849faf6e0bc4f7294979f545c23893de5bf1bb2dc4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:36:05 GMT
x-content-type-options: nosniff
age: 4767
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2948
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 24 Aug 2023 03:36:05 GMT

GET
H2 200 eB1ddJSuLAN2AIWZ2X1gQ6krzb7VwZ2xhYGOMrOyFe5TSejW364kh82ArhfDBXPW-tg=h300
play-lh.googleusercontent.com/ 27 KB
27 KB 69ms
67ms Image
image/png 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/eB1ddJSuLAN2AIWZ2X1gQ6krzb7VwZ2xhYGOMrOyFe5TSejW364kh82ArhfDBXPW-tg=h300

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b2c6e114d26c42d9a678f0a81a15c8c876fde4b711e852ce7e9735f90bdef370

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:32 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28014
x-xss-protection: 0
expires: Thu, 24 Aug 2023 04:55:32 GMT

GET
H2

200

invisible.js Show response
a2zapk.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/ Frame 383C
Redirect Chain

https://a2zapk.io/cdn-cgi/challenge-platform/scripts/invisible.js
https://a2zapk.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

7 KB
4 KB

29ms
28ms

Script
application/javascript

2606:4700:20::681a:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Server

2606:4700:20::681a:69a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

071df16f827a2a45e644e15918a8a74d7e3cade20649e0d26f70ad454b4e9385

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:32 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1x9Q1SrsOGe0V4HcTUY%2Fod1qiTJcgBVLtAL9HSEG1og5tJxqlZmRMf2eTbNBtTgmPLV%2Bc3sCGT5Ke%2Bz5nVywQh5a0gGVVVuL2zu0e2tzq7Vf6Cz1j5gS4G36fXYpOtr%2BzausdS7Vug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7fb0c38c48c035f0-FRA

Redirect headers

date: Wed, 23 Aug 2023 04:55:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2FPrdTxaH3Ekab%2BUqpbP%2BxTUTBApSdvsCyRfWk%2F4sVhmxb18x9jU5SWZddinD7iZ3J7PRKG%2B6mbzOOvvBfBKUhlo2Rd2dw0t86%2Bcvj5oqXkclEIDIJsDeUbi3qm2Xk0rKBYX4L0z4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
cache-control: max-age=300, public
cf-ray: 7fb0c38c085535f0-FRA

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 77ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-SS5VJ1BTPE&gtm=45je38l0&_p=2013119297&cid=1645202584.1692766533&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692766532&sct=1&seg=0&dl=https%3A%2F%2Fa2zapk.io%2F1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html&dt=CAIXA%20Tem%201.52.1%20APK%20for%20Android&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SS5VJ1BTPE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://a2zapk.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 favicon.ico
googleads.g.doubleclick.net/ 1 KB
1 KB 69ms
21ms Image
image/x-icon 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/favicon.ico

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

996993bfeb7cd9c381255c28e21b63f2c391ef090fe0266f016991eb8e3efdd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:01:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 341632
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 884
x-xss-protection: 0
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/x-icon
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 18 Aug 2024 06:01:40 GMT

POST
H2 200 7fb0c3896dda35f0 Show response
a2zapk.io/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 383C 0
448 B 39ms
38ms XHR
text/plain 2606:4700:20::681a:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a2zapk.io/cdn-cgi/challenge-platform/h/g/cv/result/7fb0c3896dda35f0
Requested by: Host: a2zapk.io
URL: https://a2zapk.io/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:69a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 23 Aug 2023 04:55:32 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7fb0c38d296b35f0-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=54e1uJfiqgHIX4p7LVWxuzsecdjRyXHjjDOsb70OwYdMQRoKe8iUooZDTOFq6b3uXx18pa2rCzs65GcPh1xXbih%2F6etuStSgOr%2FtiSiMAWf8GLM5XCW01W03yVKPqwJn8bx15n5DnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

HEAD
H2 404 auction
srtb.msn.com/ 0
0 131ms
60ms Fetch 204.79.197.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://srtb.msn.com/auction
Requested by: Host: a2zapk.io
URL: https://a2zapk.io/adgpt.js?v=1.40.8835631893833265
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0003.a-msedge.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:32 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 41725414FC3C4FCBAD38530631F6F266 Ref B: FRA31EDGE0817 Ref C: 2023-08-23T04:55:32Z
content-length: 0
x-cache: CONFIG_NOCACHE

POST
H2 204 rum Show response
a2zapk.io/cdn-cgi/ 0
144 B 35ms
35ms XHR
text/plain 2606:4700:20::681a:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:69a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
content-type: application/json

Response headers

date: Wed, 23 Aug 2023 04:55:32 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://a2zapk.io
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7fb0c38d297835f0-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
29 KB 148ms
79ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/adgpt.js?v=1.40.8835631893833265

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

603433014a938ff3a06f27b6fe6b9a57614f494a1a1f52b67b5050798015b3b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28956
x-xss-protection: 0
server: cafe
etag: 543 / 19592 / m202308170101 / config-hash: 11994054189564921139
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 23 Aug 2023 04:55:32 GMT

POST
H2 200 logip.php Show response
a2zapk.io/dl/ 0
364 B 99ms
98ms XHR
text/html 2606:4700:20::681a:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/dl/logip.php

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/adgpt.js?v=1.40.8835631893833265

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:69a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 23 Aug 2023 04:55:32 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-xss-protection: 1; mode=block
pragma: no-cache, no-cache
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yvr4pV%2BMZyX%2FWRUhxDlL3jG1scd%2BqqDM18Ct072g6Rew3oURYMv%2Fo4dFyLmEkhs1zNYprPz%2F37SaMhyB8XPV94%2Bday1KfZmmtjKuaMqemdHWeSGR38V8A7ORouA%2BKmeFbXLRlnYNaA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
cf-ray: 7fb0c38dfa4535f0-FRA
access-control-allow-headers: Content-Type, Authorization
expires: 0, Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/ 402 KB
127 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0b6cf04cd484a5a817d7e64121674b837a42c361df9231f899270acbf49dfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 02:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9174
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129577
x-xss-protection: 0
server: cafe
etag: 2336233631454045957
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 22 Aug 2024 02:22:39 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 166 KB
43 KB 549ms
549ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1284509314015201&correlator=2059446124266504&eid=31076474%2C31077258%2C44780988%2C31068366&output=ldjh&gdfp_req=1&vrg=202308170101&ptt=17&impl=fifs&iu_parts=22959879228%2Cinterstitial-a2z%2Cdesktop1-728%2Cmobileresp3-300%2Cmobileresp2-300%2Cstickyfooter&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F5&prev_iu_szs=1x1%2C300x250%7C320x480%7C336x280%2C728x90%2C300x100%7C250x250%7C300x250%2C250x250%7C300x50%7C200x200%7C300x250%2C1x1%2C320x100%7C120x60%7C300x100%7C728x90%7C300x75&ifi=1&sfv=1-0-40&ists=66&fas=8%2C0%2C0%2C0%2C0%2C1%2C0&sc=1&cookie_enabled=1&abxe=1&dt=1692766533092&lmt=1692759332&adxs=-9%2C650%2C436%2C278%2C258%2C-9%2C-12245933&adys=-9%2C2713%2C75%2C539%2C2171%2C-9%2C-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C1%7C0%7C0%7C2%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fa2zapk.io%2F1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html&vis=1&psz=0x-1%7C1600x250%7C1600x90%7C728x1249%7C728x2045%7C0x-1%7C0x-1&msz=0x-1%7C1600x250%7C1600x90%7C688x100%7C728x50%7C0x-1%7C0x-1&fws=2%2C0%2C0%2C0%2C0%2C2%2C640&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=1645202584.1692766533&ga_sid=1692766533&ga_hid=2013119297&ga_fc=true&dlt=1692766532300&idt=766&adks=2135858098%2C2142338867%2C299942153%2C2763825005%2C2766013119%2C1309157062%2C3626215300&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b42dac777d7dc748668185598425eb5f854581a03d95a24b40db22550b2ecc16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:33 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43889
x-xss-protection: 0
google-lineitem-id: -2,-1,-1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1,-1,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://a2zapk.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 118ms
70ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308170101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c23b4c2c0ec34c5a75957c057a43cead40262ca1ec09c223c4b1bcda0452ce99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11769
x-xss-protection: 0

GET
H2 200 container.html Show response
798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3A2A 6 KB
3 KB 95ms
29ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a2zapk.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 04:55:33 GMT
expires: Thu, 22 Aug 2024 04:55:33 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/ 37 KB
13 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85546fc1dc5bd86a9db3f5d39e5cbc0dd92106c5e67c147d78eddf19b3f13a2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 13:35:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55180
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13156
x-xss-protection: 0
server: cafe
etag: 1643040129009188309
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 21 Aug 2024 13:35:53 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 77ms
29ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Aug 2023 04:55:33 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7537 13 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a2zapk.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 10682
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 01:57:31 GMT
expires: Thu, 22 Aug 2024 01:57:31 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 83D6 829 B
1 KB 82ms
32ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2a59838504944aa2f2ecbd5db4bb836b32d162266a65f78a581219c300233198

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FtN5ph91wUpamomW3aYk-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://a2zapk.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 536
content-security-policy: script-src 'report-sample' 'nonce-FtN5ph91wUpamomW3aYk-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 04:55:33 GMT
expires: Wed, 23 Aug 2023 04:55:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 -ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Show response
pagead2.googlesyndication.com/bg/ Frame 7537 37 KB
14 KB 61ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 10:05:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14754
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Aug 2024 10:05:26 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 83D6 0
0 53ms
53ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308170101&jk=1284509314015201&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7537 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?rg4BIg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 container.html Show response
798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 894A 6 KB
3 KB 23ms
22ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a2zapk.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 04:55:33 GMT
expires: Thu, 22 Aug 2024 04:55:33 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D88E 6 KB
3 KB 21ms
21ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a2zapk.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 04:55:33 GMT
expires: Thu, 22 Aug 2024 04:55:33 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C417 6 KB
3 KB 22ms
21ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a2zapk.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 04:55:33 GMT
expires: Thu, 22 Aug 2024 04:55:33 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DBE4 6 KB
3 KB 22ms
22ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a2zapk.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 04:55:33 GMT
expires: Thu, 22 Aug 2024 04:55:33 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8462 6 KB
3 KB 22ms
22ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a2zapk.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 04:55:33 GMT
expires: Thu, 22 Aug 2024 04:55:33 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 25E5 6 KB
3 KB 22ms
22ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a2zapk.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 04:55:33 GMT
expires: Thu, 22 Aug 2024 04:55:33 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 75AE 624 B
711 B 62ms
60ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj3oLvGATAB&v=APEucNUZNxJTwEe-bj9aNdz5bzES9GHZz0TwcpFWpz-98KNp5MhNm4Hp4T0GdJZ19apHhNx1bTv3Xm4CONCOXlAQTBVf0l7rNNDSD3tep9sspgrGo3GE_7oKcjdkCEgueoVjRKfKkOnzX6WbsAEIPz6jT10BVD2UHcaw-B5YX6lZ4F_wH2L9zjw

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 04:55:33 GMT
expires: Wed, 23 Aug 2023 04:55:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 894A 86 KB
29 KB 116ms
115ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 23 Aug 2023 04:55:33 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 894A 42 B
63 B 55ms
53ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AWyjWUP-14o_I-ETImdaXRWKTQu0m3PHXyumJUGL5G48-y81zw6xLWbFrKYc0C8YaUA0rFBe42X4ud8HlALT8NoNrGRiD4pCyFq6ALnqwFbrMxtpE

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 894A 0
20 B 55ms
54ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14073908322689426386&x=1&ct=77

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/ Frame 894A 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/window_focus_fy2021.js

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 14:22:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52356
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 14:22:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/ Frame 894A 20 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 14:22:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52356
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 14:22:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 894A 181 KB
57 KB 82ms
33ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57781
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692618714633496"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 04:55:33 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E2A0 624 B
506 B 62ms
60ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQt92T3QQYjM257AEwAQ&v=APEucNWgaC2wRGUis35KmUbCMiI-mruyjGSQRLcWmICvYz1sV7_Z0tJ-xYw_fnn2MPUNcg1yHgqi2RtdKsj-hiSY-AZthytmnfgwq0W14iQfwFKA6cyoShOwX2DWi2RGX7-NzT60dIO2QjCwkIYGwDx0kdryLYL6orZMjjrBMWvz3Y48dvMfGNs

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 04:55:33 GMT
expires: Wed, 23 Aug 2023 04:55:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame D88E 86 KB
29 KB 247ms
247ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 23 Aug 2023 04:55:33 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D88E 42 B
63 B 54ms
53ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CQP560pjXhwND8sYiy3DGHzTHKGgwtV8eCY9vLsil_okesDuTla_IfS89QM5BO0Lnof55wbr0_zDt2wOJuG7XXCTXUMH7h3eKNICbdbcWjBGFoYic

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D88E 0
20 B 54ms
53ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6623599114337652009&x=1&ct=77

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame D88E 2 KB
1 KB 136ms
34ms Script
application/javascript 2a02:26f0:3500:d::1732:83c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=189093&plc=6688591&sid=18330&dvregion=0&unit=728x90&autt=1&ppid=103&aufilter1=3060631&prr=1&auevent=ABAjH0iD9X8wT7BrXk2N76QzCnDn&c1=3060631&auorder=1012740201&aulitem=20204990837&aucrtv=495871628&auxch=1&pltfrm=1&ausite=1967185790811&turl=https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html&aubndl=&audeal=
Requested by: Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: db556c877765791cfa9dc4febd9a83ab0dfdd29245b4c0ca786911f4ada39bbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 04:55:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Aug 2023 05:33:57 GMT
Server: UploadServer
ETag: "6d46a47d102d6e155a25a328f8074712"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: max-age=86400,no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 925
Expires: Thu, 03 Aug 2023 05:34:19 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame D88E 8 KB
4 KB 136ms
34ms Script
application/javascript 2a02:26f0:3500:d::1732:83c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&autt=1&ppid=103&aufilter1=3060631&auevent=ABAjH0iD9X8wT7BrXk2N76QzCnDn&c1=3060631&auorder=1012740201&aulitem=20204990837&aucrtv=495871628&auxch=1&pltfrm=1&ausite=1967185790811&turl=https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html&aubndl=&audeal=
Requested by: Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: f6f2d0107d809b81be6d50728b417f8fe0fb3b81502228e2d6200342130efda8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 04:55:33 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Aug 2023 12:12:08 GMT
Server: UploadServer
ETag: "a4ba44fdb5aa5e62c0aa0fe398a723ec"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: max-age=900,no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3467
Expires: Tue, 22 Aug 2023 12:27:48 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/ Frame D88E 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/window_focus_fy2021.js

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 14:22:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52356
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 14:22:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/ Frame D88E 20 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 14:22:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52356
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 14:22:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D88E 181 KB
57 KB 129ms
90ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57781
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692618714633496"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 04:55:33 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7C52 624 B
504 B 63ms
61ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQt92T3QQYoMy57AEwAQ&v=APEucNXp13kbVJJTUxxqEh_6jVp7842wks8tBGxAv4WJLIkzeS8R0UZf4Kwse6Nk0oiADVq3HFhVntrQxOL5LoyCIi7_ZV70zDjoZdBtRTrlWLO84cODb5KWU7efp5fnZBmPTQ-9sGEP_havJgoldBeLQVE31trms2YyXQOsbLw5GLPNEWnoB9c

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 04:55:33 GMT
expires: Wed, 23 Aug 2023 04:55:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C417 86 KB
29 KB 248ms
248ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 23 Aug 2023 04:55:33 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C417 42 B
63 B 54ms
53ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A3S7jzTGDNvRXBHQuQPD5W17YdURHdkOtNughtXsxMszqNUYKcDN8LZKeoBAQVYC2WPZ6SEtyU0URkJlt-ZztsK34dx4uEU5zNUX7lijIopbloOww

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C417 0
20 B 54ms
53ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4150521061741206560&x=1&ct=77

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame C417 2 KB
1 KB 134ms
35ms Script
application/javascript 2a02:26f0:3500:d::1732:83c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=189093&plc=6688589&sid=18330&dvregion=0&unit=300x250&autt=1&ppid=103&aufilter1=3060631&prr=1&auevent=ABAjH0hpqecZRnqEveNARvcmrOKA&c1=3060631&auorder=1012740201&aulitem=20204990837&aucrtv=495871520&auxch=1&pltfrm=1&ausite=1967185790811&turl=https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html&aubndl=&audeal=
Requested by: Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: db556c877765791cfa9dc4febd9a83ab0dfdd29245b4c0ca786911f4ada39bbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 04:55:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Aug 2023 05:33:57 GMT
Server: UploadServer
ETag: "6d46a47d102d6e155a25a328f8074712"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: max-age=86400,no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 925
Expires: Thu, 03 Aug 2023 05:34:19 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame C417 8 KB
4 KB 134ms
35ms Script
application/javascript 2a02:26f0:3500:d::1732:83c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&autt=1&ppid=103&aufilter1=3060631&auevent=ABAjH0hpqecZRnqEveNARvcmrOKA&c1=3060631&auorder=1012740201&aulitem=20204990837&aucrtv=495871520&auxch=1&pltfrm=1&ausite=1967185790811&turl=https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html&aubndl=&audeal=
Requested by: Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: f6f2d0107d809b81be6d50728b417f8fe0fb3b81502228e2d6200342130efda8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 04:55:33 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Aug 2023 12:12:08 GMT
Server: UploadServer
ETag: "a4ba44fdb5aa5e62c0aa0fe398a723ec"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: max-age=900,no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3467
Expires: Tue, 22 Aug 2023 12:27:48 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/ Frame C417 3 KB
1 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/window_focus_fy2021.js

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 14:22:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52356
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 14:22:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/ Frame C417 20 KB
8 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 14:22:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52356
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 14:22:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C417 181 KB
57 KB 132ms
96ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57781
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692618714633496"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 04:55:33 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D812 624 B
506 B 62ms
60ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNWrsyDxMGinUXywJdFp7cHW810xEsDR_a1xkzUrOf_5LJfz7xpv5NrrOKBbmjx5tF3ugU0oo3EyFfYiPyKEF2DyvI0wR3nQaC7cbUQWEumMuL7_qr0qdP80u9pGQvOsUTkN24HWpyPQNSA2-_0t_neTEpkDhfUS-4755xJa2aXobm97fcw

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 04:55:33 GMT
expires: Wed, 23 Aug 2023 04:55:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame DBE4 86 KB
29 KB 240ms
240ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 23 Aug 2023 04:55:33 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame DBE4 42 B
63 B 54ms
53ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ByhRC00THEtfqSWLpvICrzorqhcnHpZs-reMaSezhdvz4Hp7x2zxqmiNLwDMsl8YgijYTQpyZmqppTTE9XEzeUIhqaN1ROhQ7dhZUUA0x9sz6dQYQ

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DBE4 0
20 B 55ms
54ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17201342338728999143&x=1&ct=77

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/ Frame DBE4 3 KB
1 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/window_focus_fy2021.js

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 14:22:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52356
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 14:22:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/ Frame DBE4 20 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 14:22:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52356
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 14:22:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DBE4 181 KB
57 KB 113ms
80ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57781
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692618714633496"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 04:55:33 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 394A 624 B
505 B 68ms
60ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQt92T3QQYjM257AEwAQ&v=APEucNXgy-2VZ39d4twXMP_Aje9syQcwSUQI6B4OCRkeuWHwdKg9HNueuZ_H1AOJOIkuPD9ReHx0Iw2hOq_dpUDa2O444IGnHFty0k2gXrc6I8BfcYDT60DeyCzj2PvwVytkAdST0zWIxJqq_iiP--kaNzZc8a2PJ38TGLoD267OoyB83p2epd0

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 04:55:33 GMT
expires: Wed, 23 Aug 2023 04:55:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4B2E 86 KB
29 KB 238ms
237ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 23 Aug 2023 04:55:33 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 4B2E 2 KB
1 KB 122ms
36ms Script
application/javascript 2a02:26f0:3500:d::1732:83c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=189093&plc=6688591&sid=18330&dvregion=0&unit=728x90&autt=1&ppid=103&aufilter1=3060631&prr=1&auevent=ABAjH0geP2JzRYJpaP7K98CopCzg&c1=3060631&auorder=1012740201&aulitem=20204990837&aucrtv=495871628&auxch=1&pltfrm=1&ausite=1967185790811&turl=https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html&aubndl=&audeal=
Requested by: Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: db556c877765791cfa9dc4febd9a83ab0dfdd29245b4c0ca786911f4ada39bbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 04:55:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Aug 2023 05:33:57 GMT
Server: UploadServer
ETag: "6d46a47d102d6e155a25a328f8074712"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: max-age=86400,no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 925
Expires: Thu, 03 Aug 2023 05:34:19 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 4B2E 8 KB
4 KB 121ms
35ms Script
application/javascript 2a02:26f0:3500:d::1732:83c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&autt=1&ppid=103&aufilter1=3060631&auevent=ABAjH0geP2JzRYJpaP7K98CopCzg&c1=3060631&auorder=1012740201&aulitem=20204990837&aucrtv=495871628&auxch=1&pltfrm=1&ausite=1967185790811&turl=https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html&aubndl=&audeal=
Requested by: Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: f6f2d0107d809b81be6d50728b417f8fe0fb3b81502228e2d6200342130efda8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 04:55:33 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Aug 2023 12:12:08 GMT
Server: UploadServer
ETag: "a4ba44fdb5aa5e62c0aa0fe398a723ec"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: max-age=900,no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3467
Expires: Tue, 22 Aug 2023 12:27:48 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/ Frame 4B2E 3 KB
1 KB 23ms
20ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/window_focus_fy2021.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 14:22:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52356
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 14:22:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/ Frame 4B2E 20 KB
8 KB 23ms
20ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 14:22:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52356
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 14:22:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4B2E 181 KB
57 KB 83ms
64ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57781
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692618714633496"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 04:55:33 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B2E 42 B
63 B 58ms
53ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BQPFmCmbXlfSrCrWRgx2Mlx4gwl3UOZlfRDxBiCnru5UDvZ3ULmofG-RlJwgw_au-Y1PI-Vv-T_m_WRJfkulPcqM_RsQLcwG-0iYNBW-5Z5T1-T2A

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B2E 0
20 B 57ms
53ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=16774362499585264242&x=1&ct=77

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 83F6 624 B
505 B 66ms
61ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNVwz6dRnYSNAmCzJIE2hHL-pfKCH8qudIhQoni79qe6N9XREXzAxvks8XU8YhY2WUyUeu7mMUNbZRONIppMBfSWPSF7qnGScHfTIkD092qpaGLgiZtWpCeh4Z_-fC916orUufnVxnqQIenDCb-NzjKQU32-vALZ2nPlCfZPWg6I33z6o0I

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 04:55:33 GMT
expires: Wed, 23 Aug 2023 04:55:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 25E5 86 KB
29 KB 240ms
236ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 23 Aug 2023 04:55:33 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 25E5 42 B
63 B 57ms
53ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AnOYSh-nyA5v2LlRPraKUCy1DhgBQ-OwIivcJP79ZpwdFMDu_FbW9Px9XYuHWOSpIRwGlKaGX4W8hMfZCHd7g__ah40k2IWueSCF05xCJVReci-1w

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 25E5 0
20 B 57ms
54ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1423757762971330388&x=1&ct=77

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/ Frame 25E5 3 KB
1 KB 23ms
19ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/window_focus_fy2021.js

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 14:22:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52356
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 14:22:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/ Frame 25E5 20 KB
8 KB 23ms
20ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 14:22:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52356
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 14:22:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 25E5 181 KB
57 KB 98ms
83ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57781
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692618714633496"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 04:55:33 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 75AE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOPUjxpmlnDbBWgrNzvLzd0&google_cver=1

43 B
632 B

32ms
21ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOPUjxpmlnDbBWgrNzvLzd0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj3oLvGATAB&v=APEucNUZNxJTwEe-bj9aNdz5bzES9GHZz0TwcpFWpz-98KNp5MhNm4Hp4T0GdJZ19apHhNx1bTv3Xm4CONCOXlAQTBVf0l7rNNDSD3tep9sspgrGo3GE_7oKcjdkCEgueoVjRKfKkOnzX6WbsAEIPz6jT10BVD2UHcaw-B5YX6lZ4F_wH2L9zjw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Aug 2023 04:55:33 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOPUjxpmlnDbBWgrNzvLzd0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 75AE
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOWRRfG7bKYZfnCV3dyREwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEXIj3j8h_Ll5a-GzmKLq8E&google_cver=1

43 B
632 B

22ms
21ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEXIj3j8h_Ll5a-GzmKLq8E&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj3oLvGATAB&v=APEucNUZNxJTwEe-bj9aNdz5bzES9GHZz0TwcpFWpz-98KNp5MhNm4Hp4T0GdJZ19apHhNx1bTv3Xm4CONCOXlAQTBVf0l7rNNDSD3tep9sspgrGo3GE_7oKcjdkCEgueoVjRKfKkOnzX6WbsAEIPz6jT10BVD2UHcaw-B5YX6lZ4F_wH2L9zjw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Aug 2023 04:55:34 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEXIj3j8h_Ll5a-GzmKLq8E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 75AE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEL-E6Z-awHL7BeZWdawK-PQ&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEL-E6Z-awHL7BeZWdawK-PQ%26google_cver%3D1

43 B
893 B

30ms
29ms

Image
image/gif

185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEL-E6Z-awHL7BeZWdawK-PQ%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj3oLvGATAB&v=APEucNUZNxJTwEe-bj9aNdz5bzES9GHZz0TwcpFWpz-98KNp5MhNm4Hp4T0GdJZ19apHhNx1bTv3Xm4CONCOXlAQTBVf0l7rNNDSD3tep9sspgrGo3GE_7oKcjdkCEgueoVjRKfKkOnzX6WbsAEIPz6jT10BVD2UHcaw-B5YX6lZ4F_wH2L9zjw

Protocol

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:34 GMT
an-x-request-uuid: 5134c8cc-3519-4ad8-ae33-22be8af3b954
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 84.19.175.183; 84.19.175.183; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:33 GMT
an-x-request-uuid: 985d49ab-2c02-4df2-93f2-d20688e28400
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEL-E6Z-awHL7BeZWdawK-PQ%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 84.19.175.183; 84.19.175.183; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 75AE
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU4NjcwMjcxNDgwMzcxMjUzOQ%3D%3D

170 B
188 B

34ms
32ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU4NjcwMjcxNDgwMzcxMjUzOQ%3D%3D

Requested by

Protocol

Server

142.250.184.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:34 GMT
an-x-request-uuid: 94583dfe-63ee-4618-9637-d5137098b41d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU4NjcwMjcxNDgwMzcxMjUzOQ%3D%3D
x-proxy-origin: 84.19.175.183; 84.19.175.183; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E2A0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOPUjxpmlnDbBWgrNzvLzd0&google_cver=1

43 B
632 B

34ms
23ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOPUjxpmlnDbBWgrNzvLzd0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQt92T3QQYjM257AEwAQ&v=APEucNWgaC2wRGUis35KmUbCMiI-mruyjGSQRLcWmICvYz1sV7_Z0tJ-xYw_fnn2MPUNcg1yHgqi2RtdKsj-hiSY-AZthytmnfgwq0W14iQfwFKA6cyoShOwX2DWi2RGX7-NzT60dIO2QjCwkIYGwDx0kdryLYL6orZMjjrBMWvz3Y48dvMfGNs
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Aug 2023 04:55:33 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOPUjxpmlnDbBWgrNzvLzd0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E2A0
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOWRRfG7bKYZfnCV3dyREwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEXIj3j8h_Ll5a-GzmKLq8E&google_cver=1

43 B
632 B

23ms
23ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEXIj3j8h_Ll5a-GzmKLq8E&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQt92T3QQYjM257AEwAQ&v=APEucNWgaC2wRGUis35KmUbCMiI-mruyjGSQRLcWmICvYz1sV7_Z0tJ-xYw_fnn2MPUNcg1yHgqi2RtdKsj-hiSY-AZthytmnfgwq0W14iQfwFKA6cyoShOwX2DWi2RGX7-NzT60dIO2QjCwkIYGwDx0kdryLYL6orZMjjrBMWvz3Y48dvMfGNs
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Aug 2023 04:55:34 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEXIj3j8h_Ll5a-GzmKLq8E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame E2A0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEL-E6Z-awHL7BeZWdawK-PQ&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEL-E6Z-awHL7BeZWdawK-PQ%26google_cver%3D1

43 B
893 B

35ms
34ms

Image
image/gif

185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEL-E6Z-awHL7BeZWdawK-PQ%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQt92T3QQYjM257AEwAQ&v=APEucNWgaC2wRGUis35KmUbCMiI-mruyjGSQRLcWmICvYz1sV7_Z0tJ-xYw_fnn2MPUNcg1yHgqi2RtdKsj-hiSY-AZthytmnfgwq0W14iQfwFKA6cyoShOwX2DWi2RGX7-NzT60dIO2QjCwkIYGwDx0kdryLYL6orZMjjrBMWvz3Y48dvMfGNs

Protocol

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:34 GMT
an-x-request-uuid: 79c73d9d-e15a-45b4-a194-20a427806f07
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 84.19.175.183; 84.19.175.183; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:33 GMT
an-x-request-uuid: 964a5a47-6a66-4b0f-9774-258f7cecc6d4
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEL-E6Z-awHL7BeZWdawK-PQ%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 84.19.175.183; 84.19.175.183; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E2A0
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIxMjQxNDIzNTQ2NjY1NzQxOA%3D%3D

170 B
243 B

31ms
29ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIxMjQxNDIzNTQ2NjY1NzQxOA%3D%3D

Requested by

Protocol

Server

142.250.184.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:33 GMT
an-x-request-uuid: f823dbf4-ea18-4a34-8cbc-e0bcbb262df4
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIxMjQxNDIzNTQ2NjY1NzQxOA%3D%3D
x-proxy-origin: 84.19.175.183; 84.19.175.183; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7C52
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOPUjxpmlnDbBWgrNzvLzd0&google_cver=1

43 B
632 B

32ms
21ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOPUjxpmlnDbBWgrNzvLzd0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQt92T3QQYoMy57AEwAQ&v=APEucNXp13kbVJJTUxxqEh_6jVp7842wks8tBGxAv4WJLIkzeS8R0UZf4Kwse6Nk0oiADVq3HFhVntrQxOL5LoyCIi7_ZV70zDjoZdBtRTrlWLO84cODb5KWU7efp5fnZBmPTQ-9sGEP_havJgoldBeLQVE31trms2YyXQOsbLw5GLPNEWnoB9c
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Aug 2023 04:55:33 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOPUjxpmlnDbBWgrNzvLzd0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7C52
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOWRRfG7bKYZfnCV3dyREwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEXIj3j8h_Ll5a-GzmKLq8E&google_cver=1

43 B
632 B

22ms
22ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEXIj3j8h_Ll5a-GzmKLq8E&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQt92T3QQYoMy57AEwAQ&v=APEucNXp13kbVJJTUxxqEh_6jVp7842wks8tBGxAv4WJLIkzeS8R0UZf4Kwse6Nk0oiADVq3HFhVntrQxOL5LoyCIi7_ZV70zDjoZdBtRTrlWLO84cODb5KWU7efp5fnZBmPTQ-9sGEP_havJgoldBeLQVE31trms2YyXQOsbLw5GLPNEWnoB9c
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Aug 2023 04:55:34 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEXIj3j8h_Ll5a-GzmKLq8E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 7C52
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEL-E6Z-awHL7BeZWdawK-PQ&google_cver=1

43 B
841 B

28ms
28ms

Image
image/gif

185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEL-E6Z-awHL7BeZWdawK-PQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQt92T3QQYoMy57AEwAQ&v=APEucNXp13kbVJJTUxxqEh_6jVp7842wks8tBGxAv4WJLIkzeS8R0UZf4Kwse6Nk0oiADVq3HFhVntrQxOL5LoyCIi7_ZV70zDjoZdBtRTrlWLO84cODb5KWU7efp5fnZBmPTQ-9sGEP_havJgoldBeLQVE31trms2YyXQOsbLw5GLPNEWnoB9c

Protocol

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:33 GMT
an-x-request-uuid: c3d2b509-2688-4d2e-b36f-fc9de8545ee6
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 84.19.175.183; 84.19.175.183; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEL-E6Z-awHL7BeZWdawK-PQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7C52
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIxMjQxNDIzNTQ2NjY1NzQxOA%3D%3D

170 B
232 B

31ms
29ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIxMjQxNDIzNTQ2NjY1NzQxOA%3D%3D

Requested by

Protocol

Server

142.250.184.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:33 GMT
an-x-request-uuid: fc4ed13f-04d2-42aa-ba88-36781db76f7f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIxMjQxNDIzNTQ2NjY1NzQxOA%3D%3D
x-proxy-origin: 84.19.175.183; 84.19.175.183; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D812
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOPUjxpmlnDbBWgrNzvLzd0&google_cver=1

43 B
632 B

34ms
23ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOPUjxpmlnDbBWgrNzvLzd0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNWrsyDxMGinUXywJdFp7cHW810xEsDR_a1xkzUrOf_5LJfz7xpv5NrrOKBbmjx5tF3ugU0oo3EyFfYiPyKEF2DyvI0wR3nQaC7cbUQWEumMuL7_qr0qdP80u9pGQvOsUTkN24HWpyPQNSA2-_0t_neTEpkDhfUS-4755xJa2aXobm97fcw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Aug 2023 04:55:33 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOPUjxpmlnDbBWgrNzvLzd0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D812
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOWRRfG7bKYZfnCV3dyREwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEXIj3j8h_Ll5a-GzmKLq8E&google_cver=1

43 B
632 B

24ms
24ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEXIj3j8h_Ll5a-GzmKLq8E&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNWrsyDxMGinUXywJdFp7cHW810xEsDR_a1xkzUrOf_5LJfz7xpv5NrrOKBbmjx5tF3ugU0oo3EyFfYiPyKEF2DyvI0wR3nQaC7cbUQWEumMuL7_qr0qdP80u9pGQvOsUTkN24HWpyPQNSA2-_0t_neTEpkDhfUS-4755xJa2aXobm97fcw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Aug 2023 04:55:34 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEXIj3j8h_Ll5a-GzmKLq8E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame D812
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEL-E6Z-awHL7BeZWdawK-PQ&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEL-E6Z-awHL7BeZWdawK-PQ%26google_cver%3D1

43 B
893 B

29ms
29ms

Image
image/gif

185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEL-E6Z-awHL7BeZWdawK-PQ%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNWrsyDxMGinUXywJdFp7cHW810xEsDR_a1xkzUrOf_5LJfz7xpv5NrrOKBbmjx5tF3ugU0oo3EyFfYiPyKEF2DyvI0wR3nQaC7cbUQWEumMuL7_qr0qdP80u9pGQvOsUTkN24HWpyPQNSA2-_0t_neTEpkDhfUS-4755xJa2aXobm97fcw

Protocol

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:34 GMT
an-x-request-uuid: 8bd03464-2271-45b4-bc8f-e2384b120274
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 84.19.175.183; 84.19.175.183; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:33 GMT
an-x-request-uuid: 31d634c3-69cd-4993-94d1-f8e5f8b372e7
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEL-E6Z-awHL7BeZWdawK-PQ%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 84.19.175.183; 84.19.175.183; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D812
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIxMjQxNDIzNTQ2NjY1NzQxOA%3D%3D

170 B
232 B

31ms
30ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIxMjQxNDIzNTQ2NjY1NzQxOA%3D%3D

Requested by

Protocol

Server

142.250.184.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:33 GMT
an-x-request-uuid: 18677e13-1b02-493b-bea5-52dc6a6dcc90
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIxMjQxNDIzNTQ2NjY1NzQxOA%3D%3D
x-proxy-origin: 84.19.175.183; 84.19.175.183; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 394A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEXIj3j8h_Ll5a-GzmKLq8E&google_cver=1

43 B
766 B

31ms
31ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEXIj3j8h_Ll5a-GzmKLq8E&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQt92T3QQYjM257AEwAQ&v=APEucNXgy-2VZ39d4twXMP_Aje9syQcwSUQI6B4OCRkeuWHwdKg9HNueuZ_H1AOJOIkuPD9ReHx0Iw2hOq_dpUDa2O444IGnHFty0k2gXrc6I8BfcYDT60DeyCzj2PvwVytkAdST0zWIxJqq_iiP--kaNzZc8a2PJ38TGLoD267OoyB83p2epd0
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Aug 2023 04:55:33 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEXIj3j8h_Ll5a-GzmKLq8E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 394A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOWRRfyP-4e7z6mMUreSggAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEXIj3j8h_Ll5a-GzmKLq8E&google_cver=1

43 B
766 B

27ms
26ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEXIj3j8h_Ll5a-GzmKLq8E&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQt92T3QQYjM257AEwAQ&v=APEucNXgy-2VZ39d4twXMP_Aje9syQcwSUQI6B4OCRkeuWHwdKg9HNueuZ_H1AOJOIkuPD9ReHx0Iw2hOq_dpUDa2O444IGnHFty0k2gXrc6I8BfcYDT60DeyCzj2PvwVytkAdST0zWIxJqq_iiP--kaNzZc8a2PJ38TGLoD267OoyB83p2epd0
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Aug 2023 04:55:34 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEXIj3j8h_Ll5a-GzmKLq8E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 394A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGwDXbeHhHdx7bEjcBtfFUU&google_cver=1

43 B
843 B

29ms
29ms

Image
image/gif

185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGwDXbeHhHdx7bEjcBtfFUU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQt92T3QQYjM257AEwAQ&v=APEucNXgy-2VZ39d4twXMP_Aje9syQcwSUQI6B4OCRkeuWHwdKg9HNueuZ_H1AOJOIkuPD9ReHx0Iw2hOq_dpUDa2O444IGnHFty0k2gXrc6I8BfcYDT60DeyCzj2PvwVytkAdST0zWIxJqq_iiP--kaNzZc8a2PJ38TGLoD267OoyB83p2epd0

Protocol

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:33 GMT
an-x-request-uuid: 82ad50e2-7f88-4787-8bb2-f86da6388597
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 84.19.175.183; 84.19.175.183; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGwDXbeHhHdx7bEjcBtfFUU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 394A
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIxMjQxNDIzNTQ2NjY1NzQxOA%3D%3D

170 B
232 B

30ms
29ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIxMjQxNDIzNTQ2NjY1NzQxOA%3D%3D

Requested by

Protocol

Server

142.250.184.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:33 GMT
an-x-request-uuid: 9466f3bb-c3f6-4ce6-a55e-ae878c09500b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIxMjQxNDIzNTQ2NjY1NzQxOA%3D%3D
x-proxy-origin: 84.19.175.183; 84.19.175.183; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 83F6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEXIj3j8h_Ll5a-GzmKLq8E&google_cver=1

43 B
632 B

21ms
21ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEXIj3j8h_Ll5a-GzmKLq8E&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNVwz6dRnYSNAmCzJIE2hHL-pfKCH8qudIhQoni79qe6N9XREXzAxvks8XU8YhY2WUyUeu7mMUNbZRONIppMBfSWPSF7qnGScHfTIkD092qpaGLgiZtWpCeh4Z_-fC916orUufnVxnqQIenDCb-NzjKQU32-vALZ2nPlCfZPWg6I33z6o0I
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Aug 2023 04:55:33 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEXIj3j8h_Ll5a-GzmKLq8E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 83F6
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOWRRfyP-4e7z6mMUreSggAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEXIj3j8h_Ll5a-GzmKLq8E&google_cver=1

43 B
632 B

23ms
22ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEXIj3j8h_Ll5a-GzmKLq8E&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNVwz6dRnYSNAmCzJIE2hHL-pfKCH8qudIhQoni79qe6N9XREXzAxvks8XU8YhY2WUyUeu7mMUNbZRONIppMBfSWPSF7qnGScHfTIkD092qpaGLgiZtWpCeh4Z_-fC916orUufnVxnqQIenDCb-NzjKQU32-vALZ2nPlCfZPWg6I33z6o0I
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Aug 2023 04:55:34 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEXIj3j8h_Ll5a-GzmKLq8E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 83F6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGwDXbeHhHdx7bEjcBtfFUU&google_cver=1

43 B
842 B

30ms
29ms

Image
image/gif

185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGwDXbeHhHdx7bEjcBtfFUU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNVwz6dRnYSNAmCzJIE2hHL-pfKCH8qudIhQoni79qe6N9XREXzAxvks8XU8YhY2WUyUeu7mMUNbZRONIppMBfSWPSF7qnGScHfTIkD092qpaGLgiZtWpCeh4Z_-fC916orUufnVxnqQIenDCb-NzjKQU32-vALZ2nPlCfZPWg6I33z6o0I

Protocol

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:33 GMT
an-x-request-uuid: 3a29a5a9-e7b3-4009-8183-aefac36092bf
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 84.19.175.183; 84.19.175.183; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGwDXbeHhHdx7bEjcBtfFUU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 83F6
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIxMjQxNDIzNTQ2NjY1NzQxOA%3D%3D

170 B
232 B

29ms
29ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIxMjQxNDIzNTQ2NjY1NzQxOA%3D%3D

Requested by

Protocol

Server

142.250.184.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:33 GMT
an-x-request-uuid: d950108c-7515-4933-9520-fe0839bd1b40
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIxMjQxNDIzNTQ2NjY1NzQxOA%3D%3D
x-proxy-origin: 84.19.175.183; 84.19.175.183; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 894A 0
20 B 53ms
53ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7041515489025&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 894A 0
20 B 53ms
53ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7041515489025&version=m202307240101&ct=77&x=1&cor=14073908322689425000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 894A 16 KB
12 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BZb024AfBMj3qQt1qNo6m1grh65HMGcr7C7ep1-k3tdxuFXDjHMaRQssZ1QohvdFOgWpT8LM5EDPUSm6LO9RfFBRkxPL6YS26q_tWsumOy5PqkUwLsHikQVvdpzUvu616jk50SuUuOA4JZUSINAkIbHdm7FDty3wUCI8RSIqtqgwIWXZI&cry=1&dbm_d=AKAmf-CQpP08Bv4Q2QSEIlatMMRM4LgKqbYwVojdfVaGa8E5mCkNM120BfEOcU13a6W7byxNiDnQJf9f2pjQWFgVg6IGZ38rWG4D-CIINUw0J5bM0_w8ndNO8Pi1QuAKiEYWuyZaFlnsT3G7Sx1GkJK8A2ekeXU9Jqm7aF2mZtqJrJoEmSfElYcUqg0XGTaFE_aOYbDV8sQIkIG6ne4LolhCyqAWn5Ifj2i7h4pIp76gL2f-oJOpRXVpz-0tNsV75uls3VNpXmoE3lG8oWwVTObIzmyxUFpsU-mTV0PWMLG9O3o_XlXzoK-G03qaM0MFSL0GdRo7JIBkjuXTiJD3FPKXiHYwzj1n9H49m5kldwbNUJdESpcvQt4i9h6mznYIXGDZZNNZIpjvYm-q4Hz87m8CHJ08p7-DdOJOzchf2Q9fDWoNELBN1vbojoUKxfvjk_NxOD0ofoquZLcTuuIubPip2F1XQjI0xYJD2F-Zn_v1RfpRaB_wn65V4r0wUeya7aaQAU5-_PozsHiQBTCZGjMuk-T3HeD5bgKhLBE4Eyx0DpFb48AU432e7-HLJUU4RWznCP6jzLHp6T06eNBj0WmAVq2P_ZblN2-ZvebEldFqog1giAD9A-5QFbLybzroplzWbqCuCUJeNeO_Rjsddbu9hCLF9hUcC10kt7FQfvK521XwOuldp8OPkRBljGOpTHK9optxH1zrTSsWi6Ilk0XJ9L7utNq8aCnThPlrsrygE3UR2yNkvvFy52QHvfrDTF_MDIc1nIyqXYoz0OF0A-okHydTibVQ6x5qma6xHY1apxnqYRjYw2rnChB5cKyWcovOb8Xyj7UM1iColvMn_vBKhJPbPihOB4ZLewm0ZPGm9fqVvRxjzRDeJi9tQTC_GqMuzFmWAN9uLxPTMhZdcFQe4ZuZ1sEVnrnA2zkbV5TQEdlarlq603WfpsNRGxkRu2nKdyLbwJHRg6dlXDQlbfzkmycv1Y74_ODhCyYxwR5rOm0BQMs6FuSOXyNHwdb18lWyceBzwUCIljHh9vxzAKMljnHgfNlWZDZ3apdeqcY9dzuiratdUsqWnSmkQ_wEsYBs5TV3YCu7On6bfE9fnKqh_BCB77kN9o6SbSCI13kXPZnxYgJas2P884P3K6t1DjxjuhJ8kiH-JxbldMMn7j0lvviR5KUFfr7ez-gspM77EA6hSTeKNEba2cO7YMs7BzgnwCPZ9x8Sh2i3f5wpc8ZuX3sZe6T7RYQlLy0Zy_CASk13WIIo89NVGaDdYzibKcQWLty35klw5TRpP_AWy2x77Fwmvi_si6n5ikZ3P6uLcSL9enU5jAk175cA35oOqJsAR6I6m73YszxB65emcHD1gLiqLHxDQ8JLlIyQLflc-QMlvc1kO28M-7DrtPqKM4PlsRWO3hvZgZ4YTn_3i51jWESEPYxl_b4BaMJB-5JAY22yfhsRrzjuPrLnEg-UkvlUQBdusRphwxXXRs1Uf4Ayjd0M2DevKNSXFdvn7aU6y01VNnAjVljfiTJWKPUKGSImo6FPpOvI1kdBJgLShgkKHz3VS3EQpMxBnEzEBCs6UfAT43TTnJNH0b2p1psqu99Ey___fmVH4JRTa-UNYaJGL8cveN4YdVtpE8qTlBNzPyktkDZWjLvVbuX8yNGAXt2qYUCaYs41oKk0Bh5u4Jjs0q_YxtW4iXDYUE_P6SHt_BD3tpzOMY0ogJQQzX65IOdmP7A02Yw8yJ8yyZ8QbPjLF3BBbLCJUlsZCQ7xu9dzbOKrc4t44D029J4yobjulVld7DvhqeCYkTLUAP226FFt1-iQZsRfWnpki-f45aCpdQXtx4PJ6Bt3gNS6OtWpfn0QhgVcnknIT7Dm0Pt-r1nwI-awnJIvkTCH0xVZkoHEiP9JGt1j_Is9zw5A-H8Nq7x7yL4QuCQnIdnq-dXX-IkXF-q2wBhaSoGWi6e6tRgOrkAsPHaSqz1y1jBJves4mLObPc4R-zIAyfaHEI8y2lyALXtS2BVWVAdt5St3voztklozsC7Kq6jaKKD3A3Qfkdq2dKHTmusHOdM_IGryazbjfeNd8d_5yO1PHH0IsX46StGLjOltuyeQdY9M6kp8lqhAtOYS04rigDZ3lAuZab3-bIj2mArzOJ3JvpsR7ouAScPX6YjaPBufKguwkIO_ytFn9NDZKAzpeOnxRxaAqp2wCHRQwLdAOkxWdclFER-Fx6YXFkDOgfpwNJEo5wh41oBQZIrcHwYmO0wYfqfludpJ-n2FWl-PNQIDqj7g7XGyelbeoR4LiNWzozlo0dcxaQxhlKMwIP57GZmzH6a4sH42r5WAa_E0YZUBUZfRtgDZyJSiFZuVnOrNl9BN6RiO297WCSwiMyOYB6tXBQKA181ZlxnfEMQaFDgeHotX5QssVIvzmc3nWfh4sFUYae7UmA1br6jvgqOWWPbsfNJYGX4Qbss9eVh99haxaFYdJz0rlv5SuPSMuuMrqCWAF4Epsf0GW9AGi5HJJZ12L5XK4R6mS_zK6ymNJ77VhFn4ABbbiycq6Sfx6W-3La12-4iewIdWRPnVfHJS2lZzWpDAVYFTOjLRBhAjWwYEx9t_vDnA-n6mPKjMPuRSPXTurVPZI9I92xGpB4C-YnYFoUS1l-OUcgLctw9PEtHQKuEgT9Wlj6C9ampriYpHqghvndWWBHHFrfxW1Yc6fehRDYLkgJ6ztQ72I4Rc02IY0sIS15pW54YdBvkksxE1zfn3gQuv9sgXFCKZNtd6yQrsJR2mc76Fc8GvCN_FUEv_XX9GWyAFLkSnDlGopTr1bsGxjFOmRJ4mN6TfYYQN0_ZD0mI9mhA6X70miDYcxBlH1RrQPFfaGJtigHhz5cvO7yLIUV1tksP7-4t-BQdjTH7Cl1cuJIcCNNdZEjIOUCBwsl3JzVhPeXwrNEgGm6XMY3Hra7dV1y9XUQO4b5vSPbCWMKLqp1ptiQApTIE6sPltH3AS_BQi38kg20T_JIUDo4HMBsGEO8plMS_O4jQnxhperAVrzaryc600h90mssBjh0KzSOLZugOOhEAbZXJ52qhpmylgYsnwLUeRNqI0MIifMNESSx-4fm6SQSPeXDpSVZw3NGeLXt-xt60NZuGQUL4yAlUxtEBxU3UJ5hGytYXJ_z7nikZq-eVPvNkZVklG1FlyfKcrjW3zpWEO8OR_vsB9-Z63HzfHr9h52nx-r9fba0gY_1N9XdUgaoWq89PO_XnH5XUKBhso7KNydnserTZrS8B-I7gad-q30JZVDAeqZX6dT3yQLAZ7Ac3FNnO8o4ZwlYEt8MO7iYewh7OtvZdB8diuBkieLUBpezrMgJ5qlNbsv0pgd4vOcB8fSPXA5cykyeeey1gmtAtnUWbmaQfcLTIsYKgHwS9G0LP-Y_0IQX8NpV68GWYLGY5Gm1eR-FwiW4nGD2LxvjbU2Oqks_rB8OseL4QeXmfUWEWwvGSLclu6rPGd6feZzjcvSZQURyYr5lbmJLSKcLpCrJGNJqFo_C3Ixwz8zecsMnLD_gW_hP3jXFP94zP63w5yaF-RdsTS-3zhcaXry4ZENvyNcdPD7cu3HOJTc__WkM9EfX4rj2vezVhv6-xnfLbzx20RJC6jUn0VjOn8Rm-cZW1SHtFbBqq6KyHMex9xXTVzdvMwW385XTJjFKXd_niMk0gYM1K0AP-PvNQu2BW_5ipJ4DcUpgsgIV2sDB7nela2AVR2nSQdAfdTHZi5aoOt8_a1S78l8xYfHQOqNoZbjiUuu1B8WoA3jlYxQMSkjkrhyGZfaPrsVUKLbedJzfFXbird9-ijAbqUm3MJipJ7QNMrQOZYTNuQIatQ53e0Pm_IPjlWTl6MdLLrDVMWRFywJnYRIuji2xfpx5qbwMgwB0bwKk2khCbZFNdFItHpsACe&cid=CAQSSwBpAlJW23LWUjj9XcvYueloz1hGweZ-YFvXHZFDctb0gZWlav6PZ03evFi-FSdfg_NMHNh9WyufiKe9eY4-Az4OoP_XsCelyHa90BgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=14073908322689425000&adk=1964084972&idt=125&cac=0&dtd=35

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

435fbdcbb203c97d84bc3c7f5b1c57757535ea1627336a49ebdf54b3a9b0d322

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11822
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 63ms
62ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308170101&jk=1284509314015201&bg=!29il2JfNAAZGPLJIZjw7ADQBe5WfOOmx2pcdzTr9QToqnCTgepbGtVev5K7yEbuGdSjal4q22WpZ1Y9t0hVyym4FDpGyAgAAAENSAAAAB2gBBwoAzlMFSqgD8BxPTOP0rh5TtwQG073dbqcMR4Ukgw4XlKqFPpjnOx6HWQaPUKGvIp1jy_xBtF5hSIWYTf2DsLPu7rEqDhEZz27zVdjnG1-Vy9iOWoB_UPYA_MB8ymyuQfpH2x36P70VnETutDh9ZQwP8M8oAzqgl9gnNmiMq4iYmSo8EQpbbMRuwb1go64G6ZVCUoFF_LaSHkm_03fe8iLheLP9NxwwzbqYoTDKV0o0QlnGwrkA8-X5qSTkacXN7NUgosHmc_pX6q47UEIsbtkQmQKz3F8Yd-h9fa03AFsNWXVBusfA0keyBYxWKzBuvpEiCHYVa9EW1qPk2vDGldvz9w378PS-VBwXXWDPjY73tFjL2TLumgYS7bWzFKTx6zR6vp610csJL55MbP5rRvXXJ1SbhrTiJsLaQ0JgWTxLcsZM-pDAdrrlTlOznNHH0Rukrs5DsU0riIpxN6H3hTzEnM7paNarvD5Qhbzi9mdeZYdOlABJlh3AG6kBJ0R0K_l4bbMfNMRBW9xMnBjn9q5I_RF5A8oqo714eP5MRf1D3bKdnFdxoUlPp2_it48Gj5mKfi7xCgtixOHw31CV_Vm-A4J_kg2ffsFT3v2jP_NOUYhZ299EvoxyBlDjt_7q1powKA5kdKtJy2Zacy1klcV1sF-aN_WJIcbdA3L7sNr6-0ekfx-LH1Bw-H3CiOP4DKCV-P0lF7GORBF3prCoCJEFKvSonzPorEUP8MPmPCCT7UmNnKdx09f-lc7ZB9Kn6NYrTQ396xcK384ejec9yZGYOTMQd8-LtwedAig9VDlaLhs1t0SWm_UQutSiHwkNK1P2fscSXW7o4ikxveEL1afM6kEuz6cizCOj1mkE6Bv9GV9BwsjFCNG-OM4m8NITtN44IRnLxvfhORXMzh_RROc6seEcKPchM_3Bq89CGQFh4FO7g1TlUaHsqiuJf6G-gpnQ6_uMUSH9DpS3ymG5HK5LYeqGVGh5YFVvl-QHXeKov9Bypp5YtTlov4jERuWmNPxpUN_SJ7bh5ig9idEGfNlDtwn8UBXjbaXyaeA84g0uQJ4ZbXDg6V8fvtMv31j20mspqlAyJhE3nIIDDkqkHTVoFcZ0BU0VSiSpmHQ1bI5O0XzyzUp4ceRNu6mgvgUK6W65z1HBc1e3Z9l-UFZXaNiasTvRfiJAEfsGM7MfHHpzkuVxjvOkMA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 894A 41 KB
13 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BZb024AfBMj3qQt1qNo6m1grh65HMGcr7C7ep1-k3tdxuFXDjHMaRQssZ1QohvdFOgWpT8LM5EDPUSm6LO9RfFBRkxPL6YS26q_tWsumOy5PqkUwLsHikQVvdpzUvu616jk50SuUuOA4JZUSINAkIbHdm7FDty3wUCI8RSIqtqgwIWXZI&cry=1&dbm_d=AKAmf-CQpP08Bv4Q2QSEIlatMMRM4LgKqbYwVojdfVaGa8E5mCkNM120BfEOcU13a6W7byxNiDnQJf9f2pjQWFgVg6IGZ38rWG4D-CIINUw0J5bM0_w8ndNO8Pi1QuAKiEYWuyZaFlnsT3G7Sx1GkJK8A2ekeXU9Jqm7aF2mZtqJrJoEmSfElYcUqg0XGTaFE_aOYbDV8sQIkIG6ne4LolhCyqAWn5Ifj2i7h4pIp76gL2f-oJOpRXVpz-0tNsV75uls3VNpXmoE3lG8oWwVTObIzmyxUFpsU-mTV0PWMLG9O3o_XlXzoK-G03qaM0MFSL0GdRo7JIBkjuXTiJD3FPKXiHYwzj1n9H49m5kldwbNUJdESpcvQt4i9h6mznYIXGDZZNNZIpjvYm-q4Hz87m8CHJ08p7-DdOJOzchf2Q9fDWoNELBN1vbojoUKxfvjk_NxOD0ofoquZLcTuuIubPip2F1XQjI0xYJD2F-Zn_v1RfpRaB_wn65V4r0wUeya7aaQAU5-_PozsHiQBTCZGjMuk-T3HeD5bgKhLBE4Eyx0DpFb48AU432e7-HLJUU4RWznCP6jzLHp6T06eNBj0WmAVq2P_ZblN2-ZvebEldFqog1giAD9A-5QFbLybzroplzWbqCuCUJeNeO_Rjsddbu9hCLF9hUcC10kt7FQfvK521XwOuldp8OPkRBljGOpTHK9optxH1zrTSsWi6Ilk0XJ9L7utNq8aCnThPlrsrygE3UR2yNkvvFy52QHvfrDTF_MDIc1nIyqXYoz0OF0A-okHydTibVQ6x5qma6xHY1apxnqYRjYw2rnChB5cKyWcovOb8Xyj7UM1iColvMn_vBKhJPbPihOB4ZLewm0ZPGm9fqVvRxjzRDeJi9tQTC_GqMuzFmWAN9uLxPTMhZdcFQe4ZuZ1sEVnrnA2zkbV5TQEdlarlq603WfpsNRGxkRu2nKdyLbwJHRg6dlXDQlbfzkmycv1Y74_ODhCyYxwR5rOm0BQMs6FuSOXyNHwdb18lWyceBzwUCIljHh9vxzAKMljnHgfNlWZDZ3apdeqcY9dzuiratdUsqWnSmkQ_wEsYBs5TV3YCu7On6bfE9fnKqh_BCB77kN9o6SbSCI13kXPZnxYgJas2P884P3K6t1DjxjuhJ8kiH-JxbldMMn7j0lvviR5KUFfr7ez-gspM77EA6hSTeKNEba2cO7YMs7BzgnwCPZ9x8Sh2i3f5wpc8ZuX3sZe6T7RYQlLy0Zy_CASk13WIIo89NVGaDdYzibKcQWLty35klw5TRpP_AWy2x77Fwmvi_si6n5ikZ3P6uLcSL9enU5jAk175cA35oOqJsAR6I6m73YszxB65emcHD1gLiqLHxDQ8JLlIyQLflc-QMlvc1kO28M-7DrtPqKM4PlsRWO3hvZgZ4YTn_3i51jWESEPYxl_b4BaMJB-5JAY22yfhsRrzjuPrLnEg-UkvlUQBdusRphwxXXRs1Uf4Ayjd0M2DevKNSXFdvn7aU6y01VNnAjVljfiTJWKPUKGSImo6FPpOvI1kdBJgLShgkKHz3VS3EQpMxBnEzEBCs6UfAT43TTnJNH0b2p1psqu99Ey___fmVH4JRTa-UNYaJGL8cveN4YdVtpE8qTlBNzPyktkDZWjLvVbuX8yNGAXt2qYUCaYs41oKk0Bh5u4Jjs0q_YxtW4iXDYUE_P6SHt_BD3tpzOMY0ogJQQzX65IOdmP7A02Yw8yJ8yyZ8QbPjLF3BBbLCJUlsZCQ7xu9dzbOKrc4t44D029J4yobjulVld7DvhqeCYkTLUAP226FFt1-iQZsRfWnpki-f45aCpdQXtx4PJ6Bt3gNS6OtWpfn0QhgVcnknIT7Dm0Pt-r1nwI-awnJIvkTCH0xVZkoHEiP9JGt1j_Is9zw5A-H8Nq7x7yL4QuCQnIdnq-dXX-IkXF-q2wBhaSoGWi6e6tRgOrkAsPHaSqz1y1jBJves4mLObPc4R-zIAyfaHEI8y2lyALXtS2BVWVAdt5St3voztklozsC7Kq6jaKKD3A3Qfkdq2dKHTmusHOdM_IGryazbjfeNd8d_5yO1PHH0IsX46StGLjOltuyeQdY9M6kp8lqhAtOYS04rigDZ3lAuZab3-bIj2mArzOJ3JvpsR7ouAScPX6YjaPBufKguwkIO_ytFn9NDZKAzpeOnxRxaAqp2wCHRQwLdAOkxWdclFER-Fx6YXFkDOgfpwNJEo5wh41oBQZIrcHwYmO0wYfqfludpJ-n2FWl-PNQIDqj7g7XGyelbeoR4LiNWzozlo0dcxaQxhlKMwIP57GZmzH6a4sH42r5WAa_E0YZUBUZfRtgDZyJSiFZuVnOrNl9BN6RiO297WCSwiMyOYB6tXBQKA181ZlxnfEMQaFDgeHotX5QssVIvzmc3nWfh4sFUYae7UmA1br6jvgqOWWPbsfNJYGX4Qbss9eVh99haxaFYdJz0rlv5SuPSMuuMrqCWAF4Epsf0GW9AGi5HJJZ12L5XK4R6mS_zK6ymNJ77VhFn4ABbbiycq6Sfx6W-3La12-4iewIdWRPnVfHJS2lZzWpDAVYFTOjLRBhAjWwYEx9t_vDnA-n6mPKjMPuRSPXTurVPZI9I92xGpB4C-YnYFoUS1l-OUcgLctw9PEtHQKuEgT9Wlj6C9ampriYpHqghvndWWBHHFrfxW1Yc6fehRDYLkgJ6ztQ72I4Rc02IY0sIS15pW54YdBvkksxE1zfn3gQuv9sgXFCKZNtd6yQrsJR2mc76Fc8GvCN_FUEv_XX9GWyAFLkSnDlGopTr1bsGxjFOmRJ4mN6TfYYQN0_ZD0mI9mhA6X70miDYcxBlH1RrQPFfaGJtigHhz5cvO7yLIUV1tksP7-4t-BQdjTH7Cl1cuJIcCNNdZEjIOUCBwsl3JzVhPeXwrNEgGm6XMY3Hra7dV1y9XUQO4b5vSPbCWMKLqp1ptiQApTIE6sPltH3AS_BQi38kg20T_JIUDo4HMBsGEO8plMS_O4jQnxhperAVrzaryc600h90mssBjh0KzSOLZugOOhEAbZXJ52qhpmylgYsnwLUeRNqI0MIifMNESSx-4fm6SQSPeXDpSVZw3NGeLXt-xt60NZuGQUL4yAlUxtEBxU3UJ5hGytYXJ_z7nikZq-eVPvNkZVklG1FlyfKcrjW3zpWEO8OR_vsB9-Z63HzfHr9h52nx-r9fba0gY_1N9XdUgaoWq89PO_XnH5XUKBhso7KNydnserTZrS8B-I7gad-q30JZVDAeqZX6dT3yQLAZ7Ac3FNnO8o4ZwlYEt8MO7iYewh7OtvZdB8diuBkieLUBpezrMgJ5qlNbsv0pgd4vOcB8fSPXA5cykyeeey1gmtAtnUWbmaQfcLTIsYKgHwS9G0LP-Y_0IQX8NpV68GWYLGY5Gm1eR-FwiW4nGD2LxvjbU2Oqks_rB8OseL4QeXmfUWEWwvGSLclu6rPGd6feZzjcvSZQURyYr5lbmJLSKcLpCrJGNJqFo_C3Ixwz8zecsMnLD_gW_hP3jXFP94zP63w5yaF-RdsTS-3zhcaXry4ZENvyNcdPD7cu3HOJTc__WkM9EfX4rj2vezVhv6-xnfLbzx20RJC6jUn0VjOn8Rm-cZW1SHtFbBqq6KyHMex9xXTVzdvMwW385XTJjFKXd_niMk0gYM1K0AP-PvNQu2BW_5ipJ4DcUpgsgIV2sDB7nela2AVR2nSQdAfdTHZi5aoOt8_a1S78l8xYfHQOqNoZbjiUuu1B8WoA3jlYxQMSkjkrhyGZfaPrsVUKLbedJzfFXbird9-ijAbqUm3MJipJ7QNMrQOZYTNuQIatQ53e0Pm_IPjlWTl6MdLLrDVMWRFywJnYRIuji2xfpx5qbwMgwB0bwKk2khCbZFNdFItHpsACe&cid=CAQSSwBpAlJW23LWUjj9XcvYueloz1hGweZ-YFvXHZFDctb0gZWlav6PZ03evFi-FSdfg_NMHNh9WyufiKe9eY4-Az4OoP_XsCelyHa90BgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=14073908322689425000&adk=1964084972&idt=125&cac=0&dtd=35

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:22:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 264780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 19 Aug 2024 03:22:34 GMT

GET
H/1.1 200
OK e95xao572jml Show response
hal9000.redintelligence.net/zone/ Frame 894A 12 KB
4 KB 92ms
26ms Script
text/html 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/e95xao572jml?subid=&gdpr=&gdpr_consent=&rnd=1692766533155792&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCFtQwRZHlZJDBCdaB1PIPlbSiKKblvaBp5Zicp8kP8C4QASDeuKidAWCVqrOCwAfIAQmpAhc_Ao6RMrI-qAMByAObBKoE4wFP0BaMQ1FcCKS78F7E2PelYG0fpgfLRer_lwrHpnn0zav9PRFSWVSm4n97JTkmAX76EAgokOFGMSYzQQiBDVCQFJhAstcgmuCALCbTIIebQ03O5RB4Pc0fYxUFx1qBD1JFitBkvUs6Vu0oP7kfkKpY5D_6GgyKF9pGynNeq3AXeUX4fGbsFbApO4HmDUmklHPEZFsnIUL_aB6iUqo-IMS9hWNuqPdpK9CApFtrjLGi1d0Gs9MCkpb8Y6QT47ugT2Tw5AYfwrbwpZu69gv0y-b6fZuzBYxENUrf_c7VkcKRuxLFEsAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMI0PeV3_7xgAMV1gBVCB0VmggFEAEYASAAEgKmzPD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJW23LWUjj9XcvYueloz1hGweZ-YFvXHZFDctb0gZWlav6PZ03evFi-FSdfg_NMHNh9WyufiKe9eY4-Az4OoP_XsCelyHa90BgB%26sig%3DAOD64_1Ii5isXkVjA2RuysmNgRY2wmdjbg%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-BK_I9oZbl2bBuF1HXOEDkOg2RnClmcjCjUu9Rmry9ENCTvehxXZYTae0XeGy-Vt7JCRviFWANzpZPQibPjVJG-J1JGv5T1c4YhJLBMS08N42g_lzyDJRIQUQWUa5bWnQaAPsjIPgP28nF3yzAGLc5Ykp7fKubda1YOKjaBq7HDhMUTgYU%26cry%3D1%26dbm_d%3DAKAmf-D7qNrwNLUciWkuhQOzQt_8Lp9vo_GuI6nK6kHrpHz_bBQUp2wNepe6_DhM8KK0e5Pf1e5Uv6tUTJMOLbHPEL_s1FjfdrDoNWlXlNH6Fdz2T2CCxlDjddPNr8VAW88rnNWpuWAP7MpWihum1tk91SAzb9E-3JzwvhWQS7E4nA8QNZzKF5gUQ9Ly7cgOKClxtHn-UjHZ2gDcqajhHVlkPLIMGiD1bacMz9kbFBNTDS_jZBLl7zpRPvV2cUR-kWvQAarpKqhAjSPYEug6sdb0MJR2pnePvogTLvcgYO8mHsq8ERxsdmNn0qtIvZMDkcsuBaXe4OeWsQW2bAh5iAJbb3ZmlPBuEfFAYSX-C9OnHxY3CJ_p3qKuBuBZdhq21cTpzKofaG3xIKpcxvPHfFVZbG4yxEd56blqYcBt1QVU2eY3SVT-344QFUUMlCJmkjQX48GuFDv22uViMfTh__I3s8Z2sg8iJk6MbJ-YqTjOsA5U9jwotX0GnlnwVYoV-9EOLBkWcJYbyKqqbRNmcfIJxQq66trqi5MS92uNFiNsFFNtBJuQevuCgROI-VtVFfJTL4JlD9bAKxtiP7_DP35eItE-CZSkpB-suvisEtXVacynothwwMHGeFDUgwnuzNkNPtJY25Up%26adurl%3D
Requested by: Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: c79fa24df3e0cdc7c22062880d6fa8d675701e61c8d34c7605135c2e6b742fae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 04:55:34 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4253
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame CAA3 22 KB
8 KB 21ms
20ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 385189
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 17:55:45 GMT
expires: Sat, 17 Aug 2024 17:55:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 AAcHTteNWvda5NIkMe_ZvVfKdabf5_TORLYnjsM_lt8Sy9ZhWQ8=w48
play-lh.googleusercontent.com/a/ 422 B
442 B 38ms
36ms Image
image/png 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/a/AAcHTteNWvda5NIkMe_ZvVfKdabf5_TORLYnjsM_lt8Sy9ZhWQ8=w48

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

27686f826ed1dfe39698b13eba4ac46241a32852e3fac100dd519dde58425fd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:34 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 422
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 likeit.png
a2zapk.io/images/ 192 B
663 B 35ms
33ms Image
image/webp 2606:4700:20::681a:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/likeit.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:69a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26ef1399edc15fddc1cf7e2fedcd2f5be0103c4c23e1c81c72d332407cefe1cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:34 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 489368
cf-polished: origFmt=png, origSize=268
content-disposition: inline; filename="likeit.webp"
content-length: 192
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Fri, 30 Nov 2018 09:44:02 GMT
server: cloudflare
etag: "10c-57bdea3a4dc80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ykB5PEFEbulJcexvqldcWKhOCTVR0p5RqNaa7z%2FMFNCNrj1XRgk70CA%2BUiejiVIx7gkf2CzQwsv7tYA3%2FFRi0wCYXQw7OF2j6NthLYJI27G3q1dXy6VF9aoUSidub7apnkgGSF%2FYfA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 7fb0c395eaf435f0-FRA
expires: Sat, 16 Sep 2023 12:59:26 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DBE4 0
20 B 54ms
53ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5102152249768&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DBE4 0
20 B 54ms
53ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5102152249768&version=m202307240101&ct=77&x=1&cor=17201342338728999000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame DBE4 15 KB
11 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BtaZEMr420eNQeYrkFE4vrbS_I-WtD8URfbpZwL3jBRu0gyejmIqvPYadGbj8ylV4Ru_zQdpNKMif48ujKf1_ZeVlmUvFpAhS28yW9iegjSYNFIbOK06VJhdDa1_4EIhnmW96OSgiD88EeX4RHL2xvb91m8v3Hwayq5ysIk0XD1trOHPI&cry=1&dbm_d=AKAmf-APkQkVqFUuPFCgWniVWottps-WLGjjkJ7x_c1Iu7B47aDVwVuf1fH91ZDeGJyAIk5DdwygWOKczowLPTegV74ytz9r6wJIz_ic3YoLV44aIgw5Owj0yX9t1saaN2fD_RLlKlsnq4JBjEQMQTLxNYdBCAfrVtm3GTxgmEPpzTiRfZjOUMYb1IsUGgO3ovQlq7gd-LyPEvjH_nQIa_x-C3skfoI7uCX2FHJWCfyKn1mCMOdIEQZ6SB-mbSnqymJK4WC9nlpmSzBk1dYbEF1K4TW1vWV2gwswIFK8zfeodblLk2ZJ7URhKxWcO6ffhLUTXtMlwoJd7kd4g4COMrhJ2ZNGlUaY8x5I6ima4dM_Fu1hur1HCITWDcww6UqSzQ8z2u3XmnlzG10pHnx1IZdAfOOXPvbn97lq0e4p6dgVIMc0hUnmHcHb0izFtueSFrHuNXLlcyR666FWLYJ6L2-uHN53x5OxtyaKhDvf9cvFLW5Hgq_ZZAA9XWatec1u8UjUxoG0RiPRHjaDEUo6STdgYjp3nRPBrmhb6KKkeYEWyHasWY2KZrU4D97ia-Pt6oHuDl_Awvfy0a1EiOUR3UXTwQp7RLHm6im-Zy7nqbk9K9j9J6GjpPThPFOPt3tJ-Ma-GPJtvcoYSzH3cefz9K0RfA_3ERowmvgtz2UYBmylB9PIzpkRYe9IUrP0DiTUMu1IKZ5U-TqABzhg62H7bVhU4Hm8Yk2t47ZWDMPlLKdDuEqrbUqDAIqfPXkc1roVhw7Wcmh8vKkqk-zwh--rOxLeAAtrz0-j8KEFxiqB2YrlU3ZEzWIvFww8x96NG6mMH-O1imcNnw4rPt1AzPM0wZReqp50m8k2X7xBAvbNtHz0iLncn6WIsgOk8oS3XcyrzuGD30HA8n_Ox97EvssYc7wre2yW1XqacJnZR9D8oKaHiqEgGE2lC9Svhaokp0S8ufmg5z9Brig7aMQHAS-8cAf_SLnkGWUMhMYRGZ2SnMnJEwSCxpcRfCcayUCYacKmgWTlS8M1ZWm7ebnZvR5nSVtJo85ffPDXmYvHem3lrQ75tLQmwSvClhV7q8X0hyWht2JWEKACFJ2O2wLx78_YUUE4qwMLOsWRnrZ6cFjscTynvzEnGhQfrC2gmaQvv38sV_f8bAuwuSQiXaFCw3sZloeCWSxZKmJuRFQ8qXuhsx5uiFeJ0SJrm9OnzDkbb_g_aXIJQT9FPNqSpRoADBU6YyFUL5fGZK8QLO3mjONMsohvs1DSRdXFXzMGf1ZRIrC9YOkm6l0xokaLjS7q-N9w9yetGiHy81hLdPKhk3ojIsn_dxmfL208SWU5e-vBYBQgZjVwbVVheDpCPl0m0C_bJmBevq_59ep8D1fbcfs5fnInRy7taOhEudQwWI19KGO9UY7cOVWuyppMZe0yfmIxYRrZMmnaNM8OHjlyuzXZvs4T-gp0v7ykM42QP0GN9e2IBlmo7LqrUibTuFjGEmbQeImzxmmEtzh-G84srI4Dn7nRzR7uRc1GyIt0apDdcI7JeICeMc3BAZW7e-hfUsdym5zqJghONtGRXeLdhb8RRL_GObv1YB9OkebcYcHvw74z5qt16dOFehBAXp3_k5XFAY0j-sssKnOE_v60rh5tRvayuFykbqQgtcBUa9uZZncNdNWFNmoKIL7I9AIexlUqibOFYpSW8hKNCSYxe-vCgLtWdfq0BHAdIvFbQabi_1ii9gbUEPBIdURCn-dyuFP0Zy6rGUiJRK8ALxEGf-hPbGbSt5laU4NszNVypIlyQofdUCawgFWuDNCQ2ne5d5JzGbf3eLakhgM3n8L-uoMFSUUd85P9w1JIiVdQBYfcglu_8yVC7-M8-vxvfMZpLpNHTjDmblvjaXTHnRdcKMMr28SC_u4rtxUWk20ZUQuLVLChDlh5pi2jVXBKVTV1WJ8EpgzGMW_SYuhGEQ80nrXkaWTKGOxawtBPn2em9-1AQcjylEe8y4PNdXDd7ktgMsW2GvxjRXAvJpbaDkflD8Wu9z_yTcLvD6NBnPxQ0Ib-sJEbdobkgxe_JkPpA66zjflihXuemSbZ3B9UrsxWbk90QH-pcnI9HXVIfwbz1GyBNjxU5OUMzgbe-JOkrH63jkR2flfIdOzwLnPAQyJawxsp47Z-7PUONgqeYIQn80M5K4R1KmeI8YuSZtRfQdJrbJypi6EyUZSOGDYmxgW4g9EZbBcUPwlxUdmcAy1H7E5uCT-lyuK54i6RY2TMJ0eLkm7thubbU2ngAIOA5y5uPtFnaI0JCHx1wefju3JCgnv9jrdxiuiB1pQ3pkTL_oUHSeMYtnL5vwGFWEJ3wSidWs8Wu8sHYWTlinSd7b1u5Yi1D9fejs11VBK1Kp1nDFhTjYcpQgzT4JknJ449z2mnhTayx2fzHpMP3p-Ry3HpdEHFpOa5xJ1_VTgQDT-wb6D4m63q3IbWLUi9ei8vb6mwm9AnZUHwu3ILFB363Ys6uIi_OU-ADIeW8Ea7nTFUmF4nJ6RkVpducHgUc63C__EWkfKv-80ZOyMkJUDYzWvFu8_duIX-5stgnicdBTnlPiXRIMddDLtF6J4yjDsGdWEsYugcTaSyvsy1khgj0otrMWkRfNAz4z-cD2bhOSyrHQW-r78hRNP7xVQUC_GaKom3EauofOlhkg3WDrCnob1XSwUkU8QrIlGPlk1rwEzz7jvToz3cwIL_eXUmWHfERypziL2fbZ1RKhLKOvqYpE4uvoqW13-M3EVjkIcrlEmfbYSYVP3zen0HO7kJvUl5JPdX4-nyKCzaPZjjyjhuAVOfoKhiyKpN4tSRlYgE7acxbpsVB9cVbT7fqJhdX9gYjowaPInuiZO6x2HmjtqkZ9_DZDdC2mFR8wdgYK_vM5PlB791Im7iYyzT36-PEQUSK1-tbHUvdgB8GnTk4j28hlrIwyjcqpqKF-Mh4-bJYALb9VnDGRE2CDQS_fw47fF-LDbZcP0xD4Si4Rdb2oH_Sz_QwAigKWwbZIuDMwBF1YN2djjrHV789PtiUfOW88T9PLBX9ku35wmaZ2tlYV_u1Kucco7-cpQYg-Nt8JvH-h3OTx_sUXaNSnwm9AzphUWA40Ot2YXzSylPLsfmjNSekc64rCsuVXT5uXP91E_Lsvje9B6TvJCaUTFT8S0ixBlQMdSCRoAp_FpZDdomfSkuy6qS9eroWH6sKdJJO5pYya5hPS_HVc0CkKBlp6EoXCKnswSXQyer9uO9ReD24kLeQCYPtZyoP4NnuMm4DuQ_loijE9Ww2c6j7rQztESi2iAvup70NwcBAo4VnmBx9RrJp7WsuHWxTdJpfOjNX4W3uTIHrOQ7L7E9vBOOeaV8h_U1J_KWq9H83zeop6VmL4QAoNxTqCxVY4xeGJIIidT3NC0j4gXafFfazuQa2hohv1JZLDZsvrlWQ4Dlh5CcSaCGZBLvmNISe1zaW7RncLnUuEGUGzhx469-d_fy4y6HWyPnUlcoSr6TE4zoG-shcf0T8M4zrIxYAyzyZd6XrELT1yFLa7gSuvBsaLswrj2l7a-zYYak_WmGxnc_en6Mm15HNw3awS1MO3l4xUK8M0glbn0wvVrUIcH3zlcn8cecxKiToMRbtFKWr3PwhRp60NgT2LLs1nYJOqu55t15UjRoIy0XppJPmS3br_Zd93H8KOi8pSqfRxe0UoJ2eFjSg0yewa0qMfKvX7mwe1UG2KV5P2GS4PGPXpXBobmh3eUyXI4R0I1B7xbwqgREVqgBkJf7tvH_JwUn4bmmIn3WR9KrMZrM9mTCCUjuWB5Hl-em0bx6mqSFcgHoIGJ_x2OaS7mXkVdmtI0sL8hHzn5_WIs-zEMmCX_4QeW1c0Mhy2ISZ6Og2fKIuCDt1n4a9dHGZZksOjn7mmtOB9NCft493BzA3vqPMh3B-E81nU60Ni5mZOgxWg&cid=CAQSSwBpAlJW23LWUjj9XcvYueloz1hGweZ-YFvXHZFDctb0gZWlav6PZ03evFi-FSdfg_NMHNh9WyufiKe9eY4-Az4OoP_XsCelyHa90BgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=17201342338728999000&adk=3047537735&idt=269&cac=0&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62946b594e574039f80720c4d8e8480ee8f52d008acacc2538591a81ed9294fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11751
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C417 0
20 B 53ms
53ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3268155226565&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C417 0
20 B 53ms
53ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3268155226565&version=m202307240101&ct=77&x=1&cor=4150521061741206500

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C417 29 KB
17 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DjyghHMqM3piOZVqEO0A23mzBTU2aTtO7JKllLzqTJFLFObMz_oGm7B4ujIJxjK23NrtXHoTBA0vw3rBy-IESh7DEef34v6a7sG9AID4EFznXZuvNoiO-3N1cnlVwxBhvzajwCVen3jfPQ6lZaA-YnbxgLwqqGFyNLu-YNKOAovoo_4hY&cry=1&dbm_d=AKAmf-B4kvufn5WEL2j1VSP_TzVXjqH8akbcTNpkYfdDv_03T7qwh54JlG5Jwac1JQeuKnVHDMdfH6T90WKm34oBf2t7_vBjCjXV9N8S2i9tg2Nodljw2ZvwhJ5b6dpEMXJ_N6aHMV7Nn9uZps8ap8XPlj79d8c-8FSSmI6ldtIdtee_d8edLd_4xDZZRtcJ0qvB8fdBz201YdK0iLfuYiTA1CL6E6PDxBLl_3yjgAvm67CkPPsJEO99m_37guM6ni3jdTMTh-aOOy1wA_S5DAniOl3yMdYNrJnno-TLWhcOfH8OAL9rQzy2XVjDD4cmna8Ou2TlzikkI1Au5sP7pcf-zkMMGWaivMWSlf8VqtkKBloq-G23zelWaNjHKQ9Syr1qzHT_diproh6RWHqrJe8WNqL3oqRMxE54uG7L8RF76g7LR--9__Chr_T9zEGO5Yzrkqq3Pogk_QusJf36G6nIUu-8bs5sH6w8VJfq4YWaaq-nvF_HDBTBZs1891geSIeZOgFmCaIyjeGQqtnOezgZUl0tNK174N6LNtqsFCA4zAK6zmEJOohd63-C1Kksu37iMUFHlpeKU6yPjUf53RYqTTSyM4vjM7-OTqpaGkw3LSherpmej1eI0eqoXSISCysdGIT1jRiDXjF1YUMIX_Se-jYLxzjZ4IzdnTPkYFFhBXjG3mv5D6Ci1UTvCr43wD65bjMHxf2YHU8Irm1TJu4p17DC3woC-2bcfMe59SRdszvsocwqJjrhD_Go8pPQ1SqvMYsbjWkRC-QanUK-2NM_oM0vVGjwgrl00129draNAR_a0wrEDUemNmDPhHVlK_CcewT55LibiN-v5UwJSx-8es7EiIsBJiiV7QyTDhctQC9aXov5FhJPFmepda8D7C3jN6u0hYytDKNAT6YH7GQD-Abb8AAp1aKDAX_ephHcl5agvWzQ6LtTWR5pj8VpikEv-UhPaD8H8PITUOs1rIe_KijeXjsxg0biGi5A42auFJgtW8lzviioNtOrkE2jZNpUaXKoyfORy6JM6bT-ZELLpWToWx6HI6VjptnKhSbzkVIDBV5YNSwvOJNpPZkyVhJlH_wWxTZ8k0bcXRXt7aTOQQv-SV7cGhyC4y7zWr1ZtlXHuS09whPfmRc-uuQzo_WQKkpb3Bj8U1JCRTSXUSWYPgc5rUespA76PmsEaDNqwq52Uve_E2bJT8ZuP0GWbHdQPLsfS4rGmxwVrB2N_rV85ssioj9UE3JYTQtMA0sXBg5JGALWWVY3FYmBkAe0VoehlqdVRYhN9OtMHsqJ8yCKoy0SDPOIUkdqozaZc4fP0hxT-ubRDZqIAthvqjp8PsSgp74bZB8dyoHuWpyeFcFfpXEad8BSZJwah90CBjFvcygQsSOBGnUMs_KFviLmtK4GyA5XzR0VmMlZOm6k5cCOEaaipizxvdozS_bGFpf-HIWDXNRLWv5HKfW3E3qP78CSkbEBTrzwyeM09UEXdK06aj5Rr-XBRHJv1Eg5nX0SClfCJMfVgC5maQyHcjuxoLt5p7CCRcyDVliLijqbO69VFZ2Mx80ot_mSZcd368av_VBJoiAhDISuwkmgzlboLgrOVPhzoeHSkKAMdaKkRq6pXo3LmSLtZ8fV_cyme8F8CTzX5ppF1ad5nRF4HYZfpMS85NjWLCEwUkkhGlxrPFEadHaYjjHTlCRPxpo-fBfH_czL9WDY5v27XBsgs2ELbgEpDtTnXGJNaHJmUQrL0dsBugXdtF4VlYB-6YbUe0RtnxaGg5MhH1-KdnJhOUm4F34BAE1P_tSJQCuX3g6uFYg419k-9R6QxVux_b8wTo69LhvBo8DwrZ-SS2pqDNnoUZdca4560puZzmyi2STztzJDXzS-zUvHNtyvxMQykJ8CV2WzUEwDt1C61RrgBiOTV-fQpZwLhupJknz8kQDNDTv0dSmeNws_6v-GFsiu013aWeKG48ChvYEwmgnOa9JLc_08El6UYsLW6lcyM2DtXVpvf-tZJK9YwCkZx9rQ46CFhnmZy-Jgb1_XBztwtPnQC4wwdfgfyN1abKSvomlL1gBOOLKwUINDk2qASNfNjhwWaNBrh9kBc1opszAMjX3IWE75qOFNjclF-6PNdVWy1x9K0KhSS2VjlGoJzshGBP8mKLjXVwk7JDC3SApgMEtEWAOhGKEffTg1O5nMMNj-k_Co0oSG5E3LlTqoU8GwTAU_jGPivCOFd4J9Fz8U5vZLofc1UwWP8fIay0638k5byKueWtILQDmooILSQXodQuoeBOIuYFEEQx9-fk9MR-Jaj62IsjZsIRCMIq3QVW6kTQiE-MY2UJ3SQ3bm7VA7RJyvDs8Wk89NxW4KjKOfEQUWjeBsRVqsRG5vuilYqlc0-NFh_vrjM5fDsjSvl1M-uVqVFjj2j9cViyy4aB0hwFFkdMpbGbil8w9x8RpNhPt-XP6Yxuy3B1zcRKMLtDQ8t9AyjJPMXlvair89C8ZWctGClj7Vxi5d3ky0N6KZ71XFRDrXxrS6ErNv1X6UIdev9GUhBDnYOBTEyR8epAskdlqTSHMzpvWaeC2rkm4tQH_3LDn8pKYQdZMR1qNk230NLqZmfOyYIduwpVG6nuCO1352AggxDNj6U3WHjDjjJTFgB98T-ZcQcZ8KeD9whEarlSt6erShRrdj5F5nh7Is3SLqK44EV35NS0w5ciU2a_rCCpzo2yuUEwto124B9k2s57COjZcn-t-6DtXpP29Pmt_RQ9RO7kAzUirjakYTTNpwqEd7ybo2KXq3-CZfItHhwVrymC4sj3BsjSdoa-gKryW-mp5tCGkMHHO0RmTHYT--LcqC6A9tg-TZ3aQhYwfjGgHGz0zT8OXdrLOIcDFyYb19N_y6i9JOwmTfGiuQyFpLVJZgjhryoDBadcM_8dD4RpiwohlfTtCMc_efFLR49CGk8GzXoNbhgjqrNQ5RXSlKJp3_IW52p7jy5XUrkEKIhLNtlUgGOIZKrJYzsz-7qS6psCB8nN23dDTIk00o4dRjF4U3KBwnPHqnLMbyp0nxVGknpIpi_sF--7ABLG9mlS3K9CgQHkc_0n9YuthfBN8ktEZK64jWEIWawtnBMkuP8czxWn1mlwcLSYkWHzhnmEgUiWD0gt2_fGwYzkKK0zC1JLVNkC9QZtxWgboZO8FLP5v3CUYmc2IAwifkIDShYzjd-Mil73gOB9vIK_mq7XaXdOwCfJkq9F1ly6tC0HPdnw1wQCys2I7PLKKH8Blj3x9Zu6vmPeCa4P1IdX6zltncMyV8DZsmdu-fBQN9vaiD1sYwQhy-mWglg10gqhhsZQBoyEz-FhLwPtd2Ynssj3rq1JUhOJQdzNwixVv-p0IC-JnWE8tLkJ4Pg6fkWqragptzQbS3k03524dm3IsL1DXqm0hxQWswOScCJvmA6Nxqho6HfM3IlalQXKlIPlJhp23qXzUVL6dun4n1s3593WeUSF7on9gFEYq-8HRXxagTLsQnw3Wosd6z4x7Zp6S2uIbu1Lo3XZJ-NKcvEdDBKvcKUFO_LOZ7vWwniJcEBmS0BnkQsuJTXs5vpcYq7Xtn5JaIlxrd7U2Q1fJLS46YqtjsKB0CBGFqqd77dxPo4lNmUcLPU7S-1WnPCpYZ4Vlw8a4Kfd415Z5tYyjDRs0mSlEePsmf0rbt5iSGNGaHQYqPofS--s1mr83UWQx0Mfh9uhaDHVA1ITDbnZeX4X9Ro6JxtcT_yYj5VNLaI_oydkJAHqVD6xoTaeLh_v4&cid=CAQSSwBpAlJW23LWUjj9XcvYueloz1hGweZ-YFvXHZFDctb0gZWlav6PZ03evFi-FSdfg_NMHNh9WyufiKe9eY4-Az4OoP_XsCelyHa90BgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=4150521061741206500&adk=2228999115&idt=274&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08b3abba97569aeb8606fadd21140012c00c333aa01afc3e6eaefcb7aa5c8e48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17618
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B2E 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8032899122576&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B2E 0
20 B 55ms
54ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8032899122576&version=m202307240101&ct=77&x=1&cor=16774362499585264000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4B2E 29 KB
17 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cwh5FrfNJQhdmzmLMwXL0X7C6gzCEmh7IlyHPWHbjEQX_twAO2vJXXvL_Q3cP72PKsY7JGfRX8pelJaeLqWMtyTdL3NGB9jW6k2raoGU5NUtsWKpCa3ahjq1imGy6nLiwzgaYDVuycb8_-OsNu9vi7wELS0e92DwNU-O43gO_7tMsoqxI&cry=1&dbm_d=AKAmf-BBLh-uNAeoxK7ogcoehCIqHticPLdP0kTyWCLudfhYHCZUQE7Sx2ErW63IS5XOwyFayqI4sROztdcIrdzKIHcFs4ThRceE4fQxoQ63ZqZE_E2xNC4yfuEtCozLAZMYwy3db3Z1gJ6SuquFdRWx3KLqZc4QPbn-nS41Hh_wNLueXKRXi_EK9L5V80uevuXWLrXFWvL1kiXRbbxQlNNQebWwj_rfg8g83cwe8yWTDuPdxmoOJVFGKvL0SG-wgCG-FYcjYM8RTpE7lXw5JJpclM1OGxOZFnoZVRvoCx82RiDUymmo4q-R_tkd68yx6OajKfxr-B9q56XMXT_v9SjBGiCckf5Nj5DAQ4tFwaLk2vSuiwUHhnvDBXsfhIecwRldSTXaS1sal5Pkhb9fdziJyqeDfedx_cDQIhFMFqIpvAz0nh98j2VfUYFNCtNS3PUGrEQj96ETM2QUChgPHtCmtWtBRJFV1vxRwcNuq3p_wz_gNIRj7NpKR8Z4WcldvxwhVwRU7JjFh7BR4bo4q02uwSI4nWAuAlnGHlRluLh0xZ8SRMPubyvXhsPIUd1tGAERZRWQZeiu_xtHKBuGn4un70EUtKniAJym-L8CpDyYNhGRIkslXn-zhPchYRkS6abDOQJL_UWj6NVbdtKZ2AqIVaDSdEG1kalAwKfDADJ3oHZ-3JBzqvM9Zm-ApzUWOGLqE43OGi7zjJNqJ4NhgkXVZPlkaPyg793zgtPWI5HkLMT5rOa1bBxJ8ivhTpmIYTcmic_J7Q7MQtL_dbHDQ32qwPsCmq8z7IkTpbv5W_baO6c91Pyd1_yampDvL9d4-7d8DSxucNprzNOqrND0qloWC6-4ypVoAI1ft7qBrDg_io7sutGe9wz4Y_rz4F_ysd8P__zaM3M6An6In5R24Uh8mN65PyNWAJzuHFQEJ7rbuE3U_5KQnoMvWkEYGFuwiQKjxWbdhens-6cCwN4ZEROD5UcGEGcoclkMlvlMxgdUMGKxhKBbvCFAr43URH4QS9dKP6vWfPAQvGHoi-owHz96jkIzKqJGX2aV3v49e7s5P6OzG_RSwktvPOWA3-uv5ZN41Oo9s8-5ExS1t1lJWfBoNqzIra7b0v2GRuDsBAlAGYytzXLULflFD6mb3Yr9773FsASaONjHg0s4oyiwGiyEYXkkC-OzPgQ7Mp_L71bVZ9cdeMGW7CRZEtIHXZhnJlu1y7NsTLFIbF0RhAWcoZ0zHpFo4ZeBCWGriMlZJKwYHnzd6lLhAqRuum0ADRfg5hraBuKxfIsmGyRyJ1DGMvcq5Su5CXmPlpdezY-TTVWyypRbm1-Yatjaqg0mmMl-xOiKkLSQX2N5DFshB9x_KBPHG4eftEeIE3_HDsbooYNcDBhpGyZ8u4LzTwGqeV4byAbr-zY4DTdh6CYv0yJDFdFwPwq0OoMJPsputYhEoT3fEG5jRTaZ_zIPyjH7QcYmnoq3ExRKXk2xSrd4GbU1ymIN9w_HJ9qWRml6TZ6PFs2hyVuCTzSjAtGHJsdfDZmWthkdC2_pZbSItLWdo2e0SIawvjgqC4Wbos1Qb-F6L1u5_wp6xSmhKxQlTcZ_ijAwYlXs2PjKedSnraLBUZVpTSiOfMILeW0I0m4y-PRtFRXkO_BvFLlP58-8ZZcb5OFKDWUtSWjzYx3CNb1kBIz101Q2zWXwN-sCN6FcS_VcBvpZFwTIsuvhE91KKETw055yA5Lv39tDQPvD1TXUUbSIpzLeDZ2TwPyJ7wVzSqtzMWtI3TDFauSd2sZe10sbFJKlEpOXR8RAYoPL389kNZ-llHYurS9z9t5C3NiuEISG8EMluG1kkQ_bHRTnFEv8-yLrKv4M8CZ70tikwCJksyd0_62XCuYeZM4KWQJUXRZyaGQs_Yn6m6lKINsieHl_uW5DAPyaj88L-4_-ToP3Y2voBAv4qy_S2pa4WORhnu-cmSx4xlUBP-tfSKxTvWTfm_zp7-XpyhVwRpJ04nzjrZkPupRd-Hjdd0paWjKmCwvDoHzJTNESveo2zOsDHjFp5JgY4i2l5VGp0G3vo2Y3e9KGug-AFuyl2-kS3435zXRm7ZmdUVurfv0xX1gHDWDM3ZcpCFlwoL_AqzCTBi9y8svVapPpmveOlyW4cCPJl0-6I8YzWJOds_SLEzNaZZPtjHZfbo0-UuCzCtmK-EjRDvjhTQxJjieYUNZhv1UrEWdsY-Awfk6drLy7PGz67qC7nw-3AQmOcb1Yp1oPY1OITGWvrw9HuqNOr4GTaWjZEKh86F7Caa51xPsJhPSu5o_IxEZ6YfJO4AuaozlIc4bQhnSbMViyhr2-fsgF9kP2UhA1TQYT28OYhhTWUVhr38lJGMdEX2QjFUdg8gV-FH4tCAA7bc-DSxZmYEoeW_lLRZk3Y9sV-7LqOAdnkWQvX0CUtzOrj9NuNW_lJvV1ekRf9IaHkWKDoGXp_ccrYU2UP0RSdXsikmurgvcx8wdsL0uNrJjnyhRDvSDtvwzT-wPDmgl2cmbx-qjAn0BzP_p4n0AMnWySKM6zZr_ZXW7-aWNDGwLyXhn27eF2clSDOBRC1lWi-Z88nkmRS9YtZL5xUAysucmPKN9T6kwrI991nQODnHTfyqJBf7puD-35yxEiGBDOpECc6N89dvqVoihs3pfTKM2YvOsAleIt31euM7eJt_73DGYljl9f6Q_b1jfBLKJ1RgJC6X_G99AwgirCf_ZMVq9JV2ZEW620TxJ-SGEHuTKGAiLGKcsFqT6KbrS73SpTs5w2r3lrC14jaKUtEST36N7aiiJzKk949d1QswpT2COpqZBX9Gv1VF69Qd33A2MtLahoxKEnOcnlnXYQ9g5qenwJRnaStKisZdtkj1anWGLwfNwvROS7LG-SbPGUu735zyKiuOscBs1yC3p5kuk7YjeYptPVzWvRlr3ZZFEXzMpDsHyBCAMj-qE1lvkC1YvZO2-9m-swjmkS9WuhPEJNLSlxMNLQlYhjIybrRiQvDAGVklbd7MA-PPQ53a2gOCxM3GikPVGDtFy1eTbVpDa2Q3NmiI11MhIXgwgHK0SXA_5fDXAhjIu8Ooi8yR_jQ57AQz_oRsBXIS7XM-RhViHNqPpglwZzQurJd8Z_5hKUkOz7BL53tolFCReUbTkUWH547w_kHhFwwYKrYjvkZhIWRmsw_iiyph-3_OpzxqmZrQR2xTVjtFY7wQYlJ0neFlmZBVRe66pyf4qsCkSNOou0csPUE-KJp8ba1biwLWBB78-XaYz-2oHALzDwDXPCOHl1R0CGA0c_Lg6NrVS6HRsdiDzjsuIylVov6lbw-ikMq_PQ6_tZPlh9Pfinx-qP4RXccZ1qZFQa_wFJBA-ZbjAqpYD3YWDK8keiC-5uvU7s3s-6lUtu6saqbbEHTlEqreknvOVPfdeosxe4zbT9jjhSBf6KX_rBk_vu8MEz3LZB-6MN4TfK_j7quKtiBdMmntLsHLNgEeNPX8fhG3EyZTK4w_wCTVBtTNjRFmO-pCWLxBh_mdzs9vcThCLoDxEZaXvhYcNFAmaxNVvmuVfw8nwAallnvQoC6d-06OIkPuVQR1hoiD3f1_DeVUmYpS_AWfZ0vYo3Slz5M1_r7R88DFeF4cLQvIl4JJGTfm_D53tyxJh1HQYEnGHNGH-lcWmRZ5KFP-DUE1aaAkA-rHtDqEi2LGuOlV2qD09QxeXmCeMDUvOr-_XJLERfCBhR1NdXVNrtTZd7-sXaX1SUTQ&cid=CAQSSwBpAlJW23LWUjj9XcvYueloz1hGweZ-YFvXHZFDctb0gZWlav6PZ03evFi-FSdfg_NMHNh9WyufiKe9eY4-Az4OoP_XsCelyHa90BgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=16774362499585264000&adk=1877897943&idt=259&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ff05f96f1d966edeb939049d3ae11a36a1cb64e7b8d3e1b9da1bcfaed53fb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17792
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 25E5 0
20 B 53ms
53ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3389407963531&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 25E5 0
20 B 54ms
53ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3389407963531&version=m202307240101&ct=77&x=1&cor=1423757762971330300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 25E5 16 KB
12 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AfIuHMIee9ANzyPflHiMo5K-wakb8ys33ajJhSnBvYf9LKCLTWGPXI_oU18x24NjQTj0_u4GhvOz514L0E2PB_7ETUsbyIX2tp1cNbgbNn69tzClzdw68fMLSNuvXybdtk3kH_yFQybmo6mjiM1hRiYVOpTuJDIDy-H5EVTfErqGH0DUU&cry=1&dbm_d=AKAmf-DXWXXSZOoS8Qy_DHcsGKNpW8RAguIxk2ZHMrpvTD_OLznSBJg6ROY27vtke1T6a1rEZ-8PC2mLFO-_w6xrN8BrTDeL8jeQUplGGxyGJJvKgeDvNvfEfKzWocY3zPG0o8jrxwNN1jYOk1Cp_AOvvfctirjYWB1LOTvaC-QaPBewSteb5X8jJEaIy-sShr37YjM7Tk3zUdcribf0Oa13qbHzUymGS2YxniXO0_noalXqA7zb78l4m1-JM1eSU4FY3Zc-iWPAZ9xdKh5Xq5dZLuET_x7Mo8YNWyGB7W6ZU3y1yVbFHah2oYNpWMJTUnsuk_BMHH0xYQAaeotmijZmrWFGWZYfdN5DypnKp9YgNWshVHylLon8AhVNPyvlkL5vy2aLwEVdDYmrbeJ6x6KRzBbQil460p1olpKW2HJk_Mw1078XWJDoZZyNxXeKOqGwFFIKTzuCr_h0STpjq245p3KKLJHJxqjApgN_zY4vTOdI52xrVLsm2UmSIyaYy1Mkw6GBOYyNUiRJ6yK1t17kHNOKD9pG6bO3xXKRvGjX4rDFdwa07LLCJ0uCt7oAYOhQumrOScTgtxj3CuFf4SMnaMlD3a7ERksoDmuqIGy5KHuv-I5fCXWwkWDV7Axx5SawoX1kb6NucTWJo8cKBgb8IqNRVsww_DWzFjtZCkwVaW3F8nEHHFTkCPqZbh0j-Kc3liity9b7Ygn44NRX-L3GlIgjXGGfCKUETAK0sSXZH9wDPSDse2zs_cwQZ0OZa0BG2ivWQ23jdpoe-_wFgO4MBS8Zy7Gwyj1KKXhNK37kxQuyYd3K39EPq9gDD_4fynNZkXH4mm4p5UO8-i7oYZpvU3hkWkxWwIQZokdeG5-u3n4eUbJ43GLlJUN3dpCoASWi3a_n-9vxunp2qeEMWz6Q5JMapKRe5Ugbx5cAKt6FCv8Vh6JWJ5Out3fpzsMbbQBYMPLJaOM7EdG_fzTlpFcDfUbsVZ98QJUOnQSxphhw6Oyod6tT6SQPj6pbLPGJj1aawf68brPcvz2aHTauFGrZIg7edbtsFdqZHiF-HbL_oEfdZFh9KqnevhHHLzm1bjRQvX_hsD6mjIP--DXvTFhSjyWnX2IkR0rQ_Erz3_pF8LhJ0RkjjRrwUYgBnw2fGNCcLMN7-_m0Kb78HHDxzY12dqteCLDbVKI7fzR89N8LjXOx28L90mnS5zQT3ve06mCtVaj2z76UYD2-39zOp0rg4mcb2Fzblq6E7fV1cT3O9UkKsClqD9klf0aGD9Cvf_KsuG1EZvwPSBJFGFsvcQoWwNN8vpG9elGuEalXO6kw5Hh-DdRKses75ZYD4Qs31KdLTvy2UMCLIiI5I6cB8tPxItLALqt6-Stzh5qn5tuM7wQaS3Z41cCd9hOcCJ01DxpGr0qzLTMOEx3Ay25P0LQ9NQps1f8nqF_oB_01udXT45zXwMp_3e3rtUvgkI10ADobKwke9ruD5Sjx6ovZdl-Ah9gnRDu12epicC2l-igV_szUSRGchVDd37JbxF1MQ2bZIZWVnRL6g2WEbvGrImnooUVGFOs1Kg9WpWOzi7cmsgQ_tMtXpckCsV6kIFThx7LeGkqmiKbhycdRON7rFFXnL1wLyooznjEo6hY1EBf4xrmfQkwlfko1-952-Kt1PrcVnNBvfZJlO7hmnGIaJmrqBiPBm91ztksbyb-HQnU1avsEfJddD2hmDwpz58sFTJrbA8_7VzEFu6kSZ1hVHSczU3uLnPEzpQMFAUoX7QcdXPMropziQFeAKNRMIe5wK6QJr3BkFA5_2h6u2GA5EtsIuiSx-d3Hc8nzeWQYP1d9tEdGTekfRxrBejJdhyHaKiodu-uVC4LA4e0nnHpHIJVRDJjsTNobcunnNAWCWB6MjVt15SxHfKYMwn6Mk-o0Pr3AYyXwSdYgQ40Ehqot7jcdqt1PAsO8dXCYP4blBNdeQ9HdfXhDXig-STIndyXl5_81yAWqlbMxEDRKl3E0qCvwz1sL39G0KQffwOhQ6Em6MsyDJZuEE7BZqEWMlsoT_vuYLjR3dZrAOCv67d44-QobxjwPmkIb8e5t-wWn2Q20ksal2z__jjXL0CLQx9Aj2jCuxoFd-cRh3-v6tI37wG7ECFsiiyHaSpV1AjcHEDzGAr810d8jKyuSQk3vSTPNwB79CZex4ywfVFccmZC7X6t3Abu5fQI_sS5HJ0QEeYBPDwtv11PQgHrUHesNUkhRv-_64Dey0DRa_Ea7FaPvwz3vGF0gc4WCgUvb-7HsMI2gFizMg4B7ulRthO6hg5Rv3P8-NDc_r8WjC_SyN3aaTfM3x3iYe4NZCNCDRo8RWshV2nM_8fjsjPWcc781v2bnE1alDWyXvsd5B0jGem7wBzUjIIERJQfaBqzYIgkA95VfdVM_vdg7ERUZo7kek-WvnnhtxVhuxZwHZ5monWHDQv6epjsMUGhglqwysM3JCKdudpOERR_aBDLViGuvVsqfKLS1FQHHTQWuvHWNm8xxt0H7wkmDR-bx4HwFpPk9BWGufq6M1JVSzrJ2LMkghtDCZ4L6YhnVIYgqqINJlQosvxIPMmuu9RYRBiqG7h4DOrh1zGd2z9wBRQO4JHpqKAbaXaZgO9ks8xhl_vWpaYYg-Ujemz6k-IszMj5oX8vgjnbYIE7dSFlFySPaUOaV6fA6PtIriC_D0FSfd--a20xZbiNt1vkAPnSTWtICP-6ATBKn0IbR0oWJaxIorTv5G2GbYHYmjIHyNO4w7LQWEKtpsIc-lTs4obswG3xeRG5wE19L1hYH258KqzcvZbUrys_QlXF5QzyGGfL8xYxzueEIeBMz0RPtIuLVMP2RSx3mNA75FtMwyevrA5p0IA9lNtUEEfDuWmC9rxs8zlc1CdykwErDrPfHnIwYOHZSlIxPXJjvnur6h6ACxvsbJj-p7_iZiKEEL05TPIHWIwA844Id6-rboAUc0TESaZSP8MBEgeUt-ZOBzmLU9X8bPL6f-V2wRu_mDrLuuelkImBK_ePLXFz6z9PpLkzFr20i-_pLL7sRBRTaWqzEmfGsUyJbJGx-j1UHVrPdIvelwhc60YZZUqIlDq3uvJZTaTsXSQWyxJ2GAwQewQM37utH8b7pyGu5Sow1UP3eiNT7c8xX4kDKpx-wFdlEEtXwMtXVzlKkGpK0O-qEHO_bbJhcakh1nBIVTt5aYrUZwSdmIkacWLOLq4VwDfmxrk-ye58Vs89U0PKN4Whvcblkifw4PSP1FxezPNdsssZ3hgP1h3B0UzO7FyvoAyPIMEy60o4e5TOB2ZLDQbpb3p_Pf-eAELTweqkZNgRb8S1Je_pwY5eWa1inkHVI6fnmtenbYQGxJVL8bgPTNMXw_xZZstLp6_M_HDJDFtGTmcCTH_k8YZ-JMLb9HiOswahV13TSRYq8q6x9nqvzmiHzKq3Qu6RpAmNhTivrrW8A6eKPRaTJOx1Uok31IEaIK7TdG63q1fOdyLk4HQgQT5PAamYh2Nyy2sEH37D3nxIsA_AUmx51srpYRdk-Bmgpg1q0qXIkEbFHDVkzp7usl6E0cVqNaPC4ap93hJ2s0G3UXMQEz7_kwvgnhBti721iWvTVuOn50qkFTQoxrtUh-4-Zm5VHHMEgWBMsIQQKHZV6iDjQ8JPNBGxxjKZEBMtt3zGAUV853bTbv0agxoIeLF1hNxyhBX7QhE6HLLTzyU4EuWpdGpY_2jjz1PFqzXiqrMsgzbJMxeD7acyYNN6kpFZMpwxePGnmAggFhsdU8yfqWzlH62XyJS7GkuBk3Vd_J_6XhP2QIlbDjv1G2Uh2PCsdcm8jGG2xkjaWbFk18DcFlzbR-WHoJTo6-WcYuZivHa5ZAEVXSPK_HFHBbtFSs_LW7xY0_DKdHQhT2TrzeddUckCl2IoK&cid=CAQSSwBpAlJW23LWUjj9XcvYueloz1hGweZ-YFvXHZFDctb0gZWlav6PZ03evFi-FSdfg_NMHNh9WyufiKe9eY4-Az4OoP_XsCelyHa90BgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=1423757762971330300&adk=2086295851&idt=257&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6f91206b849898e06d932d31735f4d2f5e40c11b86e2297f0bd4780fcf19e3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11880
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D88E 0
20 B 54ms
53ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3232117198495&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D88E 0
20 B 53ms
53ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3232117198495&version=m202307240101&ct=77&x=1&cor=6623599114337652000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D88E 29 KB
17 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A4haxc6kYxXe6LZIj2p0uU_Ca1iEpygo4O5qF1FpadAK7CH91qv3JBbCCHYgYHmwiCZ-6It3bgYTQuhaGbXrVmFJHTazZ-vxy5sPoJvxEA4xCwvxx0UEUL--Rjf__-FfY-IjX9l6I6q6vB8R24dvZd-j3lAYIWBAi09wfTfLoVE1ZxEGQ&cry=1&dbm_d=AKAmf-A3shdFdhL7xmqegFai7FfHGWqc6HDFUzjpYUMJ22V9O2wf2XB_E9yNgtKWGOSeUH4LcNUmffC1airyGsOO2Uv7UzYoVav2WVC7fE41PHNFVA8LyJf39rfcVTu9MjFQYCoIwFLQuUChmjckti7uKXNKbMlpByGdb4HhOmLKhE5ycXLM1TZaXq7DDrmNbZZxCG82eeYY4OqXHTfUaLr53FNtR4md_sk987rhegLAKyfTRxahuf58WW1NMPLFU2WH0tf8GPo4rEFV6q2smfAaHzATeOYVCM0M5VBB5bKcOgqz1O-2E5YYuyJHj263phpttD9Z_ZlkD9CRvOgG1KX16lih0Jx_Ee9drTz5CntHgipUaRuS6cr24wk_V2gspNySfasNU-xb6PGVMxtQjChsCs1gd8cSpTRDiRkyz56t_D0ICwHKiLh5zkgFf8BPxc36kO6ze6P7Y8QUSljLHFkNZngH53y2EkVb2_5h--to-0UFwKDPt_u5DPHPH8ABAjdMnReYsfJP-t-MpATXUfFa4HLgxosEcvJwEcMdVdgf-1R8zLcsQWhOeIMdoTywmFUI83RJi3JDVHKoo2-cUItNT229qIy2Vyfi664rcN1ZQ9rcST1NeSDgcLLqF6cmZsn2RV0mueW_X8kUymEUratK_RHSeMHzr3J3wkHxfBhp37ebS1qm29KOmcAh158V_S4jKnMNlfEZzchSBfSoGKR8W8kAFWsbSakz1nMuEuBjBjfCafUZDtwvEkJb8EeElGH-bAtZOhv4X1LvK-XV7MO-AQTLJUC457LSQ3JreEJ4CIIyhA4RAZK47MfBaE3ebhPpaFOK186OBXVwVdOI8JzC2JLgd0hnpnuTFx2KyYZ8Ta36qbS_BoNr__OvD1vZQUjeEmeuv9Klj8Pl8rVZ5S7gecdGgHuAHEriZdAgCtYh-PFvDJW_7iNjP2Tnyp782xMkgwkFhOYaDn_5Y-LkQwT6aVLRf_FpWbufTdLlor8ZSEwTBVZEdAg8JIsOPNnhreBSNOqRIZtHIuo4AGUPU3cRsvUGrheQNQY5JnFmxYd1aUcEvSrXpKYyMevWpnlEf8sGTIpb8-WsIZDfab0faRcgHkZVX1bihxtmrPpZ5RPgV5rHCDDrjUxZ4x6cDs_9tGUrxz5oUe3K8lX8pQ7ZjnphSM57XcNEmXZaCvm0a9YviS2Scf5aQfeM76klJLA2hcKhKdStC0RIWTdYMg0DowNzQ2tOs0Xk5Ic1-hHY1s-phghgIMLI-y5TU7W_f-1rJLEyBMBQyU6P8REcHkmg3IReplN6efzowIKokbW0bxVQlehU7CkInrr0xgmxGWzpmMd17SWVdcvqS0Q9EPUHcERAnFxWPs_Tyj-lN82kdYr9VIJeBM6pE7Fq9JvSsjc-a_WBqBbQt_a1vk0-fe80tUv7G-FflpQeAhf_94LEM8pOp-aQIWJDa2yKuFV4xPdj_J6POpX_IPiHfAsoNtZP5fMMUgndkPjw4ChM1iovVw1aOg6XCyfYvIbruGYURcXTwrztyPKuQKFI5vbzpeWv8qN8uVpzska_D-wcndeZUv39-DE6qbxL2dYeTLafTFFDHmKRzZYVvGaLReICzF8uLZhMxEr4UyrGbqyB7n8D_jMv2lSYxN9VpANgA1oAKK_Ui_P0cUZwZOvggU1Aup1-V9WD7teG3IkqWjlYgNEEIXZB9QnAZrJSnRgeBssrYqISAY2PDv4cioP0F5j04tcPkGuZrSBll7ECDK1-GPbMpoFRgPoxT4It9k7LMUQgEqLRHiiC7MhxUE6U_b0K4YJj5-onv0ysv01meMxGVAlWM44rFCV8ukuOhJ54NanZTBfE_iQvw9N4QK7L9-M1Y3DpwlvOqd8wg8kDbpf1v22TNkL5Z_zydMMEYSuNQJOfS9vLgMe1V81pDh0JcwfiRfgQQubFVrpW7YRUUt66vp8IEo6TowB9h8ZcNFXnixtiO2AM0uAXkkSuKkzqVCkltD-fROpf6dCRIVkxM_mX6ZfKaPDbzYCTQFXuqtl_l-OyRypFnbXWM70jItKFYSO9itS_uk1wxJesJbxHSWCgoDruINBkJkDwfbZRg1kMizl9zdNAoxAHDFly5HqOaRvln44CQYJehVzoSzbLWA6NKAAkcKRQSQK5sSPOU2oBlel-keRot_K-4Rw9k9S8-U7av8oBfhZARLXsjbY7aoNKU6pbrCVoIUN83-bHBeHgawijSHGTKAa4ZWaYPSnpkUIvR-X-aEp4G0N-v7yHflSjqbZAx5rXPddz4eurFIVOQ6W4P4URuqzZaY5H_uQxNFix07NZWxFiIu_9HUqn0EqPXhjVCTv9xe0zGgLqtnfDaSkjkJe7NjQo83G-AQ6FiR3VBGOYuzkfk4tIozF2P52ZqN2iStK1ez4R-bo1zzad4JzHgq031qr8e_pBOZDxjTssnCc6WpMcLzRHDlxUhgY4stfjbYYqbBdrKzFN5RMFPwpkF-FyFbQjGli3BJdYlqH1pYWWtSMdCGlU9hqOZUjg_R1hWmHm--ynzX37cUMdkIVyrOaRuubkdjZlKC1PZ_XuCr4ud9dgGZSBc1B7lDE-oVBhQlB2dMLtx64O4q7TvXB481rzotqDNMKTH1Xiygpby6HGJQuFfYeDhFdCn4zOAWvuaxq0GCfo0ZWJ2DiIQ8zdWitnrdbdZAk0Xbnl-fNuFjNZVPW4ZfTPiT0nIFWm9yiGHlSdSNbM-TrjimQgEl1bMD0GXDgb75PBlZzwSULB1ImNj84g1jVTVleLQQGxgtlD8UnoNRzlyLOEjyI6YLEVrA25DqWoG_Ue5hSj56zlrbsk0X12rGLMies7VjoxUEnqI5Uvc3xuC4xWvNtPdxkOyKcQHnt7KGkCRuZh8OMXzb5NowUb_yz4cUrw2MdWCsTAg4WmC7WbT7gtZ4kpKb5dEGujc4Y7reXLOwLTsCxTvFfSr1u1hlV27cZwPrcZsz4shSD1YAHTQSZ3hHWlF6OYbNnq5bUt-4KoxPdrAxakI7cEdU_SBtaPX4aR2WzUjBJoTPpdg6V3kWjJWGRl0_kSgIh9Nvxz6us6NpX4NUd2Z9_C42MfPDoEpBsH0VM4q_ZqZ1rjH4MRsC5bTTOnxUUqJ8mjw3vynEFNgB83GKWAxxQans9ZPgRUpCcMImura1tdgyT2Bp8z7nVL1WQUtT0rK74sAasrPsNsKtC3k9L2URLEd3jmIj46w5mCbiDGQIAUCdJU40uPb6rpY_yv978WT9WIUtpHdJIFHwK16RSZnhSNhQW7WcfuqmoO-Vw5gMqUVB-_WYbW-HJlZKvVXzPoUxZ-1yEgjphPUKjLnopHp0hwd2yhHqQH745-sdguNPUL4uSS0fAO-Vi_ecWZFyL2zfZpwAeQeKYSLozzkq155nw451p4NKp6NYRYOTD0RulTTCvxjiOEJHA00qMRUvtw9YwPo8-tqfvSwTZkN14T82FdmcmVH-Y0u_7ZsIfiXShxWMY_ZC_14SYE3EupZgNoxZGMh1yghdc6T8XChvBuQ0TFF_MiGelLM5tJTx_uX6Wm_VuQPt_lpWb_c76dRre1yBMR8dJ0fsFYRngWRHOVlbRT5e6AIhifkYjQ_H4cu4qGylhIV8pcuYA4RKVCGn_eweri-sY1iNYhxM_ERjbAv5PWLymebkw3ohyrFnslZYIUdaIkFltkb7aUIvZp5hQUUbfoDyMTPHRObKoBpbpCSywJnhq9s2qLQDKpyA&cid=CAQSSwBpAlJW23LWUjj9XcvYueloz1hGweZ-YFvXHZFDctb0gZWlav6PZ03evFi-FSdfg_NMHNh9WyufiKe9eY4-Az4OoP_XsCelyHa90BgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=6623599114337652000&adk=1964084972&rc=1&idt=283&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6967d70ec6cf1c74fd10aeea358e5b385255107016cb46cf9ec861bcd995cc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17603
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

request.php Show response
hal900014.redintelligence.net/ Frame 894A
Redirect Chain

https://hal900014.redintelligence.net/request.php?zone=e95xao572jml&nw=20&renderingType=javascript&namespace=da49a32bff&subid=&uid=41ee49c2a454dd87&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900014.redintelligence.net/request.php?zone=e95xao572jml&nw=20&renderingType=javascript&namespace=da49a32bff&subid=&uid=41ee49c2a454dd87&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

5 KB
2 KB

137ms
84ms

Script
application/x-javascript

176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/request.php?zone=e95xao572jml&nw=20&renderingType=javascript&namespace=da49a32bff&subid=&uid=41ee49c2a454dd87&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x480&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCFtQwRZHlZJDBCdaB1PIPlbSiKKblvaBp5Zicp8kP8C4QASDeuKidAWCVqrOCwAfIAQmpAhc_Ao6RMrI-qAMByAObBKoE4wFP0BaMQ1FcCKS78F7E2PelYG0fpgfLRer_lwrHpnn0zav9PRFSWVSm4n97JTkmAX76EAgokOFGMSYzQQiBDVCQFJhAstcgmuCALCbTIIebQ03O5RB4Pc0fYxUFx1qBD1JFitBkvUs6Vu0oP7kfkKpY5D_6GgyKF9pGynNeq3AXeUX4fGbsFbApO4HmDUmklHPEZFsnIUL_aB6iUqo-IMS9hWNuqPdpK9CApFtrjLGi1d0Gs9MCkpb8Y6QT47ugT2Tw5AYfwrbwpZu69gv0y-b6fZuzBYxENUrf_c7VkcKRuxLFEsAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMI0PeV3_7xgAMV1gBVCB0VmggFEAEYASAAEgKmzPD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJW23LWUjj9XcvYueloz1hGweZ-YFvXHZFDctb0gZWlav6PZ03evFi-FSdfg_NMHNh9WyufiKe9eY4-Az4OoP_XsCelyHa90BgB%26sig%3DAOD64_1Ii5isXkVjA2RuysmNgRY2wmdjbg%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-BK_I9oZbl2bBuF1HXOEDkOg2RnClmcjCjUu9Rmry9ENCTvehxXZYTae0XeGy-Vt7JCRviFWANzpZPQibPjVJG-J1JGv5T1c4YhJLBMS08N42g_lzyDJRIQUQWUa5bWnQaAPsjIPgP28nF3yzAGLc5Ykp7fKubda1YOKjaBq7HDhMUTgYU%26cry%3D1%26dbm_d%3DAKAmf-D7qNrwNLUciWkuhQOzQt_8Lp9vo_GuI6nK6kHrpHz_bBQUp2wNepe6_DhM8KK0e5Pf1e5Uv6tUTJMOLbHPEL_s1FjfdrDoNWlXlNH6Fdz2T2CCxlDjddPNr8VAW88rnNWpuWAP7MpWihum1tk91SAzb9E-3JzwvhWQS7E4nA8QNZzKF5gUQ9Ly7cgOKClxtHn-UjHZ2gDcqajhHVlkPLIMGiD1bacMz9kbFBNTDS_jZBLl7zpRPvV2cUR-kWvQAarpKqhAjSPYEug6sdb0MJR2pnePvogTLvcgYO8mHsq8ERxsdmNn0qtIvZMDkcsuBaXe4OeWsQW2bAh5iAJbb3ZmlPBuEfFAYSX-C9OnHxY3CJ_p3qKuBuBZdhq21cTpzKofaG3xIKpcxvPHfFVZbG4yxEd56blqYcBt1QVU2eY3SVT-344QFUUMlCJmkjQX48GuFDv22uViMfTh__I3s8Z2sg8iJk6MbJ-YqTjOsA5U9jwotX0GnlnwVYoV-9EOLBkWcJYbyKqqbRNmcfIJxQq66trqi5MS92uNFiNsFFNtBJuQevuCgROI-VtVFfJTL4JlD9bAKxtiP7_DP35eItE-CZSkpB-suvisEtXVacynothwwMHGeFDUgwnuzNkNPtJY25Up%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=5952984581379&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: c23ebeb4f2c802b3ac6c77f8766c4952625db6be8ac1121e1b7bb457ff5724aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Aug 2023 04:55:34 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 92116400014479904445008012425014
Connection: close
Content-Length: 1415
Expires: Wed, 23 Aug 2023 05:55:34 +0200

Redirect headers

Pragma: no-cache
Date: Wed, 23 Aug 2023 04:55:34 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=e95xao572jml&nw=20&renderingType=javascript&namespace=da49a32bff&subid=&uid=41ee49c2a454dd87&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x480&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCFtQwRZHlZJDBCdaB1PIPlbSiKKblvaBp5Zicp8kP8C4QASDeuKidAWCVqrOCwAfIAQmpAhc_Ao6RMrI-qAMByAObBKoE4wFP0BaMQ1FcCKS78F7E2PelYG0fpgfLRer_lwrHpnn0zav9PRFSWVSm4n97JTkmAX76EAgokOFGMSYzQQiBDVCQFJhAstcgmuCALCbTIIebQ03O5RB4Pc0fYxUFx1qBD1JFitBkvUs6Vu0oP7kfkKpY5D_6GgyKF9pGynNeq3AXeUX4fGbsFbApO4HmDUmklHPEZFsnIUL_aB6iUqo-IMS9hWNuqPdpK9CApFtrjLGi1d0Gs9MCkpb8Y6QT47ugT2Tw5AYfwrbwpZu69gv0y-b6fZuzBYxENUrf_c7VkcKRuxLFEsAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMI0PeV3_7xgAMV1gBVCB0VmggFEAEYASAAEgKmzPD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJW23LWUjj9XcvYueloz1hGweZ-YFvXHZFDctb0gZWlav6PZ03evFi-FSdfg_NMHNh9WyufiKe9eY4-Az4OoP_XsCelyHa90BgB%26sig%3DAOD64_1Ii5isXkVjA2RuysmNgRY2wmdjbg%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-BK_I9oZbl2bBuF1HXOEDkOg2RnClmcjCjUu9Rmry9ENCTvehxXZYTae0XeGy-Vt7JCRviFWANzpZPQibPjVJG-J1JGv5T1c4YhJLBMS08N42g_lzyDJRIQUQWUa5bWnQaAPsjIPgP28nF3yzAGLc5Ykp7fKubda1YOKjaBq7HDhMUTgYU%26cry%3D1%26dbm_d%3DAKAmf-D7qNrwNLUciWkuhQOzQt_8Lp9vo_GuI6nK6kHrpHz_bBQUp2wNepe6_DhM8KK0e5Pf1e5Uv6tUTJMOLbHPEL_s1FjfdrDoNWlXlNH6Fdz2T2CCxlDjddPNr8VAW88rnNWpuWAP7MpWihum1tk91SAzb9E-3JzwvhWQS7E4nA8QNZzKF5gUQ9Ly7cgOKClxtHn-UjHZ2gDcqajhHVlkPLIMGiD1bacMz9kbFBNTDS_jZBLl7zpRPvV2cUR-kWvQAarpKqhAjSPYEug6sdb0MJR2pnePvogTLvcgYO8mHsq8ERxsdmNn0qtIvZMDkcsuBaXe4OeWsQW2bAh5iAJbb3ZmlPBuEfFAYSX-C9OnHxY3CJ_p3qKuBuBZdhq21cTpzKofaG3xIKpcxvPHfFVZbG4yxEd56blqYcBt1QVU2eY3SVT-344QFUUMlCJmkjQX48GuFDv22uViMfTh__I3s8Z2sg8iJk6MbJ-YqTjOsA5U9jwotX0GnlnwVYoV-9EOLBkWcJYbyKqqbRNmcfIJxQq66trqi5MS92uNFiNsFFNtBJuQevuCgROI-VtVFfJTL4JlD9bAKxtiP7_DP35eItE-CZSkpB-suvisEtXVacynothwwMHGeFDUgwnuzNkNPtJY25Up%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=5952984581379&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Wed, 23 Aug 2023 05:55:34 +0200

GET
H3 200 -ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Show response
pagead2.googlesyndication.com/bg/ Frame CAA3 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 10:05:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67808
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14754
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Aug 2024 10:05:26 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame DBE4 41 KB
13 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BtaZEMr420eNQeYrkFE4vrbS_I-WtD8URfbpZwL3jBRu0gyejmIqvPYadGbj8ylV4Ru_zQdpNKMif48ujKf1_ZeVlmUvFpAhS28yW9iegjSYNFIbOK06VJhdDa1_4EIhnmW96OSgiD88EeX4RHL2xvb91m8v3Hwayq5ysIk0XD1trOHPI&cry=1&dbm_d=AKAmf-APkQkVqFUuPFCgWniVWottps-WLGjjkJ7x_c1Iu7B47aDVwVuf1fH91ZDeGJyAIk5DdwygWOKczowLPTegV74ytz9r6wJIz_ic3YoLV44aIgw5Owj0yX9t1saaN2fD_RLlKlsnq4JBjEQMQTLxNYdBCAfrVtm3GTxgmEPpzTiRfZjOUMYb1IsUGgO3ovQlq7gd-LyPEvjH_nQIa_x-C3skfoI7uCX2FHJWCfyKn1mCMOdIEQZ6SB-mbSnqymJK4WC9nlpmSzBk1dYbEF1K4TW1vWV2gwswIFK8zfeodblLk2ZJ7URhKxWcO6ffhLUTXtMlwoJd7kd4g4COMrhJ2ZNGlUaY8x5I6ima4dM_Fu1hur1HCITWDcww6UqSzQ8z2u3XmnlzG10pHnx1IZdAfOOXPvbn97lq0e4p6dgVIMc0hUnmHcHb0izFtueSFrHuNXLlcyR666FWLYJ6L2-uHN53x5OxtyaKhDvf9cvFLW5Hgq_ZZAA9XWatec1u8UjUxoG0RiPRHjaDEUo6STdgYjp3nRPBrmhb6KKkeYEWyHasWY2KZrU4D97ia-Pt6oHuDl_Awvfy0a1EiOUR3UXTwQp7RLHm6im-Zy7nqbk9K9j9J6GjpPThPFOPt3tJ-Ma-GPJtvcoYSzH3cefz9K0RfA_3ERowmvgtz2UYBmylB9PIzpkRYe9IUrP0DiTUMu1IKZ5U-TqABzhg62H7bVhU4Hm8Yk2t47ZWDMPlLKdDuEqrbUqDAIqfPXkc1roVhw7Wcmh8vKkqk-zwh--rOxLeAAtrz0-j8KEFxiqB2YrlU3ZEzWIvFww8x96NG6mMH-O1imcNnw4rPt1AzPM0wZReqp50m8k2X7xBAvbNtHz0iLncn6WIsgOk8oS3XcyrzuGD30HA8n_Ox97EvssYc7wre2yW1XqacJnZR9D8oKaHiqEgGE2lC9Svhaokp0S8ufmg5z9Brig7aMQHAS-8cAf_SLnkGWUMhMYRGZ2SnMnJEwSCxpcRfCcayUCYacKmgWTlS8M1ZWm7ebnZvR5nSVtJo85ffPDXmYvHem3lrQ75tLQmwSvClhV7q8X0hyWht2JWEKACFJ2O2wLx78_YUUE4qwMLOsWRnrZ6cFjscTynvzEnGhQfrC2gmaQvv38sV_f8bAuwuSQiXaFCw3sZloeCWSxZKmJuRFQ8qXuhsx5uiFeJ0SJrm9OnzDkbb_g_aXIJQT9FPNqSpRoADBU6YyFUL5fGZK8QLO3mjONMsohvs1DSRdXFXzMGf1ZRIrC9YOkm6l0xokaLjS7q-N9w9yetGiHy81hLdPKhk3ojIsn_dxmfL208SWU5e-vBYBQgZjVwbVVheDpCPl0m0C_bJmBevq_59ep8D1fbcfs5fnInRy7taOhEudQwWI19KGO9UY7cOVWuyppMZe0yfmIxYRrZMmnaNM8OHjlyuzXZvs4T-gp0v7ykM42QP0GN9e2IBlmo7LqrUibTuFjGEmbQeImzxmmEtzh-G84srI4Dn7nRzR7uRc1GyIt0apDdcI7JeICeMc3BAZW7e-hfUsdym5zqJghONtGRXeLdhb8RRL_GObv1YB9OkebcYcHvw74z5qt16dOFehBAXp3_k5XFAY0j-sssKnOE_v60rh5tRvayuFykbqQgtcBUa9uZZncNdNWFNmoKIL7I9AIexlUqibOFYpSW8hKNCSYxe-vCgLtWdfq0BHAdIvFbQabi_1ii9gbUEPBIdURCn-dyuFP0Zy6rGUiJRK8ALxEGf-hPbGbSt5laU4NszNVypIlyQofdUCawgFWuDNCQ2ne5d5JzGbf3eLakhgM3n8L-uoMFSUUd85P9w1JIiVdQBYfcglu_8yVC7-M8-vxvfMZpLpNHTjDmblvjaXTHnRdcKMMr28SC_u4rtxUWk20ZUQuLVLChDlh5pi2jVXBKVTV1WJ8EpgzGMW_SYuhGEQ80nrXkaWTKGOxawtBPn2em9-1AQcjylEe8y4PNdXDd7ktgMsW2GvxjRXAvJpbaDkflD8Wu9z_yTcLvD6NBnPxQ0Ib-sJEbdobkgxe_JkPpA66zjflihXuemSbZ3B9UrsxWbk90QH-pcnI9HXVIfwbz1GyBNjxU5OUMzgbe-JOkrH63jkR2flfIdOzwLnPAQyJawxsp47Z-7PUONgqeYIQn80M5K4R1KmeI8YuSZtRfQdJrbJypi6EyUZSOGDYmxgW4g9EZbBcUPwlxUdmcAy1H7E5uCT-lyuK54i6RY2TMJ0eLkm7thubbU2ngAIOA5y5uPtFnaI0JCHx1wefju3JCgnv9jrdxiuiB1pQ3pkTL_oUHSeMYtnL5vwGFWEJ3wSidWs8Wu8sHYWTlinSd7b1u5Yi1D9fejs11VBK1Kp1nDFhTjYcpQgzT4JknJ449z2mnhTayx2fzHpMP3p-Ry3HpdEHFpOa5xJ1_VTgQDT-wb6D4m63q3IbWLUi9ei8vb6mwm9AnZUHwu3ILFB363Ys6uIi_OU-ADIeW8Ea7nTFUmF4nJ6RkVpducHgUc63C__EWkfKv-80ZOyMkJUDYzWvFu8_duIX-5stgnicdBTnlPiXRIMddDLtF6J4yjDsGdWEsYugcTaSyvsy1khgj0otrMWkRfNAz4z-cD2bhOSyrHQW-r78hRNP7xVQUC_GaKom3EauofOlhkg3WDrCnob1XSwUkU8QrIlGPlk1rwEzz7jvToz3cwIL_eXUmWHfERypziL2fbZ1RKhLKOvqYpE4uvoqW13-M3EVjkIcrlEmfbYSYVP3zen0HO7kJvUl5JPdX4-nyKCzaPZjjyjhuAVOfoKhiyKpN4tSRlYgE7acxbpsVB9cVbT7fqJhdX9gYjowaPInuiZO6x2HmjtqkZ9_DZDdC2mFR8wdgYK_vM5PlB791Im7iYyzT36-PEQUSK1-tbHUvdgB8GnTk4j28hlrIwyjcqpqKF-Mh4-bJYALb9VnDGRE2CDQS_fw47fF-LDbZcP0xD4Si4Rdb2oH_Sz_QwAigKWwbZIuDMwBF1YN2djjrHV789PtiUfOW88T9PLBX9ku35wmaZ2tlYV_u1Kucco7-cpQYg-Nt8JvH-h3OTx_sUXaNSnwm9AzphUWA40Ot2YXzSylPLsfmjNSekc64rCsuVXT5uXP91E_Lsvje9B6TvJCaUTFT8S0ixBlQMdSCRoAp_FpZDdomfSkuy6qS9eroWH6sKdJJO5pYya5hPS_HVc0CkKBlp6EoXCKnswSXQyer9uO9ReD24kLeQCYPtZyoP4NnuMm4DuQ_loijE9Ww2c6j7rQztESi2iAvup70NwcBAo4VnmBx9RrJp7WsuHWxTdJpfOjNX4W3uTIHrOQ7L7E9vBOOeaV8h_U1J_KWq9H83zeop6VmL4QAoNxTqCxVY4xeGJIIidT3NC0j4gXafFfazuQa2hohv1JZLDZsvrlWQ4Dlh5CcSaCGZBLvmNISe1zaW7RncLnUuEGUGzhx469-d_fy4y6HWyPnUlcoSr6TE4zoG-shcf0T8M4zrIxYAyzyZd6XrELT1yFLa7gSuvBsaLswrj2l7a-zYYak_WmGxnc_en6Mm15HNw3awS1MO3l4xUK8M0glbn0wvVrUIcH3zlcn8cecxKiToMRbtFKWr3PwhRp60NgT2LLs1nYJOqu55t15UjRoIy0XppJPmS3br_Zd93H8KOi8pSqfRxe0UoJ2eFjSg0yewa0qMfKvX7mwe1UG2KV5P2GS4PGPXpXBobmh3eUyXI4R0I1B7xbwqgREVqgBkJf7tvH_JwUn4bmmIn3WR9KrMZrM9mTCCUjuWB5Hl-em0bx6mqSFcgHoIGJ_x2OaS7mXkVdmtI0sL8hHzn5_WIs-zEMmCX_4QeW1c0Mhy2ISZ6Og2fKIuCDt1n4a9dHGZZksOjn7mmtOB9NCft493BzA3vqPMh3B-E81nU60Ni5mZOgxWg&cid=CAQSSwBpAlJW23LWUjj9XcvYueloz1hGweZ-YFvXHZFDctb0gZWlav6PZ03evFi-FSdfg_NMHNh9WyufiKe9eY4-Az4OoP_XsCelyHa90BgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=17201342338728999000&adk=3047537735&idt=269&cac=0&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:22:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 264780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 19 Aug 2024 03:22:34 GMT

GET
H/1.1 200
OK iju9wczm8trb Show response
hal9000.redintelligence.net/zone/ Frame DBE4 12 KB
4 KB 89ms
32ms Script
text/html 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/iju9wczm8trb?subid=&gdpr=&gdpr_consent=&rnd=1692766533155795&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZf8KRZHlZJPBCdaB1PIPlbSiKKblvaBprZWcp8kP8C4QASDeuKidAWCVqrOCwAfIAQmpAhc_Ao6RMrI-qAMByAObBKoE5gFP0PrlZF2V9L3_rUWZnubuoikeHrHn-7RkVUL8qkt84e3ixZ4r9vfkzsIQkPAyMjfJAeDsjBmeG_yzavF2d3kvvX6LXXMzqpBxHFEAhDNuKo7FfZ0KkfJ2KoFSi1yBspMEwTnfjHAvyetpnmQG5kLRVtci5mLMFGy4eltn81FGhqnS38Gq5tdYf4s_71mSH3e-VFrRzj4cr73XCbYAKAn4fjVlkICCVoJwv2pxF9NaM-akqj8m8ItsirzsabzvzFNyT-QJLT07DqZb6s4iJ400zvvux_aWA5-2_Dfl0-AFiRZu31HKysAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMI0_eV3_7xgAMV1gBVCB0VmggFEAEYASAAEgKXKfD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJW23LWUjj9XcvYueloz1hGweZ-YFvXHZFDctb0gZWlav6PZ03evFi-FSdfg_NMHNh9WyufiKe9eY4-Az4OoP_XsCelyHa90BgB%26sig%3DAOD64_0X7WRndaukD7N-R4WHjlIqe_c3KA%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-D_DEG_dVjOG6lchOozQvBjrhps0e3lTN7pdGqSt6Ddxa1sLrUY32hGtNWi50WjGL0QbPzArWLSqzcoyOehvbWKirVXtXlzA14atvQSKTd9IaK8ipKYuSWbEgwaSYrloUb5XYbU2p8cLeyry3udXRjMM-DvvFcfKkXsqyH5EbJrKMUBr_g%26cry%3D1%26dbm_d%3DAKAmf-CdxG6s74K3k4ooKFELFiDldtLBIRhaA0zKWA-ZWXcryDIrs2wv-7d8t5tyAi4eIpIkMVISwomTpExxC0sEgIoX98Wa9A4AL_rnFv-AGVNR-Hhy8L_WXQDzHlbt-xcSSYRxmxFgUx5k0L2b7iHaGt-9-pdcUAf2ia9bDODQirGaZwrvrD8G-yQzp8SsLRsLYgAPistDFlE-XoVQlCMtqF-w1xvFpPgwaYYxyc6KpPwcMIUq7uWD96Sf4TDpqUUJIJm4S7m_vuA70JZ1AoMLkXhWjvA0K8XwSyTHZH41EDErpc6_IEDEWGBg5EYMdgCBypME1aJWWCTSWn_RXBrsN2XnwEwm2TjzFdaJQJS1dYQ80RiVbX2C4SV6jYDp12w3nwRVKG98iHXSEHE_3pR8Ah2EZ8_7XM4gHIGbGrIcSpt6E27eWNsAEpZ-9iL-tMOFzDBPbfksDyKITA0zFoAp3vVXwGPBmr2rw6sn2B8z8Z1fp7tK-GyheMFb2CfUQ5kX9A8JNm71A6tXPK0xMK2JoKtZs0UsSlCg6TBSrkVKS87Kb-eTPduKyuv9S2e7jv5vskyknQEw1ewGd28UNM-g-_3m3DqQFMc726tHpX7oOCVGAqeh4HvaEoua2Dff367LDC_LNLOs%26adurl%3D
Requested by: Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: aea7f3ed469a3768b3d0006637b8f2988b49cb5179aa52091b9a12c7973cae07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 04:55:34 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4255
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230821/r20110914/ Frame C417 30 KB
11 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230821/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DjyghHMqM3piOZVqEO0A23mzBTU2aTtO7JKllLzqTJFLFObMz_oGm7B4ujIJxjK23NrtXHoTBA0vw3rBy-IESh7DEef34v6a7sG9AID4EFznXZuvNoiO-3N1cnlVwxBhvzajwCVen3jfPQ6lZaA-YnbxgLwqqGFyNLu-YNKOAovoo_4hY&cry=1&dbm_d=AKAmf-B4kvufn5WEL2j1VSP_TzVXjqH8akbcTNpkYfdDv_03T7qwh54JlG5Jwac1JQeuKnVHDMdfH6T90WKm34oBf2t7_vBjCjXV9N8S2i9tg2Nodljw2ZvwhJ5b6dpEMXJ_N6aHMV7Nn9uZps8ap8XPlj79d8c-8FSSmI6ldtIdtee_d8edLd_4xDZZRtcJ0qvB8fdBz201YdK0iLfuYiTA1CL6E6PDxBLl_3yjgAvm67CkPPsJEO99m_37guM6ni3jdTMTh-aOOy1wA_S5DAniOl3yMdYNrJnno-TLWhcOfH8OAL9rQzy2XVjDD4cmna8Ou2TlzikkI1Au5sP7pcf-zkMMGWaivMWSlf8VqtkKBloq-G23zelWaNjHKQ9Syr1qzHT_diproh6RWHqrJe8WNqL3oqRMxE54uG7L8RF76g7LR--9__Chr_T9zEGO5Yzrkqq3Pogk_QusJf36G6nIUu-8bs5sH6w8VJfq4YWaaq-nvF_HDBTBZs1891geSIeZOgFmCaIyjeGQqtnOezgZUl0tNK174N6LNtqsFCA4zAK6zmEJOohd63-C1Kksu37iMUFHlpeKU6yPjUf53RYqTTSyM4vjM7-OTqpaGkw3LSherpmej1eI0eqoXSISCysdGIT1jRiDXjF1YUMIX_Se-jYLxzjZ4IzdnTPkYFFhBXjG3mv5D6Ci1UTvCr43wD65bjMHxf2YHU8Irm1TJu4p17DC3woC-2bcfMe59SRdszvsocwqJjrhD_Go8pPQ1SqvMYsbjWkRC-QanUK-2NM_oM0vVGjwgrl00129draNAR_a0wrEDUemNmDPhHVlK_CcewT55LibiN-v5UwJSx-8es7EiIsBJiiV7QyTDhctQC9aXov5FhJPFmepda8D7C3jN6u0hYytDKNAT6YH7GQD-Abb8AAp1aKDAX_ephHcl5agvWzQ6LtTWR5pj8VpikEv-UhPaD8H8PITUOs1rIe_KijeXjsxg0biGi5A42auFJgtW8lzviioNtOrkE2jZNpUaXKoyfORy6JM6bT-ZELLpWToWx6HI6VjptnKhSbzkVIDBV5YNSwvOJNpPZkyVhJlH_wWxTZ8k0bcXRXt7aTOQQv-SV7cGhyC4y7zWr1ZtlXHuS09whPfmRc-uuQzo_WQKkpb3Bj8U1JCRTSXUSWYPgc5rUespA76PmsEaDNqwq52Uve_E2bJT8ZuP0GWbHdQPLsfS4rGmxwVrB2N_rV85ssioj9UE3JYTQtMA0sXBg5JGALWWVY3FYmBkAe0VoehlqdVRYhN9OtMHsqJ8yCKoy0SDPOIUkdqozaZc4fP0hxT-ubRDZqIAthvqjp8PsSgp74bZB8dyoHuWpyeFcFfpXEad8BSZJwah90CBjFvcygQsSOBGnUMs_KFviLmtK4GyA5XzR0VmMlZOm6k5cCOEaaipizxvdozS_bGFpf-HIWDXNRLWv5HKfW3E3qP78CSkbEBTrzwyeM09UEXdK06aj5Rr-XBRHJv1Eg5nX0SClfCJMfVgC5maQyHcjuxoLt5p7CCRcyDVliLijqbO69VFZ2Mx80ot_mSZcd368av_VBJoiAhDISuwkmgzlboLgrOVPhzoeHSkKAMdaKkRq6pXo3LmSLtZ8fV_cyme8F8CTzX5ppF1ad5nRF4HYZfpMS85NjWLCEwUkkhGlxrPFEadHaYjjHTlCRPxpo-fBfH_czL9WDY5v27XBsgs2ELbgEpDtTnXGJNaHJmUQrL0dsBugXdtF4VlYB-6YbUe0RtnxaGg5MhH1-KdnJhOUm4F34BAE1P_tSJQCuX3g6uFYg419k-9R6QxVux_b8wTo69LhvBo8DwrZ-SS2pqDNnoUZdca4560puZzmyi2STztzJDXzS-zUvHNtyvxMQykJ8CV2WzUEwDt1C61RrgBiOTV-fQpZwLhupJknz8kQDNDTv0dSmeNws_6v-GFsiu013aWeKG48ChvYEwmgnOa9JLc_08El6UYsLW6lcyM2DtXVpvf-tZJK9YwCkZx9rQ46CFhnmZy-Jgb1_XBztwtPnQC4wwdfgfyN1abKSvomlL1gBOOLKwUINDk2qASNfNjhwWaNBrh9kBc1opszAMjX3IWE75qOFNjclF-6PNdVWy1x9K0KhSS2VjlGoJzshGBP8mKLjXVwk7JDC3SApgMEtEWAOhGKEffTg1O5nMMNj-k_Co0oSG5E3LlTqoU8GwTAU_jGPivCOFd4J9Fz8U5vZLofc1UwWP8fIay0638k5byKueWtILQDmooILSQXodQuoeBOIuYFEEQx9-fk9MR-Jaj62IsjZsIRCMIq3QVW6kTQiE-MY2UJ3SQ3bm7VA7RJyvDs8Wk89NxW4KjKOfEQUWjeBsRVqsRG5vuilYqlc0-NFh_vrjM5fDsjSvl1M-uVqVFjj2j9cViyy4aB0hwFFkdMpbGbil8w9x8RpNhPt-XP6Yxuy3B1zcRKMLtDQ8t9AyjJPMXlvair89C8ZWctGClj7Vxi5d3ky0N6KZ71XFRDrXxrS6ErNv1X6UIdev9GUhBDnYOBTEyR8epAskdlqTSHMzpvWaeC2rkm4tQH_3LDn8pKYQdZMR1qNk230NLqZmfOyYIduwpVG6nuCO1352AggxDNj6U3WHjDjjJTFgB98T-ZcQcZ8KeD9whEarlSt6erShRrdj5F5nh7Is3SLqK44EV35NS0w5ciU2a_rCCpzo2yuUEwto124B9k2s57COjZcn-t-6DtXpP29Pmt_RQ9RO7kAzUirjakYTTNpwqEd7ybo2KXq3-CZfItHhwVrymC4sj3BsjSdoa-gKryW-mp5tCGkMHHO0RmTHYT--LcqC6A9tg-TZ3aQhYwfjGgHGz0zT8OXdrLOIcDFyYb19N_y6i9JOwmTfGiuQyFpLVJZgjhryoDBadcM_8dD4RpiwohlfTtCMc_efFLR49CGk8GzXoNbhgjqrNQ5RXSlKJp3_IW52p7jy5XUrkEKIhLNtlUgGOIZKrJYzsz-7qS6psCB8nN23dDTIk00o4dRjF4U3KBwnPHqnLMbyp0nxVGknpIpi_sF--7ABLG9mlS3K9CgQHkc_0n9YuthfBN8ktEZK64jWEIWawtnBMkuP8czxWn1mlwcLSYkWHzhnmEgUiWD0gt2_fGwYzkKK0zC1JLVNkC9QZtxWgboZO8FLP5v3CUYmc2IAwifkIDShYzjd-Mil73gOB9vIK_mq7XaXdOwCfJkq9F1ly6tC0HPdnw1wQCys2I7PLKKH8Blj3x9Zu6vmPeCa4P1IdX6zltncMyV8DZsmdu-fBQN9vaiD1sYwQhy-mWglg10gqhhsZQBoyEz-FhLwPtd2Ynssj3rq1JUhOJQdzNwixVv-p0IC-JnWE8tLkJ4Pg6fkWqragptzQbS3k03524dm3IsL1DXqm0hxQWswOScCJvmA6Nxqho6HfM3IlalQXKlIPlJhp23qXzUVL6dun4n1s3593WeUSF7on9gFEYq-8HRXxagTLsQnw3Wosd6z4x7Zp6S2uIbu1Lo3XZJ-NKcvEdDBKvcKUFO_LOZ7vWwniJcEBmS0BnkQsuJTXs5vpcYq7Xtn5JaIlxrd7U2Q1fJLS46YqtjsKB0CBGFqqd77dxPo4lNmUcLPU7S-1WnPCpYZ4Vlw8a4Kfd415Z5tYyjDRs0mSlEePsmf0rbt5iSGNGaHQYqPofS--s1mr83UWQx0Mfh9uhaDHVA1ITDbnZeX4X9Ro6JxtcT_yYj5VNLaI_oydkJAHqVD6xoTaeLh_v4&cid=CAQSSwBpAlJW23LWUjj9XcvYueloz1hGweZ-YFvXHZFDctb0gZWlav6PZ03evFi-FSdfg_NMHNh9WyufiKe9eY4-Az4OoP_XsCelyHa90BgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=4150521061741206500&adk=2228999115&idt=274&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7504432997c4e5b297aae8fa062862e8f60d612a9a262393d5632577b271eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 14:25:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11511
x-xss-protection: 0
server: cafe
etag: 17364786779606225690
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 14:25:36 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C417 41 KB
13 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:22:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 264780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 19 Aug 2024 03:22:34 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230821/r20110914/ Frame 4B2E 30 KB
11 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230821/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cwh5FrfNJQhdmzmLMwXL0X7C6gzCEmh7IlyHPWHbjEQX_twAO2vJXXvL_Q3cP72PKsY7JGfRX8pelJaeLqWMtyTdL3NGB9jW6k2raoGU5NUtsWKpCa3ahjq1imGy6nLiwzgaYDVuycb8_-OsNu9vi7wELS0e92DwNU-O43gO_7tMsoqxI&cry=1&dbm_d=AKAmf-BBLh-uNAeoxK7ogcoehCIqHticPLdP0kTyWCLudfhYHCZUQE7Sx2ErW63IS5XOwyFayqI4sROztdcIrdzKIHcFs4ThRceE4fQxoQ63ZqZE_E2xNC4yfuEtCozLAZMYwy3db3Z1gJ6SuquFdRWx3KLqZc4QPbn-nS41Hh_wNLueXKRXi_EK9L5V80uevuXWLrXFWvL1kiXRbbxQlNNQebWwj_rfg8g83cwe8yWTDuPdxmoOJVFGKvL0SG-wgCG-FYcjYM8RTpE7lXw5JJpclM1OGxOZFnoZVRvoCx82RiDUymmo4q-R_tkd68yx6OajKfxr-B9q56XMXT_v9SjBGiCckf5Nj5DAQ4tFwaLk2vSuiwUHhnvDBXsfhIecwRldSTXaS1sal5Pkhb9fdziJyqeDfedx_cDQIhFMFqIpvAz0nh98j2VfUYFNCtNS3PUGrEQj96ETM2QUChgPHtCmtWtBRJFV1vxRwcNuq3p_wz_gNIRj7NpKR8Z4WcldvxwhVwRU7JjFh7BR4bo4q02uwSI4nWAuAlnGHlRluLh0xZ8SRMPubyvXhsPIUd1tGAERZRWQZeiu_xtHKBuGn4un70EUtKniAJym-L8CpDyYNhGRIkslXn-zhPchYRkS6abDOQJL_UWj6NVbdtKZ2AqIVaDSdEG1kalAwKfDADJ3oHZ-3JBzqvM9Zm-ApzUWOGLqE43OGi7zjJNqJ4NhgkXVZPlkaPyg793zgtPWI5HkLMT5rOa1bBxJ8ivhTpmIYTcmic_J7Q7MQtL_dbHDQ32qwPsCmq8z7IkTpbv5W_baO6c91Pyd1_yampDvL9d4-7d8DSxucNprzNOqrND0qloWC6-4ypVoAI1ft7qBrDg_io7sutGe9wz4Y_rz4F_ysd8P__zaM3M6An6In5R24Uh8mN65PyNWAJzuHFQEJ7rbuE3U_5KQnoMvWkEYGFuwiQKjxWbdhens-6cCwN4ZEROD5UcGEGcoclkMlvlMxgdUMGKxhKBbvCFAr43URH4QS9dKP6vWfPAQvGHoi-owHz96jkIzKqJGX2aV3v49e7s5P6OzG_RSwktvPOWA3-uv5ZN41Oo9s8-5ExS1t1lJWfBoNqzIra7b0v2GRuDsBAlAGYytzXLULflFD6mb3Yr9773FsASaONjHg0s4oyiwGiyEYXkkC-OzPgQ7Mp_L71bVZ9cdeMGW7CRZEtIHXZhnJlu1y7NsTLFIbF0RhAWcoZ0zHpFo4ZeBCWGriMlZJKwYHnzd6lLhAqRuum0ADRfg5hraBuKxfIsmGyRyJ1DGMvcq5Su5CXmPlpdezY-TTVWyypRbm1-Yatjaqg0mmMl-xOiKkLSQX2N5DFshB9x_KBPHG4eftEeIE3_HDsbooYNcDBhpGyZ8u4LzTwGqeV4byAbr-zY4DTdh6CYv0yJDFdFwPwq0OoMJPsputYhEoT3fEG5jRTaZ_zIPyjH7QcYmnoq3ExRKXk2xSrd4GbU1ymIN9w_HJ9qWRml6TZ6PFs2hyVuCTzSjAtGHJsdfDZmWthkdC2_pZbSItLWdo2e0SIawvjgqC4Wbos1Qb-F6L1u5_wp6xSmhKxQlTcZ_ijAwYlXs2PjKedSnraLBUZVpTSiOfMILeW0I0m4y-PRtFRXkO_BvFLlP58-8ZZcb5OFKDWUtSWjzYx3CNb1kBIz101Q2zWXwN-sCN6FcS_VcBvpZFwTIsuvhE91KKETw055yA5Lv39tDQPvD1TXUUbSIpzLeDZ2TwPyJ7wVzSqtzMWtI3TDFauSd2sZe10sbFJKlEpOXR8RAYoPL389kNZ-llHYurS9z9t5C3NiuEISG8EMluG1kkQ_bHRTnFEv8-yLrKv4M8CZ70tikwCJksyd0_62XCuYeZM4KWQJUXRZyaGQs_Yn6m6lKINsieHl_uW5DAPyaj88L-4_-ToP3Y2voBAv4qy_S2pa4WORhnu-cmSx4xlUBP-tfSKxTvWTfm_zp7-XpyhVwRpJ04nzjrZkPupRd-Hjdd0paWjKmCwvDoHzJTNESveo2zOsDHjFp5JgY4i2l5VGp0G3vo2Y3e9KGug-AFuyl2-kS3435zXRm7ZmdUVurfv0xX1gHDWDM3ZcpCFlwoL_AqzCTBi9y8svVapPpmveOlyW4cCPJl0-6I8YzWJOds_SLEzNaZZPtjHZfbo0-UuCzCtmK-EjRDvjhTQxJjieYUNZhv1UrEWdsY-Awfk6drLy7PGz67qC7nw-3AQmOcb1Yp1oPY1OITGWvrw9HuqNOr4GTaWjZEKh86F7Caa51xPsJhPSu5o_IxEZ6YfJO4AuaozlIc4bQhnSbMViyhr2-fsgF9kP2UhA1TQYT28OYhhTWUVhr38lJGMdEX2QjFUdg8gV-FH4tCAA7bc-DSxZmYEoeW_lLRZk3Y9sV-7LqOAdnkWQvX0CUtzOrj9NuNW_lJvV1ekRf9IaHkWKDoGXp_ccrYU2UP0RSdXsikmurgvcx8wdsL0uNrJjnyhRDvSDtvwzT-wPDmgl2cmbx-qjAn0BzP_p4n0AMnWySKM6zZr_ZXW7-aWNDGwLyXhn27eF2clSDOBRC1lWi-Z88nkmRS9YtZL5xUAysucmPKN9T6kwrI991nQODnHTfyqJBf7puD-35yxEiGBDOpECc6N89dvqVoihs3pfTKM2YvOsAleIt31euM7eJt_73DGYljl9f6Q_b1jfBLKJ1RgJC6X_G99AwgirCf_ZMVq9JV2ZEW620TxJ-SGEHuTKGAiLGKcsFqT6KbrS73SpTs5w2r3lrC14jaKUtEST36N7aiiJzKk949d1QswpT2COpqZBX9Gv1VF69Qd33A2MtLahoxKEnOcnlnXYQ9g5qenwJRnaStKisZdtkj1anWGLwfNwvROS7LG-SbPGUu735zyKiuOscBs1yC3p5kuk7YjeYptPVzWvRlr3ZZFEXzMpDsHyBCAMj-qE1lvkC1YvZO2-9m-swjmkS9WuhPEJNLSlxMNLQlYhjIybrRiQvDAGVklbd7MA-PPQ53a2gOCxM3GikPVGDtFy1eTbVpDa2Q3NmiI11MhIXgwgHK0SXA_5fDXAhjIu8Ooi8yR_jQ57AQz_oRsBXIS7XM-RhViHNqPpglwZzQurJd8Z_5hKUkOz7BL53tolFCReUbTkUWH547w_kHhFwwYKrYjvkZhIWRmsw_iiyph-3_OpzxqmZrQR2xTVjtFY7wQYlJ0neFlmZBVRe66pyf4qsCkSNOou0csPUE-KJp8ba1biwLWBB78-XaYz-2oHALzDwDXPCOHl1R0CGA0c_Lg6NrVS6HRsdiDzjsuIylVov6lbw-ikMq_PQ6_tZPlh9Pfinx-qP4RXccZ1qZFQa_wFJBA-ZbjAqpYD3YWDK8keiC-5uvU7s3s-6lUtu6saqbbEHTlEqreknvOVPfdeosxe4zbT9jjhSBf6KX_rBk_vu8MEz3LZB-6MN4TfK_j7quKtiBdMmntLsHLNgEeNPX8fhG3EyZTK4w_wCTVBtTNjRFmO-pCWLxBh_mdzs9vcThCLoDxEZaXvhYcNFAmaxNVvmuVfw8nwAallnvQoC6d-06OIkPuVQR1hoiD3f1_DeVUmYpS_AWfZ0vYo3Slz5M1_r7R88DFeF4cLQvIl4JJGTfm_D53tyxJh1HQYEnGHNGH-lcWmRZ5KFP-DUE1aaAkA-rHtDqEi2LGuOlV2qD09QxeXmCeMDUvOr-_XJLERfCBhR1NdXVNrtTZd7-sXaX1SUTQ&cid=CAQSSwBpAlJW23LWUjj9XcvYueloz1hGweZ-YFvXHZFDctb0gZWlav6PZ03evFi-FSdfg_NMHNh9WyufiKe9eY4-Az4OoP_XsCelyHa90BgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=16774362499585264000&adk=1877897943&idt=259&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7504432997c4e5b297aae8fa062862e8f60d612a9a262393d5632577b271eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 14:25:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11511
x-xss-protection: 0
server: cafe
etag: 17364786779606225690
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 14:25:36 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4B2E 41 KB
13 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:22:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 264780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 19 Aug 2024 03:22:34 GMT

GET
H/1.1 200
OK dvbs_src_internal119.js Show response
cdn.doubleverify.com/ Frame 4B2E 57 KB
19 KB 37ms
37ms Script
application/javascript 2a02:26f0:3500:d::1732:83c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal119.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=189093&plc=6688591&sid=18330&dvregion=0&unit=728x90&autt=1&ppid=103&aufilter1=3060631&prr=1&auevent=ABAjH0geP2JzRYJpaP7K98CopCzg&c1=3060631&auorder=1012740201&aulitem=20204990837&aucrtv=495871628&auxch=1&pltfrm=1&ausite=1967185790811&turl=https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html&aubndl=&audeal=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 97570defe15fe0a83b49642f0ecf2dcc9c7400d21272372d3b140beb372bd08e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 04:55:34 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Aug 2023 05:33:58 GMT
Server: UploadServer
ETag: "49ece1856f22cd4f89a093097d94e5d1"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: max-age=946080000,no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18798
Expires: Fri, 02 Aug 2024 02:50:34 GMT

GET
H/1.1 200
OK dvbs_src_internal119.js Show response
cdn.doubleverify.com/ Frame C417 57 KB
19 KB 38ms
37ms Script
application/javascript 2a02:26f0:3500:d::1732:83c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal119.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=189093&plc=6688589&sid=18330&dvregion=0&unit=300x250&autt=1&ppid=103&aufilter1=3060631&prr=1&auevent=ABAjH0hpqecZRnqEveNARvcmrOKA&c1=3060631&auorder=1012740201&aulitem=20204990837&aucrtv=495871520&auxch=1&pltfrm=1&ausite=1967185790811&turl=https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html&aubndl=&audeal=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 97570defe15fe0a83b49642f0ecf2dcc9c7400d21272372d3b140beb372bd08e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 04:55:34 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Aug 2023 05:33:58 GMT
Server: UploadServer
ETag: "49ece1856f22cd4f89a093097d94e5d1"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: max-age=946080000,no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18798
Expires: Fri, 02 Aug 2024 02:50:34 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 25E5 41 KB
13 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AfIuHMIee9ANzyPflHiMo5K-wakb8ys33ajJhSnBvYf9LKCLTWGPXI_oU18x24NjQTj0_u4GhvOz514L0E2PB_7ETUsbyIX2tp1cNbgbNn69tzClzdw68fMLSNuvXybdtk3kH_yFQybmo6mjiM1hRiYVOpTuJDIDy-H5EVTfErqGH0DUU&cry=1&dbm_d=AKAmf-DXWXXSZOoS8Qy_DHcsGKNpW8RAguIxk2ZHMrpvTD_OLznSBJg6ROY27vtke1T6a1rEZ-8PC2mLFO-_w6xrN8BrTDeL8jeQUplGGxyGJJvKgeDvNvfEfKzWocY3zPG0o8jrxwNN1jYOk1Cp_AOvvfctirjYWB1LOTvaC-QaPBewSteb5X8jJEaIy-sShr37YjM7Tk3zUdcribf0Oa13qbHzUymGS2YxniXO0_noalXqA7zb78l4m1-JM1eSU4FY3Zc-iWPAZ9xdKh5Xq5dZLuET_x7Mo8YNWyGB7W6ZU3y1yVbFHah2oYNpWMJTUnsuk_BMHH0xYQAaeotmijZmrWFGWZYfdN5DypnKp9YgNWshVHylLon8AhVNPyvlkL5vy2aLwEVdDYmrbeJ6x6KRzBbQil460p1olpKW2HJk_Mw1078XWJDoZZyNxXeKOqGwFFIKTzuCr_h0STpjq245p3KKLJHJxqjApgN_zY4vTOdI52xrVLsm2UmSIyaYy1Mkw6GBOYyNUiRJ6yK1t17kHNOKD9pG6bO3xXKRvGjX4rDFdwa07LLCJ0uCt7oAYOhQumrOScTgtxj3CuFf4SMnaMlD3a7ERksoDmuqIGy5KHuv-I5fCXWwkWDV7Axx5SawoX1kb6NucTWJo8cKBgb8IqNRVsww_DWzFjtZCkwVaW3F8nEHHFTkCPqZbh0j-Kc3liity9b7Ygn44NRX-L3GlIgjXGGfCKUETAK0sSXZH9wDPSDse2zs_cwQZ0OZa0BG2ivWQ23jdpoe-_wFgO4MBS8Zy7Gwyj1KKXhNK37kxQuyYd3K39EPq9gDD_4fynNZkXH4mm4p5UO8-i7oYZpvU3hkWkxWwIQZokdeG5-u3n4eUbJ43GLlJUN3dpCoASWi3a_n-9vxunp2qeEMWz6Q5JMapKRe5Ugbx5cAKt6FCv8Vh6JWJ5Out3fpzsMbbQBYMPLJaOM7EdG_fzTlpFcDfUbsVZ98QJUOnQSxphhw6Oyod6tT6SQPj6pbLPGJj1aawf68brPcvz2aHTauFGrZIg7edbtsFdqZHiF-HbL_oEfdZFh9KqnevhHHLzm1bjRQvX_hsD6mjIP--DXvTFhSjyWnX2IkR0rQ_Erz3_pF8LhJ0RkjjRrwUYgBnw2fGNCcLMN7-_m0Kb78HHDxzY12dqteCLDbVKI7fzR89N8LjXOx28L90mnS5zQT3ve06mCtVaj2z76UYD2-39zOp0rg4mcb2Fzblq6E7fV1cT3O9UkKsClqD9klf0aGD9Cvf_KsuG1EZvwPSBJFGFsvcQoWwNN8vpG9elGuEalXO6kw5Hh-DdRKses75ZYD4Qs31KdLTvy2UMCLIiI5I6cB8tPxItLALqt6-Stzh5qn5tuM7wQaS3Z41cCd9hOcCJ01DxpGr0qzLTMOEx3Ay25P0LQ9NQps1f8nqF_oB_01udXT45zXwMp_3e3rtUvgkI10ADobKwke9ruD5Sjx6ovZdl-Ah9gnRDu12epicC2l-igV_szUSRGchVDd37JbxF1MQ2bZIZWVnRL6g2WEbvGrImnooUVGFOs1Kg9WpWOzi7cmsgQ_tMtXpckCsV6kIFThx7LeGkqmiKbhycdRON7rFFXnL1wLyooznjEo6hY1EBf4xrmfQkwlfko1-952-Kt1PrcVnNBvfZJlO7hmnGIaJmrqBiPBm91ztksbyb-HQnU1avsEfJddD2hmDwpz58sFTJrbA8_7VzEFu6kSZ1hVHSczU3uLnPEzpQMFAUoX7QcdXPMropziQFeAKNRMIe5wK6QJr3BkFA5_2h6u2GA5EtsIuiSx-d3Hc8nzeWQYP1d9tEdGTekfRxrBejJdhyHaKiodu-uVC4LA4e0nnHpHIJVRDJjsTNobcunnNAWCWB6MjVt15SxHfKYMwn6Mk-o0Pr3AYyXwSdYgQ40Ehqot7jcdqt1PAsO8dXCYP4blBNdeQ9HdfXhDXig-STIndyXl5_81yAWqlbMxEDRKl3E0qCvwz1sL39G0KQffwOhQ6Em6MsyDJZuEE7BZqEWMlsoT_vuYLjR3dZrAOCv67d44-QobxjwPmkIb8e5t-wWn2Q20ksal2z__jjXL0CLQx9Aj2jCuxoFd-cRh3-v6tI37wG7ECFsiiyHaSpV1AjcHEDzGAr810d8jKyuSQk3vSTPNwB79CZex4ywfVFccmZC7X6t3Abu5fQI_sS5HJ0QEeYBPDwtv11PQgHrUHesNUkhRv-_64Dey0DRa_Ea7FaPvwz3vGF0gc4WCgUvb-7HsMI2gFizMg4B7ulRthO6hg5Rv3P8-NDc_r8WjC_SyN3aaTfM3x3iYe4NZCNCDRo8RWshV2nM_8fjsjPWcc781v2bnE1alDWyXvsd5B0jGem7wBzUjIIERJQfaBqzYIgkA95VfdVM_vdg7ERUZo7kek-WvnnhtxVhuxZwHZ5monWHDQv6epjsMUGhglqwysM3JCKdudpOERR_aBDLViGuvVsqfKLS1FQHHTQWuvHWNm8xxt0H7wkmDR-bx4HwFpPk9BWGufq6M1JVSzrJ2LMkghtDCZ4L6YhnVIYgqqINJlQosvxIPMmuu9RYRBiqG7h4DOrh1zGd2z9wBRQO4JHpqKAbaXaZgO9ks8xhl_vWpaYYg-Ujemz6k-IszMj5oX8vgjnbYIE7dSFlFySPaUOaV6fA6PtIriC_D0FSfd--a20xZbiNt1vkAPnSTWtICP-6ATBKn0IbR0oWJaxIorTv5G2GbYHYmjIHyNO4w7LQWEKtpsIc-lTs4obswG3xeRG5wE19L1hYH258KqzcvZbUrys_QlXF5QzyGGfL8xYxzueEIeBMz0RPtIuLVMP2RSx3mNA75FtMwyevrA5p0IA9lNtUEEfDuWmC9rxs8zlc1CdykwErDrPfHnIwYOHZSlIxPXJjvnur6h6ACxvsbJj-p7_iZiKEEL05TPIHWIwA844Id6-rboAUc0TESaZSP8MBEgeUt-ZOBzmLU9X8bPL6f-V2wRu_mDrLuuelkImBK_ePLXFz6z9PpLkzFr20i-_pLL7sRBRTaWqzEmfGsUyJbJGx-j1UHVrPdIvelwhc60YZZUqIlDq3uvJZTaTsXSQWyxJ2GAwQewQM37utH8b7pyGu5Sow1UP3eiNT7c8xX4kDKpx-wFdlEEtXwMtXVzlKkGpK0O-qEHO_bbJhcakh1nBIVTt5aYrUZwSdmIkacWLOLq4VwDfmxrk-ye58Vs89U0PKN4Whvcblkifw4PSP1FxezPNdsssZ3hgP1h3B0UzO7FyvoAyPIMEy60o4e5TOB2ZLDQbpb3p_Pf-eAELTweqkZNgRb8S1Je_pwY5eWa1inkHVI6fnmtenbYQGxJVL8bgPTNMXw_xZZstLp6_M_HDJDFtGTmcCTH_k8YZ-JMLb9HiOswahV13TSRYq8q6x9nqvzmiHzKq3Qu6RpAmNhTivrrW8A6eKPRaTJOx1Uok31IEaIK7TdG63q1fOdyLk4HQgQT5PAamYh2Nyy2sEH37D3nxIsA_AUmx51srpYRdk-Bmgpg1q0qXIkEbFHDVkzp7usl6E0cVqNaPC4ap93hJ2s0G3UXMQEz7_kwvgnhBti721iWvTVuOn50qkFTQoxrtUh-4-Zm5VHHMEgWBMsIQQKHZV6iDjQ8JPNBGxxjKZEBMtt3zGAUV853bTbv0agxoIeLF1hNxyhBX7QhE6HLLTzyU4EuWpdGpY_2jjz1PFqzXiqrMsgzbJMxeD7acyYNN6kpFZMpwxePGnmAggFhsdU8yfqWzlH62XyJS7GkuBk3Vd_J_6XhP2QIlbDjv1G2Uh2PCsdcm8jGG2xkjaWbFk18DcFlzbR-WHoJTo6-WcYuZivHa5ZAEVXSPK_HFHBbtFSs_LW7xY0_DKdHQhT2TrzeddUckCl2IoK&cid=CAQSSwBpAlJW23LWUjj9XcvYueloz1hGweZ-YFvXHZFDctb0gZWlav6PZ03evFi-FSdfg_NMHNh9WyufiKe9eY4-Az4OoP_XsCelyHa90BgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=1423757762971330300&adk=2086295851&idt=257&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:22:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 264780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 19 Aug 2024 03:22:34 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F0AE 22 KB
8 KB 20ms
19ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 385189
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 17:55:45 GMT
expires: Sat, 17 Aug 2024 17:55:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK g72h7lz2c4az Show response
hal9000.redintelligence.net/zone/ Frame 25E5 12 KB
4 KB 86ms
31ms Script
text/html 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/g72h7lz2c4az?subid=&gdpr=&gdpr_consent=&rnd=1692766533155797&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCH-3MRZHlZJXBCdaB1PIPlbSiKKblvaBphZWcp8kP8C4QASDeuKidAWCVqrOCwAfIAQmpAhc_Ao6RMrI-qAMByAObBKoE4gFP0FAhfV8CTgjVP93P7i_Ro7gklRx4mX5qLLg7FxcEskRqdGApubnsGIGIu7ChubLHisfb80P2O0Q-jHhy7fmlcP7uRDJC75asPd_n3fQQnHp4bL2sfrlaADhGBOH_1KGBB-v1rZ3oUqbt9M05MBrOipo5H3ZmeCvIDJlZ4XKUjaNGpvBUHZpkFFVqkkjcXpo5nge2pciU9KkMPT2m91n7bgcQV1iZr1D-Vdzp0I-dyVM_zCvoxQmK5ulmmggn9S4OP5jpkDJkzVw2H_u0l9R-18Y0C8wr5lWaeLqfEABgzZ00wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMI1feV3_7xgAMV1gBVCB0VmggFEAEYASAAEgLzgfD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJW23LWUjj9XcvYueloz1hGweZ-YFvXHZFDctb0gZWlav6PZ03evFi-FSdfg_NMHNh9WyufiKe9eY4-Az4OoP_XsCelyHa90BgB%26sig%3DAOD64_1ZnMSxP2wuZs1m_KLVNbA5qy0RVg%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-DBRc_JLWIk23_fSKgzeePWAAjpAudXbjGMRg05SINJ7IYo2zUuzcC0ZkxqUV0BgNoMsxjCDMAj3mfaaEDn9gM5l0ONTezi6W7K8YZ5U8rR_32cETZ1V1OL8FF_UQx5sptaArK782lQ3lRzw49jcRza4g0wyiaVL_89jHlzBg4p__sMYYY%26cry%3D1%26dbm_d%3DAKAmf-BDWxX5XlQ_ovtKD4b_4PJsDHeY7Dpx40QYc4R-KwCwAFKPgYyS6JN7baEDwKZ-D2koY3BU9k62Ad4kN8XY8Ue9e6bgZg0cXJPpVQ6Yg_hkCkjkAxuqkngrTNubVOFqPAtOszQY8kCC1PwHiVOlCnkTJvlNwf9uH42g_8hITtbn11kGcq6m3HyllatPaCdb9zPLRWFPmXDi8CNDsxLFkBUlIW5g9iHBqp_HioQUi35tj2U_JEwupHo2IwxAtWG8WRbp4IwXTA8jA0skGuPMkmKhMcIFgYXQX2BXBNK15XXewr0yVqHari9TRW6XaN2KXi2Tay1hAbubg4fOsWHld-gRNVOsnAxEp2FD7mv30N0QzLqt6LRoK-xBgT6n8k6HsUp17-tHq6LaxeN6a_dc7nqu2xqFC-l6gZTrmx2MKD_FhuOYjUKVHwUY69UrABz9x5xL-mqKLnRBgwDvSox_BqiuyrIZjoHXQUzz4qSwcoHNM2I8EWN0jkgnublVlzAA9NUYbNrUlfy44ubdFbgpoQ91RpBglkqeTK2xA-JBXaTZmU67RNH6Gvak-4gyD_QhZGnXMNrvzrAilzTi6wdAQdTBNf9dw0gyApKuzsRHMAuB5P6r1pLLhowCCSlki8FI1Vccnmg8%26adurl%3D
Requested by: Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 062aabfef06959d94fb90fd74e7bb50d3a0ad1bb66ab79e07923b6bd62951158

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 04:55:34 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4251
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230821/r20110914/ Frame D88E 30 KB
11 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230821/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A4haxc6kYxXe6LZIj2p0uU_Ca1iEpygo4O5qF1FpadAK7CH91qv3JBbCCHYgYHmwiCZ-6It3bgYTQuhaGbXrVmFJHTazZ-vxy5sPoJvxEA4xCwvxx0UEUL--Rjf__-FfY-IjX9l6I6q6vB8R24dvZd-j3lAYIWBAi09wfTfLoVE1ZxEGQ&cry=1&dbm_d=AKAmf-A3shdFdhL7xmqegFai7FfHGWqc6HDFUzjpYUMJ22V9O2wf2XB_E9yNgtKWGOSeUH4LcNUmffC1airyGsOO2Uv7UzYoVav2WVC7fE41PHNFVA8LyJf39rfcVTu9MjFQYCoIwFLQuUChmjckti7uKXNKbMlpByGdb4HhOmLKhE5ycXLM1TZaXq7DDrmNbZZxCG82eeYY4OqXHTfUaLr53FNtR4md_sk987rhegLAKyfTRxahuf58WW1NMPLFU2WH0tf8GPo4rEFV6q2smfAaHzATeOYVCM0M5VBB5bKcOgqz1O-2E5YYuyJHj263phpttD9Z_ZlkD9CRvOgG1KX16lih0Jx_Ee9drTz5CntHgipUaRuS6cr24wk_V2gspNySfasNU-xb6PGVMxtQjChsCs1gd8cSpTRDiRkyz56t_D0ICwHKiLh5zkgFf8BPxc36kO6ze6P7Y8QUSljLHFkNZngH53y2EkVb2_5h--to-0UFwKDPt_u5DPHPH8ABAjdMnReYsfJP-t-MpATXUfFa4HLgxosEcvJwEcMdVdgf-1R8zLcsQWhOeIMdoTywmFUI83RJi3JDVHKoo2-cUItNT229qIy2Vyfi664rcN1ZQ9rcST1NeSDgcLLqF6cmZsn2RV0mueW_X8kUymEUratK_RHSeMHzr3J3wkHxfBhp37ebS1qm29KOmcAh158V_S4jKnMNlfEZzchSBfSoGKR8W8kAFWsbSakz1nMuEuBjBjfCafUZDtwvEkJb8EeElGH-bAtZOhv4X1LvK-XV7MO-AQTLJUC457LSQ3JreEJ4CIIyhA4RAZK47MfBaE3ebhPpaFOK186OBXVwVdOI8JzC2JLgd0hnpnuTFx2KyYZ8Ta36qbS_BoNr__OvD1vZQUjeEmeuv9Klj8Pl8rVZ5S7gecdGgHuAHEriZdAgCtYh-PFvDJW_7iNjP2Tnyp782xMkgwkFhOYaDn_5Y-LkQwT6aVLRf_FpWbufTdLlor8ZSEwTBVZEdAg8JIsOPNnhreBSNOqRIZtHIuo4AGUPU3cRsvUGrheQNQY5JnFmxYd1aUcEvSrXpKYyMevWpnlEf8sGTIpb8-WsIZDfab0faRcgHkZVX1bihxtmrPpZ5RPgV5rHCDDrjUxZ4x6cDs_9tGUrxz5oUe3K8lX8pQ7ZjnphSM57XcNEmXZaCvm0a9YviS2Scf5aQfeM76klJLA2hcKhKdStC0RIWTdYMg0DowNzQ2tOs0Xk5Ic1-hHY1s-phghgIMLI-y5TU7W_f-1rJLEyBMBQyU6P8REcHkmg3IReplN6efzowIKokbW0bxVQlehU7CkInrr0xgmxGWzpmMd17SWVdcvqS0Q9EPUHcERAnFxWPs_Tyj-lN82kdYr9VIJeBM6pE7Fq9JvSsjc-a_WBqBbQt_a1vk0-fe80tUv7G-FflpQeAhf_94LEM8pOp-aQIWJDa2yKuFV4xPdj_J6POpX_IPiHfAsoNtZP5fMMUgndkPjw4ChM1iovVw1aOg6XCyfYvIbruGYURcXTwrztyPKuQKFI5vbzpeWv8qN8uVpzska_D-wcndeZUv39-DE6qbxL2dYeTLafTFFDHmKRzZYVvGaLReICzF8uLZhMxEr4UyrGbqyB7n8D_jMv2lSYxN9VpANgA1oAKK_Ui_P0cUZwZOvggU1Aup1-V9WD7teG3IkqWjlYgNEEIXZB9QnAZrJSnRgeBssrYqISAY2PDv4cioP0F5j04tcPkGuZrSBll7ECDK1-GPbMpoFRgPoxT4It9k7LMUQgEqLRHiiC7MhxUE6U_b0K4YJj5-onv0ysv01meMxGVAlWM44rFCV8ukuOhJ54NanZTBfE_iQvw9N4QK7L9-M1Y3DpwlvOqd8wg8kDbpf1v22TNkL5Z_zydMMEYSuNQJOfS9vLgMe1V81pDh0JcwfiRfgQQubFVrpW7YRUUt66vp8IEo6TowB9h8ZcNFXnixtiO2AM0uAXkkSuKkzqVCkltD-fROpf6dCRIVkxM_mX6ZfKaPDbzYCTQFXuqtl_l-OyRypFnbXWM70jItKFYSO9itS_uk1wxJesJbxHSWCgoDruINBkJkDwfbZRg1kMizl9zdNAoxAHDFly5HqOaRvln44CQYJehVzoSzbLWA6NKAAkcKRQSQK5sSPOU2oBlel-keRot_K-4Rw9k9S8-U7av8oBfhZARLXsjbY7aoNKU6pbrCVoIUN83-bHBeHgawijSHGTKAa4ZWaYPSnpkUIvR-X-aEp4G0N-v7yHflSjqbZAx5rXPddz4eurFIVOQ6W4P4URuqzZaY5H_uQxNFix07NZWxFiIu_9HUqn0EqPXhjVCTv9xe0zGgLqtnfDaSkjkJe7NjQo83G-AQ6FiR3VBGOYuzkfk4tIozF2P52ZqN2iStK1ez4R-bo1zzad4JzHgq031qr8e_pBOZDxjTssnCc6WpMcLzRHDlxUhgY4stfjbYYqbBdrKzFN5RMFPwpkF-FyFbQjGli3BJdYlqH1pYWWtSMdCGlU9hqOZUjg_R1hWmHm--ynzX37cUMdkIVyrOaRuubkdjZlKC1PZ_XuCr4ud9dgGZSBc1B7lDE-oVBhQlB2dMLtx64O4q7TvXB481rzotqDNMKTH1Xiygpby6HGJQuFfYeDhFdCn4zOAWvuaxq0GCfo0ZWJ2DiIQ8zdWitnrdbdZAk0Xbnl-fNuFjNZVPW4ZfTPiT0nIFWm9yiGHlSdSNbM-TrjimQgEl1bMD0GXDgb75PBlZzwSULB1ImNj84g1jVTVleLQQGxgtlD8UnoNRzlyLOEjyI6YLEVrA25DqWoG_Ue5hSj56zlrbsk0X12rGLMies7VjoxUEnqI5Uvc3xuC4xWvNtPdxkOyKcQHnt7KGkCRuZh8OMXzb5NowUb_yz4cUrw2MdWCsTAg4WmC7WbT7gtZ4kpKb5dEGujc4Y7reXLOwLTsCxTvFfSr1u1hlV27cZwPrcZsz4shSD1YAHTQSZ3hHWlF6OYbNnq5bUt-4KoxPdrAxakI7cEdU_SBtaPX4aR2WzUjBJoTPpdg6V3kWjJWGRl0_kSgIh9Nvxz6us6NpX4NUd2Z9_C42MfPDoEpBsH0VM4q_ZqZ1rjH4MRsC5bTTOnxUUqJ8mjw3vynEFNgB83GKWAxxQans9ZPgRUpCcMImura1tdgyT2Bp8z7nVL1WQUtT0rK74sAasrPsNsKtC3k9L2URLEd3jmIj46w5mCbiDGQIAUCdJU40uPb6rpY_yv978WT9WIUtpHdJIFHwK16RSZnhSNhQW7WcfuqmoO-Vw5gMqUVB-_WYbW-HJlZKvVXzPoUxZ-1yEgjphPUKjLnopHp0hwd2yhHqQH745-sdguNPUL4uSS0fAO-Vi_ecWZFyL2zfZpwAeQeKYSLozzkq155nw451p4NKp6NYRYOTD0RulTTCvxjiOEJHA00qMRUvtw9YwPo8-tqfvSwTZkN14T82FdmcmVH-Y0u_7ZsIfiXShxWMY_ZC_14SYE3EupZgNoxZGMh1yghdc6T8XChvBuQ0TFF_MiGelLM5tJTx_uX6Wm_VuQPt_lpWb_c76dRre1yBMR8dJ0fsFYRngWRHOVlbRT5e6AIhifkYjQ_H4cu4qGylhIV8pcuYA4RKVCGn_eweri-sY1iNYhxM_ERjbAv5PWLymebkw3ohyrFnslZYIUdaIkFltkb7aUIvZp5hQUUbfoDyMTPHRObKoBpbpCSywJnhq9s2qLQDKpyA&cid=CAQSSwBpAlJW23LWUjj9XcvYueloz1hGweZ-YFvXHZFDctb0gZWlav6PZ03evFi-FSdfg_NMHNh9WyufiKe9eY4-Az4OoP_XsCelyHa90BgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=6623599114337652000&adk=1964084972&rc=1&idt=283&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7504432997c4e5b297aae8fa062862e8f60d612a9a262393d5632577b271eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 14:25:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11511
x-xss-protection: 0
server: cafe
etag: 17364786779606225690
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 14:25:36 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D88E 41 KB
13 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:22:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 264780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 19 Aug 2024 03:22:34 GMT

GET
H/1.1 200
OK dvbs_src_internal119.js Show response
cdn.doubleverify.com/ Frame D88E 57 KB
19 KB 36ms
36ms Script
application/javascript 2a02:26f0:3500:d::1732:83c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal119.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=189093&plc=6688591&sid=18330&dvregion=0&unit=728x90&autt=1&ppid=103&aufilter1=3060631&prr=1&auevent=ABAjH0iD9X8wT7BrXk2N76QzCnDn&c1=3060631&auorder=1012740201&aulitem=20204990837&aucrtv=495871628&auxch=1&pltfrm=1&ausite=1967185790811&turl=https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html&aubndl=&audeal=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 97570defe15fe0a83b49642f0ecf2dcc9c7400d21272372d3b140beb372bd08e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 04:55:34 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Aug 2023 05:33:58 GMT
Server: UploadServer
ETag: "49ece1856f22cd4f89a093097d94e5d1"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: max-age=946080000,no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18798
Expires: Fri, 02 Aug 2024 02:50:34 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 30C9 22 KB
8 KB 21ms
20ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 385189
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 17:55:45 GMT
expires: Sat, 17 Aug 2024 17:55:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 79C3 22 KB
8 KB 20ms
20ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 385189
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 17:55:45 GMT
expires: Sat, 17 Aug 2024 17:55:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 4B2E 1 KB
925 B 159ms
40ms Script
text/javascript 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_495054514715&jsTagObjCallback=__tagObject_callback_495054514715&num=6&ctx=1828362&cmp=189093&plc=6688591&sid=18330&advid=&adsrv=&unit=728x90&isdvvid=&uid=495054514715&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.50&dvpx_strhd=0.50&brid=3&brver=116&bridua=3&dup=null&ppid=103&auevent=ABAjH0geP2JzRYJpaP7K98CopCzg&aucrtv=495871628&auorder=1012740201&ausite=1967185790811&auxch=1&aulitem=20204990837&pltfrm=1&aufilter1=3060631&autt=1&c1=3060631&turl=https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html&chro=1&hist=2&winh=90&winw=1005&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=2&htmlmsging=1&tstype=128&prr=1&aUrlD=-1&m1=13&noc=4&fcifrms=9&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=166&eparams=DC4FC%3Dl9EEADTbpTauTau2aK2A%3C%5D%3A%40TauU2%3F4r92%3A%3Fl9EEADTbpTauTau2aK2A%3C%5D%3A%40Tar9EEADTbpTauTaufhg4%60bb%60%60%60%607d6d%605%60227c6c27%60g365e%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETar9EEADTbpTauTaufhg4%60bb%60%60%60%607d6d%605%60227c6c27%60g365e%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau2aK2A%3C%5D%3A%40Tau%60%60eahhh%5C42%3AI2%5CE6%3E%5C%60%5Cda%5C%60%5Ce%60_%5C2C%3Eec%5CGg2%5C2C%3E623%3A%5CGf2%5CIge%5CIge%5Cec%5C2aK%5D9E%3E%3D&dvp_exetime=9.60&aubndl=&audeal=&callbackName=__verify_callback_495054514715
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal119.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: bb6bdb1fbd95d2eb28ed8ce22d1a3a34bc041a79ebfdf59c0e97a5653853cdd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Aug 2023 04:55:34 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 08/22/2023 04:55:34

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F63E 22 KB
8 KB 20ms
19ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 385189
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 17:55:45 GMT
expires: Sat, 17 Aug 2024 17:55:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame C417 1 KB
928 B 136ms
40ms Script
text/javascript 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_218468527514&jsTagObjCallback=__tagObject_callback_218468527514&num=6&ctx=1828362&cmp=189093&plc=6688589&sid=18330&advid=&adsrv=&unit=300x250&isdvvid=&uid=218468527514&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.10&dvpx_strhd=0.10&brid=3&brver=116&bridua=3&dup=null&ppid=103&auevent=ABAjH0hpqecZRnqEveNARvcmrOKA&aucrtv=495871520&auorder=1012740201&ausite=1967185790811&auxch=1&aulitem=20204990837&pltfrm=1&aufilter1=3060631&autt=1&c1=3060631&turl=https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&prr=1&aUrlD=-1&m1=13&noc=4&fcifrms=9&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=166&eparams=DC4FC%3Dl9EEADTbpTauTau2aK2A%3C%5D%3A%40TauU2%3F4r92%3A%3Fl9EEADTbpTauTau2aK2A%3C%5D%3A%40Tar9EEADTbpTauTaufhg4%60bb%60%60%60%607d6d%605%60227c6c27%60g365e%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau2aK2A%3C%5D%3A%40Tau%60%60eahhh%5C42%3AI2%5CE6%3E%5C%60%5Cda%5C%60%5Ce%60_%5C2C%3Eec%5CGg2%5C2C%3E623%3A%5CGf2%5CIge%5CIge%5Cec%5C2aK%5D9E%3E%3D&dvp_exetime=6.30&aubndl=&audeal=&callbackName=__verify_callback_218468527514
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal119.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e484a097b3857b79abc41d8ae899a631e1761807fe3943292977e6fe65a87543

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Aug 2023 04:55:34 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 08/22/2023 04:55:34

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1C69 22 KB
8 KB 20ms
20ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 385189
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 17:55:45 GMT
expires: Sat, 17 Aug 2024 17:55:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request.php Show response
hal900030.redintelligence.net/ Frame DBE4 4 KB
2 KB 149ms
84ms Script
application/x-javascript 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900030.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=ea7089167b&subid=&uid=4f8c0608f0917e54&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZf8KRZHlZJPBCdaB1PIPlbSiKKblvaBprZWcp8kP8C4QASDeuKidAWCVqrOCwAfIAQmpAhc_Ao6RMrI-qAMByAObBKoE5gFP0PrlZF2V9L3_rUWZnubuoikeHrHn-7RkVUL8qkt84e3ixZ4r9vfkzsIQkPAyMjfJAeDsjBmeG_yzavF2d3kvvX6LXXMzqpBxHFEAhDNuKo7FfZ0KkfJ2KoFSi1yBspMEwTnfjHAvyetpnmQG5kLRVtci5mLMFGy4eltn81FGhqnS38Gq5tdYf4s_71mSH3e-VFrRzj4cr73XCbYAKAn4fjVlkICCVoJwv2pxF9NaM-akqj8m8ItsirzsabzvzFNyT-QJLT07DqZb6s4iJ400zvvux_aWA5-2_Dfl0-AFiRZu31HKysAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMI0_eV3_7xgAMV1gBVCB0VmggFEAEYASAAEgKXKfD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJW23LWUjj9XcvYueloz1hGweZ-YFvXHZFDctb0gZWlav6PZ03evFi-FSdfg_NMHNh9WyufiKe9eY4-Az4OoP_XsCelyHa90BgB%26sig%3DAOD64_0X7WRndaukD7N-R4WHjlIqe_c3KA%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-D_DEG_dVjOG6lchOozQvBjrhps0e3lTN7pdGqSt6Ddxa1sLrUY32hGtNWi50WjGL0QbPzArWLSqzcoyOehvbWKirVXtXlzA14atvQSKTd9IaK8ipKYuSWbEgwaSYrloUb5XYbU2p8cLeyry3udXRjMM-DvvFcfKkXsqyH5EbJrKMUBr_g%26cry%3D1%26dbm_d%3DAKAmf-CdxG6s74K3k4ooKFELFiDldtLBIRhaA0zKWA-ZWXcryDIrs2wv-7d8t5tyAi4eIpIkMVISwomTpExxC0sEgIoX98Wa9A4AL_rnFv-AGVNR-Hhy8L_WXQDzHlbt-xcSSYRxmxFgUx5k0L2b7iHaGt-9-pdcUAf2ia9bDODQirGaZwrvrD8G-yQzp8SsLRsLYgAPistDFlE-XoVQlCMtqF-w1xvFpPgwaYYxyc6KpPwcMIUq7uWD96Sf4TDpqUUJIJm4S7m_vuA70JZ1AoMLkXhWjvA0K8XwSyTHZH41EDErpc6_IEDEWGBg5EYMdgCBypME1aJWWCTSWn_RXBrsN2XnwEwm2TjzFdaJQJS1dYQ80RiVbX2C4SV6jYDp12w3nwRVKG98iHXSEHE_3pR8Ah2EZ8_7XM4gHIGbGrIcSpt6E27eWNsAEpZ-9iL-tMOFzDBPbfksDyKITA0zFoAp3vVXwGPBmr2rw6sn2B8z8Z1fp7tK-GyheMFb2CfUQ5kX9A8JNm71A6tXPK0xMK2JoKtZs0UsSlCg6TBSrkVKS87Kb-eTPduKyuv9S2e7jv5vskyknQEw1ewGd28UNM-g-_3m3DqQFMc726tHpX7oOCVGAqeh4HvaEoua2Dff367LDC_LNLOs%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=7112378631383&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/iju9wczm8trb?subid=&gdpr=&gdpr_consent=&rnd=1692766533155795&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZf8KRZHlZJPBCdaB1PIPlbSiKKblvaBprZWcp8kP8C4QASDeuKidAWCVqrOCwAfIAQmpAhc_Ao6RMrI-qAMByAObBKoE5gFP0PrlZF2V9L3_rUWZnubuoikeHrHn-7RkVUL8qkt84e3ixZ4r9vfkzsIQkPAyMjfJAeDsjBmeG_yzavF2d3kvvX6LXXMzqpBxHFEAhDNuKo7FfZ0KkfJ2KoFSi1yBspMEwTnfjHAvyetpnmQG5kLRVtci5mLMFGy4eltn81FGhqnS38Gq5tdYf4s_71mSH3e-VFrRzj4cr73XCbYAKAn4fjVlkICCVoJwv2pxF9NaM-akqj8m8ItsirzsabzvzFNyT-QJLT07DqZb6s4iJ400zvvux_aWA5-2_Dfl0-AFiRZu31HKysAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMI0_eV3_7xgAMV1gBVCB0VmggFEAEYASAAEgKXKfD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJW23LWUjj9XcvYueloz1hGweZ-YFvXHZFDctb0gZWlav6PZ03evFi-FSdfg_NMHNh9WyufiKe9eY4-Az4OoP_XsCelyHa90BgB%26sig%3DAOD64_0X7WRndaukD7N-R4WHjlIqe_c3KA%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-D_DEG_dVjOG6lchOozQvBjrhps0e3lTN7pdGqSt6Ddxa1sLrUY32hGtNWi50WjGL0QbPzArWLSqzcoyOehvbWKirVXtXlzA14atvQSKTd9IaK8ipKYuSWbEgwaSYrloUb5XYbU2p8cLeyry3udXRjMM-DvvFcfKkXsqyH5EbJrKMUBr_g%26cry%3D1%26dbm_d%3DAKAmf-CdxG6s74K3k4ooKFELFiDldtLBIRhaA0zKWA-ZWXcryDIrs2wv-7d8t5tyAi4eIpIkMVISwomTpExxC0sEgIoX98Wa9A4AL_rnFv-AGVNR-Hhy8L_WXQDzHlbt-xcSSYRxmxFgUx5k0L2b7iHaGt-9-pdcUAf2ia9bDODQirGaZwrvrD8G-yQzp8SsLRsLYgAPistDFlE-XoVQlCMtqF-w1xvFpPgwaYYxyc6KpPwcMIUq7uWD96Sf4TDpqUUJIJm4S7m_vuA70JZ1AoMLkXhWjvA0K8XwSyTHZH41EDErpc6_IEDEWGBg5EYMdgCBypME1aJWWCTSWn_RXBrsN2XnwEwm2TjzFdaJQJS1dYQ80RiVbX2C4SV6jYDp12w3nwRVKG98iHXSEHE_3pR8Ah2EZ8_7XM4gHIGbGrIcSpt6E27eWNsAEpZ-9iL-tMOFzDBPbfksDyKITA0zFoAp3vVXwGPBmr2rw6sn2B8z8Z1fp7tK-GyheMFb2CfUQ5kX9A8JNm71A6tXPK0xMK2JoKtZs0UsSlCg6TBSrkVKS87Kb-eTPduKyuv9S2e7jv5vskyknQEw1ewGd28UNM-g-_3m3DqQFMc726tHpX7oOCVGAqeh4HvaEoua2Dff367LDC_LNLOs%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 Sindelfingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: e2bf7931e8b701ee95f507f3c9b711b18ca5a178e4f4f5b9107e6ae51aaba7f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Aug 2023 04:55:34 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 73793400014949504444554012425030
Connection: close
Content-Length: 1339
Expires: Wed, 23 Aug 2023 05:55:34 +0200

GET
H3 200 -ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Show response
pagead2.googlesyndication.com/bg/ Frame F0AE 37 KB
14 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 10:05:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67808
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14754
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Aug 2024 10:05:26 GMT

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame D88E 1 KB
924 B 142ms
60ms Script
text/javascript 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_912157239729&jsTagObjCallback=__tagObject_callback_912157239729&num=6&ctx=1828362&cmp=189093&plc=6688591&sid=18330&advid=&adsrv=&unit=728x90&isdvvid=&uid=912157239729&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.00&dvpx_strhd=0.00&brid=3&brver=116&bridua=3&dup=null&ppid=103&auevent=ABAjH0iD9X8wT7BrXk2N76QzCnDn&aucrtv=495871628&auorder=1012740201&ausite=1967185790811&auxch=1&aulitem=20204990837&pltfrm=1&aufilter1=3060631&autt=1&c1=3060631&turl=https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&prr=1&aUrlD=-1&m1=13&noc=4&fcifrms=9&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=166&eparams=DC4FC%3Dl9EEADTbpTauTau2aK2A%3C%5D%3A%40TauU2%3F4r92%3A%3Fl9EEADTbpTauTau2aK2A%3C%5D%3A%40Tar9EEADTbpTauTaufhg4%60bb%60%60%60%607d6d%605%60227c6c27%60g365e%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau2aK2A%3C%5D%3A%40Tau%60%60eahhh%5C42%3AI2%5CE6%3E%5C%60%5Cda%5C%60%5Ce%60_%5C2C%3Eec%5CGg2%5C2C%3E623%3A%5CGf2%5CIge%5CIge%5Cec%5C2aK%5D9E%3E%3D&dvp_exetime=5.40&aubndl=&audeal=&callbackName=__verify_callback_912157239729
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal119.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: d59f875c07b5e09ed72f5188897e17d768c69bf2f8b2843ea8409b443dea0f46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Aug 2023 04:55:34 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 08/22/2023 04:55:34

GET
H3 200 -ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Show response
pagead2.googlesyndication.com/bg/ Frame 30C9 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 10:05:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67808
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14754
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Aug 2024 10:05:26 GMT

GET
H/1.1 200
OK request.php Show response
hal900030.redintelligence.net/ Frame 25E5 3 KB
2 KB 141ms
87ms Script
application/x-javascript 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900030.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=efd4e35759&subid=&uid=a236c62c64c72af2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCH-3MRZHlZJXBCdaB1PIPlbSiKKblvaBphZWcp8kP8C4QASDeuKidAWCVqrOCwAfIAQmpAhc_Ao6RMrI-qAMByAObBKoE4gFP0FAhfV8CTgjVP93P7i_Ro7gklRx4mX5qLLg7FxcEskRqdGApubnsGIGIu7ChubLHisfb80P2O0Q-jHhy7fmlcP7uRDJC75asPd_n3fQQnHp4bL2sfrlaADhGBOH_1KGBB-v1rZ3oUqbt9M05MBrOipo5H3ZmeCvIDJlZ4XKUjaNGpvBUHZpkFFVqkkjcXpo5nge2pciU9KkMPT2m91n7bgcQV1iZr1D-Vdzp0I-dyVM_zCvoxQmK5ulmmggn9S4OP5jpkDJkzVw2H_u0l9R-18Y0C8wr5lWaeLqfEABgzZ00wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMI1feV3_7xgAMV1gBVCB0VmggFEAEYASAAEgLzgfD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJW23LWUjj9XcvYueloz1hGweZ-YFvXHZFDctb0gZWlav6PZ03evFi-FSdfg_NMHNh9WyufiKe9eY4-Az4OoP_XsCelyHa90BgB%26sig%3DAOD64_1ZnMSxP2wuZs1m_KLVNbA5qy0RVg%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-DBRc_JLWIk23_fSKgzeePWAAjpAudXbjGMRg05SINJ7IYo2zUuzcC0ZkxqUV0BgNoMsxjCDMAj3mfaaEDn9gM5l0ONTezi6W7K8YZ5U8rR_32cETZ1V1OL8FF_UQx5sptaArK782lQ3lRzw49jcRza4g0wyiaVL_89jHlzBg4p__sMYYY%26cry%3D1%26dbm_d%3DAKAmf-BDWxX5XlQ_ovtKD4b_4PJsDHeY7Dpx40QYc4R-KwCwAFKPgYyS6JN7baEDwKZ-D2koY3BU9k62Ad4kN8XY8Ue9e6bgZg0cXJPpVQ6Yg_hkCkjkAxuqkngrTNubVOFqPAtOszQY8kCC1PwHiVOlCnkTJvlNwf9uH42g_8hITtbn11kGcq6m3HyllatPaCdb9zPLRWFPmXDi8CNDsxLFkBUlIW5g9iHBqp_HioQUi35tj2U_JEwupHo2IwxAtWG8WRbp4IwXTA8jA0skGuPMkmKhMcIFgYXQX2BXBNK15XXewr0yVqHari9TRW6XaN2KXi2Tay1hAbubg4fOsWHld-gRNVOsnAxEp2FD7mv30N0QzLqt6LRoK-xBgT6n8k6HsUp17-tHq6LaxeN6a_dc7nqu2xqFC-l6gZTrmx2MKD_FhuOYjUKVHwUY69UrABz9x5xL-mqKLnRBgwDvSox_BqiuyrIZjoHXQUzz4qSwcoHNM2I8EWN0jkgnublVlzAA9NUYbNrUlfy44ubdFbgpoQ91RpBglkqeTK2xA-JBXaTZmU67RNH6Gvak-4gyD_QhZGnXMNrvzrAilzTi6wdAQdTBNf9dw0gyApKuzsRHMAuB5P6r1pLLhowCCSlki8FI1Vccnmg8%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=8055446250814&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/g72h7lz2c4az?subid=&gdpr=&gdpr_consent=&rnd=1692766533155797&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCH-3MRZHlZJXBCdaB1PIPlbSiKKblvaBphZWcp8kP8C4QASDeuKidAWCVqrOCwAfIAQmpAhc_Ao6RMrI-qAMByAObBKoE4gFP0FAhfV8CTgjVP93P7i_Ro7gklRx4mX5qLLg7FxcEskRqdGApubnsGIGIu7ChubLHisfb80P2O0Q-jHhy7fmlcP7uRDJC75asPd_n3fQQnHp4bL2sfrlaADhGBOH_1KGBB-v1rZ3oUqbt9M05MBrOipo5H3ZmeCvIDJlZ4XKUjaNGpvBUHZpkFFVqkkjcXpo5nge2pciU9KkMPT2m91n7bgcQV1iZr1D-Vdzp0I-dyVM_zCvoxQmK5ulmmggn9S4OP5jpkDJkzVw2H_u0l9R-18Y0C8wr5lWaeLqfEABgzZ00wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMI1feV3_7xgAMV1gBVCB0VmggFEAEYASAAEgLzgfD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJW23LWUjj9XcvYueloz1hGweZ-YFvXHZFDctb0gZWlav6PZ03evFi-FSdfg_NMHNh9WyufiKe9eY4-Az4OoP_XsCelyHa90BgB%26sig%3DAOD64_1ZnMSxP2wuZs1m_KLVNbA5qy0RVg%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-DBRc_JLWIk23_fSKgzeePWAAjpAudXbjGMRg05SINJ7IYo2zUuzcC0ZkxqUV0BgNoMsxjCDMAj3mfaaEDn9gM5l0ONTezi6W7K8YZ5U8rR_32cETZ1V1OL8FF_UQx5sptaArK782lQ3lRzw49jcRza4g0wyiaVL_89jHlzBg4p__sMYYY%26cry%3D1%26dbm_d%3DAKAmf-BDWxX5XlQ_ovtKD4b_4PJsDHeY7Dpx40QYc4R-KwCwAFKPgYyS6JN7baEDwKZ-D2koY3BU9k62Ad4kN8XY8Ue9e6bgZg0cXJPpVQ6Yg_hkCkjkAxuqkngrTNubVOFqPAtOszQY8kCC1PwHiVOlCnkTJvlNwf9uH42g_8hITtbn11kGcq6m3HyllatPaCdb9zPLRWFPmXDi8CNDsxLFkBUlIW5g9iHBqp_HioQUi35tj2U_JEwupHo2IwxAtWG8WRbp4IwXTA8jA0skGuPMkmKhMcIFgYXQX2BXBNK15XXewr0yVqHari9TRW6XaN2KXi2Tay1hAbubg4fOsWHld-gRNVOsnAxEp2FD7mv30N0QzLqt6LRoK-xBgT6n8k6HsUp17-tHq6LaxeN6a_dc7nqu2xqFC-l6gZTrmx2MKD_FhuOYjUKVHwUY69UrABz9x5xL-mqKLnRBgwDvSox_BqiuyrIZjoHXQUzz4qSwcoHNM2I8EWN0jkgnublVlzAA9NUYbNrUlfy44ubdFbgpoQ91RpBglkqeTK2xA-JBXaTZmU67RNH6Gvak-4gyD_QhZGnXMNrvzrAilzTi6wdAQdTBNf9dw0gyApKuzsRHMAuB5P6r1pLLhowCCSlki8FI1Vccnmg8%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 Sindelfingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: ad8c7fe8951e8f3d7edbee43f6e0cf8d14aa5c22e018237d5b4fdd4cd72b7116

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Aug 2023 04:55:34 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 90351500014949604444550012425030
Connection: close
Content-Length: 1077
Expires: Wed, 23 Aug 2023 05:55:34 +0200

GET
H3 200 -ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Show response
pagead2.googlesyndication.com/bg/ Frame 79C3 37 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 10:05:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67808
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14754
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Aug 2024 10:05:26 GMT

GET
H3 200 -ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Show response
pagead2.googlesyndication.com/bg/ Frame F63E 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 10:05:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67808
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14754
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Aug 2024 10:05:26 GMT

GET
H3 200 -ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Show response
pagead2.googlesyndication.com/bg/ Frame 1C69 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 10:05:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67808
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14754
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Aug 2024 10:05:26 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CAA3 0
20 B 56ms
56ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bh6IPRZHlZIfVOoHYgAfXxKzIBQAAAAA4AeAEAg&bg=!MDOlM3zNAAZGPLJIZjw7ADQBe5WfOPeE1zFvImcD7Ot7q95Al60Elwqs32fFipdot2ywCbFTAUT3mxpetxKoldluMpArAgAAAKBSAAAABGgBB5kDAttWwAAVJpQgymA015qyoI91bIo5W81AGcss01OeUS1q9EJxahwixTkB9IxIAa7ppI5-wQCLkN2pr6-PzA3Zc3MJRdgncrit0GxJ_1mvpRVKh7xxUUre5vB2b6wvKDCxsa-Rtu0-Mjmj5Hcw0X5pQQCEw0zAFtzVE6TOMUO1tJfjh8G6kwtgz4BRZ5LPzCQHlVUiQYdzTY8e-I2jBg1mw4rkYl3xJjYbZKsN2DHoCXiCu2KydO0p44N-5nbHh2oQ2MnBzuDwt1AqQCHZaZldsJxUYuwy4qwJbNWuvwYErn7weKpszhua81ZKBffB1eXuad3PrfA2INapsfvyBTmtnVmpmLX49lyjDa0nYsv5FpmdrMhSV16sMWSPtHzsqSD_WU-BujhmfSFPTEc_cV_KwKrCZOWkG5CXISDxDzXGTWEleL_CJPTF3r5cujl_Ih4BpzHQ3qmqSxdNcHGC_WBKK3MR1cxTntLJ7CqC8tPNSEvLd22uapp-af73bXaK4nYwUMLD2rmMIqlGiN2JC2BdjpInoWFpGdBwGBPDpdm-XqBePp83zgcrymbNHyevYbby-e_snOanxRCTcGrKntRfIkv1GRWbgDooqEFAeKGdSJgPJbvubWP59M1pneIZJU3Cx4KzJf-z_jegE4YAZGuT9L3nrbCNT8fEJeFVBgVRUMZSt3aTCxKLhyYQUve-zpFPQsHNxOCTSseriOmvoxxbW_a6gQES-x_POnCD-sCTiM2yGE2pcJv0zoMx521sAa9l_Hj3JBwUMbtqinLVx_0kvBbrAJd95WHn9ThQIw3wY2F5yjsKlScDikm_hqLb0FNEDAzfSQFXh3rVWOwGQTRJa7Qa_PLzhIfd7wIExqyeeQ_7eD62XVkPiXbMJYySilNYAqXqlDcoAixJGCmAMTK3B_QuyIAP31DeYK7hMelvFpF8_S41JiEaXLhMu1kHwzJv246qMEm2DX32gb4X0UNBfmPnBhfcf6fI86FPp0QAcAtQZDZH6hCESUi5SqrrXrUAZpbZ

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame C417 16 KB
7 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal119.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d72c9fb59846aff6405d2973c81bd8da823493502fab893e026a736a1ba01838

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1903
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6830
x-xss-protection: 0
last-modified: Wed, 24 May 2023 18:59:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 23 Aug 2023 05:23:51 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 4B2E 16 KB
7 KB 24ms
21ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal119.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d72c9fb59846aff6405d2973c81bd8da823493502fab893e026a736a1ba01838

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1903
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6830
x-xss-protection: 0
last-modified: Wed, 24 May 2023 18:59:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 23 Aug 2023 05:23:51 GMT

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame DB00
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=92116400014479904445008012425014&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=92116400014479904445008012425014&actionid=879111&produktid=ratenkredit&dt_url=

0
178 B

119ms
43ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=92116400014479904445008012425014&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=e95xao572jml&nw=20&renderingType=javascript&namespace=da49a32bff&subid=&uid=41ee49c2a454dd87&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x480&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCFtQwRZHlZJDBCdaB1PIPlbSiKKblvaBp5Zicp8kP8C4QASDeuKidAWCVqrOCwAfIAQmpAhc_Ao6RMrI-qAMByAObBKoE4wFP0BaMQ1FcCKS78F7E2PelYG0fpgfLRer_lwrHpnn0zav9PRFSWVSm4n97JTkmAX76EAgokOFGMSYzQQiBDVCQFJhAstcgmuCALCbTIIebQ03O5RB4Pc0fYxUFx1qBD1JFitBkvUs6Vu0oP7kfkKpY5D_6GgyKF9pGynNeq3AXeUX4fGbsFbApO4HmDUmklHPEZFsnIUL_aB6iUqo-IMS9hWNuqPdpK9CApFtrjLGi1d0Gs9MCkpb8Y6QT47ugT2Tw5AYfwrbwpZu69gv0y-b6fZuzBYxENUrf_c7VkcKRuxLFEsAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMI0PeV3_7xgAMV1gBVCB0VmggFEAEYASAAEgKmzPD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJW23LWUjj9XcvYueloz1hGweZ-YFvXHZFDctb0gZWlav6PZ03evFi-FSdfg_NMHNh9WyufiKe9eY4-Az4OoP_XsCelyHa90BgB%26sig%3DAOD64_1Ii5isXkVjA2RuysmNgRY2wmdjbg%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-BK_I9oZbl2bBuF1HXOEDkOg2RnClmcjCjUu9Rmry9ENCTvehxXZYTae0XeGy-Vt7JCRviFWANzpZPQibPjVJG-J1JGv5T1c4YhJLBMS08N42g_lzyDJRIQUQWUa5bWnQaAPsjIPgP28nF3yzAGLc5Ykp7fKubda1YOKjaBq7HDhMUTgYU%26cry%3D1%26dbm_d%3DAKAmf-D7qNrwNLUciWkuhQOzQt_8Lp9vo_GuI6nK6kHrpHz_bBQUp2wNepe6_DhM8KK0e5Pf1e5Uv6tUTJMOLbHPEL_s1FjfdrDoNWlXlNH6Fdz2T2CCxlDjddPNr8VAW88rnNWpuWAP7MpWihum1tk91SAzb9E-3JzwvhWQS7E4nA8QNZzKF5gUQ9Ly7cgOKClxtHn-UjHZ2gDcqajhHVlkPLIMGiD1bacMz9kbFBNTDS_jZBLl7zpRPvV2cUR-kWvQAarpKqhAjSPYEug6sdb0MJR2pnePvogTLvcgYO8mHsq8ERxsdmNn0qtIvZMDkcsuBaXe4OeWsQW2bAh5iAJbb3ZmlPBuEfFAYSX-C9OnHxY3CJ_p3qKuBuBZdhq21cTpzKofaG3xIKpcxvPHfFVZbG4yxEd56blqYcBt1QVU2eY3SVT-344QFUUMlCJmkjQX48GuFDv22uViMfTh__I3s8Z2sg8iJk6MbJ-YqTjOsA5U9jwotX0GnlnwVYoV-9EOLBkWcJYbyKqqbRNmcfIJxQq66trqi5MS92uNFiNsFFNtBJuQevuCgROI-VtVFfJTL4JlD9bAKxtiP7_DP35eItE-CZSkpB-suvisEtXVacynothwwMHGeFDUgwnuzNkNPtJY25Up%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=5952984581379&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 23 Aug 2023 04:55:33 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Wed, 23 Aug 2023 06:55:34 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Request-ID
Content-Length: 0
Content-Type: application/javascript
Date: Wed, 23 Aug 2023 04:55:34 GMT
Host: pv.medialead.de
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=92116400014479904445008012425014&actionid=879111&produktid=ratenkredit&dt_url=
Proxy-Host: pv.medialead.de
Server: nginx
Strict-Transport-Security: max-age=15768000
Vary: Origin
X-IPLB-Instance: 40027
X-IPLB-Request-ID: 5413AFB7:A790_91EFC182:01BB_64E59146_51B11F9:22022

GET
H2 200 / Show response
adv.office-partner.de/ Frame 7B04 930 B
931 B 86ms
19ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=e95xao572jml&nw=20&renderingType=javascript&namespace=da49a32bff&subid=&uid=41ee49c2a454dd87&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x480&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCFtQwRZHlZJDBCdaB1PIPlbSiKKblvaBp5Zicp8kP8C4QASDeuKidAWCVqrOCwAfIAQmpAhc_Ao6RMrI-qAMByAObBKoE4wFP0BaMQ1FcCKS78F7E2PelYG0fpgfLRer_lwrHpnn0zav9PRFSWVSm4n97JTkmAX76EAgokOFGMSYzQQiBDVCQFJhAstcgmuCALCbTIIebQ03O5RB4Pc0fYxUFx1qBD1JFitBkvUs6Vu0oP7kfkKpY5D_6GgyKF9pGynNeq3AXeUX4fGbsFbApO4HmDUmklHPEZFsnIUL_aB6iUqo-IMS9hWNuqPdpK9CApFtrjLGi1d0Gs9MCkpb8Y6QT47ugT2Tw5AYfwrbwpZu69gv0y-b6fZuzBYxENUrf_c7VkcKRuxLFEsAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMI0PeV3_7xgAMV1gBVCB0VmggFEAEYASAAEgKmzPD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJW23LWUjj9XcvYueloz1hGweZ-YFvXHZFDctb0gZWlav6PZ03evFi-FSdfg_NMHNh9WyufiKe9eY4-Az4OoP_XsCelyHa90BgB%26sig%3DAOD64_1Ii5isXkVjA2RuysmNgRY2wmdjbg%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-BK_I9oZbl2bBuF1HXOEDkOg2RnClmcjCjUu9Rmry9ENCTvehxXZYTae0XeGy-Vt7JCRviFWANzpZPQibPjVJG-J1JGv5T1c4YhJLBMS08N42g_lzyDJRIQUQWUa5bWnQaAPsjIPgP28nF3yzAGLc5Ykp7fKubda1YOKjaBq7HDhMUTgYU%26cry%3D1%26dbm_d%3DAKAmf-D7qNrwNLUciWkuhQOzQt_8Lp9vo_GuI6nK6kHrpHz_bBQUp2wNepe6_DhM8KK0e5Pf1e5Uv6tUTJMOLbHPEL_s1FjfdrDoNWlXlNH6Fdz2T2CCxlDjddPNr8VAW88rnNWpuWAP7MpWihum1tk91SAzb9E-3JzwvhWQS7E4nA8QNZzKF5gUQ9Ly7cgOKClxtHn-UjHZ2gDcqajhHVlkPLIMGiD1bacMz9kbFBNTDS_jZBLl7zpRPvV2cUR-kWvQAarpKqhAjSPYEug6sdb0MJR2pnePvogTLvcgYO8mHsq8ERxsdmNn0qtIvZMDkcsuBaXe4OeWsQW2bAh5iAJbb3ZmlPBuEfFAYSX-C9OnHxY3CJ_p3qKuBuBZdhq21cTpzKofaG3xIKpcxvPHfFVZbG4yxEd56blqYcBt1QVU2eY3SVT-344QFUUMlCJmkjQX48GuFDv22uViMfTh__I3s8Z2sg8iJk6MbJ-YqTjOsA5U9jwotX0GnlnwVYoV-9EOLBkWcJYbyKqqbRNmcfIJxQq66trqi5MS92uNFiNsFFNtBJuQevuCgROI-VtVFfJTL4JlD9bAKxtiP7_DP35eItE-CZSkpB-suvisEtXVacynothwwMHGeFDUgwnuzNkNPtJY25Up%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=5952984581379&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Wed, 23 Aug 2023 04:55:34 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Wed, 30 Aug 2023 04:55:34 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 22F8
Redirect Chain

https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=92116400014479904445008012425014&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=64e59146e7656cda16e372a8&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=

0
179 B

114ms
42ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=64e59146e7656cda16e372a8&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 23 Aug 2023 04:55:33 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Wed, 23 Aug 2023 06:55:34 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Request-ID
Content-Length: 0
Content-Type: application/javascript
Date: Wed, 23 Aug 2023 04:55:34 GMT
Host: pv.medialead.de
Location: https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=64e59146e7656cda16e372a8&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=
Proxy-Host: pv.medialead.de
Server: nginx
Strict-Transport-Security: max-age=15768000
Vary: Origin
X-IPLB-Instance: 40028
X-IPLB-Request-ID: 5413AFB7:A78E_91EFC182:01BB_64E59146_52090BF:B82C

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 894A
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=92116400014479904445008012425014&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=92116400014479904445008012425014&actionid=879111&produktid=ratenkredit&dt_url=

0
179 B

39ms
39ms

Script
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=92116400014479904445008012425014&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:33 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 23 Aug 2023 06:55:34 GMT
server: Microsoft-IIS/10.0
access-control-allow-methods: GET,POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Wed, 23 Aug 2023 04:55:34 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx
Host: pv.medialead.de
X-IPLB-Request-ID: 5413AFB7:A798_91EFC182:01BB_64E59146_51B11FB:22022
X-IPLB-Instance: 40027
Vary: Origin
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=92116400014479904445008012425014&actionid=879111&produktid=ratenkredit&dt_url=
Access-Control-Expose-Headers: X-Request-ID
Access-Control-Allow-Credentials: true
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame 894A 43 B
482 B 191ms
56ms Image
image/gif 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=92116400014479904445008012425014&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.130 Valence, France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 04:55:34 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx
Host: pv.medialead.de
X-IPLB-Request-ID: 5413AFB7:A790_91EFC182:01BB_64E59146_51B11FF:22022
X-IPLB-Instance: 40027
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Request-ID
Access-Control-Allow-Credentials: true
Content-Length: 43
Proxy-Host: pv.medialead.de

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 894A 43 B
705 B 125ms
65ms Image
image/gif 23.56.205.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=92116400014479904445008012425014&pv=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-205-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Aug 2023 04:55:34 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame B4E8
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=73793400014949504444554012425030&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=73793400014949504444554012425030&actionid=879111&produktid=ratenkredit&dt_url=

0
178 B

113ms
44ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=73793400014949504444554012425030&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=ea7089167b&subid=&uid=4f8c0608f0917e54&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZf8KRZHlZJPBCdaB1PIPlbSiKKblvaBprZWcp8kP8C4QASDeuKidAWCVqrOCwAfIAQmpAhc_Ao6RMrI-qAMByAObBKoE5gFP0PrlZF2V9L3_rUWZnubuoikeHrHn-7RkVUL8qkt84e3ixZ4r9vfkzsIQkPAyMjfJAeDsjBmeG_yzavF2d3kvvX6LXXMzqpBxHFEAhDNuKo7FfZ0KkfJ2KoFSi1yBspMEwTnfjHAvyetpnmQG5kLRVtci5mLMFGy4eltn81FGhqnS38Gq5tdYf4s_71mSH3e-VFrRzj4cr73XCbYAKAn4fjVlkICCVoJwv2pxF9NaM-akqj8m8ItsirzsabzvzFNyT-QJLT07DqZb6s4iJ400zvvux_aWA5-2_Dfl0-AFiRZu31HKysAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMI0_eV3_7xgAMV1gBVCB0VmggFEAEYASAAEgKXKfD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJW23LWUjj9XcvYueloz1hGweZ-YFvXHZFDctb0gZWlav6PZ03evFi-FSdfg_NMHNh9WyufiKe9eY4-Az4OoP_XsCelyHa90BgB%26sig%3DAOD64_0X7WRndaukD7N-R4WHjlIqe_c3KA%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-D_DEG_dVjOG6lchOozQvBjrhps0e3lTN7pdGqSt6Ddxa1sLrUY32hGtNWi50WjGL0QbPzArWLSqzcoyOehvbWKirVXtXlzA14atvQSKTd9IaK8ipKYuSWbEgwaSYrloUb5XYbU2p8cLeyry3udXRjMM-DvvFcfKkXsqyH5EbJrKMUBr_g%26cry%3D1%26dbm_d%3DAKAmf-CdxG6s74K3k4ooKFELFiDldtLBIRhaA0zKWA-ZWXcryDIrs2wv-7d8t5tyAi4eIpIkMVISwomTpExxC0sEgIoX98Wa9A4AL_rnFv-AGVNR-Hhy8L_WXQDzHlbt-xcSSYRxmxFgUx5k0L2b7iHaGt-9-pdcUAf2ia9bDODQirGaZwrvrD8G-yQzp8SsLRsLYgAPistDFlE-XoVQlCMtqF-w1xvFpPgwaYYxyc6KpPwcMIUq7uWD96Sf4TDpqUUJIJm4S7m_vuA70JZ1AoMLkXhWjvA0K8XwSyTHZH41EDErpc6_IEDEWGBg5EYMdgCBypME1aJWWCTSWn_RXBrsN2XnwEwm2TjzFdaJQJS1dYQ80RiVbX2C4SV6jYDp12w3nwRVKG98iHXSEHE_3pR8Ah2EZ8_7XM4gHIGbGrIcSpt6E27eWNsAEpZ-9iL-tMOFzDBPbfksDyKITA0zFoAp3vVXwGPBmr2rw6sn2B8z8Z1fp7tK-GyheMFb2CfUQ5kX9A8JNm71A6tXPK0xMK2JoKtZs0UsSlCg6TBSrkVKS87Kb-eTPduKyuv9S2e7jv5vskyknQEw1ewGd28UNM-g-_3m3DqQFMc726tHpX7oOCVGAqeh4HvaEoua2Dff367LDC_LNLOs%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=7112378631383&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 23 Aug 2023 04:55:33 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Wed, 23 Aug 2023 06:55:34 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Request-ID
Content-Length: 0
Content-Type: application/javascript
Date: Wed, 23 Aug 2023 04:55:34 GMT
Host: pv.medialead.de
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=73793400014949504444554012425030&actionid=879111&produktid=ratenkredit&dt_url=
Proxy-Host: pv.medialead.de
Server: nginx
Strict-Transport-Security: max-age=15768000
Vary: Origin
X-IPLB-Instance: 40027
X-IPLB-Request-ID: 5413AFB7:A78C_91EFC182:01BB_64E59146_51A1EE7:22023

GET
H2 200 / Show response
adv.office-partner.de/ Frame 0A25 930 B
930 B 54ms
20ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=ea7089167b&subid=&uid=4f8c0608f0917e54&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZf8KRZHlZJPBCdaB1PIPlbSiKKblvaBprZWcp8kP8C4QASDeuKidAWCVqrOCwAfIAQmpAhc_Ao6RMrI-qAMByAObBKoE5gFP0PrlZF2V9L3_rUWZnubuoikeHrHn-7RkVUL8qkt84e3ixZ4r9vfkzsIQkPAyMjfJAeDsjBmeG_yzavF2d3kvvX6LXXMzqpBxHFEAhDNuKo7FfZ0KkfJ2KoFSi1yBspMEwTnfjHAvyetpnmQG5kLRVtci5mLMFGy4eltn81FGhqnS38Gq5tdYf4s_71mSH3e-VFrRzj4cr73XCbYAKAn4fjVlkICCVoJwv2pxF9NaM-akqj8m8ItsirzsabzvzFNyT-QJLT07DqZb6s4iJ400zvvux_aWA5-2_Dfl0-AFiRZu31HKysAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMI0_eV3_7xgAMV1gBVCB0VmggFEAEYASAAEgKXKfD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJW23LWUjj9XcvYueloz1hGweZ-YFvXHZFDctb0gZWlav6PZ03evFi-FSdfg_NMHNh9WyufiKe9eY4-Az4OoP_XsCelyHa90BgB%26sig%3DAOD64_0X7WRndaukD7N-R4WHjlIqe_c3KA%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-D_DEG_dVjOG6lchOozQvBjrhps0e3lTN7pdGqSt6Ddxa1sLrUY32hGtNWi50WjGL0QbPzArWLSqzcoyOehvbWKirVXtXlzA14atvQSKTd9IaK8ipKYuSWbEgwaSYrloUb5XYbU2p8cLeyry3udXRjMM-DvvFcfKkXsqyH5EbJrKMUBr_g%26cry%3D1%26dbm_d%3DAKAmf-CdxG6s74K3k4ooKFELFiDldtLBIRhaA0zKWA-ZWXcryDIrs2wv-7d8t5tyAi4eIpIkMVISwomTpExxC0sEgIoX98Wa9A4AL_rnFv-AGVNR-Hhy8L_WXQDzHlbt-xcSSYRxmxFgUx5k0L2b7iHaGt-9-pdcUAf2ia9bDODQirGaZwrvrD8G-yQzp8SsLRsLYgAPistDFlE-XoVQlCMtqF-w1xvFpPgwaYYxyc6KpPwcMIUq7uWD96Sf4TDpqUUJIJm4S7m_vuA70JZ1AoMLkXhWjvA0K8XwSyTHZH41EDErpc6_IEDEWGBg5EYMdgCBypME1aJWWCTSWn_RXBrsN2XnwEwm2TjzFdaJQJS1dYQ80RiVbX2C4SV6jYDp12w3nwRVKG98iHXSEHE_3pR8Ah2EZ8_7XM4gHIGbGrIcSpt6E27eWNsAEpZ-9iL-tMOFzDBPbfksDyKITA0zFoAp3vVXwGPBmr2rw6sn2B8z8Z1fp7tK-GyheMFb2CfUQ5kX9A8JNm71A6tXPK0xMK2JoKtZs0UsSlCg6TBSrkVKS87Kb-eTPduKyuv9S2e7jv5vskyknQEw1ewGd28UNM-g-_3m3DqQFMc726tHpX7oOCVGAqeh4HvaEoua2Dff367LDC_LNLOs%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=7112378631383&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Wed, 23 Aug 2023 04:55:34 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Wed, 30 Aug 2023 04:55:34 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame DE6E
Redirect Chain

https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=73793400014949504444554012425030&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=64e59146e7656cda16e372ac&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=

0
607 B

107ms
39ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=64e59146e7656cda16e372ac&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 23 Aug 2023 04:55:33 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Wed, 23 Aug 2023 06:55:34 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Request-ID
Content-Length: 0
Content-Type: application/javascript
Date: Wed, 23 Aug 2023 04:55:34 GMT
Host: pv.medialead.de
Location: https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=64e59146e7656cda16e372ac&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=
Proxy-Host: pv.medialead.de
Server: nginx
Strict-Transport-Security: max-age=15768000
Vary: Origin
X-IPLB-Instance: 40028
X-IPLB-Request-ID: 5413AFB7:A78A_91EFC182:01BB_64E59146_521291B:B82D

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame DBE4
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=73793400014949504444554012425030&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=73793400014949504444554012425030&actionid=879111&produktid=ratenkredit&dt_url=

0
178 B

38ms
38ms

Script
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=73793400014949504444554012425030&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:33 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 23 Aug 2023 06:55:34 GMT
server: Microsoft-IIS/10.0
access-control-allow-methods: GET,POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Wed, 23 Aug 2023 04:55:34 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx
Host: pv.medialead.de
X-IPLB-Request-ID: 5413AFB7:A796_91EFC182:01BB_64E59146_51B11FD:22022
X-IPLB-Instance: 40027
Vary: Origin
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=73793400014949504444554012425030&actionid=879111&produktid=ratenkredit&dt_url=
Access-Control-Expose-Headers: X-Request-ID
Access-Control-Allow-Credentials: true
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame DBE4 43 B
481 B 178ms
70ms Image
image/gif 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=73793400014949504444554012425030&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.130 Valence, France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 04:55:34 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx
Host: pv.medialead.de
X-IPLB-Request-ID: 5413AFB7:A78E_91EFC182:01BB_64E59146_52090C4:B82C
X-IPLB-Instance: 40028
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Request-ID
Access-Control-Allow-Credentials: true
Content-Length: 43
Proxy-Host: pv.medialead.de

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame D88E 16 KB
7 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal119.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d72c9fb59846aff6405d2973c81bd8da823493502fab893e026a736a1ba01838

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1903
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6830
x-xss-protection: 0
last-modified: Wed, 24 May 2023 18:59:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 23 Aug 2023 05:23:51 GMT

GET
H2

200

htlp Show response
futalis.de/ Frame 74D3
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=90351500014949604444550012425030&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3013416770

350 B
401 B

96ms
30ms

Document
text/html

167.233.14.134
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3013416770
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=efd4e35759&subid=&uid=a236c62c64c72af2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCH-3MRZHlZJXBCdaB1PIPlbSiKKblvaBphZWcp8kP8C4QASDeuKidAWCVqrOCwAfIAQmpAhc_Ao6RMrI-qAMByAObBKoE4gFP0FAhfV8CTgjVP93P7i_Ro7gklRx4mX5qLLg7FxcEskRqdGApubnsGIGIu7ChubLHisfb80P2O0Q-jHhy7fmlcP7uRDJC75asPd_n3fQQnHp4bL2sfrlaADhGBOH_1KGBB-v1rZ3oUqbt9M05MBrOipo5H3ZmeCvIDJlZ4XKUjaNGpvBUHZpkFFVqkkjcXpo5nge2pciU9KkMPT2m91n7bgcQV1iZr1D-Vdzp0I-dyVM_zCvoxQmK5ulmmggn9S4OP5jpkDJkzVw2H_u0l9R-18Y0C8wr5lWaeLqfEABgzZ00wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMI1feV3_7xgAMV1gBVCB0VmggFEAEYASAAEgLzgfD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJW23LWUjj9XcvYueloz1hGweZ-YFvXHZFDctb0gZWlav6PZ03evFi-FSdfg_NMHNh9WyufiKe9eY4-Az4OoP_XsCelyHa90BgB%26sig%3DAOD64_1ZnMSxP2wuZs1m_KLVNbA5qy0RVg%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-DBRc_JLWIk23_fSKgzeePWAAjpAudXbjGMRg05SINJ7IYo2zUuzcC0ZkxqUV0BgNoMsxjCDMAj3mfaaEDn9gM5l0ONTezi6W7K8YZ5U8rR_32cETZ1V1OL8FF_UQx5sptaArK782lQ3lRzw49jcRza4g0wyiaVL_89jHlzBg4p__sMYYY%26cry%3D1%26dbm_d%3DAKAmf-BDWxX5XlQ_ovtKD4b_4PJsDHeY7Dpx40QYc4R-KwCwAFKPgYyS6JN7baEDwKZ-D2koY3BU9k62Ad4kN8XY8Ue9e6bgZg0cXJPpVQ6Yg_hkCkjkAxuqkngrTNubVOFqPAtOszQY8kCC1PwHiVOlCnkTJvlNwf9uH42g_8hITtbn11kGcq6m3HyllatPaCdb9zPLRWFPmXDi8CNDsxLFkBUlIW5g9iHBqp_HioQUi35tj2U_JEwupHo2IwxAtWG8WRbp4IwXTA8jA0skGuPMkmKhMcIFgYXQX2BXBNK15XXewr0yVqHari9TRW6XaN2KXi2Tay1hAbubg4fOsWHld-gRNVOsnAxEp2FD7mv30N0QzLqt6LRoK-xBgT6n8k6HsUp17-tHq6LaxeN6a_dc7nqu2xqFC-l6gZTrmx2MKD_FhuOYjUKVHwUY69UrABz9x5xL-mqKLnRBgwDvSox_BqiuyrIZjoHXQUzz4qSwcoHNM2I8EWN0jkgnublVlzAA9NUYbNrUlfy44ubdFbgpoQ91RpBglkqeTK2xA-JBXaTZmU67RNH6Gvak-4gyD_QhZGnXMNrvzrAilzTi6wdAQdTBNf9dw0gyApKuzsRHMAuB5P6r1pLLhowCCSlki8FI1Vccnmg8%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=8055446250814&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.233.14.134 Ismaning, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-2.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Wed, 23 Aug 2023 04:55:34 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3013416770
p3p: policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache
xphp81: true

GET
H2

200

activityi;dc_pre=CJzz79_-8YADFUIFewoddzwDVQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8979077678682.422 Show response
5994599.fls.doubleclick.net/ Frame 6D43
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8979077678682.422?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJzz79_-8YADFUIFewoddzwDVQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8979077678682.422?

391 B
324 B

67ms
66ms

Document
text/html

142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CJzz79_-8YADFUIFewoddzwDVQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8979077678682.422?

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

58170e95799c5ed77330106f5529a910bc7d75910000531babd8b0bb54141d47

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 04:55:34 GMT
expires: Wed, 23 Aug 2023 04:55:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 04:55:34 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJzz79_-8YADFUIFewoddzwDVQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8979077678682.422?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900030.redintelligence.net/ Frame CD7F 7 KB
2 KB 82ms
28ms Document
text/html 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900030.redintelligence.net/request_content.php?s=90351500014949604444550012425030&a=59d576dd
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=efd4e35759&subid=&uid=a236c62c64c72af2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCH-3MRZHlZJXBCdaB1PIPlbSiKKblvaBphZWcp8kP8C4QASDeuKidAWCVqrOCwAfIAQmpAhc_Ao6RMrI-qAMByAObBKoE4gFP0FAhfV8CTgjVP93P7i_Ro7gklRx4mX5qLLg7FxcEskRqdGApubnsGIGIu7ChubLHisfb80P2O0Q-jHhy7fmlcP7uRDJC75asPd_n3fQQnHp4bL2sfrlaADhGBOH_1KGBB-v1rZ3oUqbt9M05MBrOipo5H3ZmeCvIDJlZ4XKUjaNGpvBUHZpkFFVqkkjcXpo5nge2pciU9KkMPT2m91n7bgcQV1iZr1D-Vdzp0I-dyVM_zCvoxQmK5ulmmggn9S4OP5jpkDJkzVw2H_u0l9R-18Y0C8wr5lWaeLqfEABgzZ00wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMI1feV3_7xgAMV1gBVCB0VmggFEAEYASAAEgLzgfD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJW23LWUjj9XcvYueloz1hGweZ-YFvXHZFDctb0gZWlav6PZ03evFi-FSdfg_NMHNh9WyufiKe9eY4-Az4OoP_XsCelyHa90BgB%26sig%3DAOD64_1ZnMSxP2wuZs1m_KLVNbA5qy0RVg%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-DBRc_JLWIk23_fSKgzeePWAAjpAudXbjGMRg05SINJ7IYo2zUuzcC0ZkxqUV0BgNoMsxjCDMAj3mfaaEDn9gM5l0ONTezi6W7K8YZ5U8rR_32cETZ1V1OL8FF_UQx5sptaArK782lQ3lRzw49jcRza4g0wyiaVL_89jHlzBg4p__sMYYY%26cry%3D1%26dbm_d%3DAKAmf-BDWxX5XlQ_ovtKD4b_4PJsDHeY7Dpx40QYc4R-KwCwAFKPgYyS6JN7baEDwKZ-D2koY3BU9k62Ad4kN8XY8Ue9e6bgZg0cXJPpVQ6Yg_hkCkjkAxuqkngrTNubVOFqPAtOszQY8kCC1PwHiVOlCnkTJvlNwf9uH42g_8hITtbn11kGcq6m3HyllatPaCdb9zPLRWFPmXDi8CNDsxLFkBUlIW5g9iHBqp_HioQUi35tj2U_JEwupHo2IwxAtWG8WRbp4IwXTA8jA0skGuPMkmKhMcIFgYXQX2BXBNK15XXewr0yVqHari9TRW6XaN2KXi2Tay1hAbubg4fOsWHld-gRNVOsnAxEp2FD7mv30N0QzLqt6LRoK-xBgT6n8k6HsUp17-tHq6LaxeN6a_dc7nqu2xqFC-l6gZTrmx2MKD_FhuOYjUKVHwUY69UrABz9x5xL-mqKLnRBgwDvSox_BqiuyrIZjoHXQUzz4qSwcoHNM2I8EWN0jkgnublVlzAA9NUYbNrUlfy44ubdFbgpoQ91RpBglkqeTK2xA-JBXaTZmU67RNH6Gvak-4gyD_QhZGnXMNrvzrAilzTi6wdAQdTBNf9dw0gyApKuzsRHMAuB5P6r1pLLhowCCSlki8FI1Vccnmg8%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=8055446250814&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 Sindelfingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: a0b46d2d20931175ed8803397f0b95cbcaed0400d51d699bedcb5bbe134bd101

Request headers

Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2051
Content-Type: text/html; charset=utf-8
Date: Wed, 23 Aug 2023 04:55:34 GMT
Expires: Wed, 23 Aug 2023 05:55:34 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 25E5 43 B
702 B 106ms
66ms Image
image/gif 23.56.205.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338577&v=11830&q=357066&r=296283&pref1=90351500014949604444550012425030&pv=1

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-205-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Aug 2023 04:55:34 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 25E5 43 B
702 B 126ms
85ms Image
image/gif 23.56.205.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2874697&v=22610&q=408799&r=296283&pref1=90351500014949604444550012425030&pv=1

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-205-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Aug 2023 04:55:34 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 impl_v96.js Show response
www.googletagservices.com/dcm/ Frame C417 49 KB
20 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v96.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

843dea1d022be79c95643821b1140cc2d081094ee77ccf7a1f637a1ad8fca33f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:42:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 241982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20157
x-xss-protection: 0
last-modified: Mon, 22 May 2023 16:41:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 19 Aug 2024 09:42:32 GMT

GET
H3 200 impl_v96.js Show response
www.googletagservices.com/dcm/ Frame 4B2E 49 KB
20 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v96.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

843dea1d022be79c95643821b1140cc2d081094ee77ccf7a1f637a1ad8fca33f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:42:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 241982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20157
x-xss-protection: 0
last-modified: Mon, 22 May 2023 16:41:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 19 Aug 2024 09:42:32 GMT

GET
H3 200 impl_v96.js Show response
www.googletagservices.com/dcm/ Frame D88E 49 KB
20 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v96.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

843dea1d022be79c95643821b1140cc2d081094ee77ccf7a1f637a1ad8fca33f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:42:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 241982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20157
x-xss-protection: 0
last-modified: Mon, 22 May 2023 16:41:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 19 Aug 2024 09:42:32 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 7B04 119 KB
45 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

20ffe741f9dddf520a15ffa243f84a00f610a43e7624a1743351857fa49d7589

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46216
x-xss-protection: 0
last-modified: Wed, 23 Aug 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 23 Aug 2023 04:55:34 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 0A25 119 KB
45 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

20ffe741f9dddf520a15ffa243f84a00f610a43e7624a1743351857fa49d7589

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46216
x-xss-protection: 0
last-modified: Wed, 23 Aug 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 23 Aug 2023 04:55:34 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame CD7F 2 KB
843 B 89ms
33ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=90351500014949604444550012425030&a=59d576dd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7fb07880fe0e8c6a59441a5eb71aed95f6542a8c4bc1ed859984d2e8efe054e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 23 Aug 2023 04:55:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 23 Aug 2023 03:34:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Aug 2023 04:55:34 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame CD7F 15 KB
15 KB 185ms
126ms Image
image/png 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/32783/creativesup/1200x627-1.jpg
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=90351500014949604444550012425030&a=59d576dd
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 1eb51bb87fa36e1a468342af94f27f8e14334200ecea22b8c829f69196697782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 04:55:34 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 15529
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame CD7F 13 KB
13 KB 76ms
26ms Image
image/png 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=90351500014949604444550012425030&a=59d576dd
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 46e3b783dd923bf61d3f5915c56613513ae96990111e4eeeb575dee492d63f14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 04:55:34 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 12999
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame CD7F 17 KB
17 KB 81ms
28ms Image
image/png 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/59171/creativesup/vega-1200x627.jpg
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=90351500014949604444550012425030&a=59d576dd
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: f6ce40bcad1b0e0b6f34c03a1e517c8c11eed6d891cd5a7a104f0b0792cd129c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 04:55:34 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16798
Vary: Accept-Encoding
Content-Type: image/png

GET
H2 200 B9689862.280410797;dc_ver=96.284;sz=300x250;u_sd=1;dc_adk=4167744936;ord=bvbrvj;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=1,https%3A%2F%2Fa2zapk.io%2F$0;xdt=1;crlt=qLVu1T*zQu;stc... Show response
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame C417 63 KB
29 KB 139ms
74ms Script
text/javascript 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=96.284;sz=300x250;u_sd=1;dc_adk=4167744936;ord=bvbrvj;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=1,https%3A%2F%2Fa2zapk.io%2F$0;xdt=1;crlt=qLVu1T*zQu;stc=1;chaa=1;sttr=155;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v96.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

54a2d331a0987dd772419dacf1706e93e5ea9292d01b7408e9183386fe916ad5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29400
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 B9689862.280630144;dc_ver=96.284;sz=728x90;u_sd=1;dc_adk=1982301555;ord=qwm9vw;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fa2zapk.io%2F$0;xdt=1;crlt=qLVu1T*zQu;stc=... Show response
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 4B2E 63 KB
29 KB 142ms
80ms Script
text/javascript 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=96.284;sz=728x90;u_sd=1;dc_adk=1982301555;ord=qwm9vw;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fa2zapk.io%2F$0;xdt=1;crlt=qLVu1T*zQu;stc=1;chaa=1;sttr=156;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v96.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

f245984ba222954a0a9706a3f8d3dd8902b442addc6ed7a39fdb6b26c30e3f90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29345
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame 74D3 5 KB
5 KB 23ms
23ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3013416770
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:34 GMT
last-modified: Wed, 05 Apr 2023 20:14:46 GMT
server: Apache
etag: "1416-5f89c717cdc2f"
content-type: application/javascript
xphp81: true
accept-ranges: bytes
content-length: 5142

GET
H2 200 B9689862.280630144;dc_ver=96.284;sz=728x90;u_sd=1;dc_adk=3395800993;ord=dvz0tb;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=1,https%3A%2F%2Fa2zapk.io%2F$0;xdt=1;crlt=qLVu1T*zQu;stc=... Show response
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame D88E 63 KB
29 KB 92ms
54ms Script
text/javascript 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=96.284;sz=728x90;u_sd=1;dc_adk=3395800993;ord=dvz0tb;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=1,https%3A%2F%2Fa2zapk.io%2F$0;xdt=1;crlt=qLVu1T*zQu;stc=1;chaa=1;sttr=174;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v96.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

ace4e7a387d2178b7cda900c9c7fc8e26a6854b47ebfb90a5abaeeda6405e6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29479
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CJzz79_-8YADFUIFewoddzwDVQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8979077678682.422
adservice.google.com/ddm/fls/z/ Frame 6D43 42 B
401 B 105ms
57ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJzz79_-8YADFUIFewoddzwDVQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8979077678682.422

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJzz79_-8YADFUIFewoddzwDVQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8979077678682.422?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F0AE 0
20 B 57ms
57ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BLKsWRpHlZKnUBdKN1PIP-9GnuAsAAAAAOAHgBAI&bg=!WVqlWhXNAAZGPLJIZjw7ADQBe5WfOI-hT3S2i_6LXWs8j2Bdvzrx30PWItIQ4pO7yZ5JhZyX5jcOLZQMOJKuntTlAYGmAgAAAYJSAAAABmgBB5kC_pz-GUcSe4_pkMlRZ80ZJpODeRkzKBWrRyCrbtvGhVPmrRn955sjg95cPCACBws-9dLA3AfcQvq4XJepBhsSC2PyVw1jaPM6TQFI0HVW2zwl1kc_nUQpOIlJXwoKQ59sv4lfRYHr799ZLbnPmq-xBEMgUh5OTWCwqUl9fmTVIDPmk66Q6eXr6i28SL39iZUfh0Kbjkbk0UY9_kUMVlilim1vB5XH7R7fxlSeD5NFojh-k2HH-W6NFF465PY3pGKOkVEvxuoKxx52tjHg8epF4jQ3fEOtugA1P9WoFPuOjTej3LdXr6ekxUjFh9kxrMGh2oDwDcUQRn5OXbpVTAmf-l8hlygRcZrkhYqMGKmHRVkyo3Ten2LLkVQdbzqBbUzcYoW2ISTU5yGmLe3LpEiJs5Xg3pQIm99fc4mo0NCCjQLD8QxMHQTMHQ9NbworvEkyAWVwv_kPFTScVAuyW2dFrJy8A3eB8k2zV9sfOcXa0BhLVd34l3s1NBDA1bRagsx1dnBcHSElxWG4YKFcLh6BEe5AnLzzX-XJNG54_qkefjQWqs3NBG9Bj1fRnTZmjcWmWDJiOf-tTFRSF8PsymLPDRPxI191lhcrMi6GyW_USTZT-u26eVsk87ARBrYvAVGSW3RGhAzBRhXMHl5XPKVdOesKXKA31Rf5suEUfDPoFNw6Ghk3toCXTJm94PHua4bllLrZQbOrtqAqi_zTqRJ7ilhNKEZw1l6L8k9pHHwQDL26Nw6d1BUalOwnciDkgV2kbQtmKXyYmPLgxpHgbfdyKYEE30P4VsrcjLWGhMFrbOMc1_PuTx22smXZFQ-i_KZzvUC6LWzHlBD4XOrJDhvIa3vsfcu7mSW5uITpXaOoG-8UyTEfw9ZPWr44JLKHUy5qKKfYTPwf70dbSAnTr7AuAMq8Qe5yt-59wasd6dz1YcRfaqatvCVav76SXJdVyV7a0ZpDPvxvOKIeul8qVgsj0JaHmBjrQ6jwEPYXHmVDzW_LHcG38aqMWXUej8XkrEE

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900030.redintelligence.net/ Frame CD7F 0
150 B 77ms
27ms Script
text/html 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900030.redintelligence.net/viewability?s=90351500014949604444550012425030&a=b374d952&vb=m
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=90351500014949604444550012425030&a=59d576dd
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 Sindelfingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/request_content.php?s=90351500014949604444550012425030&a=59d576dd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 04:55:34 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 7B04 265 KB
88 KB 30ms
30ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

00663981086a56175dfea4654f60df0887b59ed03940e0d28fc0ecbabcded437

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90347
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 23 Aug 2023 04:55:34 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 79C3 0
20 B 57ms
57ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bz5ChRpHlZI3ZBq2ZjuwPisOW0AgAAAAAOAHgBAI&bg=!kZKlkt3NAAZGPLJIZjw7ADQBe5WfOBfAhjP_N-W4NH4jsXk_iI-aWb2pO2x7Tv5nPjwJ-TAgwkjjXBplAU5wN92Qb4_6AgAAAZVSAAAABGgBB5kDVlSL1fnfMdhQ2q37_1tAQFM9JH9v-javDUW5ygo7ylK0yMYSNU3_8KRHrsE9vVNtuP6bGFOehZDQGKMaYunbnq4WnbL1YB4FKRiqtSDN4N0XGtcMV-kQNrve2XqZuqh41bvAABZmsbfqohrj_VAvgCzIlxZFQyiX8z6zjri74dr9i6vkpJQo7Jy9xZJOBfsRi5Z5X0BwtTKlONL8BB5xpoCeUT0NHK075ALp2STi7f1kcHuddO4M1ItO2_FOHnGeQ_Jfp6agyWabeYGgcnvmCflIEY-f2cxS2LLA_A6ml3IfrKmvlElh74rUas_cGDXgwxyZt0IzgtIZmEijkGtNPv8e_QWTo3hAxx-ezulE3rGOtIvRXBlCu1kAJ0ZFCmDLRhal-RuTb5_8IBNBiMl0Lz_yQ5X_Q-rGyt66g4fP01H-lWJ-B0GTJow0RfgZwl7ZcH4n0T43Tu28laSob9eFwlCHdbGemaT_f6wAzexi6jWDwJ9ZbCP9vmDftfx7VDk3_v4ajTSIwwpWdUCG7KoNR21X_cgfz7jD1MCDx9VOXOHGVXVI7tTny10ZAZzDp0Xh-wVEHluL5EvyfN6Npjm1R72VxgP11u78MpMAhDf2U1JeK2V5yPNwZy6RlhE84W4-4_T3KcxGy_VQt37W65J5iZZTZj3e6alKR4761zHfQEIcmzfldMOCKhdfBJazAVYc3W7LEOuTcMPDFDHZG9DDR2evAidLB1PmC-dfctOgY6VZM-Pq-a1aZdJt-Cl_FbL4NA-1AIRSSqvbbKGLbCN1etM1e-xdoM9n2DZMuP3lf52iQlPiZ2dPnBfLJCS8WUJn0jdtXtuDIEUeP4agEfBeYd6ost72CeKsY6gYAaAzU5yNYtdDsgk5l9lMsBwwETNB25_hYGA2ASxd3PB_CMKlOJUvyWQsQAOMZKbtwpodJL_BECFdXt3O2y7O2TxRRuC3I_jfnLSQcbOFv9a-83_rU7MFSvTnlO1iyrIin6h-2uA7eR2Qv9pugIaWFUcPfB-4GeO0oXay3tIXxJVNT8aej3n-XZD7VD8J2aFaw0IIQfkToSWRDFNF3S9idFlWPgsDTysUa_aU5n_zgyUIXEoGMkeXYgQZVenE362EBlZRlAv6Kb6bUxnm

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 0A25 265 KB
88 KB 41ms
41ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

00663981086a56175dfea4654f60df0887b59ed03940e0d28fc0ecbabcded437

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90347
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 23 Aug 2023 04:55:34 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 894A 2 KB
2 KB 176ms
89ms Script
text/html 3.9.22.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=92116400014479904445008012425014&nw=1
Requested by: Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.22.61 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-22-61.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: e3d5c49d0e20c0a9fd570d668c018ebdb679f7c3500e57b7526d065ad046f266

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:35 GMT
last-modified: Wed, 23 Aug 2023 04:55:34 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Wed, 23 Aug 2023 04:56:34 GMT

GET
H3

200

activityi;dc_pre=CIOMgeD-8YADFUMKogMdkVENgw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3807128083153.009 Show response
5994599.fls.doubleclick.net/ Frame 4E2F
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3807128083153.009?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CIOMgeD-8YADFUMKogMdkVENgw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3807128083153.009?

391 B
240 B

68ms
68ms

Document
text/html

142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CIOMgeD-8YADFUMKogMdkVENgw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3807128083153.009?

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.230 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

cc679221dc9c96f5e47a62799b7ad53353b51e63f18804ee20d3996f86492cde

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 217
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 04:55:34 GMT
expires: Wed, 23 Aug 2023 04:55:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 04:55:34 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CIOMgeD-8YADFUMKogMdkVENgw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3807128083153.009?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900014.redintelligence.net/ Frame 71B5 7 KB
2 KB 80ms
29ms Document
text/html 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/request_content.php?s=92116400014479904445008012425014&a=f6fe653d
Requested by: Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: d93ceb466748d197abe4d71f8453babfe0d4140495d99adbd093df90d663ba22

Request headers

Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2163
Content-Type: text/html; charset=utf-8
Date: Wed, 23 Aug 2023 04:55:34 GMT
Expires: Wed, 23 Aug 2023 05:55:34 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 894A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d70304b4a6349128b685792bfc421138880af163fd86dc8f729e7965717215e2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 link.html Show response
track.webgains.com/ Frame DBE4 2 KB
2 KB 159ms
97ms Script
text/html 3.9.22.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=73793400014949504444554012425030&nw=1
Requested by: Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.22.61 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-22-61.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 9efd106fe78bc2c08ed3b7957442eaa4a368daceede4957a6e4ed43d6abaaf1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:35 GMT
last-modified: Wed, 23 Aug 2023 04:55:34 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Wed, 23 Aug 2023 04:56:34 GMT

GET
H3

200

activityi;dc_pre=CLnIguD-8YADFXAPogMdmbsCWA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1863186862975.6921 Show response
5994599.fls.doubleclick.net/ Frame D7C5
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1863186862975.6921?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLnIguD-8YADFXAPogMdmbsCWA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1863186862975.6921?

392 B
240 B

68ms
67ms

Document
text/html

142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CLnIguD-8YADFXAPogMdmbsCWA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1863186862975.6921?

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.230 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

431d91f55b743a511f9dab978373b903d3d375b52aa642404c24f3d671c7221a

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 217
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 04:55:35 GMT
expires: Wed, 23 Aug 2023 04:55:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 04:55:34 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLnIguD-8YADFXAPogMdmbsCWA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1863186862975.6921?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900030.redintelligence.net/ Frame 74BE 7 KB
2 KB 77ms
26ms Document
text/html 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900030.redintelligence.net/request_content.php?s=73793400014949504444554012425030&a=9f5c91e2
Requested by: Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 Sindelfingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: 1a3724fa75c8ed15194b3e215a00099f4d369515a20afe884025c0c58ec0509d

Request headers

Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2071
Content-Type: text/html; charset=utf-8
Date: Wed, 23 Aug 2023 04:55:34 GMT
Expires: Wed, 23 Aug 2023 05:55:34 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame DBE4 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d75a9987ca66b1da91df65ae504f43bcfc8e07b67768341d3bec8fb361ffd3f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 30C9 0
20 B 57ms
57ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BX2ASRpHlZJ2JBrC07_UP8Iqt6AwAAAAAOAHgBAI&bg=!nZ6lntHNAAZGPLJIZjw7ADQBe5WfOHpczbTE30mTeixHkPFV2HqWCz-eo6h8Zya6azJ8kAVDvlYsFecIo0EpbD4H2bYoAgAAAdRSAAAABGgBB5kDBTP5-2-qrcp6vEnCR8raAxbUpuY9NuGclPnCCWD53yk8-5JIOZzchVyw6zf28gyWV6ul07g1Zr7x9BWBrDOleTHM-AF8zZ7K4GorIaRndTJrrQ4HkCCttcc8MalHFoQ9jPWM4Dn2aR9mUC7Pz3fIxHhw39cGqY1bWkBJlmQC_J2XSYC6G63O0pJMSvkCeul9NL3uK_hxMhkAf2T4KSecbH8jixxxVRTIN_DtTJckR0GpYjtPVociUdRtufc4QbrG6vv7NlHhTX4GagwFs9akoHqJrMsS1g55-XSCjg6kv3Dp4EmNZubjjpkUH0-wL7TAYWXV_c8LFVpT738G3XDXYeb85s5QsfzD0-YRJ3YUlMSouvvjSq94oFH1x0Y0m4mAGk6u9MznbdCz2orFHdP2lP1OBHFIyULMTGX4TmFRElrrt9ibvegLVp8UxN8WUEXR7y8tcP8ua7FelQ5RIcr01ZWrKhuxNwHnb8dKl-31PfgCXejofusVK4njBu0KDB3v7p-_seGvB9IFGqlwpJVc1NKjy5-gMSmsmWW3w5GwiOcvi01HOWK7NX7iZbA5lSxM7WOY_FzACkqTpdQfU0GyqEW2zzixpE2uOkjfe2ZykxhPq89fZrfkN1eBCpx6zg8uMTr-wQfgwdK-pblAae3a9z8S5gErnH5jJOVtJNLujJfThPJJEwfX8I-9CqEgijlPn7PyArLWFV9X9VKwRYFm2AONgvJYrWsq_9FpkHRRYcc8IA0uo6RBTOg6Or1qDmRjycD9CK_1K9d4FjNs1CJ_1bnQKAYEIYQsODVgUbPVdS5okvhV7NV3xZ4QWz5flRsPpfRudoB_jIxqLpn6zznw4f7CSazLm8-4USqpCxwOHoX2I7wbW2YVF5geabdSngRRm3mJrMU-s7hRNU_lWRVBomTcZKpcTJgQ8p89GaKGaNtNVWAp3ESYQlxHEIWnz5-GS2dsvgvx-JwPwJBWJIy6BqV8jwqy_oeDJsp_GDCZupaK7w0VmYEmHMJnopGbBabC1pVKDwK5

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230821/r20110914/elements/html/ Frame D88E 11 KB
4 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230821/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=96.284;sz=728x90;u_sd=1;dc_adk=3395800993;ord=dvz0tb;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=1,https%3A%2F%2Fa2zapk.io%2F$0;xdt=1;crlt=qLVu1T*zQu;stc=1;chaa=1;sttr=174;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:48:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 00:48:22 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D88E 0
0 120ms
58ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsucU4zBFzqVbeTNQLLNAnaMmwGwA5SHX4HqF5A0PFYUQFZAhDPl_Vn3K7Lellh4KrfAz_yao5oETZ4-vI-MY97xLkBCrp-U1FTli_nwOO18RFkwJdOvnsUoQXJvRzIJUreLO88M9F_OhfI0eaJX7Difq37NTnNJOw&sai=AMfl-YR4G_GmVspVWahQWArvwOZ86NRRMXL74tCaBFCrzgGc16UR4I3KTuQb4m6MRWO19cDKC0HG4SnHOAk-70PXidKVHRIjJ2WXu7wOiw&sig=Cg0ArKJSzPg6LnAHQUGXEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230821.74892&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 23 Aug 2023 04:55:35 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D88E 41 KB
13 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:22:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 264780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 19 Aug 2024 03:22:34 GMT

GET
H2 200 7410484386335067809
s0.2mdn.net/simgad/ Frame D88E 123 KB
124 KB 121ms
73ms Image
image/png 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/7410484386335067809

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcbd4882f0c4557f44d9d7340ab5a08c7b8cdf3dc5cba9996a18c95160acbd5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:44:21 GMT
x-content-type-options: nosniff
age: 61874
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126353
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 16:06:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Aug 2024 11:44:21 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230821/r20110914/elements/html/ Frame C417 11 KB
4 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230821/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=96.284;sz=300x250;u_sd=1;dc_adk=4167744936;ord=bvbrvj;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=1,https%3A%2F%2Fa2zapk.io%2F$0;xdt=1;crlt=qLVu1T*zQu;stc=1;chaa=1;sttr=155;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:48:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 00:48:22 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C417 0
0 114ms
58ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsurmigvJ4__aLZIaHFHWkJd4fYV0ODmdu8p9cB2sFwQ0ng5FlqCTKIgki0uIvRardl9xzvndhqoQ12GTfi5pbm--rbVWzL0jibW69qxFJ0U3RDJq1ndUAw_A17hxKm13yPOXGST1836qOT-U4eiFLHR772AStn55A&sai=AMfl-YQ71mxO1nJtY__9kpSMRKO_SlgbkiMNA92ldW8TndLQkL0zTNrn-p3NAGPt5AySCYtqRKpcOlasMpiguT9B3-y4f89_xIjv_dYt5w&sig=Cg0ArKJSzOYA4vSou7DZEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230821.07036&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 23 Aug 2023 04:55:35 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C417 41 KB
13 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:22:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 264780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 19 Aug 2024 03:22:34 GMT

GET
H2 200 12224131752392196093
s0.2mdn.net/simgad/ Frame C417 144 KB
144 KB 121ms
78ms Image
image/png 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/12224131752392196093

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e80f3c6479f08a7ea0b97f0c3538f4d3420e0f00df102e15469e7fc6ed013cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 21:29:03 GMT
x-content-type-options: nosniff
age: 458792
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147304
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 20:18:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 21:29:03 GMT

GET
H2 200 7410484386335067809
s0.2mdn.net/simgad/ Frame 4B2E 123 KB
124 KB 61ms
21ms Image
image/png 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/7410484386335067809

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=96.284;sz=728x90;u_sd=1;dc_adk=1982301555;ord=qwm9vw;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fa2zapk.io%2F$0;xdt=1;crlt=qLVu1T*zQu;stc=1;chaa=1;sttr=156;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcbd4882f0c4557f44d9d7340ab5a08c7b8cdf3dc5cba9996a18c95160acbd5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:44:21 GMT
x-content-type-options: nosniff
age: 61874
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126353
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 16:06:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Aug 2024 11:44:21 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230821/r20110914/elements/html/ Frame 4B2E 11 KB
4 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230821/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=96.284;sz=728x90;u_sd=1;dc_adk=1982301555;ord=qwm9vw;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fa2zapk.io%2F$0;xdt=1;crlt=qLVu1T*zQu;stc=1;chaa=1;sttr=156;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:48:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 00:48:22 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4B2E 0
0 108ms
59ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss6zhIyfk0N52rNOMavsWSfYG1ImyBtvJ3N8n13IVTjD3iQCaexpghurtKjUKdnt-QfCxKjEUtR-mF97Up1xjV-0ZDAUXPtX2IGYHZoFVBbYhuW1mG-UyrX4IpJlFdLbPzHvQh5l7FjwqOWYcCILCYFZh82ob40Lg&sai=AMfl-YQYfRkterWWKDSTJwNNUGKqDlU0qab7HcJSt7rc0RpsDVlqZ6EgjXmR1fKtLq9eK1aJoAB37kEcOI1ZqaiAh9Z_iHNiI-zd0YiYpw&sig=Cg0ArKJSzKOhXtdxQ2yQEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230821.10654&arae=0&ftch=1&adurl=

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=96.284;sz=728x90;u_sd=1;dc_adk=1982301555;ord=qwm9vw;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fa2zapk.io%2F$0;xdt=1;crlt=qLVu1T*zQu;stc=1;chaa=1;sttr=156;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 23 Aug 2023 04:55:35 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4B2E 41 KB
13 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=96.284;sz=728x90;u_sd=1;dc_adk=1982301555;ord=qwm9vw;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fa2zapk.io%2F$0;xdt=1;crlt=qLVu1T*zQu;stc=1;chaa=1;sttr=156;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:22:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 264780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 19 Aug 2024 03:22:34 GMT

GET
H/1.1 200
OK dv-measurements4547.js Show response
cdn.doubleverify.com/ Frame 0D77 423 KB
99 KB 36ms
36ms Script
application/javascript 2a02:26f0:3500:d::1732:83c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements4547.js
Requested by: Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 0cf3c32d86cf43176048fe7a552e9a791ac1034a99ae61beb862b667bbcc5f9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 04:55:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Aug 2023 09:56:45 GMT
Server: UploadServer
ETag: "1a7b5fed3304c2c68d172347d939dd36"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: max-age=946080900,no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 101294
Expires: Wed, 21 Aug 2024 09:58:05 GMT

GET
DATA 200
OK truncated
/ Frame 4B2E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0806024da0fd3302ac4202dcddca0250d2bce48f3b60970d9fd2537581450de7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 71B5 5 KB
778 B 31ms
30ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=92116400014479904445008012425014&a=f6fe653d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 23 Aug 2023 04:55:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 23 Aug 2023 03:01:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Aug 2023 04:55:35 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 71B5 17 KB
17 KB 77ms
26ms Image
image/png 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=92116400014479904445008012425014&a=f6fe653d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: c4a8e951c405bb6bf88d15369b1d01b2d57314e3f14502c6c6ce98907f4a7ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 04:55:35 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16984
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 71B5 16 KB
16 KB 188ms
137ms Image
image/png 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=92116400014479904445008012425014&a=f6fe653d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: f0474c04b2f10d35c81760ade3fc890b7793d6733818a0328d52c3065e09b70f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 04:55:35 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16513
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 71B5 13 KB
13 KB 81ms
30ms Image
image/png 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/50502/creativesup/Fyrst-1200x627.jpg
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=92116400014479904445008012425014&a=f6fe653d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 26d82eb8bac2ff251bd0078909904acb9ba6a324da184309c78cda0c040c1af1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 04:55:35 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 13284
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 71B5 11 KB
11 KB 84ms
31ms Image
image/png 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=92116400014479904445008012425014&a=f6fe653d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 6e9c36f6151273b9481af7e09495e60cc53f8936f85ab8f77c0f52947b9e3dca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 04:55:35 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 10940
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK dv-measurements4547.js Show response
cdn.doubleverify.com/ Frame 0E5B 423 KB
99 KB 36ms
35ms Script
application/javascript 2a02:26f0:3500:d::1732:83c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements4547.js
Requested by: Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 0cf3c32d86cf43176048fe7a552e9a791ac1034a99ae61beb862b667bbcc5f9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 04:55:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Aug 2023 09:56:45 GMT
Server: UploadServer
ETag: "1a7b5fed3304c2c68d172347d939dd36"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: max-age=946080900,no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 101294
Expires: Wed, 21 Aug 2024 09:58:05 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1C69 0
20 B 57ms
57ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B0KPnRpHlZJHqB4-njuwP4sK2gAYAAAAAOAHgBAI&bg=!mpmlmdbNAAZGPLJIZjw7ADQBe5WfOOhtKUNqUoze52v4ONyGt8uiKUlQ2tY0wcLcNYU0hzyh04BFJj1DJFI0GYIRunHVAgAAAflSAAAAB2gBB5kC-VI_wlHrNhHjBO1MhwxVqeAxjVByX0YHzpwkEQyiCilsXge44-5ava0BTlULCFOpdY6WKeb0MALdecW0zGyihpX7Kw7ihZHAVudEy3bvCo5zmTQTQW80HbTJsV7AkUyoKVOsR2Pi3XvLeFWSIffO6Udr1ZOo7BjQSdYWoo5RkodheWAqFwyK8tTN3oqVJEQQ4E1q84pN93Kmq4ZuTw_GR0-6wYkWUHHOiDyMXRoHx_GXGAxqj_A5_xfcf3Ssqa5U47NEb8CEtyvSMfYm45iIAhGlynQ9DDGuA_TyosGpqSZHULTxsttU0p17xcmOg5tPelaMfmn28UMGpG6C5INzb4OrX3c2IESAIgz6QCqiVgg4ikyN-y5COn9-9Np7MPacctfp3DIAGubQj453WE8hokPROdngdD35AB6aiTq-BQPwR1xU2fYh7d-sjmMe3nYZ6W1vRJhJTH4BJJd-BdGnQ7KObMrh8PAenw8m8Zu1A574YRC_Rw1Nn7Sw2_oxiWlKUhbOVEOLxaQlEjF_9bgO6gmp4BnNEj51gBF9LJrVTvPaE4mYF4EEc3Dg8Mv_qFQu_fVyNHdMz5pllmq_kX2kmmKfrC7F3IzQEhgphhkSgFdjs16E1h-NQrvOg8eq6fNjq8AsEaj7X1sfvqoIeYKIFBN60UpD-QpOxS8Y3DEkiM3y0fAC3toulVHQKanZeCzxqiVWw71gD8h0cwXZABGpCwrqzsvriVDrmN8OFpgfW2psvL7SvUyrn9VHbJxifNjvMh6PmiwVQlJIJheCLIDITtVggB5a8L4YD_zuyLgynfLBYCleAIjwGI_lbYctyuUubPSJHLGMCclTeBsOss49oFTAkE6UiAvAL05Clf6PDa9hGXjveecOuXcFdG5vr_6BS1-1e70zjVfiRxjnbXg59OH4_s_z1HVyui9rW6Qtyq0c1P22qIjWVdHjB-SuH7NwDs0VoilpFlj9f9VUDy91SplWOmLIhwW6RdZcgdpkMET_uJRYDcFXOl9C

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dv-measurements4547.js Show response
cdn.doubleverify.com/ Frame 7EEE 423 KB
99 KB 38ms
37ms Script
application/javascript 2a02:26f0:3500:d::1732:83c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements4547.js
Requested by: Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 0cf3c32d86cf43176048fe7a552e9a791ac1034a99ae61beb862b667bbcc5f9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 04:55:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Aug 2023 09:56:45 GMT
Server: UploadServer
ETag: "1a7b5fed3304c2c68d172347d939dd36"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: max-age=946080900,no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 101294
Expires: Wed, 21 Aug 2024 09:58:05 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 74BE 5 KB
682 B 32ms
32ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=73793400014949504444554012425030&a=9f5c91e2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 23 Aug 2023 04:55:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 23 Aug 2023 04:18:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Aug 2023 04:55:35 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 74BE 12 KB
12 KB 81ms
27ms Image
image/png 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=50&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=73793400014949504444554012425030&a=9f5c91e2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 8b09e207d85c3bba869faf3b2e6650432a531662d729a7e728d3de89c0b8857f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 04:55:35 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 12180
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 74BE 12 KB
12 KB 153ms
102ms Image
image/png 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=50&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=73793400014949504444554012425030&a=9f5c91e2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 1a0298cc67f9a173d7d2ca3b2d5b2034f9735443cd82223d011ffa1c3d32098a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 04:55:35 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 12073
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 74BE 10 KB
10 KB 85ms
31ms Image
image/png 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=50&url=https://cdn.contentspread.net/24i/advertiser/50502/creativesup/Fyrst-1200x627.jpg
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=73793400014949504444554012425030&a=9f5c91e2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: dfc29ab4997b1e52b969d28a29a76d1c33818687e64508df6f8016892fd89a35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 04:55:35 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 10046
Vary: Accept-Encoding
Content-Type: image/png

GET
H2 200 dc_pre=CIOMgeD-8YADFUMKogMdkVENgw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3807128083153.009
adservice.google.com/ddm/fls/z/ Frame 4E2F 42 B
107 B 58ms
58ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CIOMgeD-8YADFUMKogMdkVENgw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3807128083153.009

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CIOMgeD-8YADFUMKogMdkVENgw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3807128083153.009?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CLnIguD-8YADFXAPogMdmbsCWA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1863186862975.6921
adservice.google.com/ddm/fls/z/ Frame D7C5 42 B
107 B 57ms
57ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLnIguD-8YADFXAPogMdmbsCWA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1863186862975.6921

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLnIguD-8YADFXAPogMdmbsCWA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1863186862975.6921?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F63E 0
20 B 56ms
56ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B7qo4RpHlZJqWB4rw3gP_soeYCAAAAAA4AeAEAg&bg=!nZ6lntHNAAZGPLJIZjw7ADQBe5WfOONyNu9pcWCL8cZ4TJ6dSITe42TS-_svYV_d0YkczPYZCLW_Uve0eiPn6Kn3x6kqAgAAAhpSAAAABGgBB5kDBgWdbJfglgu4QAQFT1AhvAdyZQgkOzBl7B_zQFLaBWhuJ0hBIc-ZXYhums9t-Ru5cyMDTF6vsv0_Si0RRGKst5HunB7tHviPkTasEUAlgJZXGzT4Fa-PkpbuW2YFpg7SuSLhn4YDBZlNxQRZcyVBJAlVxNaCQlePdxroi3B5fp70zn6Bg_Sf57qkfVmepvvneWNZM0oc8VPeQv-X8FXgPKfsvIBGjsUsjPASnI-slomp1kfm5_1mQH-usLDsN33J7LRKuAt4cR6UYioxhYcTFtI-g7rch43Gl1ry_e91Pempp4lbsCPzFycM-H_tOVFeNbCFrIOdth7Ef4GInkJ-d18u7O1ZbBHUFQTTS1CzyOV3gAuUJd1F9eK1uEK3HljLMwXMSeBSHU70yRUIj-xJItWVA_M5fRMdeOR5D8xRJav0QsyTYU0KfTzzbxPoe8PVUn-X-oLcCruzge_XzPDfAVtX8jyZ0CGr53lf4prUpbOYw8JSps6frlZUY3QHewxp-KBO9nPZPpcGkTrwjlGb8NPZlKX2YGiuptBKT3hKO-fDghCC1Z7k0voTJyxPBtDdi05NRP10Ac0sdu7nngcxmbWWFvGHlXO3yJ1EnPtEdVAogXf9f5-rAKBXNAnuSzypkP-NX-3imN0t3_lkLZVakEmCyYDVq2tl0DQ34WcBSuFvZndZgWyTGPYwW5XCgD-rGp9GvhMdCDHnuxC-CmhaxHIbzbYc-JRMeOOw5PXb-3RqXNqT1v-19_HGI_yrlrZOLInLS7Pgm4OXRcsfvGHxnimbgoPaPne-jIrU7cPLiF9a7W-HLWpzO-WE4FfsgogRrli1yuAIEBTyNKm58ygcUjoYpZ-YCdtqr99tkcoDFM4UCimBYvde6iJzppja3dZV7FD_b667mLj5hjmSs8Ek8zMkNVrfSuVhvMgk_8SfqlmGJvX9I5Hy9ajyLfNJKQh6cIH9c2HoqbfLTexK3gOv9MbP-p7qhZ18gPB42TiZzwP1dfnl05MqihD_uIhjwOs4-vrkqdPcQw

Requested by

Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame D88E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a20902bdbf19c7cde98914798ae6ca1527c3c66be938abeaa306549993802942

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C417 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 54f9650c7f1bd5f0879f81914b34d063282d177baa73f6bb5701b0c6a888e248

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4B2E 0
0 57ms
57ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss6zhIyfk0N52rNOMavsWSfYG1ImyBtvJ3N8n13IVTjD3iQCaexpghurtKjUKdnt-QfCxKjEUtR-mF97Up1xjV-0ZDAUXPtX2IGYHZoFVBbYhuW1mG-UyrX4IpJlFdLbPzHvQh5l7FjwqOWYcCILCYFZh82ob40Lg&sai=AMfl-YQYfRkterWWKDSTJwNNUGKqDlU0qab7HcJSt7rc0RpsDVlqZ6EgjXmR1fKtLq9eK1aJoAB37kEcOI1ZqaiAh9Z_iHNiI-zd0YiYpw&sig=Cg0ArKJSzKOhXtdxQ2yQEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=245&vt=11&dtpt=243&dett=2&cstd=0&cisv=r20230821.10654&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=96.284;sz=728x90;u_sd=1;dc_adk=1982301555;ord=qwm9vw;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fa2zapk.io%2F$0;xdt=1;crlt=qLVu1T*zQu;stc=1;chaa=1;sttr=156;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 23 Aug 2023 04:55:35 GMT

GET
H/1.1 200
OK viewability Show response
hal900014.redintelligence.net/ Frame 71B5 0
150 B 77ms
26ms Script
text/html 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/viewability?s=92116400014479904445008012425014&a=ee7719bf&vb=m
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=92116400014479904445008012425014&a=f6fe653d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/request_content.php?s=92116400014479904445008012425014&a=f6fe653d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 04:55:35 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D88E 0
0 58ms
57ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsucU4zBFzqVbeTNQLLNAnaMmwGwA5SHX4HqF5A0PFYUQFZAhDPl_Vn3K7Lellh4KrfAz_yao5oETZ4-vI-MY97xLkBCrp-U1FTli_nwOO18RFkwJdOvnsUoQXJvRzIJUreLO88M9F_OhfI0eaJX7Difq37NTnNJOw&sai=AMfl-YR4G_GmVspVWahQWArvwOZ86NRRMXL74tCaBFCrzgGc16UR4I3KTuQb4m6MRWO19cDKC0HG4SnHOAk-70PXidKVHRIjJ2WXu7wOiw&sig=Cg0ArKJSzPg6LnAHQUGXEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=264&vt=11&dtpt=262&dett=2&cstd=0&cisv=r20230821.74892&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 23 Aug 2023 04:55:35 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C417 0
0 57ms
57ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsurmigvJ4__aLZIaHFHWkJd4fYV0ODmdu8p9cB2sFwQ0ng5FlqCTKIgki0uIvRardl9xzvndhqoQ12GTfi5pbm--rbVWzL0jibW69qxFJ0U3RDJq1ndUAw_A17hxKm13yPOXGST1836qOT-U4eiFLHR772AStn55A&sai=AMfl-YQ71mxO1nJtY__9kpSMRKO_SlgbkiMNA92ldW8TndLQkL0zTNrn-p3NAGPt5AySCYtqRKpcOlasMpiguT9B3-y4f89_xIjv_dYt5w&sig=Cg0ArKJSzOYA4vSou7DZEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=268&vt=11&dtpt=267&dett=2&cstd=0&cisv=r20230821.07036&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:55:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 23 Aug 2023 04:55:35 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 0D77 694 B
730 B 140ms
38ms Script
text/javascript 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=268&ttfrms=22&brid=3&brver=116.0.5845.96&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau2aK2A%3C%5D%3A%40TauU2%3F4r92%3A%3Fl9EEADTbpTauTau2aK2A%3C%5D%3A%40Tar9EEADTbpTauTaufhg4%60bb%60%60%60%607d6d%605%60227c6c27%60g365e%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETar9EEADTbpTauTaufhg4%60bb%60%60%60%607d6d%605%60227c6c27%60g365e%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau2aK2A%3C%5D%3A%40Tau%60%60eahhh%5C42%3AI2%5CE6%3E%5C%60%5Cda%5C%60%5Ce%60_%5C2C%3Eec%5CGg2%5C2C%3E623%3A%5CGf2%5CIge%5CIge%5Cec%5C2aK%5D9E%3E%3D&srcurlD=0&aUrlD=-1&ssl=https:&uid=1692766535271582&jsCallback=dvCallback_1692766535271515&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4547&tgjsver=4547&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2F798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&fcifrms=9&brh=2&dvp_epl=508&noc=4&nav_pltfrm=Win32&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html&c1=3060631&errorURL=https://tps.doubleverify.com/visit.jpg&ppid=103&auevent=ABAjH0geP2JzRYJpaP7K98CopCzg&aucrtv=495871628&auorder=1012740201&ausite=1967185790811&auxch=1&aulitem=20204990837&pltfrm=1&aufilter1=3060631&autt=1&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=543543739.3739091&dvp_tukv=6563612131.888137&dvp_strhd=0.20000076293945312&dvpx_strhd=0.20000076293945312&dvp_tuid=1418504908806&jurtd=212663269
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4547.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: f05d585abc5743c90917912e52b6571bf114ed10993b31e680e2ed6c3f909955

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Aug 2023 04:55:35 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 08/22/2023 04:55:35

GET
H/1.1 200
OK viewability Show response
hal900030.redintelligence.net/ Frame 74BE 0
150 B 81ms
30ms Script
text/html 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900030.redintelligence.net/viewability?s=73793400014949504444554012425030&a=84f53b4a&vb=m
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=73793400014949504444554012425030&a=9f5c91e2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 Sindelfingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/request_content.php?s=73793400014949504444554012425030&a=9f5c91e2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 04:55:35 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 894A 51 KB
18 KB 124ms
29ms Script
text/javascript 108.138.36.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=92116400014479904445008012425014&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-89.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 43c969dd91796954ee5b0d995fddf5dc9b008844db541a4103c1d95b28ef2f74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 16:40:53 GMT
content-encoding: gzip
via: 1.1 a1d3f4e4f5c5940d2f1eea05f736c3ee.cloudfront.net (CloudFront)
last-modified: Mon, 07 Aug 2023 14:11:27 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 44082
etag: W/"cb7accb6a6fc086cd831549a78a2fe42"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: D4qyxlk1jlHMsqPdiI4NswWBvChe-kJ-vC_7G9IaqFBsiJBC7EYQFQ==

GET
H2 200 1x1.gif
cdn.track.production.webgains.team/7121/ Frame 894A 85 B
437 B 89ms
25ms Image
image/gif 108.138.36.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1692766835&Signature=bxQMt8dFoKC8tSV~U1kGr4LSYLSdbg5BhCU0RuROsoWve5B~-H4x9o5KYdNPQoTH9q2HBVJxutHWp665lkHldYHS6wmaahxKbaEQHmKDfEFqqJOwMf2~P6z8aEsQjdlz0uDJPsEGBXI9tFok7KCmulvtEDTI6JOOEtY5-gFMvW9698dCw1Dt454CmK39JlMfKlaS5i-8B8aGHzOLt6Vks9btrQ7OHf7txSmJOhIaamlMUHV~2ZsXdLoLtzmNwhLEiZS9SxrWg5zPs~zGtOM1UIB8oGYzVHgAiZj36E6L-ix7b9p8cK2me-9MbqdQ3IcSW0srG75MKIVWZ0UymtZjNg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-69.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: null
date: Tue, 22 Aug 2023 08:09:57 GMT
via: 1.1 82fdc4c167a56caabe3a8a99b02abee4.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 74743
etag: "70af33d70b6810475aae19743c8c435b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 85
x-amz-cf-id: lWUXGeJipu9jRsSmfC_AWWtnm5bD6QwMEWO3iQkNLmZ8xGwcQ8AqaQ==

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame DBE4 51 KB
18 KB 127ms
33ms Script
text/javascript 108.138.36.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=73793400014949504444554012425030&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-89.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 43c969dd91796954ee5b0d995fddf5dc9b008844db541a4103c1d95b28ef2f74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 16:40:53 GMT
content-encoding: gzip
via: 1.1 a1d3f4e4f5c5940d2f1eea05f736c3ee.cloudfront.net (CloudFront)
last-modified: Mon, 07 Aug 2023 14:11:27 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 44082
etag: W/"cb7accb6a6fc086cd831549a78a2fe42"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: GCukWlcWTR6kC-FpCXDrycjAv38Ds6hEX0SOHZmrLdtEuyublTk8VQ==

GET
H2 200 1x1_0.png
cdn.track.production.webgains.team/7121/ Frame DBE4 3 KB
3 KB 90ms
26ms Image
image/png 108.138.36.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1692766835&Signature=qAj-XhXvkn1R~McAxfUaAbOXB-D7E-dxFKS6xRfnwvRQfXSdc4D6ipeylLSd9a1dTmcCSYYn43lLPnWglbnfPGU25VjGPImqWL2zZ2-bduDTic5SC3QHuixPAR1B-p0zc80gaxSc6H~AZ8HwhVMnXVtBxDsrm00wNWpP9XcpSJfDAMWS1ryOrq1~2RkyK-FakbntbXCztLymhs941rx1SBZ4Ky3zNWBSXpz~EuLEI1t3LGdagduNAD~oEYcSnk4Ef1aFt1BmfzRFs~amJGpm0kbtHK3-GnFkPlRf~yArs~VMmO4jaf3nNJ8Y2jAaq201TwkyFPfxUD2FkG1oaxej8Q__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: 798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
URL: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-69.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: null
date: Tue, 22 Aug 2023 07:45:51 GMT
via: 1.1 82fdc4c167a56caabe3a8a99b02abee4.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 76184
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: BhnTaE8mCrUVnTlAjAo8AZHgkyy3IUvm-mMaMUtMv_c04DXWiwYQeQ==

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 0E5B 694 B
729 B 111ms
41ms Script
text/javascript 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=208&ttfrms=6&brid=3&brver=116.0.5845.96&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau2aK2A%3C%5D%3A%40TauU2%3F4r92%3A%3Fl9EEADTbpTauTau2aK2A%3C%5D%3A%40Tar9EEADTbpTauTaufhg4%60bb%60%60%60%607d6d%605%60227c6c27%60g365e%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau2aK2A%3C%5D%3A%40Tau%60%60eahhh%5C42%3AI2%5CE6%3E%5C%60%5Cda%5C%60%5Ce%60_%5C2C%3Eec%5CGg2%5C2C%3E623%3A%5CGf2%5CIge%5CIge%5Cec%5C2aK%5D9E%3E%3D&srcurlD=0&aUrlD=-1&ssl=https:&uid=1692766535304156&jsCallback=dvCallback_1692766535304405&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4547&tgjsver=4547&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&fcifrms=9&brh=2&dvp_epl=383&noc=4&nav_pltfrm=Win32&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html&c1=3060631&errorURL=https://tps.doubleverify.com/visit.jpg&ppid=103&auevent=ABAjH0iD9X8wT7BrXk2N76QzCnDn&aucrtv=495871628&auorder=1012740201&ausite=1967185790811&auxch=1&aulitem=20204990837&pltfrm=1&aufilter1=3060631&autt=1&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=249050714806.5603&dvp_tukv=89314056129.0012&dvp_strhd=0.10000038146972656&dvpx_strhd=0.10000038146972656&dvp_tuid=1130558937276&jurtd=2727206266
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4547.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 27687d9662a2637ee70587b692fb6c7700a9bf6c315948bbfdc82ed3ce99b4b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Aug 2023 04:55:35 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 08/22/2023 04:55:35

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 7EEE 694 B
730 B 40ms
40ms Script
text/javascript 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=436&ttfrms=4&brid=3&brver=116.0.5845.96&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau2aK2A%3C%5D%3A%40TauU2%3F4r92%3A%3Fl9EEADTbpTauTau2aK2A%3C%5D%3A%40Tar9EEADTbpTauTaufhg4%60bb%60%60%60%607d6d%605%60227c6c27%60g365e%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau2aK2A%3C%5D%3A%40Tau%60%60eahhh%5C42%3AI2%5CE6%3E%5C%60%5Cda%5C%60%5Ce%60_%5C2C%3Eec%5CGg2%5C2C%3E623%3A%5CGf2%5CIge%5CIge%5Cec%5C2aK%5D9E%3E%3D&srcurlD=0&aUrlD=-1&ssl=https:&uid=1692766535571922&jsCallback=dvCallback_1692766535571874&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4547&tgjsver=4547&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&fcifrms=9&brh=2&dvp_epl=383&noc=4&nav_pltfrm=Win32&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html&c1=3060631&errorURL=https://tps.doubleverify.com/visit.jpg&ppid=103&auevent=ABAjH0hpqecZRnqEveNARvcmrOKA&aucrtv=495871520&auorder=1012740201&ausite=1967185790811&auxch=1&aulitem=20204990837&pltfrm=1&aufilter1=3060631&autt=1&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=16257121.241886342&dvp_tukv=767063883846.6362&dvp_strhd=0.09999847412109375&dvpx_strhd=0.09999847412109375&dvp_tuid=610137699140&jurtd=2585321298
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4547.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 79723e64a32433efc7e228a510b7ab5e0ae83462e6113108e5abb9d194ce4fd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Aug 2023 04:55:35 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 08/22/2023 04:55:35

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 71B5 14 KB
15 KB 79ms
27ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900014.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 23:04:46 GMT
x-content-type-options: nosniff
age: 366649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Aug 2024 23:04:46 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 71B5 15 KB
15 KB 74ms
22ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900014.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 03:41:01 GMT
x-content-type-options: nosniff
age: 436474
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Aug 2024 03:41:01 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0A51 22 KB
8 KB 20ms
20ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 385190
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 17:55:45 GMT
expires: Sat, 17 Aug 2024 17:55:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9330 22 KB
8 KB 20ms
20ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 385190
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 17:55:45 GMT
expires: Sat, 17 Aug 2024 17:55:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5A9D 22 KB
8 KB 20ms
20ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 385190
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 17:55:45 GMT
expires: Sat, 17 Aug 2024 17:55:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 74BE 14 KB
15 KB 82ms
49ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900030.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 23:04:46 GMT
x-content-type-options: nosniff
age: 366649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Aug 2024 23:04:46 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 74BE 15 KB
15 KB 76ms
43ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900030.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 03:41:01 GMT
x-content-type-options: nosniff
age: 436474
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Aug 2024 03:41:01 GMT

GET
H3 200 H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js Show response
pagead2.googlesyndication.com/bg/ Frame 0A51 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 12:57:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 143874
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14718
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 20 Aug 2024 12:57:41 GMT

GET
H3 200 H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js Show response
pagead2.googlesyndication.com/bg/ Frame 9330 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 12:57:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 143874
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14718
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 20 Aug 2024 12:57:41 GMT

GET
H3 200 H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js Show response
pagead2.googlesyndication.com/bg/ Frame 5A9D 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 12:57:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 143874
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14718
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 20 Aug 2024 12:57:41 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0A51 0
20 B 57ms
57ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BF7tORpHlZIHsMp7B9u8P5IKZ4AIAAAAAOAHgBAI&bg=!KimlKWbNAAZGPLJIZjw7ADQBe5WfOB-c-cRVp5KO40l9AJ2l9Rf_k1idNPte2_U7LNPGe_zqVaRSrmocIx0lu-w0nyukAgAAAK1SAAAABWgBB5kC9uyUjUp5zoiupSP4dArnWLpiPaGAkymkSgcUZYgy3UJuvx9HBmbf-LZT3L2auX7yrBTowhGT74BMBDIcYP81fUOvU8tuAkcdbe5sKEJUQVtqLbXTlIRna5AHEjuwgsjOQQGqDPTa1sd1UtA3i2pvY8T4ZajMZcvH2fqX9kme6HzfOkXo9WGYg5Yn9v1q5VKKq85-AZb5eNhw3utW8B2ipwCbo9_eQy-HciM0EXEr7D3WTpygP3ZwnT2hAbIw-G_ZZkqUlKJssBUk5fQ-6hvZu0DqTS7Siltqfz9iRBfLLeDcG7wIso4o60bnwmUjtDqlCR5F0BZ8CpCpDpS0wtKjX1ia1usaY7WNgyigVuOd-CpiBiI1ATg_U513MdkrcuDmnbzCB0XaEVxG4DygXALmpdGNakyqCLZ4tBKlrKCQ9lOlQBnlcsmqsvn3A1VaU3NavKtEIsYS9kTeplxpAEsm3SE9J9PwUJj71GFKUlKePv_vzg5yxaI_69NSXsT7VSRz64fU0CBWMjjhOgdBaYJzclmn6AD9IWPQ5zhZoHLk0g4jK263XbzCsfZfo5mYMHjrergWU2_x-u--_RTx0ZZy1BmDMLTw_x-GCouWsbGBO1ICDBYzr9XxHeLudfibGl7iWmxAvGcrtjEcQdBlHnDBHYpsdLDJ1ldqfnBUBLkLl63Qm9fLfzpSzUAtMtPv4MrOci2RqpFxTiGibrB-blf3IS7RfVlAHtKJ30wSJk5fHuvJ1Vr2DQ_piOew4Bv83NUoBZvYChteOyICWWdrZHFc-mAqoVKkP304zx4e6L8lXylj720aH9ZK4u0R1_d8RhhHs8GknT3aeAqQ-KKooAtXPlxEzDQIrTghKIFgUEQJo0xfabmweKpWDEIO-TMt0dYcFTwW5qI_GnQpHwWWOaA7a7rTRoox6yBNm-5Ec1W3nHlBUz2eBfKVeJ4fE3RPqZA5FeYtimIELUJKVwSc25IGo3FLdYalZNNg-ySe5hZ712DHHVHxdmBY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A9D 0
20 B 56ms
56ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BWJGARpHlZKjnMt2e9u8PupWTkAsAAAAAOAHgBAI&bg=!GBulG1TNAAZGPLJIZjw7ADQBe5WfOE7PkAt0suJ7TX435K4o2uxxiniOSBuaeEV2M6L02BwtseuwmAsOS2V0uqQX5w4xAgAAAKNSAAAABmgBB5kDURUzDaWItUGlo2sbBwsqrhA6OCnqspyLiRHPFcdNoN-m6qwmJ02U7R6XOoovPI18fANB_OAtck2ttYn5oaeEsDO1IOxiYFVvNfzpsmEG1zsynbQjyPpo6be1K-G252HseE0zzYFDI2wgm82CkYNhKxu9Si7VXQnsE6QduZsJF5-SUOxfkAwTOKqa9MEEqx_MZm3zrZX7w800_Jp7Q04zhgSnQmOUpcuLDvmuMIbJJcIbu-gcAq48aDE0YU22GJETSHLjsju1m8oluyLqz4lnOGy5oxmTuIZ2O0tvS_OGaj1MICP34AQsPAem_6pzYAG61XwGWApnjPuNNGDG_4WWPWu2kDCVqzgbBuXR5yUMr8z_CzxRrUYEBWfwypGBggR9-LJ4GFlsMyUW9D85Jrk-0dd6sUX2sFX5SUtqtCRRgsaXnhrgugBQGym0GYdBVljn6Ags2rWKZI0_w6Orog-BQANLifcr7uDcweX9gas-02dksPzdcacxwIynTC1Np4Vmjdo2cfME5ZGOPphcAY91El37SUUNDPeUzDVAJ7GJ-mW_YP5XLbdIwB0ObqXaODiOA_53lhyPV3WR8voBU2iE0M9l0bVprT9yej3_YbpzB483kEKXtcuRVHmbDQG008od1vUw7Rgcnk75SxHwjNg8NLcZa95-tjNu38GM6AYhjKQPLfj5XWPnyrn1VDj_y3KMNjfm9dKv-6EQQjWs0oYF8NXaCs8C7Wtoytdsz_jHOmUfu4Kz_TJOc-Ay4-6i-Iih1USamT5-YdO_-zs9-tpTuT-Bel_JYgZkuHmHKnzv3HdoXlUGC7anzkzdtqt1Giqtrp1H6MtO8FaPPTtOdIwRMvfydD1gbtJO976R_a-W19FhC7xzjkr27JUCom-BOk7Vb2C_sjrN1fVKdOeoVI8MemJsYyG59PoZ4phIA6TawbZEa2UPA6iIC7Zd6fAv__Qj2Rq02r0TcEqNORz8JwWBtHGG6ShuqIhf0vZD96sfdkZ5ZlRQgRe9rmBftODCnRKsswhHCO5cL559q4lNADT2Dtrae5xKZwoQurJddBnt1CjC8yPGH5oxcXrLEoqYcPD9l8PCTaHSqBGM6OD1O-cUxYKVek1ZWnWGUsaS1dw3Sl15lA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9330 0
20 B 57ms
56ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BSYGpRpHlZKLvMuzE9u8Pja6zsAwAAAAAOAHgBAI&bg=!6uml6abNAAZGPLJIZjw7ADQBe5WfOJjL4Eiv_jVaBHfgu-XbKxJCtC0zDJSOt_7VBYTIcQfSHIPcH31IFNEEO4mOn6aIAgAAALZSAAAACGgBBwoAF7EKmwf9iDoGKGACtxmYyolw0fjDjakbmQMQFM0LsfUR9zJlAw1t1Lm4Si5McFYqq79vpDT8LVpO3wmGMupSBlBMVhY1HS2LzQoOBBKpuWoLso1TmDV3DdYipwQy00XEuXs2cmrmvkyFflLqXaTt6TogMrRXSp7c-7rzHOIdTiK-iJ8dbVrHi1zyU2PHw82dy9NuGJoP4vZb5KWy7Etdctemko4BSD5MF4hNRWqeqAGkyhNHQczC7are2W9AYopScQoOdeee2QqeH0t4XTiuxXUiDnWqh8_AREdIDKAG0iebwlP4-RLz7feln9OBSyDWy8XI-4S_fhYUr8AFC86KOb_VKQYLJ4-xzeUSVY5oLJcQF6zq_Q6RpvH7sg-YbllBb5pO4T28V1drV2ESXaa6w-FVQxnqTn_Y3CKbYSK76X44enw43xpSG0AINoouWNwaTPWPf_Ti3aP8CBOasnMqEq0151wY_C-DS-7JGz1NvGzdik7Fm9gJP7Z4ejWJyXdPB7Lh4E2FaDt4g_gZ7GI_GCG65snsbCAEKhtDYgcaqJwIo5tHtBPyLKdsv_quNvl6ZOR_mNvSE078v0xj_eSYpuyno4bANEaGiW17m_ISYa0SA_f2WA3zX2ruyt3JSt4eBi9lfTnHXxdRI1aIHuplOtMVbycv8K1tNz8w0GJ3gyVwVZJgpgMnAqk7AXkrfNtMIaCVYtsUHk82KkXxdDnkGc8dljWUrlTVNpYrHJ0kBEkBVgGSre9NyHOkwSf2kgi279dtd7znaHdG1FqPaC5yJKTLfVycKLWt5vD7cFZPwkN05edho5bkcK-GNSJTZgLaO9SPnrC-WRF7cDzAL0k5xWY0cO8r1u9GecEvloRnnvmstuohtS_3Raql7IJ8sYwODfYiaNiIbElu1by7s5J6LKNvHXnEOlP_kc6f3holgcz0TEJh9gUq1X5GRtm8xiKJvIWzJ7VvRCE_R9t2eMpCElP9kJvU5Abl8J32d7SVSgQcEQYnla1Yi5H0C_jN4y6rX5TnTnrg5Yu1wt3NMqRr34M9B15zXxpf9HSEy0HwlWhle3Og6sUD2awdvg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 25E5 0
20 B 53ms
53ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3389407963531&version=m202307240101&ct=77&x=1&cor=1423757762971330300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4B2E 42 B
174 B 58ms
57ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvdMhEDX5JRchMGtVSnIGU0RgxRjX0iVjzoQ1DmhjG4drEIKyD3X_yqrL9yihLZUO_tPUZbgNSE2CMfDFJPkdcLhNNzmO2S50djcd_J7zCPYqw26ksVFgjUOXZDiblIlSH7Smo1uq-CzLf7&sai=AMfl-YR6a-N9iJjXoJwgZwbyGws0GNxuB_IEMDn2Y0sFGev8GrMSv2J1ZN_reyP01VBLSa1Kf1a_ng4HLAhJCFrAuP3BLJI_ViS3ElDct-EeDBbteFQWnbAJuR2oUTF_xsyqZ3XTyAGmaZhvzPcT&sig=Cg0ArKJSzLwTd8eFrH_aEAE&cid=CAQSSwBpAlJW23LWUjj9XcvYueloz1hGweZ-YFvXHZFDctb0gZWlav6PZ03evFi-FSdfg_NMHNh9WyufiKe9eY4-Az4OoP_XsCelyHa90BgB&id=lidar2&mcvt=1168&p=0,0,94,728&mtos=0,1168,1168,1168,1168&tos=0,1168,0,0,0&v=20230821&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&vu=1&app=0&itpl=20&adk=1309157062&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692766533791&rpt=1437&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D88E 42 B
108 B 56ms
56ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsskb3ItVP96eVtrquySVPWE2_H4J7Y-VJmHbusISRYzDwsIItWp-OhbDOoHuMAXqxZY87TfC8ovwqaabv060A0vT7vcKX8gqhmRumS-QjD3Rljc9n3u3SxH8jqzStpUOVfPTpooLs18Cipi&sai=AMfl-YQHc06mZ6iqIZICCQQyZxWIMn8hLwFkqdxXVkemvIiQu3MJ3LirbHSr7fYB8E6qDx8yoTN4cfFKdTkCtzejH6LKhDcS-lkvNs_bbSpEKFlyH9-bAnDudqA5pbDZUuwj6Q_ichM_b-kDxzr9&sig=Cg0ArKJSzMi0SYcZ9JmIEAE&cid=CAQSSwBpAlJW23LWUjj9XcvYueloz1hGweZ-YFvXHZFDctb0gZWlav6PZ03evFi-FSdfg_NMHNh9WyufiKe9eY4-Az4OoP_XsCelyHa90BgB&id=lidar2&mcvt=1198&p=75,436,169,1164&mtos=0,1198,1198,1198,1198&tos=0,1198,0,0,0&v=20230821&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&vu=1&app=0&itpl=20&adk=299942153&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692766533693&rpt=1541&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C417 42 B
108 B 56ms
56ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstT2Hfi5U74rU1eefPwIjjn1Lb7o3WRhy_JIk4F2VRcdVJE7yqan7I0IH0fWw_OvQlcLCsDRXDEfeHTrvBWTNKFP9TklEtJMSNNJ9vl-528&sig=Cg0ArKJSzHJ4FUy6aBfPEAE&id=lidar2&mcvt=1201&p=0,0,250,300&mtos=1201,1201,1201,1201,1201&tos=1201,0,0,0,0&v=20230821&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=4167744936&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692766533699&rpt=1547&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C417 42 B
108 B 57ms
56ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuOvPy2b7jDp-xt-tXhiUsarfZia6fisdDWudL-USxpuH0lFjOMzh8n2-onNcPoCr7APwEsaKxgSnQ2tBibkPGSRAA1ljUOX6j2-G0lBcthjhvoKjHSs72Sm_zOcYp_UNuJeox18ISgAt74&sai=AMfl-YSSddJUj9_f0KZ91HsWa6jaCtQk8JgDIdgDxl5fUl1HwewUPrx2DgXcbuNvSewzyytTw6GcDya26SHbpkaCu-L6fcVSI5k2Obb0sGiwuK26KhVMvsTIpxpBqcZ89UkFOQ66tTUbgKL1RBSA&sig=Cg0ArKJSzLOoa84_gcBEEAE&cid=CAQSSwBpAlJW23LWUjj9XcvYueloz1hGweZ-YFvXHZFDctb0gZWlav6PZ03evFi-FSdfg_NMHNh9WyufiKe9eY4-Az4OoP_XsCelyHa90BgB&id=lidar2&mcvt=1202&p=539,278,793,578&mtos=0,1202,1202,1202,1202&tos=0,1202,0,0,0&v=20230821&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&vu=1&app=0&itpl=20&adk=2763825005&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692766533699&rpt=1544&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4B2E 42 B
108 B 55ms
55ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvZJk9DUJX4RWI-8vRyIpRiXEShEg2dqQOYqdFlrYuUhq_72X7CZroURsx2otQO1LV9OhUtXoGJWuJ_STHcpbIafWxxyyfPiDLlBhi3RyOb&sig=Cg0ArKJSzMGhXwSpYEaDEAE&id=lidar2&mcvt=1205&p=0,0,90,728&mtos=1205,1205,1205,1205,1205&tos=1205,0,0,0,0&v=20230821&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=1982301555&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692766533791&rpt=1440&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D88E 42 B
108 B 57ms
57ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssD7WAWbvPSLdetTwtYaH8sZHAezJAVWfrJGJKT6uAOQWMSgYuByPIOtGd8-xlqVgfmG3FxkpkaShfo_1alvShYQuSWaf6M332om_SblWBa&sig=Cg0ArKJSzBeO2fT6pYWWEAE&id=lidar2&mcvt=1206&p=0,0,90,728&mtos=1206,1206,1206,1206,1206&tos=1206,0,0,0,0&v=20230821&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=3395800993&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692766533693&rpt=1546&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 894A 16 B
209 B 85ms
84ms Fetch
application/json 18.135.31.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.135.31.191 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-135-31-191.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 23 Aug 2023 04:55:36 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 136ms
36ms Preflight 18.135.31.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.135.31.191 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-135-31-191.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Wed, 23 Aug 2023 04:55:36 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame DBE4 16 B
209 B 87ms
86ms Fetch
application/json 18.135.31.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.135.31.191 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-135-31-191.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 23 Aug 2023 04:55:36 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 115ms
36ms Preflight 18.135.31.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.135.31.191 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-135-31-191.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Wed, 23 Aug 2023 04:55:36 GMT
server: nginx

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 894A 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7041515489025&version=m202307240101&ct=77&x=1&cor=14073908322689425000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DBE4 0
20 B 53ms
53ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5102152249768&version=m202307240101&ct=77&x=1&cor=17201342338728999000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D88E 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3232117198495&version=m202307240101&ct=77&x=1&cor=6623599114337652000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B2E 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8032899122576&version=m202307240101&ct=77&x=1&cor=16774362499585264000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C417 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3268155226565&version=m202307240101&ct=77&x=1&cor=4150521061741206500

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 04:55:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content event.png
tpsc-ew1.doubleverify.com/ Frame 0D77 0
234 B 80ms
31ms Ping
text/plain 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-ew1.doubleverify.com/event.png?impid=40f8aeeb38d248f189bcc4a02686049a&flavor=0&gdpr=&gdpr_consent=&ee_dp_adlst=2&dvp_gdpr_Error=3&dvp_gdv2_Error=3&ee_dp_lngtks=1&ee_dp_asmm=1&vdur=140&eoid=15&te_exec=0&msrjs=4547&sdf=67108868&vit=2&isvelg=1&rmi=16&tltms=0&tetms=8&msltms=73&vltms=140&sei=289&vetms=324&tuviims=290&tuviems=754&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=392&msrcannum=3&ee_dp_tmads=2587&ismms=211&isumms=210&nvr=6&isgmmims=211&isgmv4mims=211&elmtp=6&isbxdms=2510&b0=100&b11=2432&adhgt=90&adwdth=728&norwdth=728&norhgt=90&vsos=3&dvp_vsosnmr=16&lftb=2532&sftb=2532&msrdp=4&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1263&isuiabvms=1263&isgmpims=346&isgmv4dpims=1263&ispmxpms=1263&engalms=210&engscrlms=346&dvp_pageEng=true&dvp_dpr=1&vstsz=736&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=3484&cbust=1692766538736527
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4547.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Wed, 23 Aug 2023 04:55:38 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 08/22/2023 04:55:38

POST
H/1.1 204
No Content event.png
tpsc-ew1.doubleverify.com/ Frame 0E5B 0
234 B 78ms
31ms Ping
text/plain 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-ew1.doubleverify.com/event.png?impid=a230acd8498244c1b0d2655bea944855&flavor=0&gdpr=&gdpr_consent=&ee_dp_seltagmals=1&dvp_gdpr_Error=3&dvp_gdv2_Error=3&ee_dp_lngtks=1&ee_dp_asmm=1&vdur=111&eoid=16&te_exec=0&msrjs=4547&sdf=67108868&vit=2&isvelg=1&rmi=16&tltms=0&tetms=7&msltms=49&vltms=111&sei=289&vetms=333&tuviims=215&tuviems=659&engms=1&engisel=1&ee_dp_noalsu=1&dvp_dtcov=4&msrcanlm=384&msrcannum=2&ee_dp_tmads=2552&ismms=12&isumms=11&nvr=6&isgmmims=12&isgmv4mims=12&elmtp=6&isbxdms=2511&b0=100&b11=2627&adhgt=90&adwdth=728&norwdth=728&norhgt=90&vsos=3&dvp_vsosnmr=16&lftb=2727&sftb=2727&msrdp=4&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1195&isuiabvms=1195&isgmpims=289&isgmv4dpims=1195&ispmxpms=1195&engalms=10&dvp_dpr=1&vstsz=735&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=3450&cbust=1692766538749195
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4547.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Wed, 23 Aug 2023 04:55:38 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 08/22/2023 04:55:38

POST
H/1.1 204
No Content event.png
tpsc-ew1.doubleverify.com/ Frame 7EEE 0
234 B 59ms
31ms Ping
text/plain 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-ew1.doubleverify.com/event.png?impid=dce8d6544445405991f60365e40edc61&flavor=0&gdpr=&gdpr_consent=&ee_dp_adlst=2&dvp_gdpr_Error=3&dvp_gdv2_Error=3&ee_dp_lngtks=1&ee_dp_tskt=ctdetms,431,2;iabletms,433,3;iadletms,436,0;iadcetms,436,0;ialeetms,436,0;icifdetms,436,0;al65536,460,0;al128,460,1;al512,461,0;al8,462,0;al256,462,105;tsetms,428,9;mietms,428,2;prvietms,428,5;fvietms,433,1;povietms,433,3;imaetms,430,6;iesuimestms,428,3;imeetms,433,3;srbf,0,1;al65536,1460,0;al512,1462,0;al65536,2461,0;al512,2465,0&ee_dp_asmm=1&vdur=41&eoid=19&te_exec=0&msrjs=4547&sdf=67108868&vit=2&isvelg=1&rmi=16&tltms=0&tetms=7&msltms=75&vltms=41&sei=289&vetms=176&tuviims=441&tuviems=658&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=392&msrcannum=3&ee_dp_tmads=2322&ismms=34&isumms=33&nvr=6&isgmmims=34&isgmv4mims=34&elmtp=6&isbxdms=2233&b0=100&b11=2369&adhgt=250&adwdth=300&norwdth=300&norhgt=250&vsos=4&dvp_vsosnmr=16&lftb=2469&sftb=2469&msrdp=4&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=983&isuiabvms=983&isgmpims=167&isgmv4dpims=983&ispmxpms=983&engalms=33&dvp_dpr=1&vstsz=736&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=3221&cbust=1692766538788252
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4547.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Wed, 23 Aug 2023 04:55:38 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 08/22/2023 04:55:38

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.a2zapk.io/	1970-01-20 23:48:46	Name: _ga_SS5VJ1BTPE Value: GS1.1.1692766532.1.0.1692766532.0.0.0
.a2zapk.io/	1970-01-20 23:48:46	Name: _ga Value: GA1.1.1645202584.1692766533
.a2zapk.io/	1970-01-20 22:58:22	Name: cf_clearance Value: jBdXqAmiTxa5ZTQeyE1yOvcU1pueSW76Mx1vweYUDlY-1692766532-0-1-d24ce075.cd935cee.854dbf95-0.2.1692766532
.a2zapk.io/	1970-01-20 23:34:22	Name: __gads Value: ID=5f0eb10a4fa813d2:T=1692766533:RT=1692766533:S=ALNI_MZnML1tIHcc5yXYUP4YXmHK2G8h1g
.a2zapk.io/	1970-01-20 23:34:22	Name: __gpi Value: UID=00000c661191a240:T=1692766533:RT=1692766533:S=ALNI_MasVJahyPVzaejMNpPtPZmqQ19nDg
.doubleclick.net/	1970-01-20 23:34:22	Name: IDE Value: AHWqTUk1yCm9zIgISYGxnma-ggZz0CgwQDIuQtoVkn399ErMGcuPhwPshciFR-uj
.casalemedia.com/	1970-01-20 22:58:22	Name: CMID Value: ZOWRRfyP-4e7z6mMUreSggAA
.casalemedia.com/	1970-01-20 16:22:22	Name: CMPRO Value: 3200
.casalemedia.com/	1970-01-20 16:22:22	Name: CMPS Value: 3200
.doubleclick.net/	1970-01-20 18:31:58	Name: APC Value: AfxxVi7uO6e_Qr2SrzzLZD81y3qjjNqs2cMSA6a5ziVSfUKehnpXGQ
.adnxs.com/	1970-01-20 16:22:22	Name: anj Value: dTM7k!M41.D>6NRF']wIg2HaOJRqkj!@wnfH8K6pQK`!5=E<L5?%KPkD?II5rQ2Yf7w.%1Uk$clkqb`>zP!$G!83XbpRzqF1`b^D*)iRg_
.adnxs.com/	1970-01-20 16:22:22	Name: uuid2 Value: 1421414581105917151
.redintelligence.net/	1970-01-20 16:22:22	Name: 8lcfmzhxc8d6_uid Value: c5029d90557affc2
.awin1.com/	1970-01-20 14:22:51	Name: awpv11601 Value: 113440\|1692766534\|4b4ef640-4171-11ee-9f65-22389f6b057d
.retailads.net/	1970-01-20 14:55:58	Name: ppb2172 Value: 3013416770
.awin1.com/	1970-01-20 14:15:39	Name: awpv11830 Value: 296283\|1692766534\|4b5510c0-4171-11ee-9f65-22389f6b057d
.awin1.com/	1970-01-20 14:15:39	Name: awpv22610 Value: 296283\|1692766534\|4b569760-4171-11ee-b98b-2233369fc7ee
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 408799:2874697
pb.media01.eu/	1970-01-20 23:48:46	Name: DTU Value: 6232F77B55F6371551921742794151EC
.futalis.de/	1970-01-20 15:39:10	Name: raSIDb Value: 3013416770
.office-partner.de/	1970-01-20 23:48:46	Name: source Value: {"webgains_webgains":{"timestamp":1692766534879,"clickCookie":false}}

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://srtb.msn.com/auction Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://www.googletagservices.com/dcm/impl_v96.js(Line 77) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v96.js(Line 77) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v96.js(Line 77) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
798c1331111f5e51d1aaf4e4af18bed6.safeframe.googlesyndication.com
a2zapk.com
a2zapk.disqus.com
a2zapk.io
ad.doubleclick.net
adservice.google.com
adv.office-partner.de
analytics.webgains.io
api.webgains.io
cdn.doubleverify.com
cdn.retailads.net
cdn.track.production.webgains.team
cdnjs.cloudflare.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
futalis.de
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal900014.redintelligence.net
hal900030.redintelligence.net
ib.adnxs.com
pagead2.googlesyndication.com
pb.media01.eu
play-lh.googleusercontent.com
pv.medialead.de
region1.google-analytics.com
rtb0.doubleverify.com
s0.2mdn.net
securepubads.g.doubleclick.net
srtb.msn.com
static.cloudflareinsights.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ew1.doubleverify.com
track.webgains.com
www.awin1.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
108.138.36.69
108.138.36.89
130.211.44.5
136.243.149.243
138.201.84.245
142.250.181.230
142.250.184.226
142.250.185.70
145.239.193.130
167.233.14.134
176.9.26.250
18.135.31.191
185.80.39.216
185.89.211.116
199.232.192.134
2001:4860:4802:34::36
204.79.197.203
23.56.205.163
2606:4700:20::681a:69a
2606:4700:3035::ac43:8d79
2606:4700::6810:3865
2606:4700::6811:190e
2a00:1450:4001:806::2002
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:81c::2006
2a00:1450:4001:81c::2016
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a01:4f8:d0a:2321::2
2a02:26f0:3500:d::1732:83c8
2a0b:4d07:101::1
3.9.22.61
88.198.250.30
00067a13f6ac6be3ee460d799be2e268e0973d1f49e6a2737868e3231fb2698a
00663981086a56175dfea4654f60df0887b59ed03940e0d28fc0ecbabcded437
03c3cdc21d2bff5ce75dcf0a2eff01acefe9a72463d18631dbd8e92adfb194a6
03ed6e30bee0904aa1c18913cf4ea46865b9f13c339ef3f0ec6a76feff369c39
05d161ff3a5d195fc70366fa828ac91eec94ed9533a1d65b76af45b8590a4a8a
061dd6591dde25591931dc9470fd0bc3b63f4bf0ed8696af047f5a020c50c542
062aabfef06959d94fb90fd74e7bb50d3a0ad1bb66ab79e07923b6bd62951158
071df16f827a2a45e644e15918a8a74d7e3cade20649e0d26f70ad454b4e9385
0806024da0fd3302ac4202dcddca0250d2bce48f3b60970d9fd2537581450de7
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
08b3abba97569aeb8606fadd21140012c00c333aa01afc3e6eaefcb7aa5c8e48
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
0adb31c5cc2a29488e90d8682baaa114da5b69c6950e0155139d962bf302bccc
0b6cc6eee0743ef299f09a0ff0bada2ffaa3303697b329656903536e1408ea99
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cf3c32d86cf43176048fe7a552e9a791ac1034a99ae61beb862b667bbcc5f9b
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12e99e6da8349480c5038849faf6e0bc4f7294979f545c23893de5bf1bb2dc4f
16a026e871f95e9662b3e3ed398e5130fa52c26d51a6a39852d79523522e5d57
1a0298cc67f9a173d7d2ca3b2d5b2034f9735443cd82223d011ffa1c3d32098a
1a3724fa75c8ed15194b3e215a00099f4d369515a20afe884025c0c58ec0509d
1b582acaf161db1ef436343a487e95a35a5ee579d35893ad726dce7fa4b85b4c
1d8a10f707df99a7e5d84aeb947777a8daf1be07007780b0c0bf8d0d88707ae9
1eb51bb87fa36e1a468342af94f27f8e14334200ecea22b8c829f69196697782
1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa
1fd93de5dab28bfc6583e39bdaac6a7a4b610e0c5c9560984a4ec04f84099f99
1ff05f96f1d966edeb939049d3ae11a36a1cb64e7b8d3e1b9da1bcfaed53fb0c
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
20ffe741f9dddf520a15ffa243f84a00f610a43e7624a1743351857fa49d7589
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
26d82eb8bac2ff251bd0078909904acb9ba6a324da184309c78cda0c040c1af1
26ef1399edc15fddc1cf7e2fedcd2f5be0103c4c23e1c81c72d332407cefe1cb
272f2244814e649578b0ea90e4cc0ba8c97752f5ee3d6dbbb32082a1dce382fc
27686f826ed1dfe39698b13eba4ac46241a32852e3fac100dd519dde58425fd4
27687d9662a2637ee70587b692fb6c7700a9bf6c315948bbfdc82ed3ce99b4b7
2925735552eb35109c7d23a42579810b5f46bad2bc1b602fd0a1aff0d215eda9
2987f8ce761dbdafa880a50e06360cb287d2db365d490eb5ef0ddfdf9d8cab45
29932df8708f3e15ece0c65e81318246162e6fae0fd2cd808b7b37671f151589
2a59838504944aa2f2ecbd5db4bb836b32d162266a65f78a581219c300233198
2ae11b8d7458ea7d87d6889e190ad6b5701aaf6072f54df327f745c997c3a0d0
2bae9fc3e57c860103d1e03360ba3246e3b6c5bcaa6f3183ce8066cc69843a5d
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
40973a3e0be1b19f1d4a5c766421814dc51eaa807a8568e95619bebe2903473d
431d91f55b743a511f9dab978373b903d3d375b52aa642404c24f3d671c7221a
435fbdcbb203c97d84bc3c7f5b1c57757535ea1627336a49ebdf54b3a9b0d322
43c969dd91796954ee5b0d995fddf5dc9b008844db541a4103c1d95b28ef2f74
43ce40fa9fd479e9c17711fbccf948b53993cf7489d1a46f6586b0bed40660c5
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46e3b783dd923bf61d3f5915c56613513ae96990111e4eeeb575dee492d63f14
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
4d0bf361440a9dbf3920e1dd043533144b7833ce4d21492ca5464ae72d223c64
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a2d331a0987dd772419dacf1706e93e5ea9292d01b7408e9183386fe916ad5
54f9650c7f1bd5f0879f81914b34d063282d177baa73f6bb5701b0c6a888e248
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56b2ee5bf0628946267ddcaf4be02035e2f89ec2d050157614a6e99e0375e94d
58170e95799c5ed77330106f5529a910bc7d75910000531babd8b0bb54141d47
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078
603433014a938ff3a06f27b6fe6b9a57614f494a1a1f52b67b5050798015b3b4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62946b594e574039f80720c4d8e8480ee8f52d008acacc2538591a81ed9294fe
6314a56f8073aea8790aedca4c3d0e076e08f2b77ead2dbef8bb59083ee47bf6
6e9c36f6151273b9481af7e09495e60cc53f8936f85ab8f77c0f52947b9e3dca
7560081f09d7c7cc914628f0d6f9bd2f91a1c33ccd0403e130c441c607d06f33
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
79723e64a32433efc7e228a510b7ab5e0ae83462e6113108e5abb9d194ce4fd2
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7d331fb82724f45c59327c435134c753bc5a07be33b7c94b621d5401d2156fab
7d75a9987ca66b1da91df65ae504f43bcfc8e07b67768341d3bec8fb361ffd3f
7fb07880fe0e8c6a59441a5eb71aed95f6542a8c4bc1ed859984d2e8efe054e0
7ff50a60d167f90caf90345162489e4427beb21d5ef393f7703425211f2363d9
80351098c2478918bb80008d7836499305bf6f4d4b2abf742b8823255bbb0d8e
80752a6725c62468e79fec444b115bcbaca5c8d9c84b8328dd297193a89cb23b
843dea1d022be79c95643821b1140cc2d081094ee77ccf7a1f637a1ad8fca33f
85546fc1dc5bd86a9db3f5d39e5cbc0dd92106c5e67c147d78eddf19b3f13a2b
8555fd4d9b084d0196daff5bcd75bff3931dec40f27ba33b5ab400ac9d90ceb7
856b7627332054da5d97c14110a9d32817707ce60898c83d97004a7268858d60
8b09e207d85c3bba869faf3b2e6650432a531662d729a7e728d3de89c0b8857f
97570defe15fe0a83b49642f0ecf2dcc9c7400d21272372d3b140beb372bd08e
996993bfeb7cd9c381255c28e21b63f2c391ef090fe0266f016991eb8e3efdd8
9efd106fe78bc2c08ed3b7957442eaa4a368daceede4957a6e4ed43d6abaaf1d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0b46d2d20931175ed8803397f0b95cbcaed0400d51d699bedcb5bbe134bd101
a20902bdbf19c7cde98914798ae6ca1527c3c66be938abeaa306549993802942
a231c8c9b85655bd11127d15c1fe0692cf75405dfb436a2614a581caf175453b
a41620a90c460d71993a408748ecc6be5bd243708f42d7289fbb45a2860dc153
a8abb6be6c28056ebd4a1fb150f0408b20fa0fd5bee4ca71895ad00f35587269
aa300a570cc50f33f0dbe6fa43169017bb99a2518e002f72b5a445ae07f7edc7
ace4e7a387d2178b7cda900c9c7fc8e26a6854b47ebfb90a5abaeeda6405e6f2
ad8c7fe8951e8f3d7edbee43f6e0cf8d14aa5c22e018237d5b4fdd4cd72b7116
aea7f3ed469a3768b3d0006637b8f2988b49cb5179aa52091b9a12c7973cae07
afcb75952f910e74a87f9c7154e98bd1d3321452a2ff7ddf63eb22dd5f652c7b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b257d5d9d3e857f54d63ff3c6139e086e5c8ca31ab501a7da4b21edd22bdf78a
b2c6e114d26c42d9a678f0a81a15c8c876fde4b711e852ce7e9735f90bdef370
b42dac777d7dc748668185598425eb5f854581a03d95a24b40db22550b2ecc16
b9f24416dc04e9b661270520183a4080ef0bc4862be4043278716f6debe2d0ec
bb6bdb1fbd95d2eb28ed8ce22d1a3a34bc041a79ebfdf59c0e97a5653853cdd4
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c23b4c2c0ec34c5a75957c057a43cead40262ca1ec09c223c4b1bcda0452ce99
c23ebeb4f2c802b3ac6c77f8766c4952625db6be8ac1121e1b7bb457ff5724aa
c438c413fbad7c509b936b0866b354ca6efc56e64bac35fa2127ea1339210a4e
c4a8e951c405bb6bf88d15369b1d01b2d57314e3f14502c6c6ce98907f4a7ac5
c784ecc6cb0492bd4f432b733f0b780026ae16b975dd82d7a951a9f3044d79fa
c79fa24df3e0cdc7c22062880d6fa8d675701e61c8d34c7605135c2e6b742fae
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cc679221dc9c96f5e47a62799b7ad53353b51e63f18804ee20d3996f86492cde
ce546da4d1f8073e758d6e93363d2bed279008da91f770a2e2d3500ef162ec20
d21803ddac2c626338f5740a636fe951da54ff17a683b3333dcfeb8addc46edd
d59f875c07b5e09ed72f5188897e17d768c69bf2f8b2843ea8409b443dea0f46
d6f91206b849898e06d932d31735f4d2f5e40c11b86e2297f0bd4780fcf19e3a
d70304b4a6349128b685792bfc421138880af163fd86dc8f729e7965717215e2
d72c9fb59846aff6405d2973c81bd8da823493502fab893e026a736a1ba01838
d7504432997c4e5b297aae8fa062862e8f60d612a9a262393d5632577b271eac
d93ceb466748d197abe4d71f8453babfe0d4140495d99adbd093df90d663ba22
db556c877765791cfa9dc4febd9a83ab0dfdd29245b4c0ca786911f4ada39bbf
dc60e6f6e60e1cc56e2ebfc8d51811b55fc04a29e0a383dfceba765c2e870ba6
dcbd4882f0c4557f44d9d7340ab5a08c7b8cdf3dc5cba9996a18c95160acbd5d
dd6d8c66459f7e8833acec381118440961ddd6c8f1aa8ca79a39aab3408bd3d3
de16fd70e645265335ce7453f787726ee7c95d9d379d9759eea0a48d99d28913
dfc29ab4997b1e52b969d28a29a76d1c33818687e64508df6f8016892fd89a35
e2bf7931e8b701ee95f507f3c9b711b18ca5a178e4f4f5b9107e6ae51aaba7f3
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d5c49d0e20c0a9fd570d668c018ebdb679f7c3500e57b7526d065ad046f266
e484a097b3857b79abc41d8ae899a631e1761807fe3943292977e6fe65a87543
e80f3c6479f08a7ea0b97f0c3538f4d3420e0f00df102e15469e7fc6ed013cbc
eb41b019613aa88688529bdb45c6496a238f4496d51e9077e2b69ba01102006a
eba7a7a39459c37cc784afeb2ef1613d0b046b4e1988984fd2f801b568cb7a08
ed0b6cf04cd484a5a817d7e64121674b837a42c361df9231f899270acbf49dfb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5e20178aa040c0827ae59e5c6f24224da38f0e32974b8395d7f1d1af0ada1b
f0474c04b2f10d35c81760ade3fc890b7793d6733818a0328d52c3065e09b70f
f05d585abc5743c90917912e52b6571bf114ed10993b31e680e2ed6c3f909955
f0d0cfc322eef2504a71973cdccf2a6b0d2ed6cadf8c2ee812b0f57cfc91f49a
f245984ba222954a0a9706a3f8d3dd8902b442addc6ed7a39fdb6b26c30e3f90
f6135796cbdc91d896457d04e673761aaf6e3b54f51b8dc2162c30a523a81b64
f6967d70ec6cf1c74fd10aeea358e5b385255107016cb46cf9ec861bcd995cc0
f6ce40bcad1b0e0b6f34c03a1e517c8c11eed6d891cd5a7a104f0b0792cd129c
f6f2d0107d809b81be6d50728b417f8fe0fb3b81502228e2d6200342130efda8
faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1
fb3a4c9440211608ff55f933356f04cdb0a629575902dc4fd80db26b25b45eb9
fc1f5610c96200875fb98043688653e3edeb19c69d4037823918a573eca2c9ed
fd9c717d65bdd2c413a308a962206a19211a04412b5ab2cbac25d34ebadf7434
ffe0a5b83049b3395df4e98eeac04e5fce824815bc4ba32faf3c7e6b5690a420
ffe96b98423bb7a4e0ca465361afca090f1896831face3abdbd51365e6675c1a
fff7144fa7e0efc47824ffc51e4c5dbaffaacfd04b89193aaebdb226ca1e3494

a2zapk.io Open in urlscan Pro 2606:4700:20::681a:69a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

329 Requests

91 %HTTPS

51 %IPv6

29 Domains

43 Subdomains

39 IPs

6 Countries

3187 kBTransfer

7892 kBSize

21 Cookies

13 Outgoing links

Page URL History

Redirected requests

329 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

a2zapk.io Open in urlscan Pro
2606:4700:20::681a:69a Public Scan

Screenshot
Live screenshot

Full Image

329
Requests

91 %
HTTPS

51 %
IPv6

29
Domains

43
Subdomains

39
IPs

6
Countries

3187 kB
Transfer

7892 kB
Size

21
Cookies

329 HTTP transactions
5 data transactions