urlscan.io logo urlscan.io
SecurityTrails logo

www.idrlabs.com Open in urlscan Pro
2606:4700:3030::ac43:af3c  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.idrlabs.com/barbie-character/test.php
Submission: On July 27 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 111 IPs in 12 countries across 80 domains to perform 812 HTTP transactions. The main IP is 2606:4700:3030::ac43:af3c, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.idrlabs.com. The Cisco Umbrella rank of the primary domain is 433595.
TLS certificate: Issued by E1 on July 7th 2023. Valid for: 3 months.
This is the only time www.idrlabs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 2606:4700:303... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a01:7e00:1::... 63949 (AKAMAI-LI...)
166 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 32 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.66.97.121 16509 (AMAZON-02)
36 2a00:1450:400... 15169 (GOOGLE)
3 52.222.208.154 16509 (AMAZON-02)
1 143.204.215.51 16509 (AMAZON-02)
7 52.222.253.136 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 13.32.99.35 16509 (AMAZON-02)
1 162.19.138.117 16276 (OVH)
1 13.32.99.57 16509 (AMAZON-02)
5 35.186.236.140 15169 (GOOGLE)
1 2a02:2638:3::3 44788 (ASN-CRITE...)
1 65.9.66.104 16509 (AMAZON-02)
1 2600:9000:225... ()
1 34.96.70.87 396982 (GOOGLE-CL...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 104.18.24.112 13335 (CLOUDFLAR...)
9 2a00:1450:400... 15169 (GOOGLE)
1 162.19.138.119 16276 (OVH)
1 54.72.84.52 16509 (AMAZON-02)
1 2 2a02:2638:d::d 44788 (ASN-CRITE...)
2 35.190.39.111 15169 (GOOGLE)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
1 178.250.7.13 44788 (ASN-CRITE...)
55 2a00:1450:400... 15169 (GOOGLE)
9 161.47.17.28 19994 (RACKSPACE)
16 2a00:1450:400... 15169 (GOOGLE)
2 35.244.159.8 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 13.50.58.122 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 23.35.236.201 16625 (AKAMAI-AS)
4 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
1 142.251.168.155 15169 (GOOGLE)
2 37.157.6.254 198622 (ADFORM)
6 85.14.248.72 24961 (MYLOC-AS ...)
5 7 34.255.171.199 16509 (AMAZON-02)
27 40 142.250.185.98 15169 (GOOGLE)
2 8 185.80.39.216 27381 (CASALE-MEDIA)
3 4 185.89.210.90 29990 (ASN-APPNEX)
1 3 2620:116:800d... 16509 (AMAZON-02)
18 18.66.147.69 16509 (AMAZON-02)
1 37.157.5.73 198622 (ADFORM)
1 2600:9000:223... 16509 (AMAZON-02)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
22 46.228.174.115 56396 (AMOBEE)
12 216.52.2.48 32475 (SINGLEHOP...)
11 104.18.24.185 13335 (CLOUDFLAR...)
11 69.166.1.15 27630 (AS-XFERNET)
12 145.40.97.67 54825 (PACKET)
11 2602:803:c003... 26667 (RUBICONPR...)
11 185.64.189.112 62713 (AS-PUBMATIC)
12 54.220.149.212 16509 (AMAZON-02)
2 2606:2800:133... 15133 (EDGECAST)
2 130.211.44.5 15169 (GOOGLE)
8 2600:1f13:800... 16509 (AMAZON-02)
10 142.250.186.130 15169 (GOOGLE)
66 2a00:1450:400... 15169 (GOOGLE)
2 3 99.81.218.213 16509 (AMAZON-02)
3 2600:9000:223... 16509 (AMAZON-02)
24 142.250.181.226 15169 (GOOGLE)
1 2600:9000:21f... 16509 (AMAZON-02)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 35.190.0.66 15169 (GOOGLE)
3 7 18.195.47.22 16509 (AMAZON-02)
3 3 213.155.156.169 1299 (TWELVE99 ...)
2 2 54.194.37.177 16509 (AMAZON-02)
1 185.86.138.153 201081 (SMARTADSE...)
1 2 51.38.120.206 16276 (OVH)
7 2602:803:c003... 26667 (RUBICONPR...)
1 23.32.185.192 16625 (AKAMAI-AS)
1 37.157.6.237 198622 (ADFORM)
3 10 69.173.144.165 26667 (RUBICONPR...)
7 7 69.173.144.139 26667 (RUBICONPR...)
7 198.47.127.205 62713 (AS-PUBMATIC)
1 4 198.47.127.19 3257 (GTT-BACKB...)
8 23.35.237.56 16625 (AKAMAI-AS)
6 10 185.94.180.125 35220 (SPOTX-AMS)
16 95.101.149.233 16625 (AKAMAI-AS)
2 104.18.10.47 13335 (CLOUDFLAR...)
2 3 208.93.169.131 46244 (WEBMD-IDC...)
2 2 193.0.160.131 54312 (ROCKETFUEL)
2 69.166.1.10 27630 (AS-XFERNET)
5 35.71.131.137 16509 (AMAZON-02)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 3 2a05:d018:d29... 16509 (AMAZON-02)
2 4 52.46.155.104 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 4 52.94.223.167 16509 (AMAZON-02)
1 2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
4 5 37.157.3.30 198622 (ADFORM)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 178.250.1.9 44788 (ASN-CRITE...)
6 185.64.191.210 62713 (AS-PUBMATIC)
1 54.194.165.126 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
3 4 54.172.28.235 14618 (AMAZON-AES)
1 34.91.62.186 396982 (GOOGLE-CL...)
2 198.47.127.20 3257 (GTT-BACKB...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 2 54.211.218.86 14618 (AMAZON-AES)
5 6 52.49.144.166 16509 (AMAZON-02)
1 1 185.86.139.93 201081 (SMARTADSE...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.51.121 42697 (NETIC-AS)
1 1 141.94.171.212 16276 (OVH)
3 3.75.62.37 16509 (AMAZON-02)
2 2 35.210.53.219 15169 (GOOGLE)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 2 99.80.170.99 ()
1 2 34.111.113.62 ()
1 1 44.195.117.16 ()
1 192.132.33.46 ()
812 111
15    2606:4700:3030::ac43:af3c (United States)

ASN13335 (CLOUDFLARENET, US)
www.idrlabs.com
cdn.idrlabs.com
4    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a01:7e00:1::b903:5c4c (London, United Kingdom)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
monu.delivery
166    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
32    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2606:4700::6812:4a5 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
1    18.66.97.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-121.fra56.r.cloudfront.net
launchpad-wrapper.privacymanager.io
36    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    52.222.208.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-208-154.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    143.204.215.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-51.fra53.r.cloudfront.net
launchpad.privacymanager.io
7    52.222.253.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-253-136.fra60.r.cloudfront.net
aax.amazon-adsystem.com
1    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
3    13.32.99.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-35.fra60.r.cloudfront.net
geo.privacymanager.io
1    162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    13.32.99.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-57.fra60.r.cloudfront.net
ats-wrapper.privacymanager.io
5    35.186.236.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.236.186.35.bc.googleusercontent.com
imps.monu.delivery
1    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    65.9.66.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-104.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    2600:9000:2250:9a00:a:e047:753:be1 (United States)

ASN- ()
cdn.prod.uidapi.com
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
2    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    104.18.24.112 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
9    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
1    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
1    54.72.84.52 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-84-52.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
2    2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
1    178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
55    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
9    161.47.17.28 (United States)

ASN19994 (RACKSPACE, US)
saambaa.com
api.saambaa.com
16    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
7    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    13.50.58.122 (Stockholm, Sweden)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-50-58-122.eu-north-1.compute.amazonaws.com
protected-by.clarium.io
2    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
3    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
17    2a00:1450:4007:80b::2003 (Ireland)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    142.251.168.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wh-in-f155.1e100.net
bid.g.doubleclick.net
2    37.157.6.254 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
6    85.14.248.72 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
m.exactag.com
7    34.255.171.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-171-199.eu-west-1.compute.amazonaws.com
unified.adsafeprotected.com
40    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
8    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
4    185.89.210.90 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
3    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
18    18.66.147.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-69.fra60.r.cloudfront.net
tagan.adlightning.com
1    37.157.5.73 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
1    2600:9000:223c:c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
2    2a00:1450:400e:8::8 (Ireland)

ASN15169 (GOOGLE, US)
r3---sn-5hneknee.c.2mdn.net
2    2a02:26f0:3500:d::1732:83d6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
22    46.228.174.115 (United Kingdom)

ASN56396 (AMOBEE, GB)
targeting.unrulymedia.com
12    216.52.2.48 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
11    104.18.24.185 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
11    69.166.1.15 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
12    145.40.97.67 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
11    2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
11    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
12    54.220.149.212 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-149-212.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
2    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)
saambaa-static.azureedge.net
2    130.211.44.5 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 5.44.211.130.bc.googleusercontent.com
rtb0.doubleverify.com
rtbc-ew1.doubleverify.com
8    2600:1f13:800:7780:2e74:fc05:44c0:c11d (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
10    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
ade.googlesyndication.com
66    2a00:1450:4001:81c::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    99.81.218.213 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-218-213.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
fw.adsafeprotected.com
3    2600:9000:223f:3400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
24    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2600:9000:21f3:b800:19:8ca6:3640:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.pathtosuccess.global
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
7    18.195.47.22 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-47-22.eu-central-1.compute.amazonaws.com
x.bidswitch.net
3    213.155.156.169 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
2    54.194.37.177 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-37-177.eu-west-1.compute.amazonaws.com
match.360yield.com
1    185.86.138.153 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
2    51.38.120.206 (Hessen, Germany)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
7    2602:803:c003:200::47 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
beacon-ams3.rubiconproject.com
1    23.32.185.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-192.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    37.157.6.237 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
10    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
7    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
7    198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
4    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
8    23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com
sync.teads.tv
10    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
16    95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    104.18.10.47 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
3    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
2    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
5    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
3    2a05:d018:d29:3601:da00:7cb3:2a5d:49ee (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
4    52.46.155.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
4    52.94.223.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
pubmatic-match.dotomi.com
5    37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
1    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
6    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    54.194.165.126 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-165-126.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
4    54.172.28.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-28-235.compute-1.amazonaws.com
a.audrte.com
1    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
2    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
simage4.pubmatic.com
1    85.114.159.93 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    54.211.218.86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-218-86.compute-1.amazonaws.com
sync.srv.stackadapt.com
6    52.49.144.166 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-144-166.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    185.86.139.93 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    77.243.51.121 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    141.94.171.212 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-4.cloudy.ovh
pixel.onaudience.com
3    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    35.210.53.219 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
2    99.80.170.99 (None, )

ASN- ()
dpm.demdex.net
2    34.111.113.62 (None, )

ASN- ()
pixel.tapad.com
1    44.195.117.16 (None, )

ASN- ()
sync.ipredictive.com
1    192.132.33.46 (None, )

ASN- ()
bttrack.com
Apex Domain
Subdomains		 Transfer
240 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 153
ade.googlesyndication.com — Cisco Umbrella Rank: 319
42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
1 MB
133 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 57
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 204
bid.g.doubleclick.net — Cisco Umbrella Rank: 788
cm.g.doubleclick.net — Cisco Umbrella Rank: 232
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 349
940 KB
69 2mdn.net
gcdn.2mdn.net — Cisco Umbrella Rank: 1212
r3---sn-5hneknee.c.2mdn.net — Cisco Umbrella Rank: 575085
s0.2mdn.net — Cisco Umbrella Rank: 312
3 MB
51 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 603
beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 9278
pixel.rubiconproject.com — Cisco Umbrella Rank: 374
token.rubiconproject.com — Cisco Umbrella Rank: 651
eus.rubiconproject.com — Cisco Umbrella Rank: 638
153 KB
33 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 587
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 614
image2.pubmatic.com — Cisco Umbrella Rank: 991
image6.pubmatic.com — Cisco Umbrella Rank: 797
simage2.pubmatic.com — Cisco Umbrella Rank: 772
simage4.pubmatic.com — Cisco Umbrella Rank: 1324
109 KB
23 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
176 KB
22 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 848
2 KB
21 adsafeprotected.com
unified.adsafeprotected.com — Cisco Umbrella Rank: 1696
dt.adsafeprotected.com — Cisco Umbrella Rank: 609
pixel.adsafeprotected.com — Cisco Umbrella Rank: 771
static.adsafeprotected.com — Cisco Umbrella Rank: 640
fw.adsafeprotected.com
113 KB
19 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 645
htlb.casalemedia.com — Cisco Umbrella Rank: 692
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 469
dsum.casalemedia.com — Cisco Umbrella Rank: 1602
12 KB
18 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 2358
496 KB
18 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 357
aax.amazon-adsystem.com — Cisco Umbrella Rank: 450
s.amazon-adsystem.com — Cisco Umbrella Rank: 313
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1126
73 KB
16 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 208
869 KB
15 idrlabs.com
www.idrlabs.com — Cisco Umbrella Rank: 433595
cdn.idrlabs.com — Cisco Umbrella Rank: 563814
216 KB
13 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 2502
sync.go.sonobi.com — Cisco Umbrella Rank: 1159
15 KB
12 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 702
2 KB
12 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 999
400 B
12 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 766
5 KB
10 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 783
6 KB
9 adform.net
track.adform.net — Cisco Umbrella Rank: 4043
s1.adform.net — Cisco Umbrella Rank: 9552
cm.adform.net — Cisco Umbrella Rank: 1285
c1.adform.net — Cisco Umbrella Rank: 636
dmp.adform.net — Cisco Umbrella Rank: 3413
24 KB
9 saambaa.com
saambaa.com — Cisco Umbrella Rank: 18032
api.saambaa.com — Cisco Umbrella Rank: 19950
166 KB
9 monu.delivery
monu.delivery — Cisco Umbrella Rank: 27905
imps.monu.delivery — Cisco Umbrella Rank: 33447
187 KB
8 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1368
1 KB
7 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 344
2 KB
7 google.com
www.google.com — Cisco Umbrella Rank: 3
2 KB
6 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 629
3 KB
6 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 457
ups.analytics.yahoo.com — Cisco Umbrella Rank: 316
2 KB
6 exactag.com
m.exactag.com — Cisco Umbrella Rank: 9770
2 KB
6 privacymanager.io
launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 3583
launchpad.privacymanager.io — Cisco Umbrella Rank: 3214
geo.privacymanager.io — Cisco Umbrella Rank: 1984
ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 2812
65 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 76
imasdk.googleapis.com — Cisco Umbrella Rank: 498
136 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 377
1 KB
5 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 421
mug.criteo.com — Cisco Umbrella Rank: 2491
dis.criteo.com — Cisco Umbrella Rank: 623
8 KB
5 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1851
www.google-analytics.com — Cisco Umbrella Rank: 59
21 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2820
3 KB
4 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 477
rtb0.doubleverify.com — Cisco Umbrella Rank: 756
rtbc-ew1.doubleverify.com — Cisco Umbrella Rank: 15387
21 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 240
3 KB
4 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1560
google-bidout-d.openx.net — Cisco Umbrella Rank: 1558
us-u.openx.net — Cisco Umbrella Rank: 473
889 B
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 26576
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 22204
903 B
3 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 589
2 KB
3 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4506
871 B
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1307
pixel.quantserve.com — Cisco Umbrella Rank: 997
cms.quantserve.com — Cisco Umbrella Rank: 807
10 KB
3 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 1503
733 B
3 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 1697
creativecdn.com — Cisco Umbrella Rank: 497
2 KB
3 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1070
bcp.crwdcntrl.net — Cisco Umbrella Rank: 900
sync.crwdcntrl.net — Cisco Umbrella Rank: 932
12 KB
2 tapad.com
pixel.tapad.com
1 KB
2 demdex.net
dpm.demdex.net
2 KB
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 5731
752 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1281
1 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 791
2 KB
2 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 3888
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4223
286 B
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 866
2 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 722
cdn.indexww.com — Cisco Umbrella Rank: 1703
2 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 806
490 B
2 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 857
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 709
775 B
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2271
810 B
2 azureedge.net
saambaa-static.azureedge.net — Cisco Umbrella Rank: 21309
90 KB
2 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 1666
335 B
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 361
5 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 907
id5-sync.com — Cisco Umbrella Rank: 420
25 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1521
148 KB
1 bttrack.com
bttrack.com
163 B
1 ipredictive.com
sync.ipredictive.com
493 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 912
518 B
1 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3360
419 B
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3187
440 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1552
524 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 868
611 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 10130
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 369
650 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4185
400 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 8658
555 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 42245
611 B
1 pathtosuccess.global
cdn.pathtosuccess.global — Cisco Umbrella Rank: 8635
104 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1238
634 B
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1417
9 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1658
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 1699
2 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
13 KB
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1172
402 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 72
83 KB
0 opera.com Failed
t.adx.opera.com Failed
812 80
Domain Requested by
166 pagead2.googlesyndication.com www.idrlabs.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
pagead2.googlesyndication.com
www.googletagservices.com
tagan.adlightning.com
42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
s0.2mdn.net
66 s0.2mdn.net tagan.adlightning.com
s0.2mdn.net
www.idrlabs.com
42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
55 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
www.idrlabs.com
tagan.adlightning.com
42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
s0.2mdn.net
40 cm.g.doubleclick.net 27 redirects googleads.g.doubleclick.net
6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
www.idrlabs.com
36 securepubads.g.doubleclick.net monu.delivery
securepubads.g.doubleclick.net
www.idrlabs.com
6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
www.googletagservices.com
tagan.adlightning.com
32 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
www.idrlabs.com
tagan.adlightning.com
42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
24 googleads4.g.doubleclick.net tagan.adlightning.com
www.idrlabs.com
22 targeting.unrulymedia.com saambaa.com
18 tagan.adlightning.com saambaa.com
tagan.adlightning.com
42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
17 csi.gstatic.com imasdk.googleapis.com
16 eus.rubiconproject.com www.idrlabs.com
eus.rubiconproject.com
saambaa.com
16 www.googletagservices.com www.idrlabs.com
6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
saambaa.com
tagan.adlightning.com
42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
12 ads.yieldmo.com saambaa.com
12 prebid.a-mo.net saambaa.com
12 ap.lijit.com saambaa.com
11 hbopenbid.pubmatic.com saambaa.com
11 fastlane.rubiconproject.com saambaa.com
11 apex.go.sonobi.com saambaa.com
11 htlb.casalemedia.com saambaa.com
11 cdn.idrlabs.com www.idrlabs.com
cdn.idrlabs.com
10 sync.search.spotxchange.com 6 redirects googleads.g.doubleclick.net
10 pixel.rubiconproject.com 3 redirects googleads.g.doubleclick.net
www.idrlabs.com
10 ade.googlesyndication.com
8 sync.teads.tv googleads.g.doubleclick.net
8 dt.adsafeprotected.com
7 image2.pubmatic.com googleads.g.doubleclick.net
ads.pubmatic.com
7 token.rubiconproject.com 7 redirects
7 beacon-ams3.rubiconproject.com tagan.adlightning.com
7 x.bidswitch.net 3 redirects 6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
ssum-sec.casalemedia.com
7 unified.adsafeprotected.com 5 redirects imasdk.googleapis.com
7 www.google.com tpc.googlesyndication.com
6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
tagan.adlightning.com
42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
7 saambaa.com www.idrlabs.com
saambaa.com
7 aax.amazon-adsystem.com c.amazon-adsystem.com
6 match.prod.bidr.io 5 redirects www.idrlabs.com
6 simage2.pubmatic.com ads.pubmatic.com
6 m.exactag.com 6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
www.idrlabs.com
5 match.adsrvr.org www.idrlabs.com
ssum-sec.casalemedia.com
ads.pubmatic.com
5 42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
tagan.adlightning.com
5 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
5 imps.monu.delivery www.idrlabs.com
monu.delivery
5 fonts.gstatic.com fonts.googleapis.com
4 a.audrte.com 3 redirects ads.pubmatic.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 aax-eu.amazon-adsystem.com 2 redirects ads.pubmatic.com
4 s.amazon-adsystem.com 2 redirects ssum-sec.casalemedia.com
4 image6.pubmatic.com 1 redirects googleads.g.doubleclick.net
ads.pubmatic.com
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 www.google-analytics.com saambaa.com
www.idrlabs.com
cdn.jsdelivr.net
4 6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com securepubads.g.doubleclick.net
cdn.confiant-integrations.net
4 monu.delivery www.idrlabs.com
monu.delivery
4 fonts.googleapis.com www.idrlabs.com
6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
saambaa.com
4 www.idrlabs.com www.idrlabs.com
3 ups.analytics.yahoo.com googleads.g.doubleclick.net
www.idrlabs.com
3 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
3 bh.contextweb.com 2 redirects
3 d5p.de17a.com 3 redirects
3 static.adsafeprotected.com www.idrlabs.com
tagan.adlightning.com
3 ads.pubmatic.com saambaa.com
ads.pubmatic.com
3 protected-by.clarium.io 6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
3 geo.privacymanager.io launchpad.privacymanager.io
ats-wrapper.privacymanager.io
3 c.amazon-adsystem.com monu.delivery
c.amazon-adsystem.com
2 pixel.tapad.com 1 redirects
2 fw.adsafeprotected.com 1 redirects tagan.adlightning.com
2 dpm.demdex.net 1 redirects googleads.g.doubleclick.net
2 pool.admedo.com 2 redirects
2 uipglob.semasio.net 1 redirects
2 sync.srv.stackadapt.com 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 cr.frontend.weborama.fr 2 redirects
2 dis.criteo.com 2 redirects
2 ssum-sec.casalemedia.com js-sec.indexww.com
ssum-sec.casalemedia.com
2 creativecdn.com 2 redirects
2 sync.go.sonobi.com
2 p.rfihub.com 2 redirects
2 onetag-sys.com 1 redirects
2 match.360yield.com 2 redirects
2 saambaa-static.azureedge.net
2 cdn.doubleverify.com www.idrlabs.com
2 r3---sn-5hneknee.c.2mdn.net
2 track.adform.net 6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
www.idrlabs.com
2 api.saambaa.com saambaa.com
2 imasdk.googleapis.com 6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
2 oajs.openx.net 1 redirects
2 esp.rtbhouse.com invstatic101.creativecdn.com
2 gum.criteo.com 1 redirects static.criteo.net
2 cdn.jsdelivr.net securepubads.g.doubleclick.net
saambaa.com
2 cdn.confiant-integrations.net monu.delivery
cdn.confiant-integrations.net
1 bttrack.com www.idrlabs.com
1 sync.ipredictive.com 1 redirects
1 ad.turn.com 1 redirects
1 pubmatic-match.dotomi.com
1 pixel.onaudience.com 1 redirects
1 mwzeom.zeotap.com
1 rtb-csync.smartadserver.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 cms.quantserve.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 ad4m.at ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 px.ads.linkedin.com www.idrlabs.com
1 js-sec.indexww.com saambaa.com
1 cm.adform.net googleads.g.doubleclick.net
1 ad.yieldlab.net googleads.g.doubleclick.net
1 ssbsync.smartadserver.com 6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
1 ads.travelaudience.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 cdn.pathtosuccess.global 6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
1 rtbc-ew1.doubleverify.com cdn.doubleverify.com
1 us-u.openx.net
1 pixel.adsafeprotected.com 1 redirects
1 rtb0.doubleverify.com www.idrlabs.com
1 pixel.quantserve.com www.idrlabs.com
1 gcdn.2mdn.net 1 redirects
1 rules.quantcount.com secure.quantserve.com
1 s1.adform.net www.idrlabs.com
1 secure.quantserve.com www.idrlabs.com
1 bid.g.doubleclick.net imasdk.googleapis.com
1 www.gstatic.com 6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 mug.criteo.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 id5-sync.com cdn.id5-sync.com
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 ats-wrapper.privacymanager.io launchpad.privacymanager.io
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 cdn.id5-sync.com www.idrlabs.com
1 launchpad.privacymanager.io launchpad-wrapper.privacymanager.io
1 launchpad-wrapper.privacymanager.io monu.delivery
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com www.idrlabs.com
0 t.adx.opera.com Failed ads.pubmatic.com
812 141

This site contains links to these domains. Also see Links.

Domain
facebook.com
twitter.com
Subject Issuer Validity Valid
idrlabs.com
E1		 2023-07-07 -
2023-10-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.monu.delivery
Sectigo RSA Domain Validation Secure Server CA		 2023-02-23 -
2024-03-25		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
confiant-integrations.net
GTS CA 1P5		 2023-07-23 -
2023-10-21		 3 months crt.sh
*.privacymanager.io
Amazon RSA 2048 M01		 2023-07-27 -
2024-08-24		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-07 -
2024-05-06		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-07-04 -
2023-10-02		 3 months crt.sh
imps.monu.delivery
GTS CA 1D4		 2023-07-23 -
2023-10-21		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-27 -
2023-08-27		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-05-18 -
2023-08-16		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-06-27 -
2023-09-25		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-05-28 -
2023-08-26		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-06 -
2023-09-30		 a year crt.sh
*.id5-sync.com
R3		 2023-07-04 -
2023-10-02		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2023-07-14 -
2023-10-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.saambaa.com
Go Daddy Secure Certificate Authority - G2		 2023-04-03 -
2024-05-04		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
protected-by.clarium.io
Amazon RSA 2048 M01		 2022-12-16 -
2024-01-14		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.exactag.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-19 -
2023-09-15		 a year crt.sh
wrapper-vast.adsafeprotected.com
Amazon RSA 2048 M01		 2023-02-13 -
2023-11-15		 9 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.adlightning.com
Amazon RSA 2048 M01		 2023-07-08 -
2024-08-05		 a year crt.sh
quantserve.com
R3		 2023-06-13 -
2023-09-11		 3 months crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-07 -
2024-05-07		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-10 -
2024-05-10		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
*.a-mo.net
R3		 2023-06-12 -
2023-09-10		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.yieldmo.com
Amazon RSA 2048 M01		 2023-04-04 -
2024-05-02		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2023-05-05 -
2024-04-28		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2023-07-18 -
2023-09-26		 2 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
cdn.pathtosuccess.global
Amazon RSA 2048 M02		 2023-04-20 -
2024-05-18		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
teads.tv
R3		 2023-06-26 -
2023-09-24		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-07-18 -
2024-01-10		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
*.match.prod.bidr.io
Amazon RSA 2048 M02		 2023-02-09 -
2024-01-26		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-04 -
2024-04-21		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-09 -
2024-06-06		 a year crt.sh

This page contains 90 frames:

Primary Page: https://www.idrlabs.com/barbie-character/test.php
Frame ID: 7EF3F6F1DAB9ED0F07C7CE718624B98E
Requests: 71 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230725/r20190131/zrt_lookup.html
Frame ID: FE26DE42F5511E3B9C9FDBD4528DF109
Requests: 1 HTTP requests in this frame

Frame: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Frame ID: FB826AE5D9C2D243F9805BCC1FCA4E42
Requests: 1 HTTP requests in this frame

Frame: https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5F43A959F53DBD398B2CE13C907F4B55
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.idrlabs.com
Frame ID: FC833CE49D268BAA95FA01D0CD15659A
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstcngyk_OskaCYxWe2L3Evl5VK3obI1lyhCwoCTunDH-b-i_t0dN5kZOV7pI8QWBNGE0DKZSVvJaTMY5yUWRYTfUWhsH7HArT8mciBDoFTL9owclOWLpTymnT2O52CaR563AdFNp5G-60FEecDei-iEz8v-ogMeMhgoPVvHYY3GbmuZ9kJ5L-Azfbxdu2PO8poiQRjppXhl0N7tQK8l0dfV8-P6s5IKuVnN_JrJupEJzeiZIcs2030dFQEQk8f4SNkdwFARyxlOSiA9CdVImVe6NibgpAQhiXvWS6p2ogM3IuAZapAwTVCgqKb9yjxgeneXJPzKBQuFy49Au4aUQU3iJFrRfbnUyt5SMhveyA&sai=AMfl-YTrirH0OngBQl1wi_ThuD9pNu_T7iAAjdUEUF6qSpkwN4jpE9YSLMrSqor9vChgNMQ9Ntu4xdT7HMQYrqJjdRbrJbANfOMkee_YM5lXONqIdu55VJlmvDH4LNX-AZqYJnBAXs0EEeA-DppOOsxB&sig=Cg0ArKJSzDYGlDcWIH8cEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 440510EEDA923485F35BFCFF0BB1B7C0
Requests: 139 HTTP requests in this frame

Frame: https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8CA4F2EB8D836D158877DF09DC138A9F
Requests: 16 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 64B869DC9FD1DB3DA3D897FC92FA5F1D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5842547E1CF02A0A6F7F7F1EE7B58520
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 405CCCCB56FC0DDA89576A43167075B8
Requests: 2 HTTP requests in this frame

Frame: https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BE4779B21F533A3DB062DBB19B241C8A
Requests: 58 HTTP requests in this frame

Frame: https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1F025343ACCDDFF6B4588D6986545D65
Requests: 26 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Frame ID: 83E59378943A59A07FAEC7745E31F410
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gY17jR8QEwAQ&v=APEucNWogAwtVfahw5dHnvj89P085HxUmAtsNHl_SvwzWgYEX4YlsaLYnxeKAFxbV4T_3ZuvjV6KvAjR4cpk7pB2fyHK-8YqAnkLAPLUC63cZfno4TDPBxntPf2rT7pSQlNH6tHzBrb3qvPlyNJeUQyNo_E3k0Zc5pq8eOBfqm5e2aQHS746KoU
Frame ID: 1E6AC0F1CBEC6BD3AE3D5F27A33B32B0
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B30E8A47FB4EDA095414905FEBD61606
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 92989C13F91F55816896E4C7DADFC6E8
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6518D2B227B058D350CBE1E37C72057D
Requests: 9 HTTP requests in this frame

Frame: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 5D9580731530D911926AB106C619BB52
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Frame ID: 88DC0C3EA8607D8A10795E6706AE3ADE
Requests: 26 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 12D3E9593568768C782C7CD0CB8CCB4D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A551EEEA567E7724EB432867D270D59C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYmcSa3gEwAQ&v=APEucNUFu_mLTgAQKCSbHEQW_jV8cOQvzrlH6pGpdEVqL7TBP4OxbTwGnmPRZkHAjV7MTZB2WJhofKiD7BGSUYwQjlPIL88b19Rr03t2nRDnioj29k99l_fzaEAZJXcD4gOUhrPOBC0c7lvA1Odn_EMY1mFDlw_z8_apmTeSawEaj4gBdGB6Sag
Frame ID: 0646586067CBD1BBB1EAA4723A07113D
Requests: 3 HTTP requests in this frame

Frame: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 3C69696984DB021255C8C08DBCC2BA29
Requests: 22 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Frame ID: F4A08DFF245AE71D6B9499C3BCA3E146
Requests: 23 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Frame ID: C412858CA3EC5CD5D27F5E0C9DF89070
Requests: 23 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Frame ID: 3D95CC8A4AC95F9C1C081E673CCC8414
Requests: 23 HTTP requests in this frame

Frame: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 5B6778801363307E45F0BB17D86117C2
Requests: 22 HTTP requests in this frame

Frame: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: E5BC998EDB23C968EC11800615797910
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYmcSa3gEwAQ&v=APEucNUTaAPrkfGCS1wgCA6_81CUgFAUPg9zJLIIYkfjNxnmZvzFNfmdlvWXnbvGTPv9opGPGeOvpUo4RdfUB1cbCMRavg2WR7hlCZbj-vE4SPSvyLAJks_2X_tK4IgxBfsuAUsTmTxTMJFNZk0HJxvbKRwyb71isaGtO__QUkcjhwfUOwmSiUQ
Frame ID: 71B354D293A04BC92717C078B76F493B
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYmcSa3gEwAQ&v=APEucNWEVMXZEKHFtM_Bw3lSPrIenL475uXqhIDz95UP-oHGpwRcNwtffx5siqulsDWqQPuiT3TZv082BqbbkqWr3mlQ_Hl5hDfO-AWXzquKgWhMjGYNo2wPhduoih0D1f1o6UI8sZ9kr7h3vDwIrlz9q2GFt2Hg8l388h_6S670S2gMkXMLHxs
Frame ID: DBE5EC033A57E0E4F2BD6531760ED93F
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYmcSa3gEwAQ&v=APEucNX6---DExYna6CQNiSBbHnP9ka7Yltik-qE8u9_gSIfOTlo-nm9ba2DGcSCOhSCmW3wjwoCSxK8aOaVLjh2P7vZAzcN4qxDXUlI10lGl3JxNn1DKojZaLKT1VP2EBkZCHpiO0lPzSv387m8bzsUbvI7uZTscmKOsnmbTlvpbMR-pgoGs4Q
Frame ID: 1470075344FA139715D29C9547C76881
Requests: 5 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Frame ID: 6F505248B1056C2470751F1B83C67C64
Requests: 21 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Frame ID: DE8E3DBF3DBC8CA4BE2852049352E596
Requests: 23 HTTP requests in this frame

Frame: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 47624F789AA606FECC2DCD2D3E7263FD
Requests: 22 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 36715845853624CD207E276A57247A8E
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARi7977cATAB&v=APEucNWU-P2O9ApK5UZUQIQhihROxeHJY-znuLaB59GBNWkXTYs9JDWDS_sZOeexhrMFJWbGwYl-HHG1bQDzukEX8podr0T-wsE2ZzCTiANGM9gho3ryeJGZ99FQufae1TsyiiGbyx9KwFff0Yz0xPOf6SeCQSjgx_ZjY14qMQIFxlQnjtpA5cc
Frame ID: 076BAE535ACEFF8A2BCC374C60D32A83
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYmcSa3gEwAQ&v=APEucNXNKrXCvWpwh24gJJwyk6gJeSc2wk2FSEIsOw5NDqiSe1baPrJSniGSNNSw8soWdCxQiNjsEH47jcQQcDpWJ67FbafkFZZaDKCaeF0JWlAH6hRiNIcEnSfyPumznkUqzLR200eshpwOfdoPVyFj7NZh33NEU3jIh1huj77zdN-kzWZHBZ8
Frame ID: 525979A229D2CEC1D7176B3D9C458DB6
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARihwJ3cATAB&v=APEucNWNc617oqpybTE4DRJggr7fytASd_JdQxJj1EuTdBBuVgPCH1y6DG8gTGRlloY9OJiXkTH793zg-sA_4SllSOnxIaPl5Q
Frame ID: ACEC1697A845A93905574F37F3C9676A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARihwJ3cATAB&v=APEucNVWgYO9mv8LWmKsgELamkmQM7-ft_RAjADmi5FB5WuUWa1r3WSMlkHpyYjcu_gF3Qn6qZD1Y0-ZuRJRVQCtKJLXLcRmsQ
Frame ID: 728ADE146BFD6B1BCB0E2732B9415240
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARihwJ3cATAB&v=APEucNWPkkG2JMVIZFH1fNHNrQJtQYO3kXsZeITANAKkyIg3JKCO99B085l1pk2DYeoYJOXO8iwbt-mXgNZ7xnrq9wrRdYMSKw
Frame ID: 834520FFF46336ED0381943E11D77437
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: FD45071348D45A81E8D2759A862639A9
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: A2A73109EADC469EA4BE4FCE623DEC73
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=Yx0KQy4Nsj&t=1&renderingType=2&ev=01_250
Frame ID: 3D298F59C2452263A8665DFE034FA54C
Requests: 12 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 635FE61ED0F91257BB3B6FFE84B1415C
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 23FBBC0BC8D9037322653FD530ABC4D0
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Frame ID: 34F30E6275E9BCFCDA16119393E0D660
Requests: 22 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13401719
Frame ID: 30462A625523F935F5092DA3F64D6E81
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 67B74A808837389B1D2AB1C68E4139BD
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Frame ID: 241B6A88ED0F9954C8B0ACD9CE7E57F3
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: A4384972D88753B0C45BB6E27773C0CF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8A34CE10B1D1D06D61740C14976E7C0E
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARihwJ3cATAB&v=APEucNVwIOvMzap-NJF5qAI_ERdIskvS3Xbm_0vAtFRrIZ68GjoLrjT_eFpXQbf4jYayw188tVHBdpr2UJ_mMkNZLucWw7r7TA
Frame ID: 3E3985D624B46079B13A439D8780BA84
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 625A8CA4B01951E86C07084938B57148
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=dTjriW4yPE&t=1&renderingType=2&ev=01_250
Frame ID: 4C6680EEF220100AB1EB05507E6810BE
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=PKyubwgXhv&t=1&renderingType=2&ev=01_250
Frame ID: 1410B0F3041B47D616C78BB396EFCABE
Requests: 12 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 04007C9E29A6A187D4B59161E3B772FA
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=IGgQoL8jxx&t=1&renderingType=2&ev=01_250
Frame ID: 87927E56EF207FFC9233D11B42CDE2AE
Requests: 12 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: DB2BC6562DCA105C49C091A991574A69
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4D620F61526F4D6CB5B6F08C41788C2A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C2DD2518DCB86466CB5563026C159EBB
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 983FB7EDA050312ABF76C40311B0FCEE
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=TF3HqI8J8x&t=1&renderingType=2&ev=01_250
Frame ID: 6A07DA9DDC770217E50835E43E174066
Requests: 12 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4779171506127490503
Frame ID: F258EB172AB050B8E7F501BB6D7BCC72
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 48BCAEFA01FA65B0B4B76A106AF356F4
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433829054605955
Frame ID: 50018483BA73BE5103B7CEFB2A6D9125
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D47DA65B-5255-4629-8516-71A0FB352C91&redir=true&gdpr=0&gdpr_consent=
Frame ID: AF63ABE337DC4D932FE582465E9DF816
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4FI65eJeabP7Xzqx71B057VfYe77VTjktwJ3HMuG
Frame ID: 49BF2206C202BB1625AEA168CCBD26A4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D2BA43FD54B7DDB8FFC440CCAA04CCA4
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 408FB1C5E9382693DAC08993AFD85ADA
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 16FAB522AD3BDFCC87F06B99B3662BB8
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 648DA3E9A513D9DF10AB6507E6CB6B3C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B978B879843222417FCA143B74E3740F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 81967E9A7DE8CA37E793A95976F7564C
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Frame ID: 0CA8F833F21DBB76F79E301F5FB9CB4C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Frame ID: 02FAAC697B1B9E44395E5D406AE8586A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Frame ID: F6EC5AC10B2EF3AC825861957F285C4C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Frame ID: 6CA6735395C29D0A9BEFC63CBFA96C4B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Frame ID: BA52D5936ACCFD7BF15C728DC4B63588
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=D47DA65B-5255-4629-8516-71A0FB352C91&gdpr=0&gdpr_consent=
Frame ID: 220E7326498C3055FCD4EF5CD4CFE932
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5298221637248241030&gdpr=0&gdpr_consent=
Frame ID: 60DA105853563D4DFC1D167F6568FEE5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7260444804319934604&gdpr=0&gdpr_consent=
Frame ID: 38C6E539B2A0C52C2006B798A6184BB0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ahGjWPxAUa1kWs2TPT1hcbKi0YM&gdpr=0&gdpr_consent=
Frame ID: E3CC88CC4377FEDF2844134FDE7ED2FA
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAJUDE7JhJAAACjlSo442g&gdpr=0&gdpr_consent=
Frame ID: B23003E91E6E6B3E42D8C59E5EFBB374
Requests: 1 HTTP requests in this frame

Frame: https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Frame ID: 7EF973C131F9891C637009F352D183B4
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Frame ID: 437F316D90CD9DE4220518B6BA78211A
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbIhtYEEM2TpN8EGIrL8O8BMAE&v=APEucNXDnp54VeglWCN53S75wWzAtO6lP3xXVD20kit5l4VSzJcksGl-bazOEYBLDw7enX8YzsE_pXjvoUThUsvu7WhIGJ1ZNpY95q5i8XhVuEv_CYPHvo0u_27F6QkXJbVN5VrIYgSNBWjJr7edAtlEGZsH3yxNd4kKH8xXK80gNMu5bF6NUFY
Frame ID: 25E08E0F2BED17D18416D2286A873AC7
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 1BFAFBBFE49B8A46BB78E4C94CBA9163
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F41DD8E7F38FC5DEFBCBB603458C28E3
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16657667486557792069/index.html?e=69&leftOffset=0&topOffset=0&c=HF8xVkKqbw&t=1&renderingType=2&ev=01_250
Frame ID: ED5C42135959F111955C3E943D90B767
Requests: 5 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 83D2DDF3B00F9A7633652594B97E1AB6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Barbie Character Test

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

812
Requests

91 %
HTTPS

32 %
IPv6

80
Domains

141
Subdomains

111
IPs

12
Countries

9115 kB
Transfer

20537 kB
Size

101
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&rid=esp&cc=1
Request Chain 65
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=idrlabs.com&sn=ChromeSyncframe&so=0&topUrl=www.idrlabs.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=co5-fHxCV25GcHFOdGY0OURCUnlqMTJMQ1M4QlY2VjA3dnVIMlBhVU5mQ0dnVmpWUFVwOUxuT1hqSUthYlNXcThpeStFZWJJbFVZeEViaW9lWVhSRm4zQXJkajFyOGFMUFlhc0p0TktlODNXR1VqanZyTzM5YTcrUmh3blViVTlZWk8vRE4rays1TTRaV1ljaGVVUnB6QytsQ252c3FMTXBCN2ZqY0hnWjJGaHJKYTJGS1lJVC9wYVhjMGlxTXVqRmxWOStHUU9JZVdndjI5b1BZYUtwVEhVVUhZeFJHSXdWclpVdjZlNVRsWkV2QTlkbnRPTktoOHR6UU1ETjBNaGRpTllaVkRmYWh0U3pVdVRIZCtKSnljQS9zZz09fA&cppv=2
Request Chain 138
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWLa67QqJ8Ua10T7t8-DX4&google_cver=1
Request Chain 139
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZMJIDVI2FTazn26vlFh6dwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWLa67QqJ8Ua10T7t8-DX4&google_cver=1
Request Chain 140
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENGV_cjSsTnGbTVyV_w27-Q&google_cver=1
Request Chain 141
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI5ODIyMTYzNzI0ODI0MTAzMA%3D%3D
Request Chain 162
  • https://gcdn.2mdn.net/videoplayback/id/972a231ccdf3827b/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3825912948/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/5115F74064F20B9E8EC8EF9DF96ECFE1926FA1F2.9393566F6EA5A88300504DD8BCAA0E2429D8A00B/key/ck2/file/file.mp4 HTTP 302
  • https://r3---sn-5hneknee.c.2mdn.net/videoplayback/id/972a231ccdf3827b/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3825912948/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/02BF1FE2D51969D55B34D0129F0BF4F751796946.4ED2A09F6ED2FB2FC22BA1E9D6B1FD67AAE1B11D/key/cms1/cms_redirect/yes/mh/90/mip/2a00:c98:2050:a007:2::6/mm/42/mn/sn-5hneknee/ms/onc/mt/1690453750/mv/m/mvi/3/pl/58/file/file.mp4
Request Chain 216
  • https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiU1RBUlQiLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ1ZDA2OTYiLCJiaWRSZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vNmZmNjFmYmRjNjE3MWVkMGY4ODM0YTM3ZTFlZWM4ZGEuc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS8ifX0sImN1c3RvbSI6eyJjdXN0b20xIjoiIiwiY3VzdG9tMiI6IjIuMCIsImN1c3RvbTMiOiIyLjAiLCJjdXN0b203IjoiMTQzNDE3MiIsImN1c3RvbTgiOiI3MDc3NDQ4OSIsInJlZ2lvbiI6ImllIiwieHNpZCI6IjAyZDk0NTkzLTRiMWMtNDVmNC1iNjFhLWE3ZmNkOTYxZDMxZSJ9LCJ0aW1lc3RhbXAiOiIwMDAxLTAxLTAxVDAwOjAwOjAwWiIsImhlYWRlcnMiOnsiaGVhZGVyMTAiOiIyMDIyNDczMjMwOSIsImhlYWRlcjEyIjoiYWQuZG91YmxlY2xpY2submV0IiwiaGVhZGVyMyI6Ikdvb2dsZTIiLCJoZWFkZXI0IjoiNyIsImhlYWRlcjgiOiJpYXNvIiwiaGVhZGVyOSI6IiJ9LCJjYiI6IjE2OTA0NTQwMjkzNjM4NjA4NzkiLCJhZER1cmF0aW9uIjoyMTE1MDk4MTEyLCJpYXNTaW5nbGV0YWciOnRydWUsImlhc1NpbmdsZXRhZ091dGNvbWUiOiJPVVRDT01FX01fX1ZBU1RfX09NSURfX1dFQl9QWEwifQ==&advEntityId=1434172&pubEntityId=70774489 HTTP 303
  • https://dt.adsafeprotected.com/dt?anId=10173&asId=02d94593-4b1c-45f4-b61a-a7fcd961d31e&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A1%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Request Chain 221
  • https://pixel.adsafeprotected.com/rfw/st/1434172/70774493/skeleton.gif?xmtp=v&xmapp=0&xsId=02d94593-4b1c-45f4-b61a-a7fcd961d31e&bidurl=https://www.idrlabs.com/barbie-character/test.php&ias_campId=1013136622&ias_pubId=pub-3944954862316283&ias_placementId=20224732309&ias_chanId=1&ias_dealId=549644393847793680&ias_impId=v4~~ABAjH0jU9Q1_9LVt2T2_xbu5DhY2&ias_dspId=3&ias_creativeId=190119535&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssiK9daSfy9laDwwWoXysbARpZ2PMc4l-Y45eJ6DIinI8aTX2EF6bHY584VDp_ztUVtuBOpk0G7sVbweQDhcLw9S8lT3oovQjF23oZxWlgBiMUGyxAe9uGh90dxYz0IiSxgrLQEia7XCVN7M_UDUgvvvz6E57_ZzRuKmNmlprsz4eyaHmE9Xy0yT_63B9Ri8iGwHuW7g9HBn6ED0izHKGAI&sai=AMfl-YQptRs6ZBBwJrJyEMC3JZZPfGljtmRMJT3nyRHudNM5ZRBvT4gykZBZNmIgW-ZQYmUMFcxSVNXf3L1J9VBB2Q6_wCASewfc_fG-dPzb55cmKDyT55aQfzdXqB__8nAiXTwgXAQHft8dX8TUrB5v2rI7pg&sig=Cg0ArKJSzCqZAepnxOPkEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=&ias_xappb=&mon=70774493&redirectedRetries=0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=02d94593-4b1c-45f4-b61a-a7fcd961d31e&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssiK9daSfy9laDwwWoXysbARpZ2PMc4l-Y45eJ6DIinI8aTX2EF6bHY584VDp_ztUVtuBOpk0G7sVbweQDhcLw9S8lT3oovQjF23oZxWlgBiMUGyxAe9uGh90dxYz0IiSxgrLQEia7XCVN7M_UDUgvvvz6E57_ZzRuKmNmlprsz4eyaHmE9Xy0yT_63B9Ri8iGwHuW7g9HBn6ED0izHKGAI&sai=AMfl-YQptRs6ZBBwJrJyEMC3JZZPfGljtmRMJT3nyRHudNM5ZRBvT4gykZBZNmIgW-ZQYmUMFcxSVNXf3L1J9VBB2Q6_wCASewfc_fG-dPzb55cmKDyT55aQfzdXqB__8nAiXTwgXAQHft8dX8TUrB5v2rI7pg&sig=Cg0ArKJSzCqZAepnxOPkEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=&ias_xappb=&mon=70774493&redirectedRetries=0
Request Chain 223
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCTqWIYg_HU5gEgATAB&v=APEucNXBnCDGkvnPfzql46AorTojEhHBaAaz_w6--SVzfWkvX3-uWG54z5A415IvGUOZgEzZf3CPIcSz7SfFoTUvVhpebgXC8g HTTP 302
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Request Chain 247
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEGfAbnzkYicwaCXMqX2BIvI&google_cver=1&google_push=AaAOQGE9gYyDMAInwXgPqhzilh0i21Dt73M3Al26GJ305Jc31mLVRUwJSMzx_bM6S0RrB3k5pYBUIlcEk2zrNVGu31PuAVU4pR8pfw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGE9gYyDMAInwXgPqhzilh0i21Dt73M3Al26GJ305Jc31mLVRUwJSMzx_bM6S0RrB3k5pYBUIlcEk2zrNVGu31PuAVU4pR8pfw&google_hm=QYwA3uW_S_ed-98rckVS0IM
Request Chain 248
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEPj7WHnjbz5DFQVU094LJt8&google_cver=1&google_push=AaAOQGEfVPv28HuiLuRbXug7_8dTJDLVFtTlLrXDWewyFJl278vIjIpdWKOdMshsHPED-BtGHDsB_OhJqb3yVNWZAsZ8clgYrWuicg HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=CV-KQ2n_RGeDyqwiryhO7A2&google_push=AaAOQGEfVPv28HuiLuRbXug7_8dTJDLVFtTlLrXDWewyFJl278vIjIpdWKOdMshsHPED-BtGHDsB_OhJqb3yVNWZAsZ8clgYrWuicg
Request Chain 250
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEMY-9Kf1H5azY1F63d-kZZQ&google_cver=1&google_push=AaAOQGHplBgmBswLH6B_U_sPo9C4gbIPfWWh3Xy14KzkQWiPEXMXU32wEcMXshneMGpYl70t2oHbQIc3vOP12Gh7Q_ZVLrukPXk6dw HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEMY-9Kf1H5azY1F63d-kZZQ&google_cver=1&google_push=AaAOQGHplBgmBswLH6B_U_sPo9C4gbIPfWWh3Xy14KzkQWiPEXMXU32wEcMXshneMGpYl70t2oHbQIc3vOP12Gh7Q_ZVLrukPXk6dw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGHplBgmBswLH6B_U_sPo9C4gbIPfWWh3Xy14KzkQWiPEXMXU32wEcMXshneMGpYl70t2oHbQIc3vOP12Gh7Q_ZVLrukPXk6dw
Request Chain 251
  • https://match.360yield.com/match/ebda?google_gid=CAESEJdSYcHtB-w1wz4qdJIv-cQ&google_cver=1&google_push=AaAOQGFaeYfc4n0FhT1l8OLvhI5ao1z8m7H3O4FlP95l9ttnsfXNb5xk7jPwRBcpEhm9GT0VuZfCUwlU5IpHzQFFymtmzceeRKiLWw HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEJdSYcHtB-w1wz4qdJIv-cQ&google_cver=1&google_push=AaAOQGFaeYfc4n0FhT1l8OLvhI5ao1z8m7H3O4FlP95l9ttnsfXNb5xk7jPwRBcpEhm9GT0VuZfCUwlU5IpHzQFFymtmzceeRKiLWw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0Nyv1e_eQPukIusPQhdJJA&google_push=AaAOQGFaeYfc4n0FhT1l8OLvhI5ao1z8m7H3O4FlP95l9ttnsfXNb5xk7jPwRBcpEhm9GT0VuZfCUwlU5IpHzQFFymtmzceeRKiLWw
Request Chain 253
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEJIGMRVuCyL4HQkk2EoR_Yk&google_cver=1&google_push=AaAOQGGw2HPRBVO0yKZDhIUD-CmrNz3crBfeRa4q71JZhbZGZvy0gBxR9O7nCS1nJI9mJfx5h7b56G1piwaiZNQsh0dMCXmaXSdSCi0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGGw2HPRBVO0yKZDhIUD-CmrNz3crBfeRa4q71JZhbZGZvy0gBxR9O7nCS1nJI9mJfx5h7b56G1piwaiZNQsh0dMCXmaXSdSCi0 HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 330
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm HTTP 302
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEPKsbl-hTuvBzW08yHfsy7Y&google_cver=1
Request Chain 331
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm HTTP 302
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEKdeCVeDaCrrmYDwg1G-yM4&google_cver=1&adform_v=1
Request Chain 387
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_dbm HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDKtqCS6yYkS6Z-LlOuTvlY&google_cver=1
Request Chain 388
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmJmZWMxMThjOThmYzJlNzgyYzY0MGIzZjcyODM3ZjIzNmQ0ZDViNQ
Request Chain 389
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_dbm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&piggybackCookie=CAESENR9kwjRm1LURek_5vOdRrs&google_cver=1
Request Chain 393
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEPmSH0looOVBx7lehfjbUIk&google_cver=1
Request Chain 395
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEPqlq0TTlxv2IIovOfIqMA&google_cver=1
Request Chain 396
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=1442b6a6-2c69-11ee-a197-1189f5600406 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MTQ0MmNhMWYtMmM2OS0xMWVlLWJkOWMtMWE3Y2I5ZTMwMjA2
Request Chain 397
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEPmSH0looOVBx7lehfjbUIk&google_cver=1
Request Chain 399
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEPqlq0TTlxv2IIovOfIqMA&google_cver=1
Request Chain 400
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=1442ca70-2c69-11ee-bd9c-1a7cb9e30206 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MTQ0MmNhMWYtMmM2OS0xMWVlLWJkOWMtMWE3Y2I5ZTMwMjA2
Request Chain 445
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEPmSH0looOVBx7lehfjbUIk&google_cver=1
Request Chain 447
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEPqlq0TTlxv2IIovOfIqMA&google_cver=1
Request Chain 448
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MTQ0MmNhMWYtMmM2OS0xMWVlLWJkOWMtMWE3Y2I5ZTMwMjA2
Request Chain 449
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEPmSH0looOVBx7lehfjbUIk&google_cver=1
Request Chain 451
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEPqlq0TTlxv2IIovOfIqMA&google_cver=1
Request Chain 452
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MTQ0MmNhMWYtMmM2OS0xMWVlLWJkOWMtMWE3Y2I5ZTMwMjA2
Request Chain 501
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=699e7c57-443f-4d74-a517-dcf026e860a3&google_hm=Njk5ZTdjNTctNDQzZi00ZDc0LWE1MTctZGNmMDI2ZTg2MGEz HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEBFdWqsFXhmIYv9J4fVzsJQ&google_cver=1&ssp=sonobi&bsw_param=699e7c57-443f-4d74-a517-dcf026e860a3
Request Chain 502
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=de79739b-e69c-4605-8848-59a4ec57a1d7&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=aG11Y3UwUUgyTmluU1hOWUJrNzI1dw&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESECS-jPgMeUTHLVk3DP4eyWM&google_cver=1
Request Chain 503
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5107433829054605955
Request Chain 505
  • https://creativecdn.com/cm-notify?pi=sonobi HTTP 302
  • https://creativecdn.com/cm-notify?pi=sonobi&tc=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=XBW8SfbpMG6RWTauYxCu&pi=sonobi&tc=1
Request Chain 540
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmJmZWMxMThjOThmYzJlNzgyYzY0MGIzZjcyODM3ZjIzNmQ0ZDViNQ
Request Chain 541
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/6lu4Op-L_WWV0wSkG6view?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-wVnpNlZE2oIaAA5Jui3DQ7hv1x.stI4aoHRoCQ--~A
Request Chain 542
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=7wjd5neURfGl-JMj7L8d-A&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7wjd5neURfGl-JMj7L8d-A
Request Chain 543
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDKtqCS6yYkS6Z-LlOuTvlY&google_cver=1
Request Chain 544
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKL0OLCI-3-HZPH
Request Chain 546
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEtMME9MQ0ktMy1IWlBI HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKaM8MmvnLk9ueeQ1gmdZaQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtMME9MQ0ktMy1IWlBI&google_push=
Request Chain 547
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=oQP-8fFGQ-WCzhMQ1i5-UA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=oQP-8fFGQ-WCzhMQ1i5-UA
Request Chain 570
  • https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiUVVBUlRJTEUxIiwicHVibGlzaGVyVXVpZCI6ImE1ZGIwMmIwLTJiNzgtNDlhMy04NGZmLTAwNTU5ZDY5N2NiOSIsInNpdGVVdWlkIjoiYWZkZGVmNWQtYzIwNC00MGE5LWI0ZmItOTY1YTE0NWQwNjk2IiwiYmlkUmVxdWVzdCI6eyJzaXRlIjp7InBhZ2UiOiJodHRwczovLzZmZjYxZmJkYzYxNzFlZDBmODgzNGEzN2UxZWVjOGRhLnNhZmVmcmFtZS5nb29nbGVzeW5kaWNhdGlvbi5jb20vIn19LCJjdXN0b20iOnsiY3VzdG9tMSI6IiIsImN1c3RvbTIiOiIyLjAiLCJjdXN0b20zIjoiMi4wIiwiY3VzdG9tNyI6IjE0MzQxNzIiLCJjdXN0b204IjoiNzA3NzQ0ODkiLCJyZWdpb24iOiJpZSIsInhzaWQiOiIwMmQ5NDU5My00YjFjLTQ1ZjQtYjYxYS1hN2ZjZDk2MWQzMWUifSwidGltZXN0YW1wIjoiMDAwMS0wMS0wMVQwMDowMDowMFoiLCJoZWFkZXJzIjp7ImhlYWRlcjEwIjoiMjAyMjQ3MzIzMDkiLCJoZWFkZXIxMiI6ImFkLmRvdWJsZWNsaWNrLm5ldCIsImhlYWRlcjMiOiJHb29nbGUyIiwiaGVhZGVyNCI6IjciLCJoZWFkZXI4IjoiaWFzbyIsImhlYWRlcjkiOiIifSwiY2IiOiIxNjkwNDU0MDI5MzYzMzgxMjEwIiwiYWREdXJhdGlvbiI6MjExNTA5ODExMiwiaWFzU2luZ2xldGFnIjp0cnVlLCJpYXNTaW5nbGV0YWdPdXRjb21lIjoiT1VUQ09NRV9NX19WQVNUX19PTUlEX19XRUJfUFhMIn0=&advEntityId=1434172&pubEntityId=70774489 HTTP 303
  • https://dt.adsafeprotected.com/dt?anId=10173&asId=02d94593-4b1c-45f4-b61a-a7fcd961d31e&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A2%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoFirstQuartile%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Request Chain 587
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZMJIDVI2FTazn26vlFh6dwAACEoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBhtKKybMjFU71Mb2HGc6K0&google_cver=1
Request Chain 590
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1690540434
Request Chain 591
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2665416385726008439&expiration=1691663635
Request Chain 607
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4779171506127490503
Request Chain 608
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 609
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433829054605955
Request Chain 611
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4FI65eJeabP7Xzqx71B057VfYe77VTjktwJ3HMuG
Request Chain 612
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1H2mW1JVRimFFnGg-zUskQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 614
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1636278750 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=D47DA65B-5255-4629-8516-71A0FB352C91
Request Chain 615
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=D47DA65B-5255-4629-8516-71A0FB352C91 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=OGQySERyNUZkelpSNk91MTQxQlZOTVM5dw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=2665416385726008439&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 616
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDQ3REE2NUItNTI1NS00NjI5LTg1MTYtNzFBMEZCMzUyQzkx&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 617
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENR9kwjRm1LURek_5vOdRrs&google_cver=1
Request Chain 619
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2665416385726008439
Request Chain 731
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5298221637248241030&gdpr=0&gdpr_consent=
Request Chain 732
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7260444804319934604&gdpr=0&gdpr_consent=
Request Chain 733
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ahGjWPxAUa1kWs2TPT1hcbKi0YM&gdpr=0&gdpr_consent=
Request Chain 734
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFKVURFN0poSkFBQUNqbFNvNDQyZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAJUDE7JhJAAACjlSo442g&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=8213357817086859722&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAJUDE7JhJAAACjlSo442g&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D8213357817086859722%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=8213357817086859722&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAJUDE7JhJAAACjlSo442g&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAJUDE7JhJAAACjlSo442g&gdpr=0&gdpr_consent=
Request Chain 737
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=D47DA65B-5255-4629-8516-71A0FB352C91&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=D47DA65B-5255-4629-8516-71A0FB352C91&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 738
  • https://pixel.onaudience.com/?partner=214&mapped=D47DA65B-5255-4629-8516-71A0FB352C91&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 741
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=699e7c57-443f-4d74-a517-dcf026e860a3 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=699e7c57-443f-4d74-a517-dcf026e860a3 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=1ea58c8e-20bd-4aec-a0e0-52ce7f4a6fa8&user_group=1&ssp=pubmatic&bsw_param=699e7c57-443f-4d74-a517-dcf026e860a3
Request Chain 743
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7863977536294349538&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 744
  • https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiUVVBUlRJTEUyIiwicHVibGlzaGVyVXVpZCI6ImE1ZGIwMmIwLTJiNzgtNDlhMy04NGZmLTAwNTU5ZDY5N2NiOSIsInNpdGVVdWlkIjoiYWZkZGVmNWQtYzIwNC00MGE5LWI0ZmItOTY1YTE0NWQwNjk2IiwiYmlkUmVxdWVzdCI6eyJzaXRlIjp7InBhZ2UiOiJodHRwczovLzZmZjYxZmJkYzYxNzFlZDBmODgzNGEzN2UxZWVjOGRhLnNhZmVmcmFtZS5nb29nbGVzeW5kaWNhdGlvbi5jb20vIn19LCJjdXN0b20iOnsiY3VzdG9tMSI6IiIsImN1c3RvbTIiOiIyLjAiLCJjdXN0b20zIjoiMi4wIiwiY3VzdG9tNyI6IjE0MzQxNzIiLCJjdXN0b204IjoiNzA3NzQ0ODkiLCJyZWdpb24iOiJpZSIsInhzaWQiOiIwMmQ5NDU5My00YjFjLTQ1ZjQtYjYxYS1hN2ZjZDk2MWQzMWUifSwidGltZXN0YW1wIjoiMDAwMS0wMS0wMVQwMDowMDowMFoiLCJoZWFkZXJzIjp7ImhlYWRlcjEwIjoiMjAyMjQ3MzIzMDkiLCJoZWFkZXIxMiI6ImFkLmRvdWJsZWNsaWNrLm5ldCIsImhlYWRlcjMiOiJHb29nbGUyIiwiaGVhZGVyNCI6IjciLCJoZWFkZXI4IjoiaWFzbyIsImhlYWRlcjkiOiIifSwiY2IiOiIxNjkwNDU0MDI5MzY0MTYyMDc4IiwiYWREdXJhdGlvbiI6MjExNTA5ODExMiwiaWFzU2luZ2xldGFnIjp0cnVlLCJpYXNTaW5nbGV0YWdPdXRjb21lIjoiT1VUQ09NRV9NX19WQVNUX19PTUlEX19XRUJfUFhMIn0=&advEntityId=1434172&pubEntityId=70774489 HTTP 303
  • https://dt.adsafeprotected.com/dt?anId=10173&asId=02d94593-4b1c-45f4-b61a-a7fcd961d31e&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A3%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoFirstQuartile%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoMidpoint%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Request Chain 748
  • https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiUVVBUlRJTEUzIiwicHVibGlzaGVyVXVpZCI6ImE1ZGIwMmIwLTJiNzgtNDlhMy04NGZmLTAwNTU5ZDY5N2NiOSIsInNpdGVVdWlkIjoiYWZkZGVmNWQtYzIwNC00MGE5LWI0ZmItOTY1YTE0NWQwNjk2IiwiYmlkUmVxdWVzdCI6eyJzaXRlIjp7InBhZ2UiOiJodHRwczovLzZmZjYxZmJkYzYxNzFlZDBmODgzNGEzN2UxZWVjOGRhLnNhZmVmcmFtZS5nb29nbGVzeW5kaWNhdGlvbi5jb20vIn19LCJjdXN0b20iOnsiY3VzdG9tMSI6IiIsImN1c3RvbTIiOiIyLjAiLCJjdXN0b20zIjoiMi4wIiwiY3VzdG9tNyI6IjE0MzQxNzIiLCJjdXN0b204IjoiNzA3NzQ0ODkiLCJyZWdpb24iOiJpZSIsInhzaWQiOiIwMmQ5NDU5My00YjFjLTQ1ZjQtYjYxYS1hN2ZjZDk2MWQzMWUifSwidGltZXN0YW1wIjoiMDAwMS0wMS0wMVQwMDowMDowMFoiLCJoZWFkZXJzIjp7ImhlYWRlcjEwIjoiMjAyMjQ3MzIzMDkiLCJoZWFkZXIxMiI6ImFkLmRvdWJsZWNsaWNrLm5ldCIsImhlYWRlcjMiOiJHb29nbGUyIiwiaGVhZGVyNCI6IjciLCJoZWFkZXI4IjoiaWFzbyIsImhlYWRlcjkiOiIifSwiY2IiOiIxNjkwNDU0MDI5MzY0NDIyOTA0IiwiYWREdXJhdGlvbiI6MjExNTA5ODExMiwiaWFzU2luZ2xldGFnIjp0cnVlLCJpYXNTaW5nbGV0YWdPdXRjb21lIjoiT1VUQ09NRV9NX19WQVNUX19PTUlEX19XRUJfUFhMIn0=&advEntityId=1434172&pubEntityId=70774489 HTTP 303
  • https://dt.adsafeprotected.com/dt?anId=10173&asId=02d94593-4b1c-45f4-b61a-a7fcd961d31e&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A4%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoFirstQuartile%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoMidpoint%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoThirdQuartile%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Request Chain 763
  • https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiQ09NUExFVEUiLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ1ZDA2OTYiLCJiaWRSZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vNmZmNjFmYmRjNjE3MWVkMGY4ODM0YTM3ZTFlZWM4ZGEuc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS8ifX0sImN1c3RvbSI6eyJjdXN0b20xIjoiIiwiY3VzdG9tMiI6IjIuMCIsImN1c3RvbTMiOiIyLjAiLCJjdXN0b203IjoiMTQzNDE3MiIsImN1c3RvbTgiOiI3MDc3NDQ4OSIsInJlZ2lvbiI6ImllIiwieHNpZCI6IjAyZDk0NTkzLTRiMWMtNDVmNC1iNjFhLWE3ZmNkOTYxZDMxZSJ9LCJ0aW1lc3RhbXAiOiIwMDAxLTAxLTAxVDAwOjAwOjAwWiIsImhlYWRlcnMiOnsiaGVhZGVyMTAiOiIyMDIyNDczMjMwOSIsImhlYWRlcjEyIjoiYWQuZG91YmxlY2xpY2submV0IiwiaGVhZGVyMyI6Ikdvb2dsZTIiLCJoZWFkZXI0IjoiNyIsImhlYWRlcjgiOiJpYXNvIiwiaGVhZGVyOSI6IiJ9LCJjYiI6IjE2OTA0NTQwMjkzNjM1ODUyMTIiLCJhZER1cmF0aW9uIjoyMTE1MDk4MTEyLCJpYXNTaW5nbGV0YWciOnRydWUsImlhc1NpbmdsZXRhZ091dGNvbWUiOiJPVVRDT01FX01fX1ZBU1RfX09NSURfX1dFQl9QWEwifQ==&advEntityId=1434172&pubEntityId=70774489 HTTP 303
  • https://dt.adsafeprotected.com/dt?anId=10173&asId=02d94593-4b1c-45f4-b61a-a7fcd961d31e&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A5%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoFirstQuartile%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoMidpoint%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoThirdQuartile%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoComplete%2Csl%3An%2Cad_duration%3A2115098112.1151%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Request Chain 789
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFIGsPTYrUGRmUBWw09hso8&google_cver=1 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=771&dpuuid=CAESEFIGsPTYrUGRmUBWw09hso8&google_cver=1
Request Chain 809
  • https://fw.adsafeprotected.com/rfw/st/1549653/72464741/4.js?adContainerId=brand_safety_HkjCZOrPA8S4x_APuPiBuAE&cbFunctionName=goog_wrapCb_HkjCZOrPA8S4x_APuPiBuAE&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.idrlabs.com%2F&adsafe_type=f&adsafe_jsinfo=,id:fc62a7ca-8662-c496-bc27-58a740d7beb8,c:jyWr4s,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-experiment-primary-5d4b6c676d-479sg,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tLcMU3z+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C1831%7C1832%7C1841%7C1842%7C18431%7C1844%7C1851%7C1852%7C18531%7C1854%7C1861%7C1862%7C18631%7C1864%7C1871%7C1872%7C1881%7C1882%7C1891%7C1892%7C1893%7C18a1%7C18a2%7C18a31%7C18a4%7C18b1%7C18b2%7C18c%7C18d1%7C18d2%7C18d3%7C18d4%7C18d5%7C18d6%7C18d7%7C18d8%7C18d9%7C18da%7C18db%7C18e%7C18f%7C18g%7C18h1%7C18i*.1549653-72464741%7C18i1%7C18i2%7C18i31%7C18i4%7C191%7C1a%7C1b%7C1c1%7C1c2%7C1d1%7C1d2%7C1d3,idMap:18i*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:19,oid:1cd56811-2c69-11ee-a6fc-0207c39815a5,v:19.8.434,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4a.js
Request Chain 812
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LKL0OLCI-3-HZPH HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LKL0OLCI-3-HZPH
Request Chain 813
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LKL0OLCI-3-HZPH
Request Chain 814
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=87449af9-7599-46c0-93e4-3aa9ec2fdbbd&expires=30
Request Chain 815
  • https://sync.srv.stackadapt.com/sync?nid=14 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=ahGjWPxAUa1kWs2TPT1hcbKi0YM
Request Chain 816
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=06406124-562d-4d7c-ad1e-5bcf2ab00c63
Request Chain 818
  • https://c1.adform.net/serving/cookie/match?party=1164 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=2665416385726008439

812 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request test.php
www.idrlabs.com/barbie-character/ 		113 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.idrlabs.com/barbie-character/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:af3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60324999fca19d5610c7e70ce81fb1214f987d7d1fa9986bd1508d7bbd23d9ea
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0
cf-cache-status
DYNAMIC
cf-ray
7ed439e43cbf1965-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 27 Jul 2023 10:33:47 GMT
expires
-1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CvAGOABjDfcfc%2BlUUlne68sYHY9I1OVw11KhraSlqWXjE8%2B9eDjBn8ci9AUDfZy4Tn7eZRMSF078MTFCYjBJ5T0C%2Fav6M7vXloWYfxt%2Bl4Kn28NqNVWsLfnakzTAZJ9vLADRTJT%2BHC%2FRYOmPsro%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
min.css
cdn.idrlabs.com/assets/css/ 		24 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.idrlabs.com/assets/css/min.css?2.5
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:af3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
525f3952a087c1026c64ffa57f80d305074f5258f0840148cc3fff717a21f44e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
184138
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 28 Jun 2022 23:47:02 GMT
server
cloudflare
etag
W/"62bb92f6-5ef6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=De5QLGWAsOew3u%2FNRfWDUUxhfbRM8NOUcMVh3rlY9U%2BFka90OVwnXJJmKx38lv%2Fo5Vrw8qs%2FWAzjDiqCSSepEEYDK7pTu0O1BfiHfSwSm6liaEgivK2OndOjYo83Xr5oQGHSadhEAZezJsJXuBM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
7ed439e54e551965-FRA
expires
Tue, 25 Jul 2023 07:34:39 GMT
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e5961598085066e30fcda4edeba2b5aa3e94bc5852db5dbc1ef1296bc0bc2c56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 27 Jul 2023 10:33:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 27 Jul 2023 08:56:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jul 2023 10:33:47 GMT
test.min.css
cdn.idrlabs.com/assets/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.idrlabs.com/assets/css/test.min.css?6.20
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:af3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58eff2a71fe175affb5df0e69004e8154e82430565ce1cc60501674947f3a570

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
103551
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 12 Jul 2023 05:06:02 GMT
server
cloudflare
etag
W/"64ae34ba-2c9e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ALBCHEXnFqXTBnkesnu3Ub9nMrBOQUzmAalbMswvX%2Fmg3YICNm2Yxlt%2FQ1am4k%2FQPjVXbFUGha4dfRBppMtaZvR7Ygom1Eyq6mrYhHl2eO%2BmsvRvOuwEOaOGN%2FjmrGtI8vtPpjquVzfzqzl2PU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
7ed439e54e571965-FRA
expires
Wed, 02 Aug 2023 05:47:15 GMT
test-link-unit-compat.min.css
cdn.idrlabs.com/assets/css/ 		730 B
624 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.idrlabs.com/assets/css/test-link-unit-compat.min.css?v3.2
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:af3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5588fd5e5a07fc4a6a51a8eba813ba8023ea2b23016f2aee59ac00da39d3da14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
111337
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 04 Nov 2021 17:50:02 GMT
server
cloudflare
etag
W/"61841d4a-2da"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hc9vdo4mxtgJ9jVV5cVCW0310XmN7g9Kf7CLQuq4oE7FD%2Bk7DJNybbTMiujlPRPLE4504wKT76WTRsEwqWo68V9R91RS85HZ7y%2BtX7IaFdj6U5Qid73C0vkkoZyHjP31sHQH1r3VJ5X5rRYk2QU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
7ed439e54e531965-FRA
expires
Sat, 29 Jul 2023 23:50:02 GMT
test-barbie-character.min.css
cdn.idrlabs.com/assets/css/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.idrlabs.com/assets/css/test-barbie-character.min.css
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:af3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
283ecd57dd69ccad22be51a2887dd27adcb390457233a81bb69fd04a3aee76ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
409348
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 18 Jul 2023 04:25:02 GMT
server
cloudflare
etag
W/"64b6141e-3017"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uc5ucFmdcmfqkorfMPzW9h22G65VOlfbnl5mEoirnesoTI2n9a6lpWFZJWT3G50sGiXmf%2FDhWDNqqE6gSM5sOQEXWBpAbXl8vVr3Kv9qbPwRFwZbxmXkeRuLVeqoVjmC%2B5hCwAJEfCawoorKB9A%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
7ed439e54e541965-FRA
expires
Sat, 29 Jul 2023 16:23:02 GMT
54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
monu.delivery/site/b/d/ 		57 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:1::b903:5c4c London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
8a1cc9db7df1dfa30cd035968e8576cd0f53130432374913a2e494f50c21ba4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:47 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycdtLWJIM3CGb_GzAm6T7TvZuZAwICqfZTx7dDIduQPYnwaqU_KYI7uUDsmoh0NB-0PQ6p1XeGLmC0AFCb0nI1VpPQg
transfer-encoding
chunked
x-cache
EXPIRED
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
connection
close
server
nginx
vary
Accept-Encoding
x-goog-generation
1690433513300000
content-type
application/javascript
x-goog-hash
crc32c=83n7xA==, md5=gX5LksEEZkMWiSW+ghMGaw==
cache-control
max-age=7200
x-goog-stored-content-length
57684
expires
Thu, 27 Jul 2023 12:33:47 GMT
barbie-character-card.png
www.idrlabs.com/misc_pictures/ 		115 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.idrlabs.com/misc_pictures/barbie-character-card.png
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:af3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8acea1829ad63a90f23eb4d07b54b98c6423dbedbf7acf8538b47b3075d63fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/barbie-character/test.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:47 GMT
cf-cache-status
HIT
last-modified
Wed, 12 Jul 2023 05:06:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4190
etag
"64ae34ba-1cc3c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MC5aPSJLIOGKPvfWwcMM2ugciCasjZfbNe8G5KKhotXQK9VEIYTpurgxVCO53qs29yEHzt1Jcnfji2KxxYR4umE6jGD%2BRq%2BOgzc3ZFf9W9cBe62wdMVEyt7ZrYvxdR4QJkNz5xdW3YG7NZ%2BsmXc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=172800
accept-ranges
bytes
cf-ray
7ed439e53e281965-FRA
alt-svc
h3=":443"; ma=86400
content-length
117820
eu-check.min.js
cdn.idrlabs.com/assets/js/ 		373 B
715 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.idrlabs.com/assets/js/eu-check.min.js?v3.1
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:af3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f3e7ea17b518b4f09db510225a46097ba164d8a96537d2102884f2abfca0ec7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
111460
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 11 Sep 2020 04:03:01 GMT
server
cloudflare
etag
W/"5f5af6f5-175"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JzTnqFuPvx1P%2FzqXcXvSjf2a2QJD%2FxuPrWsJ%2Bk%2F5bRQgluE%2FqHKN1unLOgRHBaeKVLpnM1sXTZYvST8zpOeMeUVXPU8vGZZGxp7oz2IyVw6lwI4KqZyNuNK7wU5IxgXWs%2BVulYWeUgPEAuSOQFk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
7ed439e55e601965-FRA
expires
Wed, 26 Jul 2023 17:13:03 GMT
test.min.js
cdn.idrlabs.com/assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.idrlabs.com/assets/js/test.min.js?1.4
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:af3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49ece968a476cb06e069eccc7e3bd495dec6d40483f7e906b910ebf330b565a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
24014
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 18 May 2023 03:30:02 GMT
server
cloudflare
etag
W/"64659bba-ab2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gptSo27PopXZP9KycbQ7HWHVo7ESqPt1yP87tniqCr97DFkKRmHYaiCpbGj0ZddPBcM9KnfDyD%2F0D16UFBvtHDKKNKThW4GcjJbF%2F%2F0%2F8bAQEKfgLhwIXe4muuzsezRWHS8YS77uvDY8Sr01pWs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
7ed439e55e631965-FRA
expires
Thu, 27 Jul 2023 05:21:22 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
08755abf91e2172786b2f245cc2c4576a5a77c4d4f51e6854e0ecaa67863dfc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50692
x-xss-protection
0
server
cafe
etag
10993096752565009165
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 27 Jul 2023 10:33:47 GMT
js
www.googletagmanager.com/gtag/ 		244 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WZ4R7WY0KV
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7ab824a1bddb73d4f78fc70871b4b3a7f2ccb3289372cf0152f0d689319730a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85032
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 27 Jul 2023 10:33:47 GMT
mntzv2.min.js
cdn.idrlabs.com/assets/js/ 		304 B
687 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.idrlabs.com/assets/js/mntzv2.min.js?v2
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:af3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdd9a3e5f93beae071bf6d215271850facbb94b138d92cdae5e749fe42fb14c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
111560
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 09 Jun 2018 18:48:05 GMT
server
cloudflare
etag
W/"5b1c20e5-130"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RFtYDp4gFgiGcC%2BMMVdMAWGT%2B5iiWHDyvqgEdaqlLoNLuCb0WLYxa00C2%2F5FaZa4grF19D9TaUA18Jlfx8s1H%2F%2Ff5luVE64Fa0%2F6KTguq3bEd4KFHXCYA%2BiUyC%2Bh2zVu7ze07Hnl1ThcEYT%2FaDs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
7ed439e56b721961-FRA
expires
Mon, 31 Jul 2023 19:03:07 GMT
logo-2--banner.png
cdn.idrlabs.com/assets/i/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.idrlabs.com/assets/i/logo-2--banner.png
Requested by
Host: cdn.idrlabs.com
URL: https://cdn.idrlabs.com/assets/css/min.css?2.5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:af3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfe889951d907fd5d1b2c128f6f4849737e3c4388647555228e23e4856ed57a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.idrlabs.com/assets/css/min.css?2.5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:47 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
594957
alt-svc
h3=":443"; ma=86400
content-length
19975
last-modified
Fri, 27 Oct 2017 16:12:45 GMT
server
cloudflare
etag
"59f35afd-4e07"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BEeFrJCMvPBAjmikIN7PiorbD2YMT%2FwCzhKWxZPDiHBTFdj3aYnbOBS0t3ofd%2BegG7MBtMvw%2FaNfdUCd9vNEB3otynOSq2xPn9Ui88gn%2FRdD1JVotZwj3aa0WE39Q%2BD2x7akDBuJuYeTqyaI6wI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7ed439e5dc301961-FRA
expires
Tue, 25 Jul 2023 12:00:04 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.idrlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 02:03:01 GMT
x-content-type-options
nosniff
age
117046
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jul 2024 02:03:01 GMT
fontello.woff2
cdn.idrlabs.com/assets/font/icons/font/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.idrlabs.com/assets/font/icons/font/fontello.woff2?18854377
Requested by
Host: cdn.idrlabs.com
URL: https://cdn.idrlabs.com/assets/css/min.css?2.5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:af3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2a17f75640ea7fe968eb8de7ca2e6a8b175b4eac410acb50621d4cd9fc951c5

Request headers

Referer
https://cdn.idrlabs.com/assets/css/min.css?2.5
Origin
https://www.idrlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:47 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
258921
alt-svc
h3=":443"; ma=86400
content-length
17944
last-modified
Wed, 06 Nov 2019 15:52:27 GMT
server
cloudflare
etag
"5dc2ec3b-4618"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h4TZbW1PdZnZAWDPKFQ36qsKkwhHeVpOzDycSic5J7JWFK7KgJijajOd7vVpO4jLa1lhvrJ6tnH%2FnjAiXAM9sTpfn%2BvQQvkbxXy1tySl3xKFN%2Bs8pUGRMpnRVwSmtK50NerShqDFezF3nZyC%2Fxo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7ed439e5fdc86958-FRA
expires
Fri, 28 Jul 2023 13:45:30 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v35/ 		49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3642c7e774562f7483d7b0de93dd1759fc6928e85eebd7e62ddae72e9d46c9cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.idrlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 01:50:45 GMT
x-content-type-options
nosniff
age
117782
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50440
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:13:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jul 2024 01:50:45 GMT
slide-btn.png
cdn.idrlabs.com/assets/i/ 		301 B
781 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.idrlabs.com/assets/i/slide-btn.png
Requested by
Host: cdn.idrlabs.com
URL: https://cdn.idrlabs.com/assets/css/test-barbie-character.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:af3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dedac502ca0c39765cbcaeaea8464cee7eed16289c4627d3ed7cc9c3df7967a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.idrlabs.com/assets/css/test-barbie-character.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:47 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
100998
alt-svc
h3=":443"; ma=86400
content-length
301
last-modified
Wed, 06 Sep 2017 14:27:59 GMT
server
cloudflare
etag
"59b005ef-12d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e9BecLWv9PIW712Q2eLf4%2F0F7M1kjqEzhgnVs5eO3jltQbccHEFdd8x5ewqc7Jd9CWJEd15k21NNht4KPewSMgztQonQKhY3QjJFTM2wmiAbroF7RuyZqbIh%2FdU0LRalMGtfEm0XBCYKhVMdaQQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7ed439e60c6a1961-FRA
expires
Thu, 27 Jul 2023 17:15:19 GMT
logo-2--icon.png
cdn.idrlabs.com/assets/i/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.idrlabs.com/assets/i/logo-2--icon.png
Requested by
Host: cdn.idrlabs.com
URL: https://cdn.idrlabs.com/assets/css/min.css?2.5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:af3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e0138178b68ba97b31998b5f81143ca66fab58aade2e92ae9ba3a600decbe66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.idrlabs.com/assets/css/min.css?2.5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:47 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
111791
alt-svc
h3=":443"; ma=86400
content-length
3767
last-modified
Wed, 06 Sep 2017 14:27:59 GMT
server
cloudflare
etag
"59b005ef-eb7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C4tlCm34351aiR%2FbYMZGYx4j1snooI5d9ViSRyqEK63YGnjOUekEuUBwx%2FPs41wMpkbyJ%2BlG35EWdLN%2Bw1k2EbwMpK5ZOTKYc43JxKb7PlKy6Q%2BwEe5wwK47%2FtTAEuG2G%2FDhBRyiyHqh%2FCLNCno%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7ed439e60c6b1961-FRA
expires
Fri, 28 Jul 2023 11:06:59 GMT
ajax
www.idrlabs.com/ 		26 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.idrlabs.com/ajax?action=eu_check
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:af3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1bce502c2075eca34d6f4d631801d70e458714824003a3859565e44b3065e5b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.idrlabs.com/barbie-character/test.php
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=441%2Fnfz1Dk6R4LJBz98kc8YKGpMcukyiiX5a2n0K8KMEcJN7RztMumpyLQTSvw4IXocxVQvN%2F%2BrFLFXLvcY1ztZhTcV6f%2FXcahCuPu7cfANdaTbvVT7cVI9AHOewgmCFfKmjWKjLAZlhplqsDz0%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private, max-age=0
cf-ray
7ed439e64cd51961-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
expires
-1
test.php
www.idrlabs.com/barbie-character/ 		214 B
707 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.idrlabs.com/barbie-character/test.php
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:af3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
299c94b98c68b8ee82974c70d5327b44a2e3374c8bf04620d0975c58655a18d1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.idrlabs.com/barbie-character/test.php
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 27 Jul 2023 10:33:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1W8ue2qRRN70DZFtcZYnkkrgc%2BXfajzPKi9p0KnqdrzGOS6NvAQa51qRqM7hVXrwdQwNb%2FzLVSqSic9nw%2BDKhrrysMu6qetPcA746tcE3GFjp5NwJhE8smGRKwudycodc%2BGBhBKDaj4JSBArsd4%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private, max-age=0
cf-ray
7ed439e65cfa1961-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
expires
-1
collect
region1.google-analytics.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-WZ4R7WY0KV&gtm=45je37o0&_p=966256017&cid=628320600.1690454027&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1690454027&sct=1&seg=0&dl=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&dt=Barbie%20Character%20Test&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WZ4R7WY0KV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
monu.delivery/sitesplit/d3/smartzones/0.1.1/b/d/ 		597 KB
167 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monu.delivery/sitesplit/d3/smartzones/0.1.1/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:1::b903:5c4c London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
5453f0baadc9dd8733718e2605912eb0133b4450a2b554710a7710693568de4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:47 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycdvpIr4cdbWupsZwSroYGJuF1NqW2kGZSf6OqOmC3VZ-zKsRii8bB001LJW0-6PCDHgUsgcNr-blxrO3ENATiceSpNVaehac
transfer-encoding
chunked
x-cache
EXPIRED
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
connection
close
server
nginx
vary
Accept-Encoding
x-goog-generation
1690433516582258
content-type
application/javascript
x-goog-hash
crc32c=4JNmvA==, md5=32whm2d8tGaW1RmZP7/Vng==
cache-control
max-age=7200
x-goog-stored-content-length
610397
expires
Thu, 27 Jul 2023 12:33:47 GMT
xdomain_cookie.min.js
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:1::b903:5c4c London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:47 GMT
content-encoding
gzip
age
2681
x-guploader-uploadid
ADPycdt5XLkQ3OKqQmRjzQxhAq900-J6STcsJ53hW58NaxF530F2ZbwwA73G2W9eYsk5Ojv6LjTnVgjMz77c5qu_4PjwSg
transfer-encoding
chunked
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
connection
close
last-modified
Tue, 25 Aug 2020 07:36:03 GMT
server
nginx
vary
Accept-Encoding
x-goog-generation
1598340963244234
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=PYpHKQ==, md5=thaqbm5dIRiPqROaEv/m/g==
cache-control
max-age=31104000, public
x-goog-stored-content-length
4733
expires
Sun, 21 Jul 2024 10:33:47 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230725/r20190131/ Frame FE26 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230725/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
64846
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 26 Jul 2023 16:33:01 GMT
etag
12368291122986407432
expires
Wed, 09 Aug 2023 16:33:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
xdomain_cookie.html
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ Frame FB82 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:1::b903:5c4c London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
0
cache-control
max-age=31104000 public
connection
close
content-encoding
gzip
content-type
text/html
date
Thu, 27 Jul 2023 10:33:47 GMT
expires
Sun, 21 Jul 2024 10:33:47 GMT
last-modified
Tue, 25 Aug 2020 07:36:09 GMT
server
nginx
transfer-encoding
chunked
vary
Accept-Encoding
x-cache
HIT
x-goog-generation
1598340969597109
x-goog-hash
crc32c=84qDrg== md5=UK93eCDb5GkYdLDTqpa2gw==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
3440
x-guploader-uploadid
ADPycdsQLAwg6XsKi6GlNscMhi6WCuZP_9BdsULhvrUDvo38fNOxoY3Qiew3OoBRuvez0nsClCQTPG7Q7t8Lx21u0MfMww
config.js
cdn.confiant-integrations.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/ 		339 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
736f4606d75cfbeab18d78bb90d2bcae3229f8e220954679afa585b191988b84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 27 Jul 2023 09:33:11 GMT
server
cloudflare
x-amz-request-id
K475GVSJTSG1CYXJ
age
659
etag
W/"19a0d8ebeb43fa7c9087bddd33e98570"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
7ed439e8e9bc4dc5-FRA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
gLi6CsT4cjvH/fPQfHxUa2fFSgAdrx4nDy+yWNTdaRWAUpf4j64Jo0997WSzcNq6cDWdB71QxVQ=
launchpad-liveramp.js
launchpad-wrapper.privacymanager.io/83a6a70f-7f1f-40b2-8473-de5fdd6f6b24/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad-wrapper.privacymanager.io/83a6a70f-7f1f-40b2-8473-de5fdd6f6b24/launchpad-liveramp.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-121.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d3004a2de4e23038e1fc39498bac9861b53cce7b4dde3faf285bca7538c0eced

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
5tDFU8EOTT9ldukOsCr3jZvUw0akwQd7
content-encoding
gzip
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
date
Thu, 27 Jul 2023 02:06:07 GMT
x-amz-cf-pop
FRA56-P2
age
30461
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="launchpad-liveramp.js"
last-modified
Wed, 12 Oct 2022 20:19:33 GMT
server
AmazonS3
etag
W/"9c721bc4954770340a2d3b58e1188c30"
vary
Accept-Encoding
content-type
text/javascript
x-amz-cf-id
m-hErUUKwjpZJWw8hHfqKYXOkQA_0IyScHUGDv9UJcSx66O68iVYcw==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cc028ada26ee60d1b0b42bb64d06eaf99c85a0826d20091d1cfef265c71828da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28169
x-xss-protection
0
server
cafe
etag
784 / 19565 / m202307200101 / config-hash: 6238320479289362845
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 27 Jul 2023 10:33:47 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		246 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7fe6da239be5e83a3d053138d413293ac50686169f09bade4ac60edf7f60120

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 09:54:12 GMT
content-encoding
gzip
via
1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront), 1.1 3092bdd288d2a449c56d11f2cf4a9b88.cloudfront.net (CloudFront)
last-modified
Tue, 25 Jul 2023 17:33:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1, FRA56-P3
age
2376
etag
W/"a7247ead77dd201b1e56acf0e565194b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
s1NqX4qQD8fijRdfqyg8VF8tFjT6fL3YWB0lwotO3jjWO0LgkgbVFw==
launchpad.bundle.js
launchpad.privacymanager.io/1/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad.privacymanager.io/1/launchpad.bundle.js
Requested by
Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/83a6a70f-7f1f-40b2-8473-de5fdd6f6b24/launchpad-liveramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-51.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b9d318b3157ccbfc3bb00e82a446613294f9a592c01537662386bd848882b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
IBczV1acfLsLLKzHm11PkizTXPxE9_cH
content-encoding
br
via
1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
date
Thu, 27 Jul 2023 10:07:53 GMT
x-amz-cf-pop
FRA53-C1
age
1555
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/LaunchPadLibraryBuild-prod:f09170b2-5416-4e55-be91-38e5eec207ec
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
a78f2a5a4864424e54348ce47b156abb
last-modified
Thu, 10 Mar 2022 13:10:48 GMT
server
AmazonS3
etag
W/"3e312624cdc2445a38a716f92dc3c0cd"
vary
Accept-Encoding
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
e4ad213b137401d20a50fe1692169cc5f8b39867b6fe39afed7e307e1b9c967e
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
fTNPkTlYeIgQIpGdy0IZnGzLnqg7ufLBYDN-fznBKQlFoL0HFd2FKg==
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202307190925/ 		251 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202307190925/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e922a199c0736d84f1cb215cb5950484e8cf7c04011a35ccf28fd755aa5e7133

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 19 Jul 2023 13:26:13 GMT
server
cloudflare
x-amz-request-id
271KXRYMY7KB58HP
age
667825
etag
W/"6c476793b39193c54a91ff561ef3a8e4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7ed439e93a1b4dc5-FRA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
WV+pFUcAtievoB3WMrYgZ+iuhArXaEUSC+L2k/4nRWuidI+2PEQCa2Ych8OX/oCB4Dj78tjBb0U=
config
c.amazon-adsystem.com/cdn/prod/ 		759 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.idrlabs.com&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
Server /
Resource Hash
9229ce97168b9fad80cccb0bb2fe7b0b301fcf902b50b78924af7e1f22f584b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 06:27:09 GMT
via
1.1 3092bdd288d2a449c56d11f2cf4a9b88.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
age
14798
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
759
x-amz-cf-id
W1ZAUwjB9zbg0MQBV1B10HsQK2ZyMU2B8AvktEtfev1P7uLhxzbgJw==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&pid=hEZ4TNmFSSfDr&cb=0&ws=1600x1200&v=23.725.1446&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-2d0f0d6d-fc37-4e97-9fd3-f4a783efa6d1_1_1_ad%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%22%7D%5D&schain=1.0%2C1!monumetric.com%2Cbd54a1fb-1ef4-44ba-ab83-7f8481ff624d%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.253.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-253-136.fra60.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:47 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P3
x-amz-rid
7KQYKG2BJXGMTTJQ2W2Q
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
NRh8i4VnYdP9VHjryiC9LHQWjvi0Fm2HWVmP10Iaqyn8lETVR8Fdkw==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&pid=hEZ4TNmFSSfDr&cb=1&ws=1600x1200&v=23.725.1446&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1_1_ad%22%2C%22s%22%3A%5B%22728x90%22%2C%22320x100%22%5D%2C%22sn%22%3A%22%22%7D%5D&schain=1.0%2C1!monumetric.com%2Cbd54a1fb-1ef4-44ba-ab83-7f8481ff624d%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.253.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-253-136.fra60.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:47 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P3
x-amz-rid
2CT0HMADEVB9RDHQ649X
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
bgfz2YNHV4iFYO1PuZOO1qy3GGW_hhAkRlk2lC_PZMxLqgsrFNHJuw==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&pid=hEZ4TNmFSSfDr&cb=2&ws=1600x1200&v=23.725.1446&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-82db8863-a5a9-4646-bfc4-7efa7ca1ddba_1_1_ad%22%2C%22s%22%3A%5B%22320x50%22%5D%2C%22sn%22%3A%22%22%7D%5D&schain=1.0%2C1!monumetric.com%2Cbd54a1fb-1ef4-44ba-ab83-7f8481ff624d%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.253.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-253-136.fra60.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:47 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P3
x-amz-rid
CV5RWWDS4ZR8G70267YS
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
IYdu_1Gu7CbPGIkya20OpUNYLlLq1VeL_sCqJXiEknbzVfgwPUDFwg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 18:28:52 GMT
x-amz-version-id
rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding
gzip
via
1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
57896
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 24 Jun 2023 09:19:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
ZyvaOQfB7NPGBI26F-jYRJRfuCh-Yytynvo3sqLsUnpt3m2hjDR9jQ==
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%2276b6d1d8-9f58-4ac7-a92e-f3232afccc8a%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrar...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
417 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%2276b6d1d8-9f58-4ac7-a92e-f3232afccc8a%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22cancelled%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.idrlabs.com%252Fbarbie-character%252Ftest.php%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.253.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-253-136.fra60.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/barbie-character/test.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:47 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P3
x-amz-rid
Y46P53820M43ZZDJH325
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
zTWwON4LhQgLCKMRq-BzWOpJV9MApMv_txeSAQjh-lgJvlrcVOB4zw==
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%2276b6d1d8-9f58-4ac7-a92e-f3232afccc8a%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22consent%252Fgp...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
419 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%2276b6d1d8-9f58-4ac7-a92e-f3232afccc8a%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22consent%252Fgppapi%252FattemptSync%22%2C%22feat%22%3A%22cancelled%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.idrlabs.com%252Fbarbie-character%252Ftest.php%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.253.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-253-136.fra60.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/barbie-character/test.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:47 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P3
x-amz-rid
F97485FKYN12JFJRYEQ8
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
DJLkU70nG-c3ZZrqf3ANHzTBdUMrPBpXYaV8eCSPkEoYj6VBsKI8xA==
id5-api.js
cdn.id5-sync.com/api/1.0/ 		101 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd08be9cbf5f35486ce3011abc8286e9e2f59ac1de1ff9840377332383263f19
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Jun 2023 08:35:03 GMT
server
cloudflare
x-amz-request-id
D2X6DF7ATZPYTGQG
age
1726
etag
W/"bb626f116ff54963039a9ea05c53620b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7ed439e998da9975-FRA
x-amz-id-2
OVinct3xhDAIKwiVr67tGL3lwTch/pIHG2WDbU2H4Ihvr8233IlGAZQ6O/pQZg45mOWY8AFO+eg=
/
geo.privacymanager.io/ 		30 B
608 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/1/launchpad.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-35.fra60.r.cloudfront.net
Software
/
Resource Hash
a57258a3f51dc6ee13ca490ab8e780ed443e5725a650e7f085f1c67325784461

Request headers

Accept
application/json
Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 26 Jul 2023 17:34:21 GMT
via
1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront), 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, FRA60-P3
age
61166
x-amzn-requestid
31a3399f-965f-464b-b884-a22199ced3e1
x-amzn-trace-id
Root=1-64c1591d-371fadbe18b5dc6c057348fb;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
IrrcsGyXjoEFfaw=
content-length
30
x-amz-cf-id
TnPY2TtJSztEtSIlvxKfdP0gVsMar3kMgjkQC9Nuqx3nGj9dIrWy8w==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
/
geo.privacymanager.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-35.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Thu, 27 Jul 2023 10:33:47 GMT
via
1.1 4c692717a0e85914a993c3aa5c8a2ef6.cloudfront.net (CloudFront), 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
x-amz-apigw-id
IuAx4EhyjoEFvpA=
x-amz-cf-id
AGBrbaJxrK4ftZLIGmjpp65VgaCGx-eiCY_Ko9G8vobOl12MyS-zJw==
x-amz-cf-pop
FRA56-P3 FRA60-P3
x-amzn-requestid
f6280a97-c451-4b39-8f82-d5eb43096501
x-cache
Miss from cloudfront
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/ 		385 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3d14af6714f8e174042d16f9ee9938f7986b826935f217c43cd3570945f8a8a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 09:24:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
4149
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125319
x-xss-protection
0
server
cafe
etag
4098493636285064892
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 26 Jul 2024 09:24:38 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
838428441c139fbdb2f8976608fb144594cf3393af579f8dfc4a4be1bd7cfe9b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Thu, 27 Jul 2023 10:33:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
ats.js
ats-wrapper.privacymanager.io/ats-modules/579687a0-8c18-46bd-b689-40c37aa6b087/ 		163 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats-wrapper.privacymanager.io/ats-modules/579687a0-8c18-46bd-b689-40c37aa6b087/ats.js
Requested by
Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/1/launchpad.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5ba26644a205dcb07c58ffbcf3464d6560231c6a03d7a66e6b41fcf04359c210

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
mS3vSw8XLfp_tUitYA03txiECxeqp6Tq
content-encoding
gzip
via
1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
date
Thu, 27 Jul 2023 10:27:33 GMT
last-modified
Thu, 06 Jul 2023 15:25:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
375
x-amz-server-side-encryption
AES256
etag
W/"8237263483ff78d35bd7a91c846c2abf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
wfVSwZ6HMFo3gOOU3gL60_ilc9CuamckUnwijPM3DVTJ_--Sj-eKJQ==
mmt.gif
imps.monu.delivery/ 		37 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=2cc94ba7-6109-4c75-990f-b85b035f5c57&a=s.d&u=2d0f0d6d-fc37-4e97-9fd3-f4a783efa6d1
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 18:32:43 GMT
age
1785664
x-guploader-uploadid
ADPycdt4eX05P7AnsOLjUJdl9eFWeTbz6yPUKPa-I8XxynX5g8cNbeBeeEdm_FnWNP1odS30wiBi_wlsQfyyyEqrmuOl0hVFrcly
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Fri, 05 Jul 2024 18:32:43 GMT
mmt.gif
imps.monu.delivery/ 		37 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=2cc94ba7-6109-4c75-990f-b85b035f5c57&a=s.d&u=5bf5d574-b65e-4bcd-aa55-03f1e14abdf2
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 18:32:43 GMT
age
1785664
x-guploader-uploadid
ADPycdt4eX05P7AnsOLjUJdl9eFWeTbz6yPUKPa-I8XxynX5g8cNbeBeeEdm_FnWNP1odS30wiBi_wlsQfyyyEqrmuOl0hVFrcly
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Fri, 05 Jul 2024 18:32:43 GMT
mmt.gif
imps.monu.delivery/ 		37 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=2cc94ba7-6109-4c75-990f-b85b035f5c57&a=s.d&u=82db8863-a5a9-4646-bfc4-7efa7ca1ddba
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 18:32:43 GMT
age
1785664
x-guploader-uploadid
ADPycdt4eX05P7AnsOLjUJdl9eFWeTbz6yPUKPa-I8XxynX5g8cNbeBeeEdm_FnWNP1odS30wiBi_wlsQfyyyEqrmuOl0hVFrcly
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Fri, 05 Jul 2024 18:32:43 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b118568858df50612fa3591132d6d6bb41ddf00f8c74ad8cccd16e5510691aad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Jul 2023 13:25:47 GMT
server
nginx
etag
W/"64ad585b-a980"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 28 Jul 2023 10:33:47 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-104.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 02:34:21 GMT
content-encoding
gzip
via
1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 20:34:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
28767
x-amz-server-side-encryption
AES256
etag
W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
oqzCejhvigv3Gthkg4GInt8HW6HiOqj9JoyCQwRyel5ZafzHMogN5g==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:9a00:a:e047:753:be1 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
null
Date
Thu, 27 Jul 2023 02:28:50 GMT
Via
1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 May 2023 00:14:06 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P2
Age
32843
x-amz-server-side-encryption
AES256
ETag
"4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1858
X-Amz-Cf-Id
osFT8oiavqplNavq6lV-k1-yJXy1o3zkMCRehLU7xIxaoOq94VfKAQ==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
1c54b9d1b579c59f8245fd21a021725c0dbde06ec90f44df1bbc03458f40dfe8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:47 GMT
via
1.1 google, 1.1 google
last-modified
Wed, 05 Jul 2023 19:08:57 GMT
server
Google Frontend
etag
6c49a4094d9a446bdc7fe3d19d23b4c7
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
6239027297a9e993c6cfcd0a69af5769
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1311
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6895
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230037-FRA, cache-yyz4557-YYZ
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=plReRXkzNmgSH8g9qGmqpkiqU7vCOZcXU0j2oKgRTKq79Q6IbuyjNxNxfwJPlvDeqhGgyhzgNGa7vSVNlxuO6Y5mamFoYsuBb%2FbIrNxEjEKi0cPSIzYShihuf%2BVUX9DZZTNUtvg6I4dzo5KXxGs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7ed439ea8f3a1e30-FRA
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 18:19:13 GMT
content-encoding
gzip
age
1786474
x-guploader-uploadid
ADPycdvbZ2LIjBAJ-EtfhjxpdXgzbf0iVSCEl7UW5W5lobH3pkb8gZwFLeeh9LHaS52OBl7Goz26viPjNklH3R6LKWd7jBLnOQ7Z
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Fri, 05 Jul 2024 18:19:13 GMT
ob.js
cdn-ima.33across.com/ 		40 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.112 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca372f1d4ced7e2a37e83eb5b880159ba569a4fbf613b9cc2894a6c8726c13f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:47 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 20 Jul 2023 17:46:36 GMT
server
cloudflare
age
57915
etag
W/"64b972fc-a13f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
7ed439ea8d223660-FRA
expires
Fri, 28 Jul 2023 10:33:47 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=535532118783808&correlator=1424410709981516&output=ldjh&gdfp_req=1&vrg=202307200101&ptt=17&impl=fif&iu_parts=20842576%3A21807321066%2CFJ401M%2CFJ401M-DDA.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C320x100&ifi=1&adks=4164803795&sfv=1-0-40&prev_scp=pos%3D1%26monu%3D728x90-320x100_B1%26slotNum%3D1%26placementNum%3D1%26directDeals%3Dsticky_bottom%26allowNative%3Dfalse%26amznbid%3D2%26amznp%3D2%26refresh_count%3D0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D10_BB_notchrome%26slotOnScreen%3Dtrue&eri=1&cust_params=page_num%3D12%26big4%3Dfalse%26url%3Dwww.idrlabs.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&sc=1&cookie_enabled=1&abxe=1&dt=1690454027889&lmt=1690454027&adxs=436&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=628320600.1690454027&ga_sid=1690454028&ga_hid=966256017&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY6tylt5kxSABSAghkEhkKCnB1YmNpZC5vcmcY6tylt5kxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGOrcpbeZMUgAUgIIZBIXCghydGJob3VzZRjq3KW3mTFIAFICCGQSGQoKdWlkYXBpLmNvbRjq3KW3mTFIAFICCGQSFAoFb3BlbngY6tylt5kxSABSAghk&dlt=1690454027060&idt=783
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c78507ab6c8ae46bf510774b9e64af37f6bcfe6318e90b59b6e387250f9a6a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:48 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12383
x-xss-protection
0
google-lineitem-id
6151851485
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138409613079
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		86 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=535532118783808&correlator=284682532722459&output=ldjh&gdfp_req=1&vrg=202307200101&ptt=17&impl=fif&iu_parts=20842576%3A21807321066%2CFJ401M%2CFJ401M-DDS.B&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=2&adks=2116473628&sfv=1-0-40&prev_scp=pos%3D2%26monu%3D300x250_B2%26slotNum%3D1%26placementNum%3D1%26allowNative%3Dfalse%26amznbid%3D2%26amznp%3D2%26refresh_count%3D0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D10_BB_notchrome%26slotOnScreen%3Dtrue&eri=1&cust_params=page_num%3D12%26big4%3Dfalse%26url%3Dwww.idrlabs.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&sc=1&cookie_enabled=1&abxe=1&dt=1690454027903&lmt=1690454027&adxs=353&adys=946&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&frm=20&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&ga_vid=628320600.1690454027&ga_sid=1690454028&ga_hid=966256017&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY6tylt5kxSABSAghkEhkKCnB1YmNpZC5vcmcY6tylt5kxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGOrcpbeZMUgAUgIIZBIXCghydGJob3VzZRjq3KW3mTFIAFICCGQSGQoKdWlkYXBpLmNvbRjq3KW3mTFIAFICCGQSFAoFb3BlbngY6tylt5kxSABSAghk&dlt=1690454027060&idt=783
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b62efa5f6f775822355fda10731a489044b23a532fe8fdaa7a84c19756a4ecd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:48 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27229
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		138 KB
42 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=535532118783808&correlator=1247754905580701&output=ldjh&gdfp_req=1&vrg=202307200101&ptt=17&impl=fif&iu_parts=20842576%3A21807321066%2CFJ401M%2CFJ401M-DDH.C&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&ifi=3&adks=1376408646&sfv=1-0-40&prev_scp=pos%3D3%26monu%3D320x50_A3%26slotNum%3D1%26placementNum%3D1%26allowNative%3Dfalse%26amznbid%3D2%26amznp%3D2%26refresh_count%3D0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D10_BB_notchrome%26slotOnScreen%3Dtrue&eri=1&cust_params=page_num%3D12%26big4%3Dfalse%26url%3Dwww.idrlabs.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&sc=1&cookie_enabled=1&abxe=1&dt=1690454027909&lmt=1690454027&adxs=343&adys=523&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&frm=20&vis=1&psz=320x0&msz=320x0&fws=0&ohw=0&ga_vid=628320600.1690454027&ga_sid=1690454028&ga_hid=966256017&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY6tylt5kxSABSAghkEhkKCnB1YmNpZC5vcmcY6tylt5kxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGOrcpbeZMUgAUgIIZBIXCghydGJob3VzZRjq3KW3mTFIAFICCGQSGQoKdWlkYXBpLmNvbRjq3KW3mTFIAFICCGQSFAoFb3BlbngY6tylt5kxSABSAghk&dlt=1690454027060&idt=783
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
acfb541441641013fac0e25b3ecf0f516a00f465adc4097aeaa429a9ee13fabb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:48 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43408
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5F43 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jul 2023 10:33:48 GMT
expires
Fri, 26 Jul 2024 10:33:48 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
1013.json
id5-sync.com/g/v2/ 		241 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/1013.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
18781204f108650f612cb9bd5777594eeffc7765dbc576a9afb969b5b8ded510
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Thu, 27 Jul 2023 10:33:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
/
geo.privacymanager.io/ 		30 B
609 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/579687a0-8c18-46bd-b689-40c37aa6b087/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-35.fra60.r.cloudfront.net
Software
/
Resource Hash
a57258a3f51dc6ee13ca490ab8e780ed443e5725a650e7f085f1c67325784461

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 17:34:21 GMT
via
1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront), 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, FRA60-P3
age
61166
x-amzn-requestid
31a3399f-965f-464b-b884-a22199ced3e1
x-amzn-trace-id
Root=1-64c1591d-371fadbe18b5dc6c057348fb;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
IrrcsGyXjoEFfaw=
content-length
30
x-amz-cf-id
hVSJpgUTuhG7lbqLx7F_s4k2MUOkOL1B6fW_FPU48CLn-JTj66BtHw==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
map
bcp.crwdcntrl.net/6/ 		60 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.84.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-84-52.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
eff404cd1ccd5b3b035951f62095f3967bcdca9b40ce848007a0c887d55d5dbf

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:48 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
x-server
10.45.26.201
access-control-allow-credentials
true
content-length
60
expires
0
syncframe
gum.criteo.com/ Frame FC83 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.idrlabs.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jul 2023 10:33:47 GMT
server
Kestrel
server-processing-duration-in-ticks
332512
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
encrypt
esp.rtbhouse.com/ 		241 B
335 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
27d733b03f732681e9711ff3bac09505a824e7a15f9c0483a141596c79de5ce5

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 27 Jul 2023 10:33:48 GMT
via
1.1 google, 1.1 google
server
Google Frontend
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
2c9db612d13cb8cd098e11e8f018e91f
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
241
encrypt
esp.rtbhouse.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain; charset=utf-8
date
Thu, 27 Jul 2023 10:33:48 GMT
server
Google Frontend
vary
Origin
via
1.1 google, 1.1 google
x-cloud-trace-context
716019db0e2f41e217866781c5b26cfd
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&rid=esp&cc=1
85 B
194 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&rid=esp&cc=1
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
8593f33fb5122b047b525ac843da2938cfab263e88c82a21ee2b6468c90e3a8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:48 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-utm4anah2bPtArPdBFXZbzvGVu8"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.idrlabs.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Thu, 27 Jul 2023 10:33:48 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.idrlabs.com
location
/esp?url=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sid
mug.criteo.com/ Frame FC83
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=idrlabs.com&sn=ChromeSyncframe&so=0&topUrl=www.idrlabs.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=co5-fHxCV25GcHFOdGY0OURCUnlqMTJMQ1M4QlY2VjA3dnVIMlBhVU5mQ0dnVmpWUFVwOUxuT1hqSUthYlNXcThpeStFZWJJbFVZeEViaW9lWVhSRm4zQXJkajFyOGFMUFlhc0p0TktlODNXR1VqanZyTzM5YTcrUmh3bl...
428 B
652 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=co5-fHxCV25GcHFOdGY0OURCUnlqMTJMQ1M4QlY2VjA3dnVIMlBhVU5mQ0dnVmpWUFVwOUxuT1hqSUthYlNXcThpeStFZWJJbFVZeEViaW9lWVhSRm4zQXJkajFyOGFMUFlhc0p0TktlODNXR1VqanZyTzM5YTcrUmh3blViVTlZWk8vRE4rays1TTRaV1ljaGVVUnB6QytsQ252c3FMTXBCN2ZqY0hnWjJGaHJKYTJGS1lJVC9wYVhjMGlxTXVqRmxWOStHUU9JZVdndjI5b1BZYUtwVEhVVUhZeFJHSXdWclpVdjZlNVRsWkV2QTlkbnRPTktoOHR6UU1ETjBNaGRpTllaVkRmYWh0U3pVdVRIZCtKSnljQS9zZz09fA&cppv=2
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1a9e9a0b165915cb1a7c3ec593ac8e869b916e7f53510015781049d713b9a794
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:48 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1298006
expires
0

Redirect headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:47 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=co5-fHxCV25GcHFOdGY0OURCUnlqMTJMQ1M4QlY2VjA3dnVIMlBhVU5mQ0dnVmpWUFVwOUxuT1hqSUthYlNXcThpeStFZWJJbFVZeEViaW9lWVhSRm4zQXJkajFyOGFMUFlhc0p0TktlODNXR1VqanZyTzM5YTcrUmh3blViVTlZWk8vRE4rays1TTRaV1ljaGVVUnB6QytsQ252c3FMTXBCN2ZqY0hnWjJGaHJKYTJGS1lJVC9wYVhjMGlxTXVqRmxWOStHUU9JZVdndjI5b1BZYUtwVEhVVUhZeFJHSXdWclpVdjZlNVRsWkV2QTlkbnRPTktoOHR6UU1ETjBNaGRpTllaVkRmYWh0U3pVdVRIZCtKSnljQS9zZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
218988
content-length
0
expires
0
mmt.gif
imps.monu.delivery/ 		37 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=2cc94ba7-6109-4c75-990f-b85b035f5c57&a=p.l&u=bd54a1fb-1ef4-44ba-ab83-7f8481ff624d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 18:32:43 GMT
age
1785665
x-guploader-uploadid
ADPycdt4eX05P7AnsOLjUJdl9eFWeTbz6yPUKPa-I8XxynX5g8cNbeBeeEdm_FnWNP1odS30wiBi_wlsQfyyyEqrmuOl0hVFrcly
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Fri, 05 Jul 2024 18:32:43 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307200101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
70e97e66ebaea700b5f73276c360172bb4c524b1812bf5caad579ae7af055c77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11730
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Jul 2023 10:33:48 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4405 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstcngyk_OskaCYxWe2L3Evl5VK3obI1lyhCwoCTunDH-b-i_t0dN5kZOV7pI8QWBNGE0DKZSVvJaTMY5yUWRYTfUWhsH7HArT8mciBDoFTL9owclOWLpTymnT2O52CaR563AdFNp5G-60FEecDei-iEz8v-ogMeMhgoPVvHYY3GbmuZ9kJ5L-Azfbxdu2PO8poiQRjppXhl0N7tQK8l0dfV8-P6s5IKuVnN_JrJupEJzeiZIcs2030dFQEQk8f4SNkdwFARyxlOSiA9CdVImVe6NibgpAQhiXvWS6p2ogM3IuAZapAwTVCgqKb9yjxgeneXJPzKBQuFy49Au4aUQU3iJFrRfbnUyt5SMhveyA&sai=AMfl-YTrirH0OngBQl1wi_ThuD9pNu_T7iAAjdUEUF6qSpkwN4jpE9YSLMrSqor9vChgNMQ9Ntu4xdT7HMQYrqJjdRbrJbANfOMkee_YM5lXONqIdu55VJlmvDH4LNX-AZqYJnBAXs0EEeA-DppOOsxB&sig=Cg0ArKJSzDYGlDcWIH8cEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 27 Jul 2023 10:33:48 GMT
smb-dispad_728x90.js
saambaa.com/widget/gpt/728x90/assets/ Frame 4405 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
867b45f6bfe5bdb5e57199a4bddb9115a3e5e122c21541e36334292ee26b93bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:44 GMT
content-encoding
gzip
last-modified
Thu, 29 Jun 2023 21:52:27 GMT
server
Microsoft-IIS/8.5
etag
"80df92fed3aad91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
12293
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4405 		179 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f294f48a5bc171da79776780d32c77ae3323a508cb595a56f116ecb7578a8e7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57383
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1690198756579870"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jul 2023 10:33:48 GMT
mmt.gif
imps.monu.delivery/ 		37 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=2cc94ba7-6109-4c75-990f-b85b035f5c57&a=s.d&u=5bf5d574-b65e-4bcd-aa55-03f1e14abdf2
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 18:32:43 GMT
age
1785665
x-guploader-uploadid
ADPycdt4eX05P7AnsOLjUJdl9eFWeTbz6yPUKPa-I8XxynX5g8cNbeBeeEdm_FnWNP1odS30wiBi_wlsQfyyyEqrmuOl0hVFrcly
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Fri, 05 Jul 2024 18:32:43 GMT
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%2276b6d1d8-9f58-4ac7-a92e-f3232afccc8a%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrar...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
415 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%2276b6d1d8-9f58-4ac7-a92e-f3232afccc8a%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.idrlabs.com%252Fbarbie-character%252Ftest.php%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.253.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-253-136.fra60.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/barbie-character/test.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:48 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P3
x-amz-rid
W1S2A3XDS88N80Y3X2FG
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
d6sDi1anpOlpROkiGh0QDy8BBz8as9eFK-5Irmt3rxLkUAeMe6pDBA==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&pid=hEZ4TNmFSSfDr&cb=3&ws=1600x1200&v=23.725.1446&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1_2_ad%22%2C%22s%22%3A%5B%22728x90%22%2C%22320x100%22%5D%2C%22sn%22%3A%22%22%7D%5D&schain=1.0%2C1!monumetric.com%2Cbd54a1fb-1ef4-44ba-ab83-7f8481ff624d%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.253.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-253-136.fra60.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:48 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P3
x-amz-rid
AV1JW15E4ZGWER2PBV5Y
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
C5LyPSvlis1y4K8yAWI8SkVKmMIQWARdkAD509I7zDAM98_ch_7tbQ==
container.html
6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8CA4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202307190925/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jul 2023 10:33:48 GMT
expires
Fri, 26 Jul 2024 10:33:48 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pd
google-bidout-d.openx.net/w/1.0/ Frame 64B8 		0
168 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Thu, 27 Jul 2023 10:33:48 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5842 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
12490
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jul 2023 07:05:38 GMT
expires
Fri, 26 Jul 2024 07:05:38 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 405C 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
39483da68896842e4e616b516176894bc880ef9134fad5ed2c9e8cfd018556cd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AyZT52TS9fBYNua1HHhjcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-AyZT52TS9fBYNua1HHhjcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jul 2023 10:33:48 GMT
expires
Thu, 27 Jul 2023 10:33:48 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=535532118783808&correlator=2222561610549697&output=ldjh&gdfp_req=1&vrg=202307200101&ptt=17&impl=fif&iu_parts=20842576%3A21807321066%2CFJ401M%2CFJ401M-DDA.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C320x100&ifi=4&adks=995907353&sfv=1-0-40&prev_scp=pos%3D1%26monu%3D728x90-320x100_B1%26slotNum%3D2%26placementNum%3D1%26directDeals%3Dsticky_bottom%26allowNative%3Dfalse%26amznbid%3D2%26amznp%3D2%26refresh_count%3D0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D10_BB_notchrome%26slotOnScreen%3Dtrue&eri=1&cust_params=page_num%3D12%26big4%3Dfalse%26url%3Dwww.idrlabs.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&sc=1&cookie=ID%3D75742ae4dc8ec5d8%3AT%3D1690454027%3ART%3D1690454027%3AS%3DALNI_MYrZbWlMn7EwL_IDAg3A4rUPCWaeQ&gpic=UID%3D00000c47bf5ffd72%3AT%3D1690454027%3ART%3D1690454027%3AS%3DALNI_MaxGldW__im7KHHge1nGw-4Khl4Ug&abxe=1&dt=1690454028382&lmt=1690454028&adxs=805&adys=1155&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&psts=ABnkTfAeC0_G82ENdZ4aRlJSQzY5ZqaeT-yN21yPD0iAbZMtf1zc6Au545HL4XF5lPbW72g7jfgleny9q-E6YG3_AxSNxw&ga_vid=628320600.1690454027&ga_sid=1690454028&ga_hid=966256017&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY6tylt5kxSABSAghkEjsKCnB1YmNpZC5vcmcSJGU3Y2Q1MjYzLWViMDUtNDM2YS1iY2VmLWMwMTIzMTZiYzk0OBjN3aW3mTFIABIdCg5lc3AuY3JpdGVvLmNvbRjq3KW3mTFIAFICCGQS1gEKCHJ0YmhvdXNlEsABemxNTWRLRzFjYTNvd0xUMWczc05tcGZxZ1p4eWY3NWJqQXhtQmVCd3hhbTRnMWlnS3N3K2FodGlMVXlwVHl2NjJkbGE1MWEvdmp6SisxRlFKTlg5UkxRc2dLUVZQYnZHRU9OTmdkOUtROWFBenBGbnJ3L1dadTBRUkc1cUErdXFiMHQvTTUrVFZEKzN3NGlxamhNVnhwYURzRDRGUjRuaWhucVI1dlBhNThUdmc3YkUxVEZSaldmQjUwMTRZSk5GGNXepbeZMUgAEhkKCnVpZGFwaS5jb20Y6tylt5kxSABSAghkEj4KBW9wZW54EixleUpwSWpvaVZqWkJlWE5DYms5UlZrZFRRVEI1V21aak1FeFNkejA5SW4wPRjI4KW3mTFIAA..&dlt=1690454027060&idt=783
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b7f694e4e9187e745352c16e810e96d6299403f22332ea501905043bcd134c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:48 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12028
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 8CA4 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: 6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
URL: https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 27 Jul 2023 10:33:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 27 Jul 2023 10:22:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jul 2023 10:33:48 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230725/r20110914/client/ Frame 8CA4 		2 KB
892 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230725/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
URL: https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:51:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
70919
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Aug 2023 14:51:49 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230725/r20110914/ Frame 8CA4 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230725/r20110914/abg_lite_fy2021.js
Requested by
Host: 6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
URL: https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:51:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
70925
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9132
x-xss-protection
0
server
cafe
etag
17712579318771444318
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Aug 2023 14:51:43 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230725/r20110914/client/ Frame 8CA4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230725/r20110914/client/window_focus_fy2021.js
Requested by
Host: 6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
URL: https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:51:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
70918
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Aug 2023 14:51:50 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230725/r20110914/client/ Frame 8CA4 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230725/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
URL: https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:51:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
70919
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8293
x-xss-protection
0
server
cafe
etag
11502554701003060455
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Aug 2023 14:51:49 GMT
nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 8CA4 		225 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png
Requested by
Host: 6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
URL: https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 17:09:33 GMT
x-content-type-options
nosniff
server
cafe
age
62655
etag
14085932017949564970
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
225
x-xss-protection
0
expires
Thu, 27 Jul 2023 17:09:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8CA4 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
URL: https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f294f48a5bc171da79776780d32c77ae3323a508cb595a56f116ecb7578a8e7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57383
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1690198756579870"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jul 2023 10:33:48 GMT
39d4397462e2693449f221f9915f9e59.js
www.gstatic.com/mysidia/ Frame 8CA4 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/39d4397462e2693449f221f9915f9e59.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
URL: https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
67edbe1fe2a38ebf16fc36b42cc267e37f18629ec79feae7a177178bf6e24d89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 06:42:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13905
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14179
x-xss-protection
0
last-modified
Tue, 25 Jul 2023 11:10:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 25 Oct 2023 06:42:03 GMT
pixel
protected-by.clarium.io/ Frame 8CA4 		68 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6MzIweDUw&v=5&s=v31h6beis87&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDIxODA3MzIxMDY2L0ZKNDAxTS9GSjQwMU0tRERILkMiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LTgyZGI4ODYzLWE1YTktNDY0Ni1iZmM0LTdlZmE3Y2ExZGRiYV8xXzFfYWQifX0%3D&cb=5631985&h=www.idrlabs.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZNekl3ZURVdyIsIndkIjp7Im8iOjIzNjcyNTUwMTAsInciOiIzMjAiLCJoIjoiNTAifSwid3IiOjJ9
Requested by
Host: 6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
URL: https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.50.58.122 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-50-58-122.eu-north-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Thu, 27 Jul 2023 10:33:48 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
12689500185575797283
tpc.googlesyndication.com/simgad/ Frame 8CA4 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12689500185575797283?w=100&h=100
Requested by
Host: 6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
URL: https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96debb48b959e7206300a08ea3c9d7d159367b988c234f65c84129b660e47ba1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 14:57:49 GMT
x-content-type-options
nosniff
age
502559
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18199
x-xss-protection
0
last-modified
Wed, 30 Nov 2022 12:51:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 20 Jul 2024 14:57:49 GMT
truncated
/ Frame 8CA4 		336 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
container.html
6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BE47 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202307190925/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jul 2023 10:33:48 GMT
expires
Fri, 26 Jul 2024 10:33:48 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 4405 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
479b1b54f4fbb78952d6d694f899e28804fd8ce36f1ff182c78e8da11a77cbd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame 405C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307200101&jk=535532118783808&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers
YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
pagead2.googlesyndication.com/bg/ Frame 5842 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:18:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
72940
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14704
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Jul 2024 14:18:08 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230725/r20110914/ Frame BE47 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230725/r20110914/abg_lite_fy2021.js
Requested by
Host: 6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
URL: https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:51:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
70925
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9132
x-xss-protection
0
server
cafe
etag
17712579318771444318
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Aug 2023 14:51:43 GMT
css
fonts.googleapis.com/ Frame BE47 		8 KB
750 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: 6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
URL: https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 27 Jul 2023 10:33:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 27 Jul 2023 10:24:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jul 2023 10:33:48 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/ Frame BE47 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.css
Requested by
Host: 6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
URL: https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 19:15:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
227911
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2920
x-xss-protection
0
last-modified
Mon, 10 Jul 2023 17:29:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Jul 2024 19:15:17 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/ Frame BE47 		375 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js
Requested by
Host: 6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
URL: https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
694232a260aae79863960cde335169eda08872773c6f3fc63a4c16edfcf9a477
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 19:15:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
227911
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131779
x-xss-protection
0
last-modified
Mon, 10 Jul 2023 17:29:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Jul 2024 19:15:17 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230725/r20110914/client/ Frame BE47 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230725/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
URL: https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:51:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
70919
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8293
x-xss-protection
0
server
cafe
etag
11502554701003060455
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Aug 2023 14:51:49 GMT
pixel
protected-by.clarium.io/ Frame BE47 		68 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6MzAweDI1MA==&v=5&s=v31h6beisgf&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDIxODA3MzIxMDY2L0ZKNDAxTS9GSjQwMU0tRERTLkIiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LTJkMGYwZDZkLWZjMzctNGU5Ny05ZmQzLWY0YTc4M2VmYTZkMV8xXzFfYWQifX0%3D&cb=7968653&h=www.idrlabs.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyMzY3MjU1MDEwLCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by
Host: 6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
URL: https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.50.58.122 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-50-58-122.eu-north-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Thu, 27 Jul 2023 10:33:48 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame 8CA4 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea9a9a4e30dd7fba18d51b70d4772d84bdca536c8cde09d9bc9cef7c555e5bf2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame 8CA4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CzwvpC0jCZMPIOtfB7gPS5q7YAtfNn6Jx8aPTs7MRZBABINjV2CtgleqTgqAHoAHY9pa3AsgBCakCwpcJnfKfsj7gAgCoAwHIA8sEqgT-AU_Q7nOUh9QXupQRjd-yI_CVy9Qq0AUL0rphfH2eLMfI85vwEYCSfPhCJR1CSk3ORwvL7j_8FFF_XJNgPEYm9Si8XxEjl7e8SOhsX1n-5nUcqPNFBxQ8GqQBjVZ5WGZLLLtB6TaN_tKKczC8b9zV_VVP7PcjABZMpf78YQ9lClT0i3F6c9QN8mXJ5Yx8PymIl2uJDzSFb2Wj9Pxk_t7s1ttZe5Nq6TOhtciAJjj17eeq3tySknMqC5_IOVI441TO7VBiGHpeKt8OSGkBMmza3F3b5oNbdLM7Ew1sj64WAUDOZmsf4Xrf7PbN8NtbvliAybcrVwhaAee6VzWLD6RZwASi-N2CogTgBAGSBQQIBBgBkgUECAUYBKAGLoAHkInpyAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCAnwbSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01MzExNTA1NDI5MjMyODA1gAoDyAsBmAyQiqSBpQS4E4ME2BMO0BUBmBYBgBcBshceChwIABIUcHViLTk1MTcxODUxMDYyODM2ODIYmNsQ&sigh=p_EisBpHxSk&uach_m=[UACH]&cid=CAQSLQBpAlJWi_4RQz4paqcTjJR1gwmmf65ULjIFhZ9MfG1OENvz5GqltEW1O6gn0BgB&template_id=515&cbvp=2&vis=1
Requested by
Host: 6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
URL: https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 8CA4 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 19:09:17 GMT
x-content-type-options
nosniff
age
141871
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 24 Jul 2024 19:09:17 GMT
css
fonts.googleapis.com/ Frame 4405 		6 KB
706 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 27 Jul 2023 10:33:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 27 Jul 2023 10:23:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jul 2023 10:33:48 GMT
select.css
saambaa.com/widget/gpt/728x90/assets/ Frame 4405 		1006 B
776 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saambaa.com/widget/gpt/728x90/assets/select.css
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f9d9c7a87c8d45bf544e7e77ebd3e5ca06c28c690e4c36bf6def49fa95326941

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:44 GMT
content-encoding
gzip
last-modified
Mon, 26 Jun 2017 22:37:38 GMT
server
Microsoft-IIS/8.5
etag
"02525d0cceed21:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
645
smb-dispAd_728x90.css
saambaa.com/widget/gpt/728x90/assets/ Frame 4405 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saambaa.com/widget/gpt/728x90/assets/smb-dispAd_728x90.css
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
ba24eda30cf8adc762f0c2027b5e616f52d83f231c5ddd28f7b6f733d1438fc9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:45 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 20:03:24 GMT
server
Microsoft-IIS/8.5
etag
"04e99bf32b4d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
2981
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161763/8209/ Frame 4405 		233 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/161763/8209/pwt.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
00df4c71abce5525e275be8f94ee32a07ffbeea94226e8096bbb432e3928e8b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:48 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 01:09:13 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=162740
accept-ranges
bytes
content-length
78875
expires
Sat, 29 Jul 2023 07:46:08 GMT
0
api.saambaa.com/properties/widgetconfig/728x90/partner/idrlabs.com/platform/ Frame 4405 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.saambaa.com/properties/widgetconfig/728x90/partner/idrlabs.com/platform/0?callback=__smbcfgldr361092
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
3dd1e025f5c1ca366857cbf5f4bbc217c9c4d17704f0e015e3b85bb71965439d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:45 GMT
content-encoding
gzip
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
ga4mp.umd.min.js
cdn.jsdelivr.net/npm/@analytics-debugger/ga4mp@latest/dist/ Frame 4405 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@analytics-debugger/ga4mp@latest/dist/ga4mp.umd.min.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b647edf1597f3427578fc09d41be48660f2388e92022eb0693975efd38acda0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
34590
x-jsd-version
0.0.8
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230053-FRA, cache-yyz4545-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"231b-bu7prZXfHly9j0HIF61RLekhwNc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vadByYLWP1g1Yya%2BqSu0nxq7wEXcI8dzTnRe0D2LQdCOsVRXZmH3maRyblQ7NdAoJYPJnstsnKm9ZwdgE9%2B%2FAiz%2Bbn2olk6XwxOqmMLgNkbCvqRnO3wrHFic%2FNekPLB3szDwNx17wRrUgGeBuH4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7ed439f0aa1c1e30-FRA
gpt.js
www.googletagservices.com/tag/js/ Frame 4405 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
60bee248c137ca26bc133e20134b4e6752d4acfe68d73ce1c71ce7cf23270ddd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28192
x-xss-protection
0
server
cafe
etag
365 / 19565 / 31076487 / config-hash: 6238320479289362845
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 27 Jul 2023 10:33:48 GMT
saambaa_prebid.js
saambaa.com/assets/js/ Frame 4405 		354 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saambaa.com/assets/js/saambaa_prebid.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c46261799db2b9293be2af0302b45e51ab5d1e383d0e7b4994432c8fe0ff3d26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:44 GMT
content-encoding
gzip
last-modified
Mon, 17 Jul 2023 22:48:25 GMT
server
Microsoft-IIS/8.5
etag
"808288cb0b9d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
115053
analytics.js
www.google-analytics.com/ Frame 4405 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 27 Jul 2023 09:04:39 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5349
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 27 Jul 2023 11:04:39 GMT
container.html
6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1F02 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202307190925/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jul 2023 10:33:48 GMT
expires
Fri, 26 Jul 2024 10:33:48 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
pagead2.googlesyndication.com/bg/ Frame 83E5 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:18:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
72940
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14704
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Jul 2024 14:18:08 GMT
csi
csi.gstatic.com/ Frame BE47 		0
235 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lkl0okom&c=8749460887194&slotId=4374730443597&qqid=CJOB4v7XroADFWUHVQgddgEDFA&fb=outstream-lima&sei=44730425%2C44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:80b::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BE47 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 07:10:45 GMT
x-content-type-options
nosniff
age
12184
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 Jul 2024 07:10:45 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BE47 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 22 Jul 2023 03:30:27 GMT
x-content-type-options
nosniff
age
457402
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Jul 2024 03:30:27 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BE47 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CTwp6C0jCZNPPOuWO1PIP9oKMoAGc-8DPcbiYnfXqEZ64iLaDAxABINjV2CtgleqTgqAHyAEFqQJNX8c-XJ6yPqgDAcgDmwSqBPcBT9CYXfLJnPGSdg5iuZfxMGD_NEy-VsjqUJt-dwmge7R9HlxH_84wXNxqAug_cQXSO1GosPyj1zoh5LNmh7RU0X1jxOY-OvHhVlbcLaNJECmlwZVllR8h-3EpbylIcamIKu0Uztx_ziSaT4P3RU7EMmv9WJ7DcVcZIxaeI2frp9zO-acUKv--Ov0FpHVhMxmIfliFsKU61ceq7hS8UHfGovHoMJ75S7WzKlwIgH1uqdQNATxi0vboYMukBGn1vXxZo2vKkUH8h_fAqBB8UvwIfhAC0JQUPfmiBEy3seZ5jp1a5Y2bX6yktwn2h_y68wtkRNa8zI6RQ8AEq_f2wLAE4AQDkAYBoAZOgAfPv8FnqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTUzMTE1MDU0MjkyMzI4MDWACgOYCwHICwGADAGwE5jBjRTIE-75jOMD0BMA2BMKiBQG2BQB0BUB-BYBgBcB6BcF&eventType=clickstring&clientTime=1690454029003&ai=CTwp6C0jCZNPPOuWO1PIP9oKMoAGc-8DPcbiYnfXqEZ64iLaDAxABINjV2CtgleqTgqAHyAEFqQJNX8c-XJ6yPqgDAcgDmwSqBPcBT9CYXfLJnPGSdg5iuZfxMGD_NEy-VsjqUJt-dwmge7R9HlxH_84wXNxqAug_cQXSO1GosPyj1zoh5LNmh7RU0X1jxOY-OvHhVlbcLaNJECmlwZVllR8h-3EpbylIcamIKu0Uztx_ziSaT4P3RU7EMmv9WJ7DcVcZIxaeI2frp9zO-acUKv--Ov0FpHVhMxmIfliFsKU61ceq7hS8UHfGovHoMJ75S7WzKlwIgH1uqdQNATxi0vboYMukBGn1vXxZo2vKkUH8h_fAqBB8UvwIfhAC0JQUPfmiBEy3seZ5jp1a5Y2bX6yktwn2h_y68wtkRNa8zI6RQ8AEq_f2wLAE4AQDkAYBoAZOgAfPv8FnqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTUzMTE1MDU0MjkyMzI4MDWACgOYCwHICwGADAGwE5jBjRTIE-75jOMD0BMA2BMKiBQG2BQB0BUB-BYBgBcB6BcF
Requested by
Host: 6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
URL: https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame BE47 		0
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lkl0okp8&c=8749460887194&slotId=4374730443597&qqid=CJOB4v7XroADFWUHVQgddgEDFA&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.uw&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:80b::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame BE47 		28 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DrsrIEiBFhQQIHZs1K6z4oMWMK0VKv-F2FM99PN-32vWgbO2WMpQbO3H7mpcGMBM5CeA0PvbTOM0XkqBjq3H_8Ivdt9Q&dbm_d=AKAmf-AWOw9NzctQfr-ifzG2ys07adFS3yCv-PLet7_1cjdeaEn7mPjKPeMYzvzuDo4nQ60yR6TIav67JogrRdVLNWFakIM2yDasmrcxFebsc5tZ7QbTi-lP2ypbmAik3n00v4kfAVN42DixlgPtWxL6_6avrnMevmk8dWlVK8GzyGM1s6s8NhSZVkEXmHv8RcS0SSZuurn1CPZuKxtgkR76Ux83sWIBvWV7ospkJgtrILOCdUEPRcXgWHL0hCJ7vOpsslzyVhwydYH3WhvD8OhZbqp9KDJdD2oDhScbq9RmuecMwERr3qFAC3xAermq0QYc3SoX2iGcjClNTr9E_pDwFF6HvJwv36k6rl72E0q2_gce4X3x9aqmwt5ZNR7vUO0Dt4zF7Yl0eNh5AgVG-CHpquKTiEOZdfIyqJSJBu92irU-ubx_PScTKg8cF85_0gLF7kRm0SYLes1CYRpTGYSEnNhtMBaZH6UMOA5Ix0_5EKD-OxwvbH51ZsfzB05J5LqyFYh8GcusGgW9WpLyDod1fM6rx39muiw5_yi0m6tEQRfm_UpKxlPXmEn8St5APQbktQOwQR2rRGTttizLeGkST97FAPiuIxnEwsJb_Z4kVNwOz1IgH8zTbmJz1PRTsH7oIcazaw0WdP446htM7HMG18FNAfHg14vDQerQfx-ctRqAohO-tZny719dmUJh3JL-_g0tcimlrOIF55Uq5iz0q0AZ-HPB_K7nxBKCxWHeYcQpVTSoO2s69-yWb1Qe_EJGiVhPs_aDipT3ZZUsOQR23qToH97VjAEsZoRiAUFr9uJ4Mmq9uoOG7Y9tBVz4KDW9LCCxNYMhlXcOWc-KxPKEeJ4WgCuOvwSKRor3lY1adaSp7q6t0Qqw4Om6eLMjbVAe9bQS9g0Rm-gHoyU6M8quYh2brSItZxxgvQFFyo0KRiMCIRjebH0ie2B6kR_hz26QSJVvsZn8DVMAYlg3zMOMfzoPZZ4FuWYoWc64fHUT_c1d_DzAdrXUYWrOXAOB7FNeYOiuGdRsjUjFAy9tem5eH6plJfPGsIOWn7cpGxBUpd4yr_C3Dx4TWZW-sFvZkxxywajgdHBawvQM5_l1jkokE3Zd6lKeB0sFEwAqeOSyQ-A04qH5aoGE3j23peOmTpFscS4qDgzEi7CQcaqGp7QLxB7cglUGO54M4EPLXw1m7OrNHIxo5yHNrtkVB9SbtnLkRL7T57qW-xaz5cmWQ1qdNbt2iy5dsWZmVC7fT9b_UhW8ijaesMB4ZawpNQ5AfS3XljaL5p0jvr-LIpYoJBpV-BRH5bO30nbMCnkrfD56qc8Rud2y44_HzufiEOcPkPVNvDEDn3x_LwMcveWhqWQX6wEErpkVeNK8vLlt-xp6rnSIdlFfP3Nz_lxnstHdxhQ0zWmqpjlSd4uPK-z9S8Zz13xP6t3F9_d0GOi7Az7i3JE684z18Sqka4cRD9rzxKP9b0pZhhqPbaO-rQOPPs2ytkhK5m-f79PKLoaLary1zLNXI103vMxGB9VrZwEJCDyLKTyZC6h71YqW-69ba5hvpPLKSxPKOthAubC6xf2Z_JQjWAV_-mBms3KuMGLnOuozmWZinHOe42pFyQG0bHdxMrzuIjRjRz32tsT4LPRP_3JbdB2pvHSIOaOVWr6GK8m2NK0eBZHZl3OLufVM9pyW5M3ocgpy6mfU3WZMPhJzlhl6NhBXhjkQ-3EFQjSjAcwcIkcv_uPyd3nrGr4lILW9IE1p9HArDOY12-FucB-AEIleuOes_sOqEyT38JQVk2RoBMlKon1O4zbkuWe4GG3W_Ex90zT0awZV-2j9juUlTFKYq2ZO1wzbiDScHCv7twoEaSdqaxdeewbAWl3rMHPNue1ciLQ-U2N4y_lwhbbGca3OVyjKiBptWVth8xV9BTzuA7i0feElMXks16D8iCVR1BQyKxuV_Z2rdAAYGEpqpUFjBd5J3FcocdVcK36uQwnIknU-QHREwt8sOZyn1Z_zEC7XXg_FfdeSqe5-OQ7F867l_6Y40GG5CR56j7JayudhzwAE1CQs7LdJtOLdjy9O-SCGjL8Y4mCsx2S8us99gM8Cyl0NQABvWfMqnmBBMo5gQ_v9-jFUNcWcCHi46IxQNkLAw0ti2-R57_6NyQhHUxn25zEsA34yDAboQEGHND6B2RaNcezCHLRks4DsvIQRN7FS78tIFVbsSdF9DuLLjF1x4-rGhZfcmc2oDVvJFeddA7ibpbGl-TcWCj0FWIR0s0XZpqHkMN5iPl5vaEnPpZFscHYFqZn1NKTDtibzQdkKYB7j2nA-ZXh16QL9gqbJp66ksM2j8P71iKxmgAeKNGPtv9Hd3u_xnuXGZqzFDx-BLn_r1VUX2bE3o34qNNcsILV72IPbnrddHRg75ki_v7wfE76NPGv7Supktq41zc6NVteKhGlo1U-J1BYXHpvvejvqLs0Sq_lJe-Z32Ns5JqXCLqmQTmW8iCzis6NVhmZehcMyKP3euKkKFJpZlS2CxJGvxKvMT65VcmoonxuY4D16XxZENE1eTBWz_PVWEbDgA-6IqJuAM3X7A3zwSUpANPr5KZvr17eCZ_33TXY5zjiDuf7z0rvqb-QHHa2Mohw10nTfnkZNNprff-awYSRT0UEpOe7ibMNdNdvxQc-ag-ccw_Ve_kYcGKBlu0ChHcXYmp07S7R1G_8G-bPSvOQyEUOeYE3ELGxgB8rAHZFbJdEmKJw2oyKSQ_zMjlBacgvwH_AoGZ0Xw0LoS8_tY9nuoyCoD6P7A6UYk5L8q4KwUkjo7gSsyopw6RzB3aiavN0d6iPbBN9pd8cPKgMDGIv-nn4qfln4SevV9VY8JbCyB-48VrUz8CkUTJ4_SWV37B2Toir6RmmJ0IokWLjfkS_5mPNxo4E-KUauzwZMQV4xNqoJ75OYlqKakqxzqhywpCTmcMeWvAez0YQJ9aWUFsddiDuUz8mg1FSQsLhrWaGWlbKwaSd2gSFtm6859vCgdjFqLbHWg4yvCBqEOgkdG7UIRUeFMcKwmy4iEK8bHF6ASdFrOgaat7I4HToCtNssk4f-K_kqhtsTMQMrT0t_sdR_UlgbE0nS-RyUwn1cqB5ynjnWV6QaAISDHjN_QBu_UjvEp1cOLR17-tNbmxQyy_cGWaIqnQ49yBgAF1YFkN9Ved0SegOD0QWMqIglyK9JZujVcC2AIpXqUnMN8wYvYx3clLYnTkHjUw6tcX2mleh3bZa-w3TumrKkBmpZGBjdX-NkGNVtAxMAwfRyr4RZnOa3HCaxknj1rtLAMWrOh54dXop38FlwEzAgcOMwT-KO-RDicJzfw0f7rj8OUCUjNIbVXibQgpV_z10A3XXIuj0jWR7ega_KnXBmm3-BcJKfZe6sQP_TVViWJn1s8IWEe4Vbfag_1A_dty2Ue0_JRa87UyR9diiXJjnh4O6zTMkBDm_UQ2jDaHcZsOWRx-H6knmI8q25yGQjJNsoLvdwYUk1x1G7thO4mWgfogeEKTskjGRaJnjJM5rhqaaGVNUBUAUU0X78oGXwa6xmwN4mhAzAyol8GZ_6nwUB8-CqBPRNBZX7EUElIif-CPB1SWOF-VGyVKzg7ae4Kg&cid=CAQSTABpAlJW3PvCY_hZdjb_cWvqd9IibV0l5rHOCs8IB-X8kE-mAD6bUTqwEzVpsxcI79AVArWSo91fknfe6t7nmKYZ595COuRLvXk86RUYAQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.168.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wh-in-f155.1e100.net
Software
cafe /
Resource Hash
1ecc9c67427a770d22e0d29773fe793e793f3b0cd1a0fbe18259096dc8b15703
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17575
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1E6A 		624 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gY17jR8QEwAQ&v=APEucNWogAwtVfahw5dHnvj89P085HxUmAtsNHl_SvwzWgYEX4YlsaLYnxeKAFxbV4T_3ZuvjV6KvAjR4cpk7pB2fyHK-8YqAnkLAPLUC63cZfno4TDPBxntPf2rT7pSQlNH6tHzBrb3qvPlyNJeUQyNo_E3k0Zc5pq8eOBfqm5e2aQHS746KoU
Requested by
Host: 6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
URL: https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jul 2023 10:33:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 1F02 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
URL: https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29781
x-xss-protection
0
server
cafe
etag
4315658989838864570
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 27 Jul 2023 10:33:49 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1F02 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D9klRWnzLdS6oXJ5G9rPwrLftSUpTD5d5EO66pHj_KMMLLpOdGRY_e8cALOscBcjyrDtm1ow4HWlO0HYHBWTnGPA2Hm7cOOLgS9JchIv3QtGr9U8U
Requested by
Host: 6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
URL: https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1F02 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13651656272493319517&x=1&ct=77
Requested by
Host: 6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
URL: https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/adfscript/ Frame 1F02 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=66525057;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=17041403958&extPm=17041403958&extCr=506747991&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=Cuz7TDEjCZMrAGteAx_APu5Wl4AagiczHa7LCloaGEbHSgbznAhABINjV2CtgleqTgqAHoAGR_tGiA8gBCakCwpcJnfKfsj6oAwHIA5sEqgTtAU_QgBnQYFgsHrPjpkO9kjUOy5gcxS1LAkgrrQhLljA3KhO1ksiFde5_XqROil6r8SsJF7kaY1X3e2LGYrGi1Z5pq85Kpt0xdY9reygnYObgp0jyKkPItwtvtKc7ElDz9dXS4rRlyBKiW_UNUUkwB1wzNxpVkEYbcQikXnkZbeNwT2muvl8gunyJrU9tP_RvtsNSY41DJdMwVZAo-8XxWqUwJwH4imBWS2NQn74qSh7ocF_72PhAhYJWWyJoKfEPHJ7JeTfJL4Auz-8fu0vIdC8Re5uXF1HVZCN-yIZnykdfqD0NFpdyZzPlveuqz8AE7taq8PUD4AQDkAYBoAZNgAfXga5dqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTUzMTE1MDU0MjkyMzI4MDWACgOYCwHICwGADAGwE-LNlhTQEwDYEwrYFAHQFQH4FgGAFwHoFwQ&ae=1&num=1&cid=CAQSOwBpAlJWPr8oU-QVQWgYWY74gVIIGZrjbFI-xIuOkFwXbtdx6fHHKpb1E18Wx9mRKv7V1KP7K95BsFd4GAE&sig=AOD64_25hskHFzXfxHp8WqjaRiLHsvoGww&client=ca-pub-3944954862316283&dbm_c=AKAmf-BmgyGUONRiK-Ew_xHantY7g65BpFTJzxya6gQUEBRW1iqIQo3YWOmYYh4OhsNyUuOpeMDA8aBiVgS3YhB4VnivcG7Trs-2hw-L9-xk4fXpA_9H8aUlW-R4wiBnR2r9WCovjDsudyZoEve1-JRyXWARS2X3Lsb5Eq_MBluNLsiBfEhPDc8&cry=1&dbm_d=AKAmf-DjRPMt57_8-_q6jEmVR7hh2PhqwyORx_Fhyok2Adn2dCAZ3bbHdQrj70TfGl2yPsUR5cO-LJ5fsabX0Q-_zk9Usy5OAq4wDjRTDExdYU6Q4oxAVA3Z1pjM9P5hNk2FDKk-vpMU7ELOTq4nt0_oDPyxxiXjXVqXjbaPgu17RfsmUvcW7zW9wpvyNGe1PUQcykPNMXkk9PPd8ZOGJ6gHiCf8qt4CWgd72hnrcgNlp2nXi3WMq6RwKbvJMxdb1EzIKFJYu_3z4jiDFgLTZziu8U57KAhtDii3_08q01Hv225EzFTXrRZLv7VPfMwp365Mc1-PeFvZfT21756aKQP6A93B2LVGGBuG-b8zisPNaPpY3hOQ24hnDb8IRqRVv4Ktfr8kPMui749DNv5EIPm08ikS47MG1rg6hiF_6otnSAY9AZZ9l4bkUS7q6F6rPGoB2j7xvutlxTVHrtPKpCRAoe54VJiuFa5YitzWkV9oHXNKFD3RUgfRVGAYzojMEUa5wHDbH0H-ELtA6iJcNt5RIJ-U8mM5Jn5HtiLRRbUIu5rhhcFVNhbYYqRr2sA-ATu1pW1Gxw8Y&adurl=
Requested by
Host: 6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
URL: https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
023f3727270b8515fd1083eab91d487e33662c13e207b807b93b037b233e1c6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2879
expires
-1
ai.aspx
m.exactag.com/ Frame 1F02 		60 B
753 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.exactag.com/ai.aspx?extProvId=327&extPu=vf-dv360&extLi=17041403958&extPm=17041403958&extCr=506747991&rnd=1690454028434250
Requested by
Host: 6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
URL: https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
85.14.248.72 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
2a5197525b2d844bd1ce5852e89988181164abcd15bcba5767e37a0800445ec9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Thu, 27 Jul 2023 10:33:48 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Do, 27 Jul 2023 10:33:49 GMT
X-ET-Code
11
Content-Type
image/gif
Cache-Control
max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp
1756
Expires
Mon, 26 Jul 1997 05:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230725/r20110914/client/ Frame 1F02 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230725/r20110914/client/window_focus_fy2021.js
Requested by
Host: 6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
URL: https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:51:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
70919
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Aug 2023 14:51:50 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230725/r20110914/client/ Frame 1F02 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230725/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
URL: https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:51:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
70920
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8293
x-xss-protection
0
server
cafe
etag
11502554701003060455
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Aug 2023 14:51:49 GMT
l
www.google.com/ads/measurement/ Frame 1F02 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTLcYa8TiPwg9PsEOHthi6QZZDJI0PFvko6FjdhDT5sKMh4ujIMHNSd16hddRvL38Dqgqo1kgZwTU-SFIyB7KTr3uuXYA
Requested by
Host: 6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
URL: https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1F02 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
URL: https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f294f48a5bc171da79776780d32c77ae3323a508cb595a56f116ecb7578a8e7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57383
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1690198756579870"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jul 2023 10:33:49 GMT
pixel
protected-by.clarium.io/ Frame 1F02 		68 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6NzI4eDkw&v=5&s=v31h6beisop&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDIxODA3MzIxMDY2L0ZKNDAxTS9GSjQwMU0tRERBLkEiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LTViZjVkNTc0LWI2NWUtNGJjZC1hYTU1LTAzZjFlMTRhYmRmMl8xXzJfYWQifSwiZHNwIjo3M30%3D&cb=4832491&h=www.idrlabs.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZOekk0ZURrdyIsIndkIjp7Im8iOjIzNjcyNTUwMTAsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Requested by
Host: 6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
URL: https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.50.58.122 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-50-58-122.eu-north-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Thu, 27 Jul 2023 10:33:49 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame BE47 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
901c6f75c7a0329035c948aefdf914676d8f157a34c642043b90364d87367dfc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250101/ Frame 4405 		386 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250101/pubads_impl.js?cb=31076487
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
118579ef80b90d5219a15a41da7281aa7745beab905db12d6223c9e89199f258
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 09:58:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
2140
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125527
x-xss-protection
0
server
cafe
etag
3907857896474635156
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 26 Jul 2024 09:58:09 GMT
generate_204
tpc.googlesyndication.com/ Frame 5842 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?uNBBcw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:49 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame BE47 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CBlOqC0jCZNPPOuWO1PIP9oKMoAGc-8DPcbiYnfXqEZ64iLaDAxABINjV2CtgleqTgqAHyAEFqQJNX8c-XJ6yPqgDAaoE9AFP0Jhd8smc8ZJ2DmK5l_EwYP80TL5WyOpQm353CaB7tH0eXEf_zjBc3GoC6D9xBdI7Uaiw_KPXOiHks2aHtFTRfWPE5j468eFWVtwto0kQKaXBlWWVHyH7cSlvKUhxqYgq7RTO3H_OJJpPg_dFTsQya_1YnsNxVxkjFp4jZ-un3M75pxQq_746_QWkdWEzGYh-WIWwpTrVx6ruFLxQd8ai8egwnvlLtbMqXAiAfW6p1A0BPGKK93KVWDZC-xdG4j949e5r0exKZ7RW7w2sKztbGobZvQz7IEV1smoGyleWP7dtnVbtHoibERZJetwoYP24JaEYwASr9_bAsATgBAOIBZXZ86tLkgUGCBsQAxgDkgULCCIQAxgDSOLc-wGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB8-_wWeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHDBDzhTMYg_HU5gEgBNIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTUzMTE1MDU0MjkyMzI4MDWACgPICwGwE5jBjRTIE-75jOMD0BMA2BMKiBQG2BQB0BUBgBcBshceChwIABIUcHViLTk1MTcxODUxMDYyODM2ODIYmNsQ6BcF&sigh=EwmuhaXBYss&uach_m=[UACH]&cid=CAQSTABpAlJW3PvCY_hZdjb_cWvqd9IibV0l5rHOCs8IB-X8kE-mAD6bUTqwEzVpsxcI79AVArWSo91fknfe6t7nmKYZ595COuRLvXk86RUYAQ&vt=10&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers
csi
csi.gstatic.com/ Frame BE47 		0
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lkl0okpn&c=8749460887194&slotId=4374730443597&qqid=CJOB4v7XroADFWUHVQgddgEDFA&fb=outstream-lima&vast_v=2.0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:80b::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
70774489
unified.adsafeprotected.com/v2/1434172/ Frame BE47 		23 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://unified.adsafeprotected.com/v2/1434172/70774489?mon=70774493&omidPartner=Google2&apiframeworks=7&bundleId=&ias_xappb=&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjssiK9daSfy9laDwwWoXysbARpZ2PMc4l-Y45eJ6DIinI8aTX2EF6bHY584VDp_ztUVtuBOpk0G7sVbweQDhcLw9S8lT3oovQjF23oZxWlgBiMUGyxAe9uGh90dxYz0IiSxgrLQEia7XCVN7M_UDUgvvvz6E57_ZzRuKmNmlprsz4eyaHmE9Xy0yT_63B9Ri8iGwHuW7g9HBn6ED0izHKGAI%26sai%3DAMfl-YQptRs6ZBBwJrJyEMC3JZZPfGljtmRMJT3nyRHudNM5ZRBvT4gykZBZNmIgW-ZQYmUMFcxSVNXf3L1J9VBB2Q6_wCASewfc_fG-dPzb55cmKDyT55aQfzdXqB__8nAiXTwgXAQHft8dX8TUrB5v2rI7pg%26sig%3DCg0ArKJSzCqZAepnxOPkEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26vt%3D13%26adurl%3D&redirectedRetries=0&ias_dspID=3&ias_campId=1013136622&ias_pubId=pub-3944954862316283&ias_chanId=1&ias_placementId=20224732309&bidurl=https://www.idrlabs.com/barbie-character/test.php&ias_dealId=549644393847793680&adsafe_par&ias_impId=v4~~ABAjH0jU9Q1_9LVt2T2_xbu5DhY2&originalVast=https://ad.doubleclick.net/ddm/pfadx/N6024.328593VIVAKI.COM/B29808231.364634258%3Bsz%3D0x0%3Bdsp_id_0_%3D3%3Bdsp_campaignid_0_%3D1013136622%3Bdsp_publisherid_0_%3Dpub-3944954862316283%3Bdsp_chanid_0_%3D1%3Bdsp_placementid_0_%3D20224732309%3Bdsp_bidurl_0_%3Dhttps://www.idrlabs.com/barbie-character/test.php%3Bdsp_dealid_0_%3D549644393847793680%3Bdsp_impid_0_%3Dv4~~ABAjH0jU9Q1_9LVt2T2_xbu5DhY2%3Bord%3D%5Btimestamp%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext/xml%3Bdc_sdkv%3Dh.0.0.0%3Bdc_osd%3D2%3Bdc_frm%3D2%3Bdc_sdr%3D1%3Bdc_ref%3Dhttps://www.idrlabs.com/barbie-character/test.php%3Fves%3DdGltZXN0YW1wOiAxNjkwNDU0MDI5MTEzCmNsaWNrX3Rocm91Z2hfdXJsOiAiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L3Bjcy9jbGljaz94YWk9QUtBT2pzdGNQN1oybVU1SXZnOFdxQjdCVWJCNjUwajVyTW5OVE5KR3N5Qk1zU19MRlpkdEFTNkpqQ0NxY0IzeTRxenloZ0pvQ3lmLUVrWGRBYU5iMmlCVHdadk4ydEFYVkJZY1gyblJSYTR0ZkpxVFgtY2MzVmFaVDUzZmpDT3hTeXhQNXk5SENqQjNUX1hmSVJaQU1taUVaYmpxUmNCczI5SEtjV0dMOHlnTzhMOXFJak1WYnRrUnRkTmN1YU11aUNIWXkycUNyT21RTHJPUVNZZWtWajMwV1Q0R3BiTjRRRnBhSzROeWV3aEZCeTFVa3Q1YUpVS3lIVHZ0UzBEeFo0NXJUUEhXZTBoZ1BPMnRyNWM3NVBzdUxrMU51WDVXX1NFak1EQ0hPZGQtTXpFdTlfS3VncGV3dWloWFFpM0QzN055bFlxOF9DcXE3MW1JUUppOERDekVXTjRpM1FEbDREdndvS3hOQTFNbnFwWnlqSGNKZTFPWmNHWHJya25EQmxwZC1DUUtrVGVJLUNrbU4xMV84bFJkaU1xMWxRT2dzM2I4bjVVT3hoUXJ0eDBacHRVb1NXQ2RGSlNHUmtnblNGNnlpNkRQcFVQenhBd0FvVUU2cWdGMUlZQjRpNnFTZXg4UVZHMmh6ZC04U0RZdGRsakNjcnU4SF83Zi1kdi1ST3RQcEpiNGVuMDc1dzF4OFpXSWRSMjdGT3hLTXpPdEtRWGVvQzFaTUh5R2lZWmlqalJDSnJXWnFFcTR2TllLTHNDV2ZLQ1NNNWJVTmxNQ3FlRzVpRUZqZlkwRlBKamxidklNQ1liVC1tdnNkYUxWY050TDVSdnVkbjJTU25iZUlOZHUydE9hRGpEUGJCaXJLcUsyRGNDUDAxYnotTnhlMU93NTkzMWoyUHVxYkIySkZaZnhWcmJTVi1yUEo4NEV4WTJRTHVfZXMxd3Y1VlZzNmVRMjhud2REQXg3ejI5MGZhMVNhNVRQeXRIUGxrbURUUGRrbXFrUUNraFpGOUVUbEdaZm5xd1BuczVMT0x1UW5MY3VjdmtfNURYY0JoVGxFMUtLd3hISjA3VXpvZ1cwMWxlQ0hpdWJDVXNtOVBHMTZ0YWpxWE1RMXdaSzJ0LXdTQ29EY0JTSG1zMm9pY1Y2UVRqWFktNGlGN19aM0RVWWEyNGo4MUlIVG5kcTBFMjJTM1ltcjU5SXd4dWk3cjk3Nm5TY1pXMGtFWnlqTlA5MVhNZU5sTnR6QzNwZURVT1FXaWg3Ymxtc2ZHMEoyU1YxcS1YTzl6MkwtOUpaUV96WkZUbzBGMmlyMHpPSlhFRXJJRlU2M0pSOTJTUDJkNENERmQyRldWTm05Tm9tb1FaNEMxVXhRVVo0V0ZiSTV0clo2TXloamR5V1FCNVg4QVpYR1ZQWXR0TDRhd251WWZsWGVaQ29jLXlDbVZWYzU0WVhKNXdqS0ZZQ2FCVXpFUU9VVms4RFpoSnBDTnotR2tXVV92eklHdHF4S1czVjZWdnRRSGJiOURnYU4tSXpFc0lRN05pcFRhRXVvY0pGZk9zWVRBZkVwT0dtTWVpbFNlZWUxRXdhOXh2WTF4bVpqRFBlQzhfTGhyZlRybnRILUxnU3h1QlNxVmNLQ2x3ZDJUbGJXZjBQRWpNcDJtbDZhUlNpcTNoejdvQ0QtT2xWZHVtNVZMRENubTd0YkhjVlEyREg4VnBMX2djS3NPa0lXYmVUdHotMDRPNjBTbm5uZlVsb0NMOUI2NkRJZ3Q4SVpBcFczckZ6cDZBU0hTcmxHaXdLQ0ljX0NUaDNiQmgyY0JZUTVkVmpya2lKdlhGUS1kQ3dGbkcyZ3UzbmtBJnNhaT1BTWZsLVlRLXBJVmRZWWFHeE5MRTFNQ0FFREpzQTE1N0FPOExEOVZROVRMNWV6STBWU0lnWWxyT2Mycnk0blBGdTg4MEptNWw4TUdlaGtKaXc0dGRSLW9PdlFYNGxxOUVvRWl2ZGhuVU94VS1yeHZnWmdTN09TM05kMnp5V3VhYlFfV2gyQVJOVndoV1RYS0p3M3lTeGx0NGMyMmhSejcxQTNJUmNvcjQ3U0JMYk5fcVdEbm5RYnRqMEV2ZjhIbGQ4Tl8tYldaRXp4RUJ5RHdiRG1jRUtQQkcwUTJieUQtbS1yTmNjbGNVeUg5SVo5a3JKUGpBVU5Bd0VUdTZWZ2liT0Z4Qm9NaEFVNngyN3p3Ykstd1FEU0ZGQi1CRDJuSzBNNlY0ZHdXMG5uSVJjVUZsdnlNOWFJMlBFQXB6UUJuOF92ZDNiVjJlczhJRyZzaWc9Q2cwQXJLSlN6UEQ2cGJYR3VmLTFFQUUmY3J5PTEmZmJzX2FlaWQ9W2d3X2Zic2FlaWRdJnVybGZpeD0xJmFkdXJsPWh0dHBzOi8vd3d3LnZpc2EuZGUvZGViaXQuaHRtbCUzRnV0bV9tZWRpdW0lM0RkaXNwbGF5JTI2dXRtX2NhbXBhaWduJTNEdmlzYV9kZV9meTIzcTNfdmlzYV9kZV9meTIzX3ByZWZlcmVuY2UlMjZ1dG1fc291cmNlJTNEMjc4MjMyMyUyNnV0bV9jb250ZW50JTNEMTkwMTE5NTM1XzU1NTc4MDkzMSUyNnV0bV90ZXJtJTNEMzY0NjM0MjU4JTI2ZGNsaWQlM0QlMjVlZGNsaWQhIgo%26dc_cid%3D190119535%26dc_adid%3D555780931
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.171.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-171-199.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
312f4c683989f43a9f943b04a99b721d39e29a1fa05361eaca189290a90ea09a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Thu, 27 Jul 2023 10:33:49 GMT
Content-Encoding
gzip
Vary
Origin
Content-Type
text/xml; charset=UTF-8
Access-Control-Allow-Origin
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Request-Id
cj14g3djops70i07hhh0
Content-Length
6536
rum
dsum-sec.casalemedia.com/ Frame 1E6A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWLa67QqJ8Ua10T7t8-DX4&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWLa67QqJ8Ua10T7t8-DX4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gY17jR8QEwAQ&v=APEucNWogAwtVfahw5dHnvj89P085HxUmAtsNHl_SvwzWgYEX4YlsaLYnxeKAFxbV4T_3ZuvjV6KvAjR4cpk7pB2fyHK-8YqAnkLAPLUC63cZfno4TDPBxntPf2rT7pSQlNH6tHzBrb3qvPlyNJeUQyNo_E3k0Zc5pq8eOBfqm5e2aQHS746KoU
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jul 2023 10:33:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWLa67QqJ8Ua10T7t8-DX4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1E6A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZMJIDVI2FTazn26vlFh6dwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWLa67QqJ8Ua10T7t8-DX4&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWLa67QqJ8Ua10T7t8-DX4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gY17jR8QEwAQ&v=APEucNWogAwtVfahw5dHnvj89P085HxUmAtsNHl_SvwzWgYEX4YlsaLYnxeKAFxbV4T_3ZuvjV6KvAjR4cpk7pB2fyHK-8YqAnkLAPLUC63cZfno4TDPBxntPf2rT7pSQlNH6tHzBrb3qvPlyNJeUQyNo_E3k0Zc5pq8eOBfqm5e2aQHS746KoU
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jul 2023 10:33:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWLa67QqJ8Ua10T7t8-DX4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 1E6A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENGV_cjSsTnGbTVyV_w27-Q&google_cver=1
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESENGV_cjSsTnGbTVyV_w27-Q&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gY17jR8QEwAQ&v=APEucNWogAwtVfahw5dHnvj89P085HxUmAtsNHl_SvwzWgYEX4YlsaLYnxeKAFxbV4T_3ZuvjV6KvAjR4cpk7pB2fyHK-8YqAnkLAPLUC63cZfno4TDPBxntPf2rT7pSQlNH6tHzBrb3qvPlyNJeUQyNo_E3k0Zc5pq8eOBfqm5e2aQHS746KoU
Protocol
H2
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:49 GMT
an-x-request-uuid
3f729813-8467-4ef6-80e2-c3713b88d8f8
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.131; 178.162.209.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESENGV_cjSsTnGbTVyV_w27-Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1E6A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI5ODIyMTYzNzI0ODI0MTAzMA%3D%3D
170 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI5ODIyMTYzNzI0ODI0MTAzMA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gY17jR8QEwAQ&v=APEucNWogAwtVfahw5dHnvj89P085HxUmAtsNHl_SvwzWgYEX4YlsaLYnxeKAFxbV4T_3ZuvjV6KvAjR4cpk7pB2fyHK-8YqAnkLAPLUC63cZfno4TDPBxntPf2rT7pSQlNH6tHzBrb3qvPlyNJeUQyNo_E3k0Zc5pq8eOBfqm5e2aQHS746KoU
Protocol
H2
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:49 GMT
an-x-request-uuid
420a93e4-4b21-494d-a1ca-5cf900175105
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI5ODIyMTYzNzI0ODI0MTAzMA%3D%3D
x-proxy-origin
178.162.209.131; 178.162.209.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1F02 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4622544921320&version=m202306200101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1F02 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4622544921320&version=m202306200101&ct=77&x=1&cor=13651656272493320000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 1F02 		29 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_xqkUTCQ9D3Vi1mymcNHsVvuxnZz7MC34A1C_K4fPtYQkW1CvUgzrPao9c6RJUgQGjctRm5Le82rGvF6Kbl1E_Vibkcz7rxgoA3JA2iSp4v4d_zVwhq8qQrfo0VUCRNPB4m1r0rPARXewwvWkEJA3ENYf1MT-MxXyBS_pOkIdHT3WJqE&cry=1&dbm_d=AKAmf-BwUi7GLEMy5JmFv8ZjK773sXv9jrW7RsnsNUghcsAk93HNfGWjfalaZ8p3MaWQ3-uEDHBIa-jgRQscqpLy9xZuzurqw5vLiZQQjzE2CwDg5voThUv47YLbr7OmfhEAREOQd82Fe8cwJdYbwB5O-CShdA-wmJwSitI1QPknI4wcetnJsCqnZEVuO_i6d6ceJBupJr8zY-JmAbYXC1Ao8RrrZDoDvgIGW-PjWp7ZhQn9ZWDlzvnwyt54LTjLtZzmHGstt8c__4Qcs2yFJoYflufA0BsxKDNFnSFRCuFb1pREJ7jggfq_oyCqHHwJsAt1QGWc6WhxPep4bsnTTD1XdtVURjbvqwIxJ1xPLNpBxEGpao1cyprj8Ke_xRq73bT8nqRm2EJFwo0b0cXfO0-pz-7YZf9M5domb0tvLC86cexVIgCLcoF8IJT4C9DWcTOWa0pXsfNfmapwkuMWzTuDHOL3EPZQc1fWmNzhom89ney_-IN-wyraLM8rB_-qJVwgnmZW46R3g4id8Z5g79hgWRn-izl16UdXO505vy80Xd7sqz5yYD9jPfWSMJYik6XO2z6a0PbvCHL9LQg7i_99ETXEbI9u2zfIEwOq6RnHu0Z-fAvtbaKV-wveZArroJV7xJd5Sn_BQDEEQGzJs3m2LZdDZ2FH_K7f6iP9f36hwmd_JR4PIu1rDuaGu_CsDJ3DmCPWlghytq9ejaHP_GRUYdIRFGZ1G8piBcaz8EtrAcuqGJx2COR2c6XUwPljh3oENjOZ9V02RxsKpOwzpN7yKJ4YAtesrD_MaxwG_M-WAn9ytwCRIQGSx5SGSSyR5WgLsIiYxzH9or8m_tmM72Etd10fFKqR8YOMQYhas9BNeSYqUhqtWmKDt3-awnBz9JUizKVEap7AWwmnT7cMG2K8SJr6acrkvaI7g-gK6NOB2j4KfXhqtogCJK8JXZePIsqoOLrUNl0pBrDLb0-uIS-pH3gkWF1zgJ2woTK0ogk-uQoYmpOie6dTBwnyTlM15vfachl-gLsMyInGRy6WANpr4tHILxtg6X4E5U0_YisdJOa_6B-R_2A6elwwgAWbdaVJJMCz6QgUBroLXlW55vkLGqecpxNG0lMSp24K2UzfPrwJc52keaXTE5FmJTT_n8cdwjedOFn46lp0IS2AsWZEXhru-0fQ-srN4gCNiDjF1qFqB9RcUH-sQmc6KZZjzYdugPS7lHS59kwdmZDRgHYitzhbKSUM728T2v68Zx5nQtvLfnFC2WVoF7FzKCpJ2WDxP_M61Rv3OtEo1G8pGPKuty-QIlcCZiJfXZYV5bCKougRH_V2qrEOWQeJPnQh5-AESDTsCOo9TA7D1dXcmr7rHyCcYxfvG6PtW9f4NtWhPmJJtdgFYT7OaSvJasncE_wOK-r0KRC9oN3ZRjh4xLuSip3r9HhrY-9GqIYLwh5QtfhciL774UERzSPdjau_ILVH7Zc0VuHfiooVoZxjgePyDj25hefjDpZe6PtWZNpeqzpAB6Okd5DErevdeRJraT96HiF84Yz5AtMnJG6xsg2y3_ukoMikvujHnSHvVnL4oh-SPKa9cWX4he2dMaASRmnzUW2mb9StvNs-kBLZnZOb40sewXwJZACHcYEWZ4rkMrvzQmiuvEhg9RlsGwW_oa6AG08eMXTxvfVDu91TcixWymv_AoUMXsM0NmFOaI-X1bw6h8PlTG4ZwSZJ9-ju6kssZGgQRFTGgaZTzrPZ7GtKW-Y9f17TfbCcls8f5_nEfbgF5grNdBCBmmvVuSQz-eV1AJ7v9tjH0HVYvA4p-brJjTXpFRsXkYC3Krasem_xrNjAK1bt1LSIwAh5JROfh1bbJyUH_7AuK0op7k8mMJp304JKoBMoeHDhbiJ_jmlmTuWjb3dfvI53G_JMbRCz-FqQcR617GrKttXhdjJTVpSWcmK9erREKk-2KkVR57Xw7xcjsIAf88LXe7ZUan7CNnMxewCZS_svj03QQi6BCaeJJqXgIMoWT6YJETHrfq6hbc3hM_llcsN85w4bF-KSvWys-M1Xwi5z9xQgKpAPzET-yFWYtX-UrimVoKcIbEIqP6p4calaZLk0xH0IlRqDhvgRiyiIHK-02sG4pE6TcEytn5hmwMMyLY_-P5DuIqEOxa0DgoiIV86-9RNZKJM-MWrOEXYyBevqB3JGbsoixyFFDQdcelyvhs3FnGcq9Gk6B73M5rC7WguLhrM_8a45JX8X6BwKXezhVzn63RqN7saPe4LRNGIhDU7p19DgsAAg6SX4b2p_GIf_KZ-e8FoBxO20UCwwzuaZp5WFQOp4R0vy05B_VS31LuzJQLrbVoLtkHlcZxrSuFg0iD2wjlGgV24NaTosrZ9K2_Iu9kEFqZlcFkZgXx8nqzmDDByDLUX1EZzHgedgXRqXtdw_sKUDT7RCbwXBQ4nk8OQROdWlsJXpwhutVMlu1qiCRLnFkwZTwzP-eSsv-FOo83edF85ml9aMsC8aIF4_uutbI16nFyGHMVIoTrkrFFCdmLSo3okFCyFrUGpEzZZFBoYzIc6oo5WNR6DyGhHoStuKJawifGcck_g-Dn5EHyOiB8zEoBmp07VgRTOSEUvafITve0JIFewVDCauSX7L7mS-HGGYp0ufIdbTBXTCwBDe3FA3k3q6c2Us8p538l_1p_xFQNhNH2NSiQGro0E1gAU_vjouHfAg7FODwvLBGkUdweCJ7HNzHbk4_BmOfX9dkaHy9IU-izfXQARCJhID5xX4p7XB6mNq5hodJOQbweQrxwjjIK06YwRueKXjtAt1rgroI4ci4pGqr-UrGACz0BHrZEts27bDX1c0XD1_4QJB8Qbu_D41L_D0QX99evMVudnoAMAXtT9zkOF_j8vHvntNsemqHvO7Lq9IprG4LPhI3RrsAt3GiYX0PLLj7Ag-IhWpgMFYmVnQpHsfuQ4589eHlskj7XTtBHBhklfPn2_8185EWEa9UFNvQdmcp6Cjp5ISV-QNbstAiUYBLdmHVF9XVBCW81bxt4ketG6qSGfGJdLpGQSj_ptFRiEMyKuNcYnxR-8CBvn2eTWuiNLwSopa5PUQ885JM5i5zx7ZYpv-4bWSso8bBB8tFOkgQgqUgFnq0-4BYgYDqpziX2JVomP7UXimE4plckRr1V4-FUVRAhe87Y12x4CIyDp_V18a263CRACsYt2a9WNBqKQdyThyI9B94bgZjv5ODaLFlJMGoCgbm2iKBkoPyfx1so9Y8veF1VgfYx9dLzprrWQV2WEK-hjM9u8iOiuPyKrJFEEKi16pgseGRtAuO8SsX8hqEIsGUDtDs1ACL7HAfQisbK6NWjpCcFLV6OL-fvOtcDDyev5dVNRJC54daRr3hOfqiTtqTtaTpUhFIBa6m5xxjF22y-lWppvZ1zsudc0-iX8rCN-W_PqnlPvzMPDfa6ZdG10oKfA7O_CWGLoUNS4MizgVUVUj-VGkIxvSSPHqBT_jyvhEWMWyY2pTN85JIB3MBRvQrZ15BWxI-rb4zmY2g8vr69UX4F0Wth0Das9ZpN80fQJTh-zfAHAJFXESx6jxTKk5kK0gHZLLLV84mvTzt0HDl3FB6RauVAwSyYQnbEbbP-D1VyY4cKkqy2H-fRESXruD20vxQyQUCdF82E_OAcCTiZZj6PM7AB2OqVuGqg&cid=CAQSOwBpAlJWPr8oU-QVQWgYWY74gVIIGZrjbFI-xIuOkFwXbtdx6fHHKpb1E18Wx9mRKv7V1KP7K95BsFd4GAE&dv3_ver=m202306200101&rfl=https%3A%2F%2Fwww.idrlabs.com%2F&ds=l&xdt=1&iif=1&cor=13651656272493320000&adk=4188270525&idt=118&cac=0&dtd=15
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d8c66e1e4841f76b37118d02e1ce57864b8122f89e7d54e8c9ff9496dedd19d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17680
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
quant.js
secure.quantserve.com/ Frame 4405 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:49 GMT
content-encoding
gzip
etag
"sLp6xTjO7svFVaOemhLWUQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 03 Aug 2023 10:33:49 GMT
op.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 4405 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/op.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3f8cbeba8abc5a0e57203ed554115012a322060a7fbfe3e6a572ddc4f6ee0e86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
HOQlrWMHYfjJ_4zCNScYVubV7YJ4_AID
content-encoding
gzip
via
1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
date
Thu, 27 Jul 2023 10:09:24 GMT
x-amz-cf-pop
FRA60-P4
age
1466
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
6789
x-amz-meta-git_commit
ee4b1d5
last-modified
Mon, 17 Jul 2023 13:31:53 GMT
server
AmazonS3
etag
"2259c816bd44348f18d1ce0a94046212"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1800
accept-ranges
bytes
x-amz-cf-id
m1bSJVbVmFWEJmUD75kR9s7d5TxU5-I08x33j_Ru_WVTDJCwKb28Mg==
0
api.saambaa.com/post/storyboard/15006/market/ Frame 4405 		551 B
618 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.saambaa.com/post/storyboard/15006/market/0
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
d29cf32ab8985fec580b570bdb4cc53868576050b38589d4dde895c0e43d2262

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:45 GMT
content-encoding
gzip
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://www.idrlabs.com
access-control-allow-credentials
true
content-length
397
collect
www.google-analytics.com/ Frame 4405 		35 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=601230816&t=pageview&_s=1&dl=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&dp=widget%2Fgpt%2F728x90%2Fidrlabs.com&ul=en-us&de=UTF-8&dt=&sd=24-bit&sr=1600x1200&vp=728x90&je=0&_u=aEAAAAABEAAAAAACIE~&cid=1114138523.1690454029&tid=UA-253383216-70&_gid=295199879.1690454029&z=1870133985
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 05:47:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
17183
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
logo-saambaa.png
saambaa.com/assets/image/ Frame 4405 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa.com/assets/image/logo-saambaa.png
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
d33f7513fa0e7c91f0612b7ef6e44aadedc1ea2165b737d22c425835ea130b96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:44 GMT
last-modified
Mon, 02 Oct 2017 18:02:46 GMT
server
Microsoft-IIS/8.5
etag
"39e0e3a6a83bd31:0"
x-powered-by
ASP.NET
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
2412
loader-dots.gif
saambaa.com/widget/gpt/728x90/assets/ Frame 4405 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa.com/widget/gpt/728x90/assets/loader-dots.gif
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
03aad58f643224f6ce0d2172cb2ed55ca8129bdab96873e2d4ed033972f0c800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:44 GMT
last-modified
Mon, 26 Jun 2017 22:37:38 GMT
server
Microsoft-IIS/8.5
etag
"02525d0cceed21:0"
x-powered-by
ASP.NET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
33406
collect
www.google-analytics.com/g/ Frame 4405 		0
133 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-3KFES10EH0&cid=1467916552.1690454029&_npa=1&_s=1&sid=1690454029&sct=1&dl=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&dr=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&dt=&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=0&uap=&uapv=&uaw=0&seg=1&en=smb_728x90_desktop
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@analytics-debugger/ga4mp@latest/dist/ga4mp.umd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ Frame 4405 		0
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-3KFES10EH0&cid=1467916552.1690454029&_npa=1&_s=2&sid=1690454029&sct=1&dl=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&dr=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&dt=&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=0&uap=&uapv=&uaw=0&seg=1&ep.pv_widget_type=728x90_desktop&cn=728x90_desktop&en=page_view
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@analytics-debugger/ga4mp@latest/dist/ga4mp.umd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 4405 		690 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d6a5e09e10f94077749be842a39eccdb423df69e86b81b279683fcfc33ad443c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/ Frame 1F02 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/abg_lite.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b2c524428c1a3604e3d1cdc61c2ae371a8f2fc767f801180fcf892db9e07c3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 00:25:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
36481
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11572
x-xss-protection
0
server
cafe
etag
5014499061205845695
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Aug 2023 00:25:48 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1F02 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 21:41:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
46345
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jul 2024 21:41:24 GMT
bootstrap.js
s1.adform.net/stoat/629/s1.adform.net/ Frame 1F02 		36 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/629/s1.adform.net/bootstrap.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7428148a46f1be021d68608b6443d1812a65ff4b9506b55da9c052cf4627d0d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:49 GMT
content-encoding
gzip
last-modified
Thu, 15 Jun 2023 10:58:46 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 20 Jul 2023 17:05:44 GMT
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 4405 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 06:29:32 GMT
content-encoding
gzip
via
1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
FRA60-P4
age
705858
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
3CKO31vD5aXMZcW0MLvkvu-5myWUwF_B550134zxOXWyVgovfUhPNw==
bl-3675ddb-7624f037.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 4405 		58 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/bl-3675ddb-7624f037.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24bdce08dff3de800df43916bb99c54a752da5ac3c58fd647b872aa895908c4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 17:01:25 GMT
content-encoding
gzip
via
1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
x-amz-version-id
jRUjaHVih9Dgk2E3pF0V9QQpbI3fLYXI
x-amz-cf-pop
FRA60-P4
age
149545
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
24159
x-amz-meta-git_commit
3675ddb
last-modified
Mon, 17 Jul 2023 13:31:18 GMT
server
AmazonS3
etag
"4932969f806ab8ca6923b2f83395df21"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Ld1wF7vfNBRxjc0gmFlaxMqChXBQ3Ql-HsTfVGWqMph-9ctpoaLpqg==
rules-p-TWKb6gH_3MnFX.js
rules.quantcount.com/ Frame 4405 		160 B
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-TWKb6gH_3MnFX.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b6276bdfd4e4844bffab5fc63afcbf296b5ab01ffab5ec61c7c513ba41089d09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:30:24 GMT
via
1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
206
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Fri, 14 Oct 2022 00:10:08 GMT
server
AmazonS3
etag
"60b74b47b16486dd7914c1bc3fe2b29f"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
_8WSIKZ5uFGSxInNnhIXSpIJjQmSERoyOYOVyCkYatBwoR-u2eIGYg==
csi
csi.gstatic.com/ Frame BE47 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lkl0okue&c=8749460887194&slotId=4374730443597&qqid=CJOB4v7XroADFWUHVQgddgEDFA&fb=outstream-lima&vmfc=12&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4007:80b::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame BE47 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 06:48:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13530
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 Jul 2024 06:48:19 GMT
file.mp4
r3---sn-5hneknee.c.2mdn.net/videoplayback/id/972a231ccdf3827b/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3825912948/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame BE47
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/972a231ccdf3827b/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3825912948/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signat...
  • https://r3---sn-5hneknee.c.2mdn.net/videoplayback/id/972a231ccdf3827b/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3825912948/sparams/acao,ctier,expire,id,ip,ipbits,itag...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r3---sn-5hneknee.c.2mdn.net/videoplayback/id/972a231ccdf3827b/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3825912948/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/02BF1FE2D51969D55B34D0129F0BF4F751796946.4ED2A09F6ED2FB2FC22BA1E9D6B1FD67AAE1B11D/key/cms1/cms_redirect/yes/mh/90/mip/2a00:c98:2050:a007:2::6/mm/42/mn/sn-5hneknee/ms/onc/mt/1690453750/mv/m/mvi/3/pl/58/file/file.mp4
Protocol
HTTP/1.1
Server
2a00:1450:400e:8::8 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Thu, 27 Jul 2023 10:33:49 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
1765797
Last-Modified
Fri, 14 Apr 2023 09:33:44 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Thu, 27 Jul 2023 10:33:49 GMT

Redirect headers

date
Thu, 27 Jul 2023 10:33:49 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
652
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
location
https://r3---sn-5hneknee.c.2mdn.net/videoplayback/id/972a231ccdf3827b/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3825912948/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/02BF1FE2D51969D55B34D0129F0BF4F751796946.4ED2A09F6ED2FB2FC22BA1E9D6B1FD67AAE1B11D/key/cms1/cms_redirect/yes/mh/90/mip/2a00:c98:2050:a007:2::6/mm/42/mn/sn-5hneknee/ms/onc/mt/1690453750/mv/m/mvi/3/pl/58/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame BE47 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lkl0ol0w&c=8749460887194&slotId=4374730443597&qqid=CJOB4v7XroADFWUHVQgddgEDFA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=744&mt=video%2Fmp4&vs=854x480&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=59&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.16b~videopreviewvisible.16n&ape=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4007:80b::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B30E 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
256143
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Jul 2023 11:24:46 GMT
expires
Tue, 23 Jul 2024 11:24:46 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel;r=1302887104;rf=0;a=p-TWKb6gH_3MnFX;url=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php;ref=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php;uht=2;fpan=1;fpa=P0-1493758...
pixel.quantserve.com/ Frame 4405 		35 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1302887104;rf=0;a=p-TWKb6gH_3MnFX;url=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php;ref=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php;uht=2;fpan=1;fpa=P0-1493758404-1690454029415;pbc=650c21b2-57f6-4f80-b65c-998cd7daa494;ns=1;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;d=idrlabs.com;dst=0;et=1690454029620;tzo=0;ogl=;ses=c2d177f2-b4ea-4a98-a01e-31a71aff0be9;mdl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:49 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 9298 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
273141
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Jul 2023 06:41:28 GMT
expires
Tue, 23 Jul 2024 06:41:28 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dvbs_src.js
cdn.doubleverify.com/ Frame 1F02 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=11655933&cmp=2661571&plc=66525057&sid=1523392&dvregion=0&unit=728x90&aufilter1=165376&autt=1&aubndl=&audeal=&auevent=0&prr=1&ppid=111&auadv=165376&aucmp=2661571&auorder=84037616&aucrtv=59910270&auadid=1523392&c6=1617446&c8=&auplc=9041715&turl=&c1=VF-DE+Deutschland&c2=DE_23_AO_P_W_G_M_emm-215-cre----per-mms--Tracking-HARDWARE&c3=RT_PD_BC-215-sam-all-PRE-Tracking&c4=flip5_pre_20p_230724_728x90&c5=DV360-donotuse1&c7=DV360+(Media)&c9=&c10=DV360_PO_AL_NONE_SBN_CM_sam-all-tracking
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83d6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
db556c877765791cfa9dc4febd9a83ab0dfdd29245b4c0ca786911f4ada39bbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Thu, 27 Jul 2023 10:33:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jul 2023 08:57:29 GMT
Server
UploadServer
ETag
"0a227e506cc4cb4f9940be0b4f6d5c1e"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
max-age=86400,no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
925
Expires
Wed, 12 Jul 2023 08:57:56 GMT
YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
pagead2.googlesyndication.com/bg/ Frame B30E 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:18:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
72941
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14704
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Jul 2024 14:18:08 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4405 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst842UH2AS8MFVNUrLgP4yCnv1slZf0IjXtgGsDLycdN-YSPDs6MPRGpslcI2Rtg7B803erxF_2J7BoZSHi8xWwubdgGoZ0FGYt0UskU7D7dLjAxBZZXUNMxwFaSgksyloGHoSJUUATKc1ubwSsiD2TWXYIqSNgrW-PNWGmjk7VWKVLDRHU0Q9fNul7ecNwxvvw-fOeAbT12LRPq6VrspvvkEGqHnw1aUxPWWqaaWOQfZWrNWNovw1AF5_mfSSQ3ttE_-R07d7v10rhepIIBJ_Qo7ogv9hkZ5XRSpYLEmc7kOhp5aGaupFmzACk2Q56fcDkpM6gZLIurY0APmd5o6lQmQ&sai=AMfl-YSGlU3-6Ro-Qr9uP9tjrH-Vr_V1qkpZfrxEpg1IWT386eW_u8nazDKTyPzPG8R0N_z_8zrmVOWmXyHlKJDIWoGZbXqh1lYRfgchcmyaFtFpTW1mSwjWWBGcc63TfBL8ycVoe4ootVx2Cwj3SNRG&sig=Cg0ArKJSzBdIrJ23b9_NEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 27 Jul 2023 10:33:49 GMT
g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js
pagead2.googlesyndication.com/bg/ Frame 9298 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 06:15:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
15484
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14577
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 26 Jul 2024 06:15:45 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Thu, 27 Jul 2023 10:33:49 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Thu, 27 Jul 2023 10:33:49 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Thu, 27 Jul 2023 10:33:49 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Thu, 27 Jul 2023 10:33:49 GMT
bid
ap.lijit.com/rtb/ Frame 4405 		94 B
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
89cae91df8eb3c3cb4de4feb4badec088f405892a4c509fffde1db4f08c86e91

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 27 Jul 2023 10:33:49 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
97
pbjs
htlb.casalemedia.com/openrtb/ Frame 4405 		36 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cc8eb288f8cf4dd9379e8bcf53112eba5e8c2e19a878003ad4183761e27d382

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2h%2BY3u8XMuAWBvR9lLGZdpJRdqWO0ozkaAhhiwicMCmLyx3s8JYLXbAvjaQEzY13rKINwGaIMe4RBQ5a6KUZulU2CAxiUminvwKbfd0ItwQ9OgdQ8jSQAfejfkMoTMfXYnYdHI4e"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7ed439f61d0b9c04-FRA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
trinity.json
apex.go.sonobi.com/ Frame 4405 		728 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%226481567cc36ce9%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&s=bda3a3d8-b001-434f-af98-63b3d47f02d5&pv=2029681b-8fd4-41a7-84a2-e9062532c535&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.110%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22650c21b2-57f6-4f80-b65c-998cd7daa494%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
b624a399a26eb5a18c50cfe99c54d2d569d5e0cc6469bdacbe88c83ea72d18a1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 27 Jul 2023 10:33:50 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-95
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.idrlabs.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
442
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
c
prebid.a-mo.net/a/ Frame 4405 		0
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Thu, 27 Jul 2023 10:33:49 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.idrlabs.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
unruly_prebid
targeting.unrulymedia.com/ Frame 4405 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Thu, 27 Jul 2023 10:33:49 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 4405 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000628,1,,,&eid_pubcid.org=650c21b2-57f6-4f80-b65c-998cd7daa494%5E1&rf=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_728x90_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=1288da6d6268704&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90_desktop&slots=1&rand=0.558891294895578
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7688dce79874c2e94aea3f927292bf7f9084145c4ce10158f6d25d74a08862ab

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame 4405 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Thu, 27 Jul 2023 10:33:49 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ads.yieldmo.com/exchange/ Frame 4405 		0
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-0%22%2C%22callback_id%22%3A%2216eda3d71347aae%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&bust=1690454029752&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Barbie%20Character%20Test&w=1600&h=1200&pubcid=650c21b2-57f6-4f80-b65c-998cd7daa494&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22650c21b2-57f6-4f80-b65c-998cd7daa494%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.149.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-149-212.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Thu, 27 Jul 2023 10:33:49 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
c
prebid.a-mo.net/a/ Frame 4405 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Thu, 27 Jul 2023 10:33:49 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.idrlabs.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
unruly_prebid
targeting.unrulymedia.com/ Frame 4405 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Thu, 27 Jul 2023 10:33:49 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame 4405 		94 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
9e6163c244b061e93f8537efc2f03f7c197d46b1d1a8d92ed24162ffb5b55322

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 27 Jul 2023 10:33:49 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
pbjs
htlb.casalemedia.com/openrtb/ Frame 4405 		37 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e737f1540ca69e824b5cc438630338e05c3c64c191a2273a5a73d18f38de911

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TlKBDPau0CSboXKwQi5qjSY3w2fhwBNR4QUq9gBhic7FyCjm5t0rFkp4AN1Kbfxs%2BpcEAMTFiMT3kMVKzlNrZHCdOtDMW0rmXi5akt2n6m%2FeO8WsVJAxc9QXG1F7lyQ0JJZqDuMP"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7ed439f61d0d9c04-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
translator
hbopenbid.pubmatic.com/ Frame 4405 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Thu, 27 Jul 2023 10:33:48 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ Frame 4405 		729 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22293bc79c85ddc4a%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90b_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&s=8b74aaa2-660e-4b49-a41f-385b0acf9c35&pv=2029681b-8fd4-41a7-84a2-e9062532c535&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.110%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22650c21b2-57f6-4f80-b65c-998cd7daa494%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
d82c80bff18f735df38c5bfa3761617ac251e21a786b2fb51c5a48e19d8785e5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 27 Jul 2023 10:33:50 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-110
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.idrlabs.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
442
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 4405 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000628,1,,,&eid_pubcid.org=650c21b2-57f6-4f80-b65c-998cd7daa494%5E1&rf=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_728x90b_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=31e6b60da2aa174&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90b_desktop&slots=1&rand=0.9003104655681653
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8eacb244c0416d77a87384908ab6ef2cdf177845393b44dc18a49c0b1ce5f9c8

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ads.yieldmo.com/exchange/ Frame 4405 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-1%22%2C%22callback_id%22%3A%2233f9c35acc05776%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90b_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&bust=1690454029760&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Barbie%20Character%20Test&w=1600&h=1200&pubcid=650c21b2-57f6-4f80-b65c-998cd7daa494&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22650c21b2-57f6-4f80-b65c-998cd7daa494%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.149.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-149-212.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Thu, 27 Jul 2023 10:33:49 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
c
prebid.a-mo.net/a/ Frame 4405 		0
42 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Thu, 27 Jul 2023 10:33:48 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.idrlabs.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
bid
ap.lijit.com/rtb/ Frame 4405 		94 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
427d651cb7462f6f4888e99c232bad1df521e349de72c04f5d12e50b4b0707d8

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 27 Jul 2023 10:33:49 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
prebid
ads.yieldmo.com/exchange/ Frame 4405 		0
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-2%22%2C%22callback_id%22%3A%2240e46711650714c%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90c_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&bust=1690454029763&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Barbie%20Character%20Test&w=1600&h=1200&pubcid=650c21b2-57f6-4f80-b65c-998cd7daa494&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22650c21b2-57f6-4f80-b65c-998cd7daa494%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.149.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-149-212.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Thu, 27 Jul 2023 10:33:49 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
pbjs
htlb.casalemedia.com/openrtb/ Frame 4405 		37 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e95882ecf77b5331288fa14ffd880f4be7020c9fef58e7fa744d099aa3019618

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t99cRxWMLdY9Hfh%2B14twfUD52umOzUrP4lR%2FiXY8ilPrhAa8lOIL9gzyqoqkahHIBHjYZz0hEdD8LQ5d8mo9v%2FRDR%2BKtXXzvGH6kwcYnbycikGS17irlDlJNaMP%2FdSAocgPdwLEc"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7ed439f61d0f9c04-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 4405 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000628,1,,,&eid_pubcid.org=650c21b2-57f6-4f80-b65c-998cd7daa494%5E1&rf=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_728x90c_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=443d0cce54e5ae2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90c_desktop&slots=1&rand=0.03809374379650765
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1644090ef9df99af7335d7cc387813083e1798771810590d3ca42fe1213e27e5

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 4405 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Thu, 27 Jul 2023 10:33:49 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame 4405 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Thu, 27 Jul 2023 10:33:48 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ Frame 4405 		729 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%225018715c009d8cf%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90c_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&s=635e4542-e6f4-4afe-a0f8-00176012241c&pv=2029681b-8fd4-41a7-84a2-e9062532c535&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.110%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22650c21b2-57f6-4f80-b65c-998cd7daa494%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
76233c7dfd05a5b2b360006e2ace766d3cf7eb5e868ed28f15418f9f97b088ec
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 27 Jul 2023 10:33:50 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-181
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.idrlabs.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
442
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ Frame 4405 		94 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
432a5f4e000b6e8faaa2880f9c9d8877443b5e4a5d0a08018c97693e80fc1bd0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 27 Jul 2023 10:33:49 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
unruly_prebid
targeting.unrulymedia.com/ Frame 4405 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Thu, 27 Jul 2023 10:33:49 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ Frame 4405 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Thu, 27 Jul 2023 10:33:49 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.idrlabs.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
trinity.json
apex.go.sonobi.com/ Frame 4405 		729 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2259dbbeb5f65b632%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90d_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&s=744ff06e-13ec-4508-92a2-5eb1fe44851e&pv=2029681b-8fd4-41a7-84a2-e9062532c535&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.110%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22650c21b2-57f6-4f80-b65c-998cd7daa494%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
ac2e79a420dbe9766367af46d59263c244e753263c5194bfc393597f90a29aa2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 27 Jul 2023 10:33:50 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-114
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.idrlabs.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
442
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 4405 		37 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8ae668182687f426cfba624d6847e9c4d00360c0e3d2c3d1b4c2d1cae00179b

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wA5lspVg%2FNMMuJfFOgqFr96a4K%2FZcyr6WBdyDrJEqkOxGyoL1kB3zRcuQtsTHEW26otG8xJtdUNDg0IOB27XGukNy4kCP%2B2sF2E51WeokBvB0m2mW53kl3p%2BClmuoBlwbKtlIQ43"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7ed439f61d0e9c04-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
translator
hbopenbid.pubmatic.com/ Frame 4405 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Thu, 27 Jul 2023 10:33:49 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ads.yieldmo.com/exchange/ Frame 4405 		0
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-3%22%2C%22callback_id%22%3A%2265e4df356f0df14%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90d_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&bust=1690454029771&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Barbie%20Character%20Test&w=1600&h=1200&pubcid=650c21b2-57f6-4f80-b65c-998cd7daa494&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22650c21b2-57f6-4f80-b65c-998cd7daa494%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.149.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-149-212.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Thu, 27 Jul 2023 10:33:49 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 4405 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000628,1,,,&eid_pubcid.org=650c21b2-57f6-4f80-b65c-998cd7daa494%5E1&rf=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_728x90d_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=67dd4419ec95dae&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90d_desktop&slots=1&rand=0.8620426231443703
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5ca467bc0d2cc2a04592f0ef77be53568ef085caaa9272a370a5e2898dae2375

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
blank.png
saambaa.com/assets/image/ Frame 4405 		68 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa.com/assets/image/blank.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:45 GMT
last-modified
Wed, 14 Feb 2018 23:02:54 GMT
server
Microsoft-IIS/8.5
etag
"cebd78f2e7a5d31:0"
x-powered-by
ASP.NET
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
68
728%C3%9790__beach_v1.jpg
saambaa-static.azureedge.net/direct/ Frame 4405 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa-static.azureedge.net/direct/728%C3%9790__beach_v1.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CBE) /
Resource Hash
80b3477715167c0f06b1f725c4dc1609a21b734ec5c8745575ae163875f13800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 27 Jul 2023 10:33:49 GMT
last-modified
Mon, 24 Jul 2023 19:43:34 GMT
server
ECAcc (frc/4CBE)
content-md5
mSS0rZKeGFmlxB7unGc10A==
age
210423
etag
0x8DB8C7E449EFE61
x-cache
HIT
content-type
image/jpeg
x-ms-request-id
5b975420-001e-0047-4b8b-be3269000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
17660
file.mp4
r3---sn-5hneknee.c.2mdn.net/videoplayback/id/972a231ccdf3827b/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3825912948/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame BE47 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r3---sn-5hneknee.c.2mdn.net/videoplayback/id/972a231ccdf3827b/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3825912948/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/02BF1FE2D51969D55B34D0129F0BF4F751796946.4ED2A09F6ED2FB2FC22BA1E9D6B1FD67AAE1B11D/key/cms1/cms_redirect/yes/mh/90/mip/2a00:c98:2050:a007:2::6/mm/42/mn/sn-5hneknee/ms/onc/mt/1690453750/mv/m/mvi/3/pl/58/file/file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:8::8 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
59f720b3d6e4979f6f2ebf485933ad37e7b18d373dced937d12116c7aa4a6fb5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Range
bytes=0-

Response headers

expires
Thu, 27 Jul 2023 10:33:49 GMT
date
Thu, 27 Jul 2023 10:33:49 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-1765796/1765797
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
1765797
last-modified
Fri, 14 Apr 2023 09:33:44 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
client-protocol
quic
csi
csi.gstatic.com/ Frame BE47 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~lkl0ol1b&c=8749460887194&slotId=4374730443597&qqid=CJOB4v7XroADFWUHVQgddgEDFA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=744&mt=video%2Fmp4&vs=854x480&ple=1&umsem=0&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fprotected-by.clarium.io%252Fpixel%253Ftag%253Dwt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6MzAweDI1MA%253D%253D%2526v%253D5%2526s%253Dv31h6beisgf%2526id%253DeyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDIxODA3MzIxMDY2L0ZKNDAxTS9GSjQwMU0tRERTLkIiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LTJkMGYwZDZkLWZjMzctNGU5Ny05ZmQzLWY0YTc4M2VmYTZkMV8xXzFfYWQifX0%25253D%2526cb%253D7968653%2526h%253Dwww.idrlabs.com%2526d%253DeyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyMzY3MjU1MDEwLCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0%253D&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4007:80b::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame BE47 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=7~lkl0olbo&c=8749460887194&slotId=4374730443597&qqid=CJOB4v7XroADFWUHVQgddgEDFA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=744&mt=video%2Fmp4&vs=854x480&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Funified.adsafeprotected.com%252Fv2%252F1434172%252F70774489%253Fmon%253D70774493%2526omidPartner%253DGoogle2%2526apiframeworks%253D7%2526bundleId%253D%2526ias_xappb%253D%2526blockedAdTracking%253Dhttps%253A%252F%252Fgoogleads4.g.doubleclick.net%252Fpcs%252Fview%25253Fxai%25253DAKAOjssiK9daSfy9laDwwWoXysbARpZ2PMc4l-Y45eJ6DIinI8aTX2EF6bHY584VDp_ztUVtuBOpk0G7sVbweQDhcLw9S8lT3oovQjF23oZxWlgBiMUGyxAe9uGh90dxYz0IiSxgrLQEia7XCVN7M_UDUgvvvz6E57_ZzRuKmNmlprsz4eyaHmE9Xy0yT_63B9Ri8iGwHuW7g9HBn6ED0izHKGAI%252526sai%25253DAMfl-YQptRs6ZBBwJrJyEMC3JZZPfGljtmRMJT3nyRHudNM5ZRBvT4gykZBZNmIgW-ZQYmUMFcxSVNXf3L1J9VBB2Q6_wCASewfc_fG-dPzb55cmKDyT55aQfzdXqB__8nAiXTwgXAQHft8dX8TUrB5v2rI7pg%252526sig%25253DCg0ArKJSzCqZAepnxOPkEAE%252526uach_m%25253D%25255BUACH%25255D%252526urlfix%25253D1%252526vt%25253D13%252526adurl%25253D%2526redirectedRetries%253D0%2526ias_dspID%253D3%2526ias_campId%253D1013136622%2526ias_pubId%253Dpub-3944954862316283%2526ias_chanId%253D1%2526ias_placementId%253D20224732309%2526bidurl%253Dhttps%253A%252F%252Fwww.idrlabs.com%252Fbarbie-character%252Ftest.php%2526ias_dealId%253D549644393847793680%2526adsafe_par%2526ias_impId%253Dv4~~ABAjH0jU9Q1_9LVt2T2_xbu5DhY2%2526originalVast%253Dhttps%253A%252F%252Fad.doubleclick.net%252Fddm%252Fpfadx%252FN6024.328593VIVAKI.COM%252FB29808231.364634258%25253Bsz%25253D0x0%25253Bdsp_id_0_%25253D3%25253Bdsp_campaignid_0_%25253D1013136622%25253Bdsp_publisherid_0_%25253Dpub-3944954862316283%25253Bdsp_chanid_0_%25253D1%25253Bdsp_placementid_0_%25253D20224732309%25253Bdsp_bidurl_0_%25253Dhttps%253A%252F%252Fwww.idrlabs.com%252Fbarbie-character%252Ftest.php%25253Bdsp_dealid_0_%25253D549644393847793680%25253Bdsp_impid_0_%25253Dv4~~ABAjH0jU9Q1_9LVt2T2_xbu5DhY2%25253Bord%25253D%25255Btimestamp%25255D%25253Bdc_lat%25253D%25253Bdc_rdid%25253D%25253Btag_for_child_directed_treatment%25253D%25253Btfua%25253D%25253Bdcmt%25253Dtext%252Fxml%25253Bdc_sdkv%25253Dh.0.0.0%25253Bdc_osd%25253D2%25253Bdc_frm%25253D2%25253Bdc_sdr%25253D1%25253Bdc_ref%25253Dhttps%253A%252F%252Fwww.idrlabs.com%252Fbarbie-character%252Ftest.php%25253Fves%25253DdGltZXN0YW1wOiAxNjkwNDU0MDI5MTEzCmNsaWNrX3Rocm91Z2hfdXJsOiAiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L3Bjcy9jbGljaz94YWk9QUtBT2pzdGNQN1oybVU1SXZnOFdxQjdCVWJCNjUwajVyTW5OVE5KR3N5Qk1zU19MRlpkdEFTNkpqQ0NxY0IzeTRxenloZ0pvQ3lmLUVrWGRBYU5iMmlCVHdadk4ydEFYVkJZY1gyblJSYTR0ZkpxVFgtY2MzVmFaVDUzZmpDT3hTeXhQNXk5SENqQjNUX1hmSVJaQU1taUVaYmpxUmNCczI5SEtjV0dMOHlnTzhMOXFJak1WYnRrUnRkTmN1YU11aUNIWXkycUNyT21RTHJPUVNZZWtWajMwV1Q0R3BiTjRRRnBhSzROeWV3aEZCeTFVa3Q1YUpVS3lIVHZ0UzBEeFo0NXJUUEhXZTBoZ1BPMnRyNWM3NVBzdUxrMU51WDVXX1NFak1EQ0hPZGQtTXpFdTlfS3VncGV3dWloWFFpM0QzN055bFlxOF9DcXE3MW1JUUppOERDekVXTjRpM1FEbDREdndvS3hOQTFNbnFwWnlqSGNKZTFPWmNHWHJya25EQmxwZC1DUUtrVGVJLUNrbU4xMV84bFJkaU1xMWxRT2dzM2I4bjVVT3hoUXJ0eDBacHRVb1NXQ2RGSlNHUmtnblNGNnlpNkRQcFVQenhBd0FvVUU2cWdGMUlZQjRpNnFTZXg4UVZHMmh6ZC04U0RZdGRsakNjcnU4SF83Zi1kdi1ST3RQcEpiNGVuMDc1dzF4OFpXSWRSMjdGT3hLTXpPdEtRWGVvQzFaTUh5R2lZWmlqalJDSnJXWnFFcTR2TllLTHNDV2ZLQ1NNNWJVTmxNQ3FlRzVpRUZqZlkwRlBKamxidklNQ1liVC1tdnNkYUxWY050TDVSdnVkbjJTU25iZUlOZHUydE9hRGpEUGJCaXJLcUsyRGNDUDAxYnotTnhlMU93NTkzMWoyUHVxYkIySkZaZnhWcmJTVi1yUEo4NEV4WTJRTHVfZXMxd3Y1VlZzNmVRMjhud2REQXg3ejI5MGZhMVNhNVRQeXRIUGxrbURUUGRrbXFrUUNraFpGOUVUbEdaZm5xd1BuczVMT0x1UW5MY3VjdmtfNURYY0JoVGxFMUtLd3hISjA3VXpvZ1cwMWxlQ0hpdWJDVXNtOVBHMTZ0YWpxWE1RMXdaSzJ0LXdTQ29EY0JTSG1zMm9pY1Y2UVRqWFktNGlGN19aM0RVWWEyNGo4MUlIVG5kcTBFMjJTM1ltcjU5SXd4dWk3cjk3Nm5TY1pXMGtFWnlqTlA5MVhNZU5sTnR6QzNwZURVT1FXaWg3Ymxtc2ZHMEoyU1YxcS1YTzl6MkwtOUpaUV96WkZUbzBGMmlyMHpPSlhFRXJJRlU2M0pSOTJTUDJkNENERmQyRldWTm05Tm9tb1FaNEMxVXhRVVo0V0ZiSTV0clo2TXloamR5V1FCNVg4QVpYR1ZQWXR0TDRhd251WWZsWGVaQ29jLXlDbVZWYzU0WVhKNXdqS0ZZQ2FCVXpFUU9VVms4RFpoSnBDTnotR2tXVV92eklHdHF4S1czVjZWdnRRSGJiOURnYU4tSXpFc0lRN05pcFRhRXVvY0pGZk9zWVRBZkVwT0dtTWVpbFNlZWUxRXdhOXh2WTF4bVpqRFBlQzhfTGhyZlRybnRILUxnU3h1QlNxVmNLQ2x3ZDJUbGJXZjBQRWpNcDJtbDZhUlNpcTNoejdvQ0QtT2xWZHVtNVZMRENubTd0YkhjVlEyREg4VnBMX2djS3NPa0lXYmVUdHotMDRPNjBTbm5uZlVsb0NMOUI2NkRJZ3Q4SVpBcFczckZ6cDZBU0hTcmxHaXdLQ0ljX0NUaDNiQmgyY0JZUTVkVmpya2lKdlhGUS1kQ3dGbkcyZ3UzbmtBJnNhaT1BTWZsLVlRLXBJVmRZWWFHeE5MRTFNQ0FFREpzQTE1N0FPOExEOVZROVRMNWV6STBWU0lnWWxyT2Mycnk0blBGdTg4MEptNWw4TUdlaGtKaXc0dGRSLW9PdlFYNGxxOUVvRWl2ZGhuVU94VS1yeHZnWmdTN09TM05kMnp5V3VhYlFfV2gyQVJOVndoV1RYS0p3M3lTeGx0NGMyMmhSejcxQTNJUmNvcjQ3U0JMYk5fcVdEbm5RYnRqMEV2ZjhIbGQ4Tl8tYldaRXp4RUJ5RHdiRG1jRUtQQkcwUTJieUQtbS1yTmNjbGNVeUg5SVo5a3JKUGpBVU5Bd0VUdTZWZ2liT0Z4Qm9NaEFVNngyN3p3Ykstd1FEU0ZGQi1CRDJuSzBNNlY0ZHdXMG5uSVJjVUZsdnlNOWFJMlBFQXB6UUJuOF92ZDNiVjJlczhJRyZzaWc9Q2cwQXJLSlN6UEQ2cGJYR3VmLTFFQUUmY3J5PTEmZmJzX2FlaWQ9W2d3X2Zic2FlaWRdJnVybGZpeD0xJmFkdXJsPWh0dHBzOi8vd3d3LnZpc2EuZGUvZGViaXQuaHRtbCUzRnV0bV9tZWRpdW0lM0RkaXNwbGF5JTI2dXRtX2NhbXBhaWduJTNEdmlzYV9kZV9meTIzcTNfdmlzYV9kZV9meTIzX3ByZWZlcmVuY2UlMjZ1dG1fc291cmNlJTNEMjc4MjMyMyUyNnV0bV9jb250ZW50JTNEMTkwMTE5NTM1XzU1NTc4MDkzMSUyNnV0bV90ZXJtJTNEMzY0NjM0MjU4JTI2ZGNsaWQlM0QlMjVlZGNsaWQhIgo%252526dc_cid%25253D190119535%252526dc_adid%25253D555780931&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4007:80b::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src_internal119.js
cdn.doubleverify.com/ Frame 1F02 		57 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal119.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83d6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
97570defe15fe0a83b49642f0ecf2dcc9c7400d21272372d3b140beb372bd08e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Thu, 27 Jul 2023 10:33:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jul 2023 08:57:31 GMT
Server
UploadServer
ETag
"4455786dc20506b8e54048c7119b5c5f"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
max-age=946080000,no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18798
Expires
Thu, 11 Jul 2024 05:45:38 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307200101&jk=535532118783808&bg=!6eql6r7NAAZGOVy5Zjk7ADkAdvg8WnnWqD9ArlIsUf4aZE5e0KGgM9BJa_qDdhUVH8u7_NGUjU9jJDRThaLiJykPpb0Tlfumt3ECAAABZ1IAAAAFaAEHmQKintC_HIi84GYN-B37xVrJaaRKln-oLy42yZcTRX_kmNa5ysfy8qSVrQIi66nK9IdiFzX9DSGig4CeZl3IF4aHSAhlRrR0CXsk6gPyuc6DlGMC2ct980tuDjs2hNVO_x1-KZIbCB84UM-abLiWPOsBAhAc3liSM10KWjS0f9ARkCQVj7AJ-VWqWvGbXY1fZfW4JT6WWbIDdRKrQYgrAyi1laQnQRjZF18YqNzelzKRNY7zCUKKu_5PvKS1g4Wkb-tMySaNMe9htmsoq88DmBorVVgp1xIdgitu_-88SoXfuRpQ21N4r5wJPSQ1ExBKIPPXLaz3-qRWqmEvwHRSS16I3kkWVnVuKmBqwVKIw3u-DcLqyYwlx26JHKqR9_EUwuBJYvDeZnNMxHOUumM1Nvkvh5USOCCz_sM9ECTO-BIX-8ZOdgccLR9j2r43mQXpOnpnxg8HJZxGr1kJgv9Dy02L4llqTIvVfKIroaA6x-tyJuARUGYFZkfDR_TyFm7L2_S9ypS8m92M_-q4WiGBP9OXFBEkjZl2YYoFpt5-MmHxguQ8MBoI_DMPTlge5nbNLN7DJjF_Zw7ZYd519qKvHOoEEWsww6HmmI1QRk8qIc-KeABOAMHN_pqG7HvrmjIWDxAaKlzayK3QyZL7XHHS6k-5D_iF_iVB4IsE-58hoA5JFQjv0Y2gqA58enP1bwBmDkV8Objv9zRhCvHer2wx7YiVFIfMusPiXXXhmvZCi2XR2JdPNxn9Hk0ExOyTDaByIT50RQQQHfDP8tzaX7cAptkwZduMDZOri8qgnteD6Yh-cC2GsAS3OYRWjG89SQHKrdze5L7Jn51rbSOXShaby7TxwYi_igLUIpGAPKMuJdVAomxWuHc1-vxMvN51SKMtlL6MDd0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers
verify.js
rtb0.doubleverify.com/ Frame 1F02 		683 B
717 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_340698397424&jsTagObjCallback=__tagObject_callback_340698397424&num=6&ctx=11655933&cmp=2661571&plc=66525057&sid=1523392&advid=&adsrv=&unit=728x90&isdvvid=&uid=340698397424&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=2.20&dvpx_strhd=2.20&brid=3&brver=115&bridua=3&dup=null&ppid=111&auevent=0&auadv=165376&aucmp=2661571&aucrtv=59910270&auorder=84037616&auplc=9041715&auadid=1523392&aufilter1=165376&autt=1&c1=VF-DE+Deutschland&c2=DE_23_AO_P_W_G_M_emm-215-cre----per-mms--Tracking-HARDWARE&c3=RT_PD_BC-215-sam-all-PRE-Tracking&c4=flip5_pre_20p_230724_728x90&c5=DV360-donotuse1&c6=1617446&c7=DV360+(Media)&c10=DV360_PO_AL_NONE_SBN_CM_sam-all-tracking&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&prr=1&aUrlD=-1&m1=13&noc=4&fcifrms=13&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=166&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D%3A5C%3D23D%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D%3A5C%3D23D%5D4%40%3ETar9EEADTbpTauTaue77e%607354e%60f%6065_7ggbc2bf6%60664g52%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5D%3A5C%3D23D%5D4%40%3ETau32C3%3A6%5C492C24E6CTauE6DE%5DA9A&dvp_exetime=8.00&aubndl=&audeal=&c8=&turl=&c9=&callbackName=__verify_callback_340698397424
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
d1e578e508abafa7c9b8589a5ba052887719f20d553bb67eb373107f3da0919d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jul 2023 10:33:50 GMT
Content-Encoding
br
X-DV-Response
1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
07/26/2023 10:33:50
activeview
pagead2.googlesyndication.com/pcs/ Frame 8CA4 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss7aLs3DKqEC0ObLsjqLnUeqA8APp2LhQFhzyELrtFVIaMK6yh4Qovp2LApKmh9N2wZb0Z5f0GM9yo29o3bdQd4zp1cPPEpddycTJIflVyKQjN8IOkfpgabbfARLVef5hfTbVBt-O6NAETgktitZNK2Fi4KRwIXmg4RuPx_RhtZDntk1ITZCP2OEyxwcEVnJBBsWM5JyO5M8EAEQ0fWPk8sF3WK2_BKppcRAMrAOBEv-vMPQ6vO--zMHDNbCrCrXliDBnfWMGcBCmT1tSvf8dTXxURDsMaEn33XhdPXQzuJ2Yp8Pbk992zZS-BvMnk6jBbLy0Y1CT0crCVcNAh1tcO1u6526O-eTbwtBlHSlNLPCGQy3kMA9k1yORpQYBxJcUswKtw6l4C7jZAHOGEjILnbXckmAB-t_YyTWJNVbGpeYgOO9nVSXFBMozmabXMhukO364pw40ulIpwDEDr3QWJ82zeiTNiqqbTxHvDjbBmOLdmK1-P6thjhjhM0ImZKmQDfVbbgEsNiNTM1-k-dB5YVPjv9GwzVCWIwa6lwmkoj9OUEZ3YDWEBnB1LxtFrCoAd4GDPYFgQAUl45Pn4YepaSNifaUwr9I28nTgpB7WcMgijldy5yvtnUoGeCHltYEJWyawsKTLsrZSs9MrBiLz3LE1qjVno6e8JvWyHZmoWQu2NzY6rk_af0rXp2e0Nsf1s2DkFMNJ7fJf4wrLGPQZkYf1y6FMpdc7BJf8eMiD9w7JUW7Is3uqV5MOUWpHvKkQZ1-paaYD1JOrRrLyiqizRN5KTTlYE3P9rZdMjfQJjMxz3M3V_DxrWzautybWTowGY0tTHoVBgMhwjPfTNuv5n914hLXSlHfnVxLwrV6-kMplSYcpNMU7lWaD4P90OHwClUbSwFOz6TDcIDUMg6RIGPbrgJW3XeBFIHQyHRbHq0cZbOXrZCs3ke2mu_ZhZ7Tk1YhOygiqQljIbncqZwCh0sY2eKihXyjDb950srYsQHH80YQd1MnEGpc9il0GeVngZwI2QQgm74gaiXPvYkbyCWEutNOdrZ4jPGxdBL3XQzW6X6WVeXV5Vj5dS6UCSQbCpMcUswLWR29R14oNDMjVTnpWgF4G9AOGeYLW3rIdA6RWyDmFyhBD2I5An9DtkQ-2LhoG9Ws0quMVvW2QFcC57G5ONNApEUxWkof_NVKO3aDqbhYox5a0UEWg&sai=AMfl-YTgDeBB3e4FMifhM_3vAKZJYg5K7YuHfR9lG9o_zVkeV5KXCrEadcWdWaPn4EhT04DOr2R2wRLzjffqP-3USKA80qOtJxP7kvONgPNbzirE_HHBaSnP9Gpm6g&sig=Cg0ArKJSzJkY2CpLKpX5EAE&cid=CAQSLQBpAlJWi_4RQz4paqcTjJR1gwmmf65ULjIFhZ9MfG1OENvz5GqltEW1O6gn0BgB&id=lidar2&mcvt=1010&p=498,343,548,663&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20230724&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1376408646&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690454028352&rpt=585&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame BE47
Redirect Chain
  • https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiU1RBUlQiLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ...
  • https://dt.adsafeprotected.com/dt?anId=10173&asId=02d94593-4b1c-45f4-b61a-a7fcd961d31e&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A1%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted...
43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10173&asId=02d94593-4b1c-45f4-b61a-a7fcd961d31e&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A1%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Protocol
H2
Server
2600:1f13:800:7780:2e74:fc05:44c0:c11d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43

Redirect headers

Location
https://dt.adsafeprotected.com/dt?anId=10173&asId=02d94593-4b1c-45f4-b61a-a7fcd961d31e&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A1%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Date
Thu, 27 Jul 2023 10:33:50 GMT
Connection
keep-alive
Content-Length
0
Vary
Origin
Content-Type
image/png
dc_oe=ChMIk52n_9eugAMVTUQdCR3a8AOdEAAYACDv_NNaOhkIkfXfZxCr9_bAsAQY7vmM4wMguJid9eoRQhMIk4Hi_teugAMVZQdVCB12AQMU;dc_rmcid=CAQSTABpAlJW3PvCY_hZdjb_cWvqd9IibV0l5rHOCs8IB-X8kE-mAD6bUTqwEzVpsxcI79AVArWSo...
ade.googlesyndication.com/ddm/activity/ Frame BE47 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIk52n_9eugAMVTUQdCR3a8AOdEAAYACDv_NNaOhkIkfXfZxCr9_bAsAQY7vmM4wMguJid9eoRQhMIk4Hi_teugAMVZQdVCB12AQMU;dc_rmcid=CAQSTABpAlJW3PvCY_hZdjb_cWvqd9IibV0l5rHOCs8IB-X8kE-mAD6bUTqwEzVpsxcI79AVArWSo91fknfe6t7nmKYZ595COuRLvXk86RUYAQ;eps=CIDhgBAQARgdMgKqAjoCgEBIvf3BOg;met=1;acvw=sv%3D954%26v%3D20230710%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D8%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D561231848%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1690454029983;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame BE47 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CTwp6C0jCZNPPOuWO1PIP9oKMoAGc-8DPcbiYnfXqEZ64iLaDAxABINjV2CtgleqTgqAHyAEFqQJNX8c-XJ6yPqgDAcgDmwSqBPcBT9CYXfLJnPGSdg5iuZfxMGD_NEy-VsjqUJt-dwmge7R9HlxH_84wXNxqAug_cQXSO1GosPyj1zoh5LNmh7RU0X1jxOY-OvHhVlbcLaNJECmlwZVllR8h-3EpbylIcamIKu0Uztx_ziSaT4P3RU7EMmv9WJ7DcVcZIxaeI2frp9zO-acUKv--Ov0FpHVhMxmIfliFsKU61ceq7hS8UHfGovHoMJ75S7WzKlwIgH1uqdQNATxi0vboYMukBGn1vXxZo2vKkUH8h_fAqBB8UvwIfhAC0JQUPfmiBEy3seZ5jp1a5Y2bX6yktwn2h_y68wtkRNa8zI6RQ8AEq_f2wLAE4AQDkAYBoAZOgAfPv8FnqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTUzMTE1MDU0MjkyMzI4MDWACgOYCwHICwGADAGwE5jBjRTIE-75jOMD0BMA2BMKiBQG2BQB0BUB-BYBgBcB6BcF&sigh=ZCDe-Nm9wWE&label=part2viewed&ad_mt=9&acvw=sv%3D954%26v%3D20230710%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D8%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D561231848%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1690454029983
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dot.gif
s0.2mdn.net/ Frame BE47 		43 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 02:28:59 GMT
x-content-type-options
nosniff
age
29091
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Jul 2023 02:28:59 GMT
pixel.png
unified.adsafeprotected.com/ Frame BE47 		35 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiU0VDT05EQVJZX0lNUFJFU1NJT04iLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ1ZDA2OTYiLCJiaWRSZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vNmZmNjFmYmRjNjE3MWVkMGY4ODM0YTM3ZTFlZWM4ZGEuc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS8ifX0sImN1c3RvbSI6eyJjdXN0b20xIjoiIiwiY3VzdG9tMiI6IjIuMCIsImN1c3RvbTMiOiIyLjAiLCJjdXN0b203IjoiMTQzNDE3MiIsImN1c3RvbTgiOiI3MDc3NDQ4OSIsInJlZ2lvbiI6ImllIiwieHNpZCI6IjAyZDk0NTkzLTRiMWMtNDVmNC1iNjFhLWE3ZmNkOTYxZDMxZSJ9LCJ0aW1lc3RhbXAiOiIwMDAxLTAxLTAxVDAwOjAwOjAwWiIsImhlYWRlcnMiOnsiaGVhZGVyMTAiOiIyMDIyNDczMjMwOSIsImhlYWRlcjExIjoiRENNIiwiaGVhZGVyMTIiOiJhZC5kb3VibGVjbGljay5uZXQiLCJoZWFkZXIzIjoiR29vZ2xlMiIsImhlYWRlcjQiOiI3IiwiaGVhZGVyOCI6Imlhc28iLCJoZWFkZXI5IjoiIn0sImNyZWF0aXZlSWQiOiIxOTAxMTk1MzUiLCJjYiI6IjE2OTA0NTQwMjkzNjU1MTg5OTIiLCJhZER1cmF0aW9uIjotMSwiaWFzU2luZ2xldGFnIjp0cnVlLCJpYXNTaW5nbGV0YWdPdXRjb21lIjoiT1VUQ09NRV9NX19WQVNUX19PTUlEX19XRUJfUFhMIn0=&advEntityId=1434172&pubEntityId=70774489
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.171.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-171-199.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Thu, 27 Jul 2023 10:33:50 GMT
Connection
keep-alive
Content-Length
35
Vary
Origin
Content-Type
image/gif
skeleton.gif
static.adsafeprotected.com/ Frame BE47
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/1434172/70774493/skeleton.gif?xmtp=v&xmapp=0&xsId=02d94593-4b1c-45f4-b61a-a7fcd961d31e&bidurl=https://www.idrlabs.com/barbie-character/test.php&ias_campId=1...
  • https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=02d94593-4b1c-45f4-b61a-a7fcd961d31e&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssiK9daSfy9laDwwWoX...
43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=02d94593-4b1c-45f4-b61a-a7fcd961d31e&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssiK9daSfy9laDwwWoXysbARpZ2PMc4l-Y45eJ6DIinI8aTX2EF6bHY584VDp_ztUVtuBOpk0G7sVbweQDhcLw9S8lT3oovQjF23oZxWlgBiMUGyxAe9uGh90dxYz0IiSxgrLQEia7XCVN7M_UDUgvvvz6E57_ZzRuKmNmlprsz4eyaHmE9Xy0yT_63B9Ri8iGwHuW7g9HBn6ED0izHKGAI&sai=AMfl-YQptRs6ZBBwJrJyEMC3JZZPfGljtmRMJT3nyRHudNM5ZRBvT4gykZBZNmIgW-ZQYmUMFcxSVNXf3L1J9VBB2Q6_wCASewfc_fG-dPzb55cmKDyT55aQfzdXqB__8nAiXTwgXAQHft8dX8TUrB5v2rI7pg&sig=Cg0ArKJSzCqZAepnxOPkEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=&ias_xappb=&mon=70774493&redirectedRetries=0
Protocol
H2
Server
2600:9000:223f:3400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sun, 28 May 2023 02:26:58 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
5213212
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
mLnkrMJj375Z7AQe4lkMe21uCsV0Pwbhmk7Pvat2Wr6ewSCKDgFYyw==

Redirect headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
server
nginx
x-server-name
app04.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=02d94593-4b1c-45f4-b61a-a7fcd961d31e&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssiK9daSfy9laDwwWoXysbARpZ2PMc4l-Y45eJ6DIinI8aTX2EF6bHY584VDp_ztUVtuBOpk0G7sVbweQDhcLw9S8lT3oovQjF23oZxWlgBiMUGyxAe9uGh90dxYz0IiSxgrLQEia7XCVN7M_UDUgvvvz6E57_ZzRuKmNmlprsz4eyaHmE9Xy0yT_63B9Ri8iGwHuW7g9HBn6ED0izHKGAI&sai=AMfl-YQptRs6ZBBwJrJyEMC3JZZPfGljtmRMJT3nyRHudNM5ZRBvT4gykZBZNmIgW-ZQYmUMFcxSVNXf3L1J9VBB2Q6_wCASewfc_fG-dPzb55cmKDyT55aQfzdXqB__8nAiXTwgXAQHft8dX8TUrB5v2rI7pg&sig=Cg0ArKJSzCqZAepnxOPkEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=&ias_xappb=&mon=70774493&redirectedRetries=0
cache-control
no-cache
content-length
0
view
googleads4.g.doubleclick.net/pcs/ Frame BE47 		0
557 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssClaX01uC2_BZPC4NM2HZ_WGo3K1fgX0JooKTN0Tui0qNPC5lsyJPu1wMPa5n3YlCNaZKdrDL0TtvJVWgA2BJMW-2O0BrWhOdTUkn7ug78cgA2-TI_G-QXgY-IpCAFLMxP3BKdAXFmaiTGa5Yxt12n8S_Q3mfCFyKq6XGFkkO4WTLtHW5sSN34xpDO1iu5k6p4hJBLce_tGvfASAdK534aHdLd18Z-On4YzTMvgw1uLaGSpjJoAbvK-mo3yza_Uc7pnQXqfpXRd0TStBW569xk-fnoU6o3mbZSwdEcLPihscUv86pCxhOkDGmyrJ3z1QyxGyyrhp9o-cSuxf-iKX3RTc3rbibUfyY7jekJOV4BxpZGcqprJKvPiYveCHLA-k8Q8Uk19oo3-WNfobjbMn_j6brPymwcyjmV66BPhjOTKYB0WCiy6AwwCJQZhFLG75RFQjOBcjSH8IH0GpkYAgLp9WREj-yRqbhp9p2Y6ABNnHO1dY7KiP4MxIy8Ci3qRdDfUCTGk4WL2-S4BpAKFMQ2tZWdfD3Rjc5KKUdY5w7SnOceCbCyR6njEBZKhXAt0BousVtNzA63kztT06FN611NVxhjo59IfZUUcRUt-T1jgfksMq-KfQl0ExQHuabscQOaA7HG57OTSi9S0DtM9-Iw4a2EXj_zVGV_1gqp-laqCoDGr__zW1GHmXy1zImdlUZ63ED7N1Er8Q1Ff6_i6JFJsKNf0fmdIc2VpK3UL4l_G-DLQH_QEdnUDiSle3yernwntRl2kSdbEBe8CZYjyavHVJnVMndl8Zwp_iaM6-rGPaYQ_cH3e7zt7D2HPGbCX2ySW3OqkgFEywTjfMVXXwkKL7XmCMHZ61swVAzoRvRvvAme5P6XMCNdHcXnHXv0VC-CvLx3UEf89C5UEDi6fgcWk9GLjD6C7-7x0p2w9deUWe2gOPlC2ooENDMeTibiAzeSy8Ody7bAGLpOsVYTWBJcV6F33nUmHx86faEZvzVjswc54XA_LW-oh5bUGkMpBfZsFF7bt2mM_aB2weVMvulRjKvTvic6Nk_LEpu1ERSnALlbAjbSopou7CJi4E83yE9yJ4fN62Iz7rV02y4MfTMLImJrvgTBI1zPpGOlTiBqXce_VEjpxN9XmSX81DvYlOVHK1ttRdz7zp-I-KnKiEscSTMv9LqfRiOyGizIcHWY9HfuJdZ3lSAxLt-wDr4a4IuCzuvbMmg4ibQ01X-hARXNbziV4kwInKM9LvLH19cD4seiFopfvik9RCM9siWKb8RzvNUZyGM-7xGPJNNGV7BG7XDT1N57cotDZ_yvM3tvw3Bq5fzFBabixdf5rzryMTpA&sai=AMfl-YQuTxkoERFZogeXWo5H5AHDTQG0_CpTQrtVRBa5N6jInEbmCD0ie4-4CADKbRvrvNkvRfi-P7e1TUEKdjUu7R2PZ35jMAp7Pno7PfwcJFa3vCX-iDCB6x_to14YUUEf-eoKts7O9LAERJHYNxOAOwm_vkwuLGnG6JAiupV9Wz_65uwjmmQVvz1hrEPDBnBCvO0scEhgk8aCmXeL-0yefX7ej_QBiGjyojZCEqz6lzdDM3R70GZYidVem2P9JoY87UDgbFGMyeGxhpmbZSINfwRQvIsjDRBB5z49_dyUEa-U7UGxMb7UFX2IasIz&sig=Cg0ArKJSzHV6pdbM_K-2EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 27 Jul 2023 10:33:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
cm
us-u.openx.net/w/1.0/ Frame BE47
Redirect Chain
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCTqWIYg_HU5gEgATAB&v=APEucNXBnCDGkvnPfzql46AorTojEhHBaAaz_w6--SVzfWkvX3-uWG54z5A415IvGUOZgEzZf3CPIcSz7SfFoTUvVhpebgXC8g
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
43 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Thu, 27 Jul 2023 10:33:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame BE47 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BE47 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsthnVh1zVehI1bhBNxaWjmDM_anCuzYu0g9Kldqo476lrop-PjbQ-VROOL9Eu23q6HgGryzR0njeprL5KEL9i2jua5z67e-Lz1iM9UtLRgzFnSWAiY5pVIX6h8KVD1fIfY&sai=AMfl-YQbOMUOKVSJkVTTxf4Pur7CrY120PT0tEeplOflZ1uhWlhCDsQPn0QBqlMwsLQurYQXDZUnJ3WmhKSNASFTvD8l8gd3LU3wyV9fCjq5Ya0egC8dgZT_52k9YPFoYg2E4tmkGDJAqoncQbk0Mg&sig=Cg0ArKJSzEM9z3p6a9EoEAE&cid=CAQSTABpAlJW3PvCY_hZdjb_cWvqd9IibV0l5rHOCs8IB-X8kE-mAD6bUTqwEzVpsxcI79AVArWSo91fknfe6t7nmKYZ595COuRLvXk86RUYAQ&id=lidarv&acvw=sv%3D954%26v%3D20230710%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D8%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D561231848%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1690454029983&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame BE47 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CTwp6C0jCZNPPOuWO1PIP9oKMoAGc-8DPcbiYnfXqEZ64iLaDAxABINjV2CtgleqTgqAHyAEFqQJNX8c-XJ6yPqgDAcgDmwSqBPcBT9CYXfLJnPGSdg5iuZfxMGD_NEy-VsjqUJt-dwmge7R9HlxH_84wXNxqAug_cQXSO1GosPyj1zoh5LNmh7RU0X1jxOY-OvHhVlbcLaNJECmlwZVllR8h-3EpbylIcamIKu0Uztx_ziSaT4P3RU7EMmv9WJ7DcVcZIxaeI2frp9zO-acUKv--Ov0FpHVhMxmIfliFsKU61ceq7hS8UHfGovHoMJ75S7WzKlwIgH1uqdQNATxi0vboYMukBGn1vXxZo2vKkUH8h_fAqBB8UvwIfhAC0JQUPfmiBEy3seZ5jp1a5Y2bX6yktwn2h_y68wtkRNa8zI6RQ8AEq_f2wLAE4AQDkAYBoAZOgAfPv8FnqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTUzMTE1MDU0MjkyMzI4MDWACgOYCwHICwGADAGwE5jBjRTIE-75jOMD0BMA2BMKiBQG2BQB0BUB-BYBgBcB6BcF&sigh=ZCDe-Nm9wWE&label=vast_creativeview&ad_mt=9&acvw=sv%3D954%26v%3D20230710%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D8%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D561231848%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1690454029983
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame BE47 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=8~lkl0olbp&c=8749460887194&slotId=4374730443597&qqid=CJOB4v7XroADFWUHVQgddgEDFA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=744&mt=video%2Fmp4&vs=854x480&dm=15000&event_name=first_play&asset_bytes=196327&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=11&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=2&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.1ln~ff.1m3~videopreviewstarted.1m4
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4007:80b::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B30E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B-XO0DUjCZOjuEPCRjuwPyoKm4A4AAAAAOAHgBAI&bg=!jo2ljdnNAAZGOVy5Zjk7ADkAdvg8WoMe3iHmR6xi4a9agNEqJBnWrgpRw7HMNu8EQEShh61ah_ahyV0gdggkEnFO_54Gz53Lp74CAAAA-FIAAAAMaAEHCgB8M7H3ncgTY6fcDFuffZ3d_OLhJedTx1ljdpkHpYxSl6VjUGW2eLsqOQgVba-KKat9CfvZGRwbhi1SEXhBlGrrbPDl5IYJ2sxwEfRCTAFOYVCMlN7tPSFTs71Op_cJtdgXTFBjOUM8cCuheW2HFcUR_mY_bQ-xyoe8sxDmf5kC79WqpPN04h79xvy_K5t9q_pWRG6AlyPhrLPdU4cMuD67E0XDRqwLc-ZLJh1UWcpA7468QNfJqxHgOyMyNdclh81t1bMz3HjxEVLluDuaVxEHB8GTSpmKv4ldR5jMh8vbafI5_P6EUQmHmtow6uEOTTUCqyA4f_9-GkxqcREVPfm7Kva9NBR1BSCj38nonCDs_MbaGscuRyvRPCQ6yt5AMh3VzYBksRMoBoEQmbnlxP1G7rbVMsiWxf_9t3QVy1Lt7RqZG4pDvLt-dwbAsXKjaCjKcdUgCgQn172IO3J-iL5wFL7Fa9uMLOOViSSjlseEGtV5lyYV8_j6eEpHNqnZFFpeSvpNpgaeQl5tJoa1RhVmqdL_hp4VjJPErH_ZfTY0wf3ax0JN1u9PZTMEqiYrilQ8TFOFX8PAEj_uL7nSvuF3wrn7mrz8GvlCxBGKXHoN1XY65It9xoxAYbF12FitdTK6qDQRM_dMHnaTdlTvQrNXClfnGopRV7OGyMuCxIxFdGb010uNnvBkLVxm11pODAy9MlYSbHSvlSGulHjRmx3ydHJFj9xtoYOwZfrnrooDEunwdWLc44omfUXm7SmXKKtlFxXZ9SkusTzxQjJ5-0jqIF6WW00ZEbTVri_vNgpZbkIQV9LGwyWa-t69XVC3YGGYfZrqhALff26fkX5oyBDwny13Rn3yUyv9D4_rabwqwrXuEmUchimTKhpgpkZByZoakrgKUJuAL5gLcY8AWbaD1VRkJYu5rPukk0ja_y-F7B1cL-guTZvhJKjJelpTRbZIAExf79C748evbu5kcXad694raRcyGuDAf8ymF3_jWqjlGOYpvNV-Zwre6MQKUOHfxF5CkTjkF51dNqVxfa3yc3qpdyP-G5ZWm6NZu3g9Ku1bRJwPmixSrYwOJE9QgKRXYdu-3z9Wd0SqAuHIPIhYvpTNAo2fp5u3nf68A6nHUA30jb72pwTwO4YQ2_btvAeXRISBdc2_f4eFH35F9kU
Requested by
Host: 6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
URL: https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bsevent.gif
rtbc-ew1.doubleverify.com/ Frame 1F02 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-ew1.doubleverify.com/bsevent.gif?flvr=0&impid=f51b519edf6a42208d01854a8d97d938&vfdur=132&cbust=1690454030055566
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal119.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Thu, 27 Jul 2023 10:33:50 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
07/26/2023 10:33:50
DV_GlobalPassback_Update_728x90.jpg
cdn.pathtosuccess.global/ Frame 1F02 		104 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pathtosuccess.global/DV_GlobalPassback_Update_728x90.jpg
Requested by
Host: 6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
URL: https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:b800:19:8ca6:3640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
af508645414a72d60c0221f01b376785d69cb7aab694cfe0a1f55877a11aea4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 16:35:28 GMT
via
1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
last-modified
Wed, 17 May 2023 17:51:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
64702
etag
"502456f4087ff8bfd86fdda2ce32da93"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
106154
x-amz-cf-id
tia8YIeyNR-lPH7E9zsQKF6xF6uGKtr7eoBxoxQGt6Ph0HdrpDgoCw==
/
track.adform.net/adfserve/ Frame 1F02 		0
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=66525057;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=17041403958&extPm=17041403958&extCr=506747991&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=Cuz7TDEjCZMrAGteAx_APu5Wl4AagiczHa7LCloaGEbHSgbznAhABINjV2CtgleqTgqAHoAGR_tGiA8gBCakCwpcJnfKfsj6oAwHIA5sEqgTtAU_QgBnQYFgsHrPjpkO9kjUOy5gcxS1LAkgrrQhLljA3KhO1ksiFde5_XqROil6r8SsJF7kaY1X3e2LGYrGi1Z5pq85Kpt0xdY9reygnYObgp0jyKkPItwtvtKc7ElDz9dXS4rRlyBKiW_UNUUkwB1wzNxpVkEYbcQikXnkZbeNwT2muvl8gunyJrU9tP_RvtsNSY41DJdMwVZAo-8XxWqUwJwH4imBWS2NQn74qSh7ocF_72PhAhYJWWyJoKfEPHJ7JeTfJL4Auz-8fu0vIdC8Re5uXF1HVZCN-yIZnykdfqD0NFpdyZzPlveuqz8AE7taq8PUD4AQDkAYBoAZNgAfXga5dqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTUzMTE1MDU0MjkyMzI4MDWACgOYCwHICwGADAGwE-LNlhTQEwDYEwrYFAHQFQH4FgGAFwHoFwQ&ae=1&num=1&cid=CAQSOwBpAlJWPr8oU-QVQWgYWY74gVIIGZrjbFI-xIuOkFwXbtdx6fHHKpb1E18Wx9mRKv7V1KP7K95BsFd4GAE&sig=AOD64_25hskHFzXfxHp8WqjaRiLHsvoGww&client=ca-pub-3944954862316283&dbm_c=AKAmf-BmgyGUONRiK-Ew_xHantY7g65BpFTJzxya6gQUEBRW1iqIQo3YWOmYYh4OhsNyUuOpeMDA8aBiVgS3YhB4VnivcG7Trs-2hw-L9-xk4fXpA_9H8aUlW-R4wiBnR2r9WCovjDsudyZoEve1-JRyXWARS2X3Lsb5Eq_MBluNLsiBfEhPDc8&cry=1&dbm_d=AKAmf-DjRPMt57_8-_q6jEmVR7hh2PhqwyORx_Fhyok2Adn2dCAZ3bbHdQrj70TfGl2yPsUR5cO-LJ5fsabX0Q-_zk9Usy5OAq4wDjRTDExdYU6Q4oxAVA3Z1pjM9P5hNk2FDKk-vpMU7ELOTq4nt0_oDPyxxiXjXVqXjbaPgu17RfsmUvcW7zW9wpvyNGe1PUQcykPNMXkk9PPd8ZOGJ6gHiCf8qt4CWgd72hnrcgNlp2nXi3WMq6RwKbvJMxdb1EzIKFJYu_3z4jiDFgLTZziu8U57KAhtDii3_08q01Hv225EzFTXrRZLv7VPfMwp365Mc1-PeFvZfT21756aKQP6A93B2LVGGBuG-b8zisPNaPpY3hOQ24hnDb8IRqRVv4Ktfr8kPMui749DNv5EIPm08ikS47MG1rg6hiF_6otnSAY9AZZ9l4bkUS7q6F6rPGoB2j7xvutlxTVHrtPKpCRAoe54VJiuFa5YitzWkV9oHXNKFD3RUgfRVGAYzojMEUa5wHDbH0H-ELtA6iJcNt5RIJ-U8mM5Jn5HtiLRRbUIu5rhhcFVNhbYYqRr2sA-ATu1pW1Gxw8Y&adurl=;js=1;adfxid=1x;7479;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;cmpgpp=;cmpgpp_sid=;fd=0|0;bsdata=1&CREFURL=https%3A%2F%2Fwww.idrlabs.com
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9298 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=Bugr1DUjCZNPiBc2I9fgP2uGP6AkAAAAAOAHgBAI&bg=!oaKlovbNAAZGOVy5Zjk7ADkAdvg8WummaDaeIsvevp_Rkg4XPVuxLMAcKRvemqzZzlCjIesudg-RGriHZY37pV7eHSq52jY5AWQCAAAA71IAAAAKaAEHmQMCoBHjCBgTWRJl7lddTOzjL7AckKNXLuFgLr7Cos0vLmZ6TWHczHoLrYrQ9gzUzz58z0k1OCmuah1A3RbtrdQ9L85ERNQvic5OQhpckcDWfYzH4xrQ5gZVpbyngWAWT_TiacE1Y8kzYJdvPU3bhiu2EXGOe5jQOT7599qJOLAilo7ZON87V4L4v_jL7fkJQycQgnvfWvWoc2ZkAahQ8d6QCjZksvtxKxDcloyrausTq5--17drxCA-DUU6KENyCm6QOSOBGlj5NXWIBJyUSew2IkT01QS-dHZAe3jqw6H8__NOkkoBoBggkGjkK2xBmFq_3C9tjxpl59poJKqXW4E_o0b5Pdl_2NCKB3eiV8EmlDJZu5V_z2JKXyTP5m6cPOAsN0sBQ2DBUUh19UNWIlb8pMeT1-F_1QQLbEShF2j7ws1mUcbFX90M8LBBPoXcg_zTKQZsYEh8QqZC41OsOLFd77ooNaqABFwwcTEvUn49OctNtFuSjQiHmCGgGXJFoWEfQf6PxMbXGeP_jqUDcOZQD8byAUG7GqPpiJMXdcv0yPJRWh4qWpNJccF9GjtzOSxzUGW-SqO6nJfHshxpvJgZBEh7yNT4lDqea8bJNjDf6y374gGBh38aNa5GATuq2J4D9gHnddbgHS45JEFLtgc4vWOu6pAUrNfxSjyjRWw16qi3uMI-I763O7Xe1ASwUCHEdflYt6VIzEGGfOkAxsh_0AUWLOuDORjzS0RaTbsXwStl0fVrxzRidwffpr4Cr3YlVGqi3y94Ogce_cftQUTb7fijdpPYjmJ_fje1po62XxKOG2dHwZ1FwME_W440ZwLXrkKe1rBlIkHMYbukcqsX2amLHfqCtkzYTR1h6qRwTfNhUQBDK0FkRtGHpNUFaw3YpTrlr79llRryBDDwEhEyuMObG_Gcz-4i5RO-UyMRIoGB59_LMPCsCI3pHcKMZJaW_IP_HJlKw1r2K0uGhiempCoqpmcbju0t14eIJKjWVZokawOC6dxZLIsB6f_aZG7Hb6A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6518 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
URL: https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16810
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jul 2023 05:53:40 GMT
etag
48472445140208031
expires
Fri, 28 Jul 2023 05:53:40 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 1F02 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6824169a256fb7329607d3f67f5ecafea385a2bbab207b2e1fb6409e9e351420

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Thu, 27 Jul 2023 10:33:50 GMT
translator
hbopenbid.pubmatic.com/ Frame 4405 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Thu, 27 Jul 2023 10:33:49 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame 4405 		95 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
441f1bc182513ee0d45b1c148db77b306b9fa95f43d1924405d319c606f2c558

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 27 Jul 2023 10:33:50 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
unruly_prebid
targeting.unrulymedia.com/ Frame 4405 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ Frame 4405 		729 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2276adec486fb62ec%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90e_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&s=5f646982-2853-4cab-b791-9b83d94deb3e&pv=2029681b-8fd4-41a7-84a2-e9062532c535&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.110%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22650c21b2-57f6-4f80-b65c-998cd7daa494%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
6b0b1cdd4961cd7eec42130d8871c362c2b22643085fc67ca43be945ce67c1aa
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 27 Jul 2023 10:33:50 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-114
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.idrlabs.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
442
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 4405 		12 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000628,1,,,&eid_pubcid.org=650c21b2-57f6-4f80-b65c-998cd7daa494%5E1&rf=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_728x90e_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=78f1d3d47077932&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90e_desktop&slots=1&rand=0.6085571092061242
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
bc0fef732ad97882c112ac353f8827d2a20acbe5a0972217452f3d69260308c4

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
c
prebid.a-mo.net/a/ Frame 4405 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Thu, 27 Jul 2023 10:33:49 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.idrlabs.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
pbjs
htlb.casalemedia.com/openrtb/ Frame 4405 		37 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
899f109e56a613e6c5bc13feb3bb503c58456a921413cd0f6ac4131b90dc75d8

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PXprYlZoXfu3KJoroCmQnaULi5rmW7FC2rjYV3%2FelLhELxoAimYCjTk11C8GabqOOeiSWEZ%2BnlONKjK5KerxXH2SY6asBBGDT2UX4raJZMl4WrffSPeW%2F9J7TQGzPGAge4Rqrw%2Fc"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7ed439f8893d9c04-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebid
ads.yieldmo.com/exchange/ Frame 4405 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-4%22%2C%22callback_id%22%3A%2284fd1819e484da1%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90e_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&bust=1690454030164&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Barbie%20Character%20Test&w=1600&h=1200&pubcid=650c21b2-57f6-4f80-b65c-998cd7daa494&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22650c21b2-57f6-4f80-b65c-998cd7daa494%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.149.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-149-212.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
ads
securepubads.g.doubleclick.net/gampad/ Frame 4405 		27 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3112218637313204&correlator=1967205188312018&eid=31076487&output=ldjh&gdfp_req=1&vrg=202307250101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&adks=1332890142&sfv=1-0-40&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.09%26hb_adid_rubicon%3D16661445d96a21fd%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.09%26hb_adid%3D16661445d96a21fd%26hb_bidder%3Drubicon&eri=1&cust_params=domain%3Didrlabs.com&sc=1&cookie=ID%3De4b1d398bbd2b6bc%3AT%3D1690454027%3ART%3D1690454027%3AS%3DALNI_MZdY6R1hAKKHFC2GyinxYcaLCnxNg&gpic=UID%3D00000c47be9d06e2%3AT%3D1690454027%3ART%3D1690454027%3AS%3DALNI_MaonnsMk8zZfJc7D_aP15HTJjoSEQ&abxe=1&dt=1690454030180&lmt=1690454030&adxs=67&adys=1110&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=benkljhmwksw&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&frm=23&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&ga_vid=1114138523.1690454029&ga_sid=1690454030&ga_hid=601230816&ga_fc=false&ga_cid=628320600.1690454027&dlt=1690454028280&idt=933
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250101/pubads_impl.js?cb=31076487
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
60efde7f3cdc8d805dd20d1c783bede89a371c982b02deae27cffd3cf23b42a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12144
x-xss-protection
0
google-lineitem-id
5111853553
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138274875292
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4405 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307250101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250101/pubads_impl.js?cb=31076487
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2561117cd32d190e49906c42e4079e4db3a68203adfecfc13f9ab6b4d8de4a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11615
x-xss-protection
0
container.html
42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5D95 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250101/pubads_impl.js?cb=31076487
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jul 2023 10:33:50 GMT
expires
Fri, 26 Jul 2024 10:33:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 6518
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEGfAbnzkYicwaCXMqX2BIvI&google_cver=1&google_push=AaAOQGE9gYyDMAInwXgPqhzilh0i21Dt73M3Al26GJ305Jc31mLVRUwJSMzx_bM6S0RrB3k5pYBUIlcEk2z...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGE9gYyDMAInwXgPqhzilh0i21Dt73M3Al26GJ305Jc31mLVRUwJSMzx_bM6S0RrB3k5pYBUIlcEk2zrNVGu31PuAVU4pR8pfw&google_hm=QYwA3uW_S_ed-98rck...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGE9gYyDMAInwXgPqhzilh0i21Dt73M3Al26GJ305Jc31mLVRUwJSMzx_bM6S0RrB3k5pYBUIlcEk2zrNVGu31PuAVU4pR8pfw&google_hm=QYwA3uW_S_ed-98rckVS0IM
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:49 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGE9gYyDMAInwXgPqhzilh0i21Dt73M3Al26GJ305Jc31mLVRUwJSMzx_bM6S0RrB3k5pYBUIlcEk2zrNVGu31PuAVU4pR8pfw&google_hm=QYwA3uW_S_ed-98rckVS0IM
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6518
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEPj7WHnjbz5DFQVU094LJt8&google_cver=1&google_push=AaAOQGEfVPv28HuiLuRbXug7_8dTJDLVFtTlLrXDWewyFJl278vIjIpdWKOdMshsHPED-BtGHDsB_OhJqb3yVNWZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=CV-KQ2n_RGeDyqwiryhO7A2&google_push=AaAOQGEfVPv28HuiLuRbXug7_8dTJDLVFtTlLrXDWewyFJl278vIjIpdWKOdMshsHPED-BtGHDsB_OhJqb3yVNWZAsZ8clgYrWuicg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=CV-KQ2n_RGeDyqwiryhO7A2&google_push=AaAOQGEfVPv28HuiLuRbXug7_8dTJDLVFtTlLrXDWewyFJl278vIjIpdWKOdMshsHPED-BtGHDsB_OhJqb3yVNWZAsZ8clgYrWuicg
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 27 Jul 2023 10:33:50 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=CV-KQ2n_RGeDyqwiryhO7A2&google_push=AaAOQGEfVPv28HuiLuRbXug7_8dTJDLVFtTlLrXDWewyFJl278vIjIpdWKOdMshsHPED-BtGHDsB_OhJqb3yVNWZAsZ8clgYrWuicg
x-host
tde-deliveryengine-production-58b44b5c5-pv42c
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
x.bidswitch.net/ Frame 6518 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPv7ZXekJ8w9AzZOpjccaVo&google_cver=1&google_push=AaAOQGH5uL-SA1faq39j7lQQ6rJ9vrjurHfEuGQd8F6rvD2oIsEhNrH-sAY7CZM1nNlgmib6WRAByGeuU1GjHqhJTW_ujwNsCEmy2g
Requested by
Host: 6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
URL: https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.47.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-47-22.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 6518
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEMY-9Kf1H5azY1F63d-kZZQ&google_cver=1&google_push=AaAOQGHplBgmBswLH6B_U_sPo9C4gbIPfWWh3Xy14KzkQWiPEXMXU32wEcMXshneMGpYl70t2oHbQIc3vOP12Gh7Q_ZVLru...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEMY-9Kf1H5azY1F63d-kZZQ&google_cver=1&google_push=AaAOQGHplBgmBswLH6B_U_sPo9C4gbIPfWWh3Xy14KzkQWiPEXMXU32wEcMXshneMGpYl70t2oHbQIc3vOP12Gh7Q_ZVL...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGHplBgmBswLH6B_U_sPo9C4gbIPfWWh3Xy14KzkQWiPEXMXU32wEcMXshneMGpYl70t2oHbQIc3vOP12Gh7Q_ZVLrukPXk6dw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGHplBgmBswLH6B_U_sPo9C4gbIPfWWh3Xy14KzkQWiPEXMXU32wEcMXshneMGpYl70t2oHbQIc3vOP12Gh7Q_ZVLrukPXk6dw
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGHplBgmBswLH6B_U_sPo9C4gbIPfWWh3Xy14KzkQWiPEXMXU32wEcMXshneMGpYl70t2oHbQIc3vOP12Gh7Q_ZVLrukPXk6dw
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 6518
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEJdSYcHtB-w1wz4qdJIv-cQ&google_cver=1&google_push=AaAOQGFaeYfc4n0FhT1l8OLvhI5ao1z8m7H3O4FlP95l9ttnsfXNb5xk7jPwRBcpEhm9GT0VuZfCUwlU5IpHzQFFymtmzc...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEJdSYcHtB-w1wz4qdJIv-cQ&google_cver=1&google_push=AaAOQGFaeYfc4n0FhT1l8OLvhI5ao1z8m7H3O4FlP95l9ttnsfXNb5xk7jPwRBcpEhm9GT0VuZfCUwlU5IpHzQFF...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0Nyv1e_eQPukIusPQhdJJA&google_push=AaAOQGFaeYfc4n0FhT1l8OLvhI5ao1z8m7H3O4FlP95l9ttnsfXNb5xk7jPwRBcpEhm9GT0VuZfCUwlU5IpHzQF...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0Nyv1e_eQPukIusPQhdJJA&google_push=AaAOQGFaeYfc4n0FhT1l8OLvhI5ao1z8m7H3O4FlP95l9ttnsfXNb5xk7jPwRBcpEhm9GT0VuZfCUwlU5IpHzQFFymtmzceeRKiLWw
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0Nyv1e_eQPukIusPQhdJJA&google_push=AaAOQGFaeYfc4n0FhT1l8OLvhI5ao1z8m7H3O4FlP95l9ttnsfXNb5xk7jPwRBcpEhm9GT0VuZfCUwlU5IpHzQFFymtmzceeRKiLWw
access-control-allow-origin
*
date
Thu, 27 Jul 2023 10:33:50 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
ssbsync.smartadserver.com/api/ Frame 6518 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESENjpVgmJGB14uE8mdcaEg9A&google_cver=1&google_push=AaAOQGGUm6_CLkruwL73geZmwwsuobxBPJ6QUhcOLX2-nfqCAZlpR4ze2wOk5j-9BXyjPk4CaYgWpalqC4a3yv5nSC3T2vhVs8tTsw
Requested by
Host: 6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
URL: https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.153 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:49 GMT
content-length
0
/
onetag-sys.com/match/ Frame 6518
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEJIGMRVuCyL4HQkk2EoR_Yk&google_cver=1&google_push=AaAOQGGw2HPRBVO0yKZDhIUD-CmrNz3crBfeRa4q71JZhbZGZvy0gBxR9O7nCS1nJI9mJfx5h7b56G1piwa...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGGw2HPRBVO0yKZDhIUD-CmrNz3crBfeRa4q71JZhbZGZvy0gBxR9O7nCS1nJI9mJfx5h7b56G1piwaiZNQsh0dMCXmaXSdSCi0
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 6518 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ISvzTJIm22oorIMAw3NJYMr9TMcJ3_uxh5dFe8UFoPtpUvByXJadaiUviWh61A6LeQRVWamA
Requested by
Host: 6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
URL: https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:50 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Thu, 27 Jul 2023 10:33:50 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 4405 		37 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d05c369e40eca110695ffb93bf58e3fd68529c45b68cfc5f62dff7c98e3c8eb

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vGnGWjq9sB26Mq7eBeRvJqa83JjU%2B3W%2B3W46xzjAJfucCuD2mPOXTnMdn3l3NtRn%2FecrJEGiT5pvJ2pR57JRJrnwfOWxZQssY8lII8xjCLuVLfHtkZbfmtfC8mY81ueInsSSl49l"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7ed439f8bf3e6901-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
unruly_prebid
targeting.unrulymedia.com/ Frame 4405 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ Frame 4405 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Thu, 27 Jul 2023 10:33:49 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.idrlabs.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
bid
ap.lijit.com/rtb/ Frame 4405 		95 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
539f6d811b0bde99469ceb87e815416bdbfc8b15eab1e979d007182638b901da

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 27 Jul 2023 10:33:50 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
100
translator
hbopenbid.pubmatic.com/ Frame 4405 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Thu, 27 Jul 2023 10:33:49 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ads.yieldmo.com/exchange/ Frame 4405 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-5%22%2C%22callback_id%22%3A%2296fda4716f9170b%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90f_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&bust=1690454030197&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Barbie%20Character%20Test&w=1600&h=1200&pubcid=650c21b2-57f6-4f80-b65c-998cd7daa494&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22650c21b2-57f6-4f80-b65c-998cd7daa494%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.149.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-149-212.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
trinity.json
apex.go.sonobi.com/ Frame 4405 		729 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%229833eaa05b15577%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90f_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&s=c094fa60-e7f3-4b82-9f11-7246689f5157&pv=2029681b-8fd4-41a7-84a2-e9062532c535&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.110%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22650c21b2-57f6-4f80-b65c-998cd7daa494%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
2360f283fc3124f54c3265fc545d62fc672d3376c1b0c7b65a6b6daac0364850
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 27 Jul 2023 10:33:50 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-110
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.idrlabs.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
442
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 4405 		12 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000628,1,,,&eid_pubcid.org=650c21b2-57f6-4f80-b65c-998cd7daa494%5E1&rf=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_728x90f_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=1000a011502d5cc2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90f_desktop&slots=1&rand=0.4402983317832134
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
18e004470d36df0f89651125a390e71ffbf42f946d4e1469c716a6e80c10b4d5

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 4405 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3112218637313204&correlator=2658166604208171&eid=31076487&output=ldjh&gdfp_req=1&vrg=202307250101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90c_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=2&adks=658150668&sfv=1-0-40&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.09%26hb_adid_rubicon%3D16854aed3ad92ab%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.09%26hb_adid%3D16854aed3ad92ab%26hb_bidder%3Drubicon&eri=1&cust_params=domain%3Didrlabs.com&sc=1&cookie=ID%3De4b1d398bbd2b6bc%3AT%3D1690454027%3ART%3D1690454027%3AS%3DALNI_MZdY6R1hAKKHFC2GyinxYcaLCnxNg&gpic=UID%3D00000c47be9d06e2%3AT%3D1690454027%3ART%3D1690454027%3AS%3DALNI_MaonnsMk8zZfJc7D_aP15HTJjoSEQ&abxe=1&dt=1690454030205&lmt=1690454030&adxs=67&adys=1110&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=qozvdm3swd8o&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&frm=23&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&ga_vid=1114138523.1690454029&ga_sid=1690454030&ga_hid=601230816&ga_fc=false&ga_cid=628320600.1690454027&dlt=1690454028280&idt=933
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250101/pubads_impl.js?cb=31076487
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
83a59abdf7edbad06741293ce26a7b7144105d7ac9edda0641d4339fedd63c93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9342
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Thu, 27 Jul 2023 10:33:50 GMT
bid
ap.lijit.com/rtb/ Frame 4405 		95 B
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
0eebb408bf6f91cfe0bf0c9e32b45329a456cd86d4f9c5b5e6bcd97844561219

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 27 Jul 2023 10:33:50 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
trinity.json
apex.go.sonobi.com/ Frame 4405 		730 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22104a317d142b6c0d%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90g_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&s=2d73d54f-65c0-4e36-8179-e82728e80fe7&pv=2029681b-8fd4-41a7-84a2-e9062532c535&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.110%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22650c21b2-57f6-4f80-b65c-998cd7daa494%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
1622b01b46b10877eb2b16fb08636d0da4ef3feaab7e60b9d100f1d8881fd9b2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 27 Jul 2023 10:33:50 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-110
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.idrlabs.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
443
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ads.yieldmo.com/exchange/ Frame 4405 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-6%22%2C%22callback_id%22%3A%22106b95dc22608058%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90g_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&bust=1690454030210&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Barbie%20Character%20Test&w=1600&h=1200&pubcid=650c21b2-57f6-4f80-b65c-998cd7daa494&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22650c21b2-57f6-4f80-b65c-998cd7daa494%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.149.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-149-212.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
translator
hbopenbid.pubmatic.com/ Frame 4405 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Thu, 27 Jul 2023 10:33:50 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame 4405 		38 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac76829473703d25d7fbf6c9156c184ec190966a4d2287f04980fbff55914a08

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KqDuO%2B0c0iaBKvBSHEMZrtgoxTHCmOepcfaesXMleIZtgvKi2KrhqEHSPIvEnM2b%2BE%2BbPojdMU37jJNHDetjQKy9OecczP4vecIWM4A3dIaE64qPqzG%2FXptNsOPQLLSl9Av%2FUTMr"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7ed439f8df606901-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 4405 		12 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000628,1,,,&eid_pubcid.org=650c21b2-57f6-4f80-b65c-998cd7daa494%5E1&rf=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_728x90g_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=112c94a8c9c2c8a4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90g_desktop&slots=1&rand=0.6068028453119316
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5f37a5338b5d097bdff617319a12958dd6c6540425600f2622b4ef62092785ad

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 4405 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ Frame 4405 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Thu, 27 Jul 2023 10:33:49 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.idrlabs.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 4405 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3112218637313204&correlator=2588828803419873&eid=31076487&output=ldjh&gdfp_req=1&vrg=202307250101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90d_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=3&adks=4283511922&sfv=1-0-40&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.08%26hb_adid_rubicon%3D165dbe5f8fb87df5%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.08%26hb_adid%3D165dbe5f8fb87df5%26hb_bidder%3Drubicon&eri=1&cust_params=domain%3Didrlabs.com&sc=1&cookie=ID%3De4b1d398bbd2b6bc%3AT%3D1690454027%3ART%3D1690454027%3AS%3DALNI_MZdY6R1hAKKHFC2GyinxYcaLCnxNg&gpic=UID%3D00000c47be9d06e2%3AT%3D1690454027%3ART%3D1690454027%3AS%3DALNI_MaonnsMk8zZfJc7D_aP15HTJjoSEQ&abxe=1&dt=1690454030223&lmt=1690454030&adxs=67&adys=1110&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=3bdd77fz80iy&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&frm=23&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&ga_vid=1114138523.1690454029&ga_sid=1690454030&ga_hid=601230816&ga_fc=false&ga_cid=628320600.1690454027&dlt=1690454028280&idt=933
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250101/pubads_impl.js?cb=31076487
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6ce39bb0d2464ee05172b77c17a94c0e985b3ac7ae0fa2eb69c75e296c23a964
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9316
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Thu, 27 Jul 2023 10:33:50 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 4405 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ Frame 4405 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Thu, 27 Jul 2023 10:33:49 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.idrlabs.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
translator
hbopenbid.pubmatic.com/ Frame 4405 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Thu, 27 Jul 2023 10:33:49 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame 4405 		95 B
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
6cc1b6b1e583192526b0649abdf51e372b8ebef1385f2bc99ded4a6d1225ab61

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 27 Jul 2023 10:33:50 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
prebid
ads.yieldmo.com/exchange/ Frame 4405 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-7%22%2C%22callback_id%22%3A%22126cc929b76cab4f%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90h_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&bust=1690454030234&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Barbie%20Character%20Test&w=1600&h=1200&pubcid=650c21b2-57f6-4f80-b65c-998cd7daa494&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22650c21b2-57f6-4f80-b65c-998cd7daa494%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.149.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-149-212.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 4405 		12 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000628,1,,,&eid_pubcid.org=650c21b2-57f6-4f80-b65c-998cd7daa494%5E1&rf=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_728x90h_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=1282c0231e33be87&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90h_desktop&slots=1&rand=0.42215705360602485
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7dc8a73a3d26936b5a9a3537619063ae281e1a3c9bedb0c0e742981e4c1d1107

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
trinity.json
apex.go.sonobi.com/ Frame 4405 		730 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22130a8b62c876a724%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90h_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&s=0b278078-22a6-453a-83ea-f8bd59b0bd83&pv=2029681b-8fd4-41a7-84a2-e9062532c535&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.110%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22650c21b2-57f6-4f80-b65c-998cd7daa494%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
6ce947fcd679a560bde683a5df0fd29b0f848c4492a4a8375a98d1d441536da1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 27 Jul 2023 10:33:50 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-110
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.idrlabs.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
443
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 4405 		38 B
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
342ffd835bbdafaf798793d22e9211f27d79ac730474bf86418bb912f4b1afc1

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n75qvwz175uQbTCbNLbiGYmDrGr%2FOCsrJWxNfSoTbf4PIrBQOyWIGC%2BkHYHEKB3%2BWConIAK9QwRmviNMzB1PDqXgyi9BfrU2PbAGAD6yy4RJjjGELOCRbsOBeS68sO8S8C5jcrvj"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7ed439f8ff886901-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 4405 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3112218637313204&correlator=1966900555401444&eid=31076487&output=ldjh&gdfp_req=1&vrg=202307250101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90b_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=4&adks=2587397766&sfv=1-0-40&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.09%26hb_adid_rubicon%3D167e3239ab304c52%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.09%26hb_adid%3D167e3239ab304c52%26hb_bidder%3Drubicon&eri=1&cust_params=domain%3Didrlabs.com&sc=1&cookie=ID%3De4b1d398bbd2b6bc%3AT%3D1690454027%3ART%3D1690454027%3AS%3DALNI_MZdY6R1hAKKHFC2GyinxYcaLCnxNg&gpic=UID%3D00000c47be9d06e2%3AT%3D1690454027%3ART%3D1690454027%3AS%3DALNI_MaonnsMk8zZfJc7D_aP15HTJjoSEQ&abxe=1&dt=1690454030239&lmt=1690454030&adxs=67&adys=1110&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=i4o517309ovp&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&frm=23&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&ga_vid=1114138523.1690454029&ga_sid=1690454030&ga_hid=601230816&ga_fc=false&ga_cid=628320600.1690454027&dlt=1690454028280&idt=933
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250101/pubads_impl.js?cb=31076487
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a578099a425baf297a1b87427bb1fc19ee037bbb62655ccbf20d10c6247733b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9324
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4405 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Jul 2023 10:33:50 GMT
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 88DC 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 06:29:32 GMT
content-encoding
gzip
via
1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
FRA60-P4
age
705859
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
5hWJUjwb-4oEuPq_E8ub18E6P_atR0pHykuUKb9Rvg8aYWsqtY_3aw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 88DC 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f294f48a5bc171da79776780d32c77ae3323a508cb595a56f116ecb7578a8e7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57383
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1690198756579870"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jul 2023 10:33:50 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Thu, 27 Jul 2023 10:33:50 GMT
bid
ap.lijit.com/rtb/ Frame 4405 		95 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
43b2801647e3defe00906d92df61e3ce4d7474394a8c4663d26a2bf3c1bf6dfb

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 27 Jul 2023 10:33:50 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
100
unruly_prebid
targeting.unrulymedia.com/ Frame 4405 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ Frame 4405 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Thu, 27 Jul 2023 10:33:49 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.idrlabs.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
pbjs
htlb.casalemedia.com/openrtb/ Frame 4405 		38 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4c9f5d8100e67a0735538d15449b8a8c4a6e90e1e92091f001f414535150f81

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H4cZF6DFELLa7TbQDKCP%2FWnVwoksbS84kMJBStDMXAUkJUKAi1LTBYG%2B%2F9qAjjyjg8hgs6NsUmqYNti98hpTIz%2F%2BNxjvcHLN0SnbqHmi0frQ9xpETN5d%2BLmYQovbdG4RENlISPp1"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7ed439fa08da6901-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 4405 		12 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000628,1,,,&eid_pubcid.org=650c21b2-57f6-4f80-b65c-998cd7daa494%5E1&rf=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_728x90i_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=142b2624a2802d23&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90i_desktop&slots=1&rand=0.4743684640646657
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f334dfed822664140cb14d489a23da9b6d2e1a0907f9af1026df8b8cafa0291a

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame 4405 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Thu, 27 Jul 2023 10:33:50 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ads.yieldmo.com/exchange/ Frame 4405 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-8%22%2C%22callback_id%22%3A%2214616e0648656c08%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90i_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&bust=1690454030400&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Barbie%20Character%20Test&w=1600&h=1200&pubcid=650c21b2-57f6-4f80-b65c-998cd7daa494&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22650c21b2-57f6-4f80-b65c-998cd7daa494%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.149.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-149-212.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
trinity.json
apex.go.sonobi.com/ Frame 4405 		729 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221483b04860c4daa%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90i_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&s=b136aea8-b2f4-4e60-be40-d4f52e5afaf6&pv=2029681b-8fd4-41a7-84a2-e9062532c535&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.110%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22650c21b2-57f6-4f80-b65c-998cd7daa494%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
59195d050da696ec305e77da22e00971b317081e84b53670c0f035d7f778f08a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 27 Jul 2023 10:33:50 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-110
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.idrlabs.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
443
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 4405 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3112218637313204&correlator=3183376404101434&eid=31076487&output=ldjh&gdfp_req=1&vrg=202307250101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90e_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=5&adks=3085048810&sfv=1-0-40&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.08%26hb_adid_rubicon%3D1733d457946c4d61%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.08%26hb_adid%3D1733d457946c4d61%26hb_bidder%3Drubicon&eri=1&cust_params=domain%3Didrlabs.com&sc=1&cookie=ID%3De4b1d398bbd2b6bc%3AT%3D1690454027%3ART%3D1690454027%3AS%3DALNI_MZdY6R1hAKKHFC2GyinxYcaLCnxNg&gpic=UID%3D00000c47be9d06e2%3AT%3D1690454027%3ART%3D1690454027%3AS%3DALNI_MaonnsMk8zZfJc7D_aP15HTJjoSEQ&abxe=1&dt=1690454030407&lmt=1690454030&adxs=67&adys=1110&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=n1s2w98f4usp&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&frm=23&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=ABnkTfBwjHn9HQBBC5AL6WsC0XOAspmdnmjBNaczz6kiKfyOutQZJExSZKR5u-nLjnXGBepVCoLvl2gCXl1L-djRcw0jU7PmLzw2N98&ga_vid=1114138523.1690454029&ga_sid=1690454030&ga_hid=601230816&ga_fc=false&ga_cid=628320600.1690454027&dlt=1690454028280&idt=933
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250101/pubads_impl.js?cb=31076487
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58e25f6a3165de1ae7ba125f425747d45f4d1f37634a9b67a719698780bd1b37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9338
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Thu, 27 Jul 2023 10:33:50 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 4405 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ Frame 4405 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Thu, 27 Jul 2023 10:33:49 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.idrlabs.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
bid
ap.lijit.com/rtb/ Frame 4405 		95 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
20f0f639f06387e0c726a8c74f626839243e3c614e689f778532d0e3772d0d1f

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 27 Jul 2023 10:33:50 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 4405 		12 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000628,1,,,&eid_pubcid.org=650c21b2-57f6-4f80-b65c-998cd7daa494%5E1&rf=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_728x90j_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=156606de3aa7a939&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90j_desktop&slots=1&rand=0.7734434983173752
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4f012f0400bfab9cf46ec7b68e200b2584eafc7bae319c5cbf6992952c1f2f93

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame 4405 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Thu, 27 Jul 2023 10:33:48 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ads.yieldmo.com/exchange/ Frame 4405 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-9%22%2C%22callback_id%22%3A%221603b9a976035832%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90j_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&bust=1690454030417&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Barbie%20Character%20Test&w=1600&h=1200&pubcid=650c21b2-57f6-4f80-b65c-998cd7daa494&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22650c21b2-57f6-4f80-b65c-998cd7daa494%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.149.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-149-212.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
pbjs
htlb.casalemedia.com/openrtb/ Frame 4405 		38 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e6d119f570ee32c560e1bfaec5ef25d708a2ff84ef5f3ae5aaa44d8236fd131

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ltX%2FUhmeox%2FFQRzWw%2FfuxBD6mbdW1YMJPBMR4wbkN1A0oTd9JBwe30l3lTYRSP0szGO9azstRfQT14HtnUMrXTs9LsvTOileB25oZprqB7hJP708%2FGHQpLlRrKnHNbKstrhetQyb"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7ed439fa29086901-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
trinity.json
apex.go.sonobi.com/ Frame 4405 		730 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2216471f0ffb9ec01a%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90j_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&s=942169c9-a481-45f6-9915-be7facadeb37&pv=2029681b-8fd4-41a7-84a2-e9062532c535&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.110%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22650c21b2-57f6-4f80-b65c-998cd7daa494%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
c519514b923ec62451dd008e0c80dd00694b531af53d25007b1e4c5ca2937fd8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 27 Jul 2023 10:33:50 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-110
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.idrlabs.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
444
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 4405 		27 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3112218637313204&correlator=2703246184695933&eid=31076487&output=ldjh&gdfp_req=1&vrg=202307250101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90g_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=6&adks=3516126248&sfv=1-0-40&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.09%26hb_adid_rubicon%3D1763b0b3109bbe82%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.09%26hb_adid%3D1763b0b3109bbe82%26hb_bidder%3Drubicon&eri=1&cust_params=domain%3Didrlabs.com&sc=1&cookie=ID%3De4b1d398bbd2b6bc%3AT%3D1690454027%3ART%3D1690454027%3AS%3DALNI_MZdY6R1hAKKHFC2GyinxYcaLCnxNg&gpic=UID%3D00000c47be9d06e2%3AT%3D1690454027%3ART%3D1690454027%3AS%3DALNI_MaonnsMk8zZfJc7D_aP15HTJjoSEQ&abxe=1&dt=1690454030427&lmt=1690454030&adxs=67&adys=1110&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=1xchgp6tc40i&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&frm=23&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=ABnkTfBwjHn9HQBBC5AL6WsC0XOAspmdnmjBNaczz6kiKfyOutQZJExSZKR5u-nLjnXGBepVCoLvl2gCXl1L-djRcw0jU7PmLzw2N98&ga_vid=1114138523.1690454029&ga_sid=1690454030&ga_hid=601230816&ga_fc=false&ga_cid=628320600.1690454027&dlt=1690454028280&idt=933
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250101/pubads_impl.js?cb=31076487
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0d172ab84abfe2832682e1eec3fbb968413f8b0af1bb12416bb7ce51b073adf2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11627
x-xss-protection
0
google-lineitem-id
5111853553
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138274588173
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 4405 		27 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3112218637313204&correlator=1512302864226869&eid=31076487&output=ldjh&gdfp_req=1&vrg=202307250101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90h_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=7&adks=2445953488&sfv=1-0-40&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.09%26hb_adid_rubicon%3D1772eda3780156fc%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.09%26hb_adid%3D1772eda3780156fc%26hb_bidder%3Drubicon&eri=1&cust_params=domain%3Didrlabs.com&sc=1&cookie=ID%3De4b1d398bbd2b6bc%3AT%3D1690454027%3ART%3D1690454027%3AS%3DALNI_MZdY6R1hAKKHFC2GyinxYcaLCnxNg&gpic=UID%3D00000c47be9d06e2%3AT%3D1690454027%3ART%3D1690454027%3AS%3DALNI_MaonnsMk8zZfJc7D_aP15HTJjoSEQ&abxe=1&dt=1690454030441&lmt=1690454030&adxs=67&adys=1110&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=vrlhyvnsts7d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&frm=23&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=ABnkTfBwjHn9HQBBC5AL6WsC0XOAspmdnmjBNaczz6kiKfyOutQZJExSZKR5u-nLjnXGBepVCoLvl2gCXl1L-djRcw0jU7PmLzw2N98&ga_vid=1114138523.1690454029&ga_sid=1690454030&ga_hid=601230816&ga_fc=false&ga_cid=628320600.1690454027&dlt=1690454028280&idt=933
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250101/pubads_impl.js?cb=31076487
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
690e6ededc011ce2dc71166d2f5ed3e106acd9e48d951310fc377a9036ed5178
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11635
x-xss-protection
0
google-lineitem-id
5111853553
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138274588176
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame BE47 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=9~lkl0olgs&c=8749460887194&slotId=4374730443597&qqid=CJOB4v7XroADFWUHVQgddgEDFA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=744&mt=video%2Fmp4&vs=854x480&dm=15000&met.4=vfl.1na
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4007:80b::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 4405 		27 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3112218637313204&correlator=1724128834835576&eid=31076487&output=ldjh&gdfp_req=1&vrg=202307250101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90f_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=8&adks=3272850789&sfv=1-0-40&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.09%26hb_adid_rubicon%3D1782e59ff6603d9%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.09%26hb_adid%3D1782e59ff6603d9%26hb_bidder%3Drubicon&eri=1&cust_params=domain%3Didrlabs.com&sc=1&cookie=ID%3De4b1d398bbd2b6bc%3AT%3D1690454027%3ART%3D1690454027%3AS%3DALNI_MZdY6R1hAKKHFC2GyinxYcaLCnxNg&gpic=UID%3D00000c47be9d06e2%3AT%3D1690454027%3ART%3D1690454027%3AS%3DALNI_MaonnsMk8zZfJc7D_aP15HTJjoSEQ&abxe=1&dt=1690454030453&lmt=1690454030&adxs=67&adys=1110&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=u99y3p2zfke1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&frm=23&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=ABnkTfBwjHn9HQBBC5AL6WsC0XOAspmdnmjBNaczz6kiKfyOutQZJExSZKR5u-nLjnXGBepVCoLvl2gCXl1L-djRcw0jU7PmLzw2N98&ga_vid=1114138523.1690454029&ga_sid=1690454030&ga_hid=601230816&ga_fc=false&ga_cid=628320600.1690454027&dlt=1690454028280&idt=933
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250101/pubads_impl.js?cb=31076487
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
42732828c18624ec86a36bd51a4fc548519192032bb1d18268905560e87ae65e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11657
x-xss-protection
0
google-lineitem-id
5111853553
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138274588176
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 12D3 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
12492
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jul 2023 07:05:38 GMT
expires
Fri, 26 Jul 2024 07:05:38 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A551 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
523855e128c620ef94563659656cc1c5dd45f097302c1894becfba8912752081
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wVF-y1WkrLzPPP3Xyd_B_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-wVF-y1WkrLzPPP3Xyd_B_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jul 2023 10:33:50 GMT
expires
Thu, 27 Jul 2023 10:33:50 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
view
securepubads.g.doubleclick.net/pcs/ Frame 88DC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvATwPitFL0HkG9F73s6Is4iJ9a9cF1nGUa4u0TU-7Wb-tZQWuK11HkNeWs5pwW-Fj-1RH0m2YH70am4ZC3bbaARF1Q_NWNpXjlD1pghOlHCcUnFa4ZNUUCtaj4-zYr-f9LYSspU5nuwabz9dPPcWnenbGA8UGuy1ZKTi4kt5ytLhl_vMAoJOEWFuS23yCrrJykuCXWcpYWj3seQfIBXoXtFyYY186lTXclfBlP8lbPyAfkpNeuj81U386sQedmlejXdJvK-Bk_M64MXDowJEd3wxx4y5h5EwHMPJgMXWRiV8io7nIC81mcknWhFVnf5AX9V-q8fPLCfVpVAy_D22c&sai=AMfl-YTji3MJYgifsE6BFUt-7fXh3G6BSBekwEuIGd1sk93uJOeJwtCtzTCkOPsEVQeIcLW-FqAiPehj4A9HfwfcpXCD1JcSOcEO9XNC-Fd7-Ti2sAe29QqSY6MJGiz3f84&sig=Cg0ArKJSzCyFFzR2OgU-EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0646 		261 B
122 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYmcSa3gEwAQ&v=APEucNUFu_mLTgAQKCSbHEQW_jV8cOQvzrlH6pGpdEVqL7TBP4OxbTwGnmPRZkHAjV7MTZB2WJhofKiD7BGSUYwQjlPIL88b19Rr03t2nRDnioj29k99l_fzaEAZJXcD4gOUhrPOBC0c7lvA1Odn_EMY1mFDlw_z8_apmTeSawEaj4gBdGB6Sag
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
102
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jul 2023 10:33:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 88DC 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29781
x-xss-protection
0
server
cafe
etag
4315658989838864570
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 27 Jul 2023 10:33:50 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 88DC 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DW7waMBzHCCe3JU9oBNEwCKw5GbpPasGiRYELwYrh8mJ8hQrPjQxJ3BSQXlBgVYdizlnBT7MG7y-Gp6rxIsh99X2iraY6tbzg5UQhQdC_FWTPMrg0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 88DC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=315565292662630731&x=8&ct=76
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6cd4fe4b-0164-419e-93e2-0e1da7f12e3b
beacon-ams3.rubiconproject.com/beacon/d/ Frame 88DC 		43 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/6cd4fe4b-0164-419e-93e2-0e1da7f12e3b?oo=0&accountId=24022&siteId=410000&zoneId=2299328&sizeId=2&e=6A1E40E384DA563BFB3DE7876217BED7A8424DAD5D7E3DAD93DD68864F7102C11A337D57EFDFF7DE9B43740A3E6CD6BCFE5D718BBE08EF1C6AC53CD95347FF94E093D16505E4CECBAF386182E885AEF78C6A390E176557DF1375945394405375776ABD71F6B268B633C1D33F99F2EC66D8974A5F522C337520C94D53C01631542605645952F60178C0A3B67D0C2525F8BA85DFA72E7A6467338425ABC59783A6C5B28D8AE482CD8F06B84A37C351F8C70D06B05B32F3979BE82A954C1004678A
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::47 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
container.html
42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3C69 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jul 2023 10:33:50 GMT
expires
Fri, 26 Jul 2024 10:33:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame F4A0 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 06:29:32 GMT
content-encoding
gzip
via
1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
FRA60-P4
age
705859
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
0rhHfPsU1h6iJ2dBOTKTrnDkRs8LovvkuzJNTMWTBjSgdhj480_5bQ==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F4A0 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f294f48a5bc171da79776780d32c77ae3323a508cb595a56f116ecb7578a8e7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57383
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1690198756579870"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jul 2023 10:33:50 GMT
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame C412 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 06:29:32 GMT
content-encoding
gzip
via
1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
FRA60-P4
age
705859
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
lkKTe-KTJZ9ZnIUZmE2BgtxtaQt5SjUFGH8E3luQTwBGS1-flB20dA==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C412 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f294f48a5bc171da79776780d32c77ae3323a508cb595a56f116ecb7578a8e7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57383
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1690198756579870"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jul 2023 10:33:50 GMT
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 3D95 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 06:29:32 GMT
content-encoding
gzip
via
1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
FRA60-P4
age
705859
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
bpRpGyZlME-iupxViwbIkXekO0TLRaIXmaF1FSKl2Z1o0ZzEIWeEmg==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3D95 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f294f48a5bc171da79776780d32c77ae3323a508cb595a56f116ecb7578a8e7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57383
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1690198756579870"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jul 2023 10:33:50 GMT
container.html
42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5B67 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jul 2023 10:33:50 GMT
expires
Fri, 26 Jul 2024 10:33:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E5BC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jul 2023 10:33:50 GMT
expires
Fri, 26 Jul 2024 10:33:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 4405 		27 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3112218637313204&correlator=2955246941567046&eid=31076487&output=ldjh&gdfp_req=1&vrg=202307250101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90i_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=9&adks=2059224439&sfv=1-0-40&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.08%26hb_adid_rubicon%3D179e0558cc243c16%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.08%26hb_adid%3D179e0558cc243c16%26hb_bidder%3Drubicon&eri=1&cust_params=domain%3Didrlabs.com&sc=1&cookie=ID%3De4b1d398bbd2b6bc%3AT%3D1690454027%3ART%3D1690454027%3AS%3DALNI_MZdY6R1hAKKHFC2GyinxYcaLCnxNg&gpic=UID%3D00000c47be9d06e2%3AT%3D1690454027%3ART%3D1690454027%3AS%3DALNI_MaonnsMk8zZfJc7D_aP15HTJjoSEQ&abxe=1&dt=1690454030874&lmt=1690454030&adxs=67&adys=1110&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=15bd1s3k641e&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&frm=23&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=ABnkTfBwjHn9HQBBC5AL6WsC0XOAspmdnmjBNaczz6kiKfyOutQZJExSZKR5u-nLjnXGBepVCoLvl2gCXl1L-djRcw0jU7PmLzw2N98%2CABnkTfAeitK6yxC3z4-EwsKe_1ysUox4BkeSdDJ_QwBabykg9RAFD4L2qTpubm6MT1FyKE9v0dJLipq4JOlJG6aZuayhnMWC4TF2Dz4%2CABnkTfDuHMSR-k6nYBYYOeovVj-fElNjKrYg1yx7EC7pbQ7kiGCbP-q0UOVJrGAUqOVrCeKxMUz5rBKTCwdYsim0j4gAqfGXfS7SBok%2CABnkTfAYQHVdrk3fb1P_bMO9zBNEo5GNIbpxnkhI3mTHKRr9tQtxheLaRRRP8zwtJuqOi7CoERpsFgmyEuptTY9pwI3Cm0A9_7aUTes&ga_vid=1114138523.1690454029&ga_sid=1690454030&ga_hid=601230816&ga_fc=false&ga_cid=628320600.1690454027&dlt=1690454028280&idt=933
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250101/pubads_impl.js?cb=31076487
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a3dc755b7c979f9d9a3d285dae6e5067e2784fe5b0725f7f0afa5585b3766e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11629
x-xss-protection
0
google-lineitem-id
5112246899
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138274588176
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 4405 		27 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3112218637313204&correlator=3081500780833707&eid=31076487&output=ldjh&gdfp_req=1&vrg=202307250101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90j_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=10&adks=1601445237&sfv=1-0-40&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.09%26hb_adid_rubicon%3D1801ff833b872abc%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.09%26hb_adid%3D1801ff833b872abc%26hb_bidder%3Drubicon&eri=1&cust_params=domain%3Didrlabs.com&sc=1&cookie=ID%3De4b1d398bbd2b6bc%3AT%3D1690454027%3ART%3D1690454027%3AS%3DALNI_MZdY6R1hAKKHFC2GyinxYcaLCnxNg&gpic=UID%3D00000c47be9d06e2%3AT%3D1690454027%3ART%3D1690454027%3AS%3DALNI_MaonnsMk8zZfJc7D_aP15HTJjoSEQ&abxe=1&dt=1690454030891&lmt=1690454030&adxs=67&adys=1110&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=iiq7tos3wbv6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&frm=23&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=ABnkTfBwjHn9HQBBC5AL6WsC0XOAspmdnmjBNaczz6kiKfyOutQZJExSZKR5u-nLjnXGBepVCoLvl2gCXl1L-djRcw0jU7PmLzw2N98%2CABnkTfAeitK6yxC3z4-EwsKe_1ysUox4BkeSdDJ_QwBabykg9RAFD4L2qTpubm6MT1FyKE9v0dJLipq4JOlJG6aZuayhnMWC4TF2Dz4%2CABnkTfDuHMSR-k6nYBYYOeovVj-fElNjKrYg1yx7EC7pbQ7kiGCbP-q0UOVJrGAUqOVrCeKxMUz5rBKTCwdYsim0j4gAqfGXfS7SBok%2CABnkTfAYQHVdrk3fb1P_bMO9zBNEo5GNIbpxnkhI3mTHKRr9tQtxheLaRRRP8zwtJuqOi7CoERpsFgmyEuptTY9pwI3Cm0A9_7aUTes&ga_vid=1114138523.1690454029&ga_sid=1690454030&ga_hid=601230816&ga_fc=false&ga_cid=628320600.1690454027&dlt=1690454028280&idt=933
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250101/pubads_impl.js?cb=31076487
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e11eecfb74231859c1383152f33d1a1b3c7ceda5a6e8e72f4f5548ba9eae6dc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11629
x-xss-protection
0
google-lineitem-id
5111853553
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138274875424
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
m
ad.yieldlab.net/ Frame 0646
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEPKsbl-hTuvBzW08yHfsy7Y&google_cver=1
0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEPKsbl-hTuvBzW08yHfsy7Y&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYmcSa3gEwAQ&v=APEucNUFu_mLTgAQKCSbHEQW_jV8cOQvzrlH6pGpdEVqL7TBP4OxbTwGnmPRZkHAjV7MTZB2WJhofKiD7BGSUYwQjlPIL88b19Rr03t2nRDnioj29k99l_fzaEAZJXcD4gOUhrPOBC0c7lvA1Odn_EMY1mFDlw_z8_apmTeSawEaj4gBdGB6Sag
Protocol
HTTP/1.1
Server
23.32.185.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-192.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jul 2023 10:33:51 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Wed, 26 Jul 2023 10:33:51 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEPKsbl-hTuvBzW08yHfsy7Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.adform.net/ Frame 0646
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEKdeCVeDaCrrmYDwg1G-yM4&google_cver=1&adform_v=1
43 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEKdeCVeDaCrrmYDwg1G-yM4&google_cver=1&adform_v=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYmcSa3gEwAQ&v=APEucNUFu_mLTgAQKCSbHEQW_jV8cOQvzrlH6pGpdEVqL7TBP4OxbTwGnmPRZkHAjV7MTZB2WJhofKiD7BGSUYwQjlPIL88b19Rr03t2nRDnioj29k99l_fzaEAZJXcD4gOUhrPOBC0c7lvA1Odn_EMY1mFDlw_z8_apmTeSawEaj4gBdGB6Sag
Protocol
H2
Server
37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:51 GMT
last-modified
Thu, 11 May 2023 07:59:59 GMT
server
nginx
accept-ranges
bytes
etag
"645ca07f-2b"
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEKdeCVeDaCrrmYDwg1G-yM4&google_cver=1&adform_v=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
312
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4405 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuDAj6BtatTn2Sz6cq01RXW9fPlR98szUdDbwhrtgNoNUeFjFfMnOcyuMP1MkEgUbBL9mcppsRN5Yr-XwvoAN_bOhYJqDBc1eCzsdFTYPEj2v_dpWvt&sig=Cg0ArKJSzDMMCWV3HHhJEAE&id=lidar2&mcvt=1178&p=1110,67,1200,795&mtos=1178,1178,1178,1178,1178&tos=1178,0,0,0,0&v=20230724&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=4164803795&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690454028280&rpt=1421&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bl-3675ddb-7624f037.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 3C69 		58 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/bl-3675ddb-7624f037.js
Requested by
Host: 42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
URL: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24bdce08dff3de800df43916bb99c54a752da5ac3c58fd647b872aa895908c4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 17:01:25 GMT
content-encoding
gzip
via
1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
x-amz-version-id
jRUjaHVih9Dgk2E3pF0V9QQpbI3fLYXI
x-amz-cf-pop
FRA60-P4
age
149546
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
24159
x-amz-meta-git_commit
3675ddb
last-modified
Mon, 17 Jul 2023 13:31:18 GMT
server
AmazonS3
etag
"4932969f806ab8ca6923b2f83395df21"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
YHUx0tzwDAlKsIolkJ1XTJvL2NWiSDwuyIGHKBbn6LHYSvKysUOocw==
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 3C69 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: 42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
URL: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 06:29:32 GMT
content-encoding
gzip
via
1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
FRA60-P4
age
705859
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
3TSMQxjcsOrVDUk6uhchpyvSo_pBd4Qg8lVQB_W_8ISjk8WD4O0lHQ==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C69 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CU9EjsTj8z3sKvXmJ6j17EdpIg-7oFWPASCqVoqa1zlNKEaTalEgALjqeuukvfw3twf-ouAVqHGUmxVCJFCboAhv_gDz4t9HSD4jvMVs1osv5DS80
Requested by
Host: 42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
URL: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C69 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5259020161913070087&x=1&ct=76
Requested by
Host: 42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
URL: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 3C69 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
URL: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29781
x-xss-protection
0
server
cafe
etag
4315658989838864570
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 27 Jul 2023 10:33:50 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230725/r20110914/client/ Frame 3C69 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230725/r20110914/client/window_focus_fy2021.js
Requested by
Host: 42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
URL: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:51:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
70922
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Aug 2023 14:51:50 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230725/r20110914/client/ Frame 3C69 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230725/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
URL: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:51:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
70921
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8293
x-xss-protection
0
server
cafe
etag
11502554701003060455
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Aug 2023 14:51:49 GMT
l
www.google.com/ads/measurement/ Frame 3C69 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQglVyEN6Dt_YAQSWsmrcgvO-3c0OS2NUMLYyDOJu7GpT5burmUakB0640WUWSex6CgU0fT
Requested by
Host: 42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
URL: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3C69 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
URL: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f294f48a5bc171da79776780d32c77ae3323a508cb595a56f116ecb7578a8e7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57383
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1690198756579870"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jul 2023 10:33:50 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 88DC 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=232721467649&version=m202306200101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 88DC 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=232721467649&version=m202306200101&ct=76&x=8&cor=315565292662630700
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 88DC 		99 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bfkcqv_98B81I8oOrFqf9jtATYAGUMlP6wS_JRG8h4BReTcpj-cphXPTP62k_fPVLU-2ObGp4i3vyLkEtcSEthO_vq1ZmTqhIqFgpGy-EIOjZPMATCaPq0T-Fld6_dpaF7bAiFyvFgSuEw79qC1qVPvk3wx4DEUzkJmFIuobORaiyJzEA&dbm_d=AKAmf-DnXWbTxT8tC5Nnxj8nO1eIJ638-319xeGER5xt25sbh6cAKoBzoX1O9N1WPMe3jrqrOD-t08ZhuQM5SJ4R5AfqKbXt4n8urR-IlM9uaPyUC1uZDJsqK_rMV875cq5oeea9DlJmxVe9cvKT-AEzbayNs1ghE08jy3vHt29TepR6ODjQvsaGrJGyxEIK8y8NvlAMGMJFqEmeP7MOVG2_Cn6tCoBa4qpOrLe46eMgomKwFD5hh8Zsugn8s_spAPGdO3lfjO1hXWyppP78fyoQ4m0yGMmKuwgqUb8y-QbvrjgUBsMbz5t18Km3dIAT_6ICBu2B57_vZISeEOvtZPHq7Pid2kjwITwYNKwsI95Zbv5NCudOHL1JyR7D8nhHSIZV9TmOxZ0TfSP6lhHdZjHRHkJvjHQBpzAZAl6OHE4mGAm27KLKc4MWzJz5T2UihCcriyBmZLBp1PfLXaF3zHjbdsDmFpqUH6bhKgVaMihmJYw1ys_mIMv77ILqTROR0sEbIjy8xayMugQZTC1wMpPev1CLIMtfnDM7OgLcPrttOlAzGfQJLDUy_kbeLiD0NS-rRAzJKxoInn1n2t7GbDPucyPercnfh53K8SbfJ6Z1FOfeJrCLup9Jmt_Ep3P4MsGYFjY_87xVr828Jm9teM1_44K0B2jeT5jsv6owNvo4Wqa7tzlk-2yAREMQOAWHSnULcMHe7jtlARKvot58UoR-UPwm0Ninr6_alZSim4WpU7eU0v3ZIak54I3M2dgq1AhowgNXjFBEQjwg1O4Ftu8u-ULgU0y8g_v_1CYyV6JtQoO90v8PjzCS_VmWrm4lEk7hagF5VqWZoQQ2VIwzxLkBGW-gKu3DgVtHpFn6aQzPnC-UblFrptzTY_zQFWrbkhkKk7tmF-IHXWudz9wPt3106OWi3MHi2sPhlrgCAVrFwlqiWYhfTGLUD5ElJUY1ii_s6egdZGcsoazrF2QsvJ19AC4DThtB0Agogzv3TzWbjzZIMK0BRUpYxPVHbUtjZRNlR0LVlI6LYetdTsvWTn317dGLN1JoB6qw9WDAcmKrlwg_k7PuNDaL2P403n94uQNA3Q71JsCNPivV0C1BZFJ8_P0iechJLGU17qMQBp1P1SNfbFO8EqEyGkqSiqHT9X8wCVuZDeAgGo8XyD7UGmY-qTHERUjOdMAt4NCxATDB3C3YTkIHPjBUPFXLU80Dt31fv8mP3NBW6EoXBEMsMbcPgObgvufWZ8ExrbybKQPQBtBkXfvgJf7bOZ6RYm2KIhxmeZju6bKQWzq9_OyWHzimn-_bN3Az39If3_KAJLCLzWHfTMxdfpta9-cPpo7JMxSR_3Ol9UqbD2PzdxXwU2iZ-qFma85uKGRYlDRlJFO_T1LAeRZtc5ZvJSbmnRfraiNdLT2VLeFlQIBuHTD4VGUHfMi9RyVoqmhu2OxRKH6G3JLlH3WAJTuADXnKvyNATKeJSSR3F-gO6bZzUecgkByRNUe7zp8ODmqT26V1pWvJEeXM6RYJCLMFpmji0rC5Btd5baKwz1IflMq4E8naLzdFu1tJsrZQfONCIiDJ7wlX-wuVdGOVM9ooJYm7NE5Vu-IOO0QcBJhj1A4OVlp-oNY4jeDBd3TC35QmkA3ul5uGjf6lQFMrD_evK2jfyleg2solKGOzR--SQkxat784tz6OXS-F1LVwz_d_PbdB8t79uwE3zbWCWVom82pQZ1chZYGS4ZA-_MJYDJggk7ioaAtLHpN3mcep2v5UMtDK8SjBuQd6srrt0M4KoSNFo0A5ECJMoXEM-5ncgiOLKftEly4HITll6fmAM8V-Mu2iJe06peJ_HLDkq5Li84yeSSi_aLx0bPTLwB8ovV8msgx8Yl3f5lGqORD3sBThz9AnVnbaoE2bXhlvkeRxFJCWXQtwDjB5eWcSse2ZQEi8XzGObun9BMkruLhyGCjZxJL5wP4PrrEzrpKz22W_tlOddMrCbglBjQeP5sqDRvWhZ_XWyRyYH6ycD20-Tzk62RVlBRIuwUy4U87Y2xHjgCQWllOGiq8RqejWssBqKVhV1-6P8wi3TjD_UOahw1TEeVYbQKt5gmDaELVi9vfagbFhEmO081QfIekGhqSWivguN7BWeNBKHPStWQyX49xGycYAu9bQKizzQJysocbFqkEZHWO0_aygrK0zoySQja0UgxY-eCeTd_-EjnJJRe3TLA5fobJJ833TLgvvYSd90Hau4Lh9v0S3GvOGHk_f6BIDwv3t5wQEspzRfwRNDwbsmV_SxutVgXkPj0i0a31HSdv2DQxQpW_2hfDb9Wp2DN4kua_IJmDxWYmh99M-o9vmtZ8qRiGzK-s045Nmym8m9m1T_KW5HxwJrS9RNauEB2VCIMFH7ysU6WYa7ND8c9xVMuRT1xpGjlsdBupaD9kBZzL3vRlB3pv0RWLqcibsvTPcDXawAsMG95FmWtSPfMt_FwS9lfTF69Bj07SEUHNkK0N_QsS5_SAcYOAg7PqqJluPA1ZDhAZSWo4EfQWdWeowzoUElD5RSde2tB28IxQ6T9tX4CQ6gPT-O8N8ioCDk8ArCBFiVhG18LyQMquzad5sywWUUhrCboJw7Q58nhj51BWtBbIgElh1-j3ASdI5_QA7A8bCaPHt3005Bllk_wiL4Yzb8lGgrJqbdzr5hGncNTs-4i7Z9OS8_ywaiCzhggKoh9WwBnrl97SFsRj7cPpuQz57QjN6hac365dFDzECmIQHIDWMIBWMVPVZuefmipfia3KqIsqi26Af3u9DVM8XiOo-g_OjniI-WWgra4JylC6l-_W5NEPyoQRECGGtACH7xQfAK0ZZYEAM1L_vUY03hhB2M4pUv7KfotJvlhy9QpZQ5CzEZNDtg3_ASp6YbbYUQJZL2A23EU4BuNGuAbyCRqMlaU6-d37sG81H5In_UhmCpkQiHTHxoHdDa3ivwcK-KmorDTyMAlbvhpHOODzMtoB7ZwjzyB4dfQv7RpgHI8l1GuofOoYpwHAA8tCuEeG95p_oZcFx85UjJxv4VUPAUcJstkha8nhQob0VHW_zIYMZMmT3uTu22es0312jjEzGC1vJwzPEZwHjdUoa1N7e7Vdv6xI3-UCsrWo32yOJSK51RdJ73c7jBEI0K9BuR4BJllH0js2VyGF3WMTQlh02aZpNvZRHHn3Ud5nFejTWqspJP1clU76OXvXB8AJQcT8ulzK0PFgpJx_AfNR7vGXdkM1JnVB2PAl31cqtdcZR_NVdOsBF0wpUURwEe08liSBxyQ-y1iuXCFXcMTd8KpwHEdrhw7z-7GiqKs5SY0mmkH-CeKHgn1wpX0BnpPPjdxMYR_b6d75NAhHG9Zoo1DogJ9yoammptH8gfoBKdj5Vz04x840cWzR41LMCzuSFC0m26NsDQgzy4C2CqpZU8H-HjtInvufUrkSurdoICo7rvR4L4e6SddJfSwNtVXFaDXsQZrMOWU3MfLh2-dcQTB13WyyyjVAH1xufxivJ2rYlyzo7OK3FM5w8kITaoDnyJEG-IGl_aq7ueXU474vWX9mFKPUY3jtp_kioaEIti-3Ryxn2REtiuF0ydh3ubDa-&pr=8%3A9B1DA98CC08A8BDB&cid=CAQSMgBpAlJW_y9bCvjSg9zMqeuqd3z6Gvy1fHojH-PB46DhIdd8WrhvfzsyTKMh-C5zaVboGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202306200101&rfl=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&ds=l&xdt=0&iif=1&cor=315565292662630700&adk=1258034981&idt=76&cac=0&dtd=4
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
169d42624a4027dd6a404dab710dda97036feff6301c49af0ed5789bd1459ae7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39403
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F4A0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuvpJ4-zasXWgUW__XT4ItrQFHqLT-Tyzwnf_SL98XYHn5R7vDuYjxDVHJLsoqrIErHBQYSpYoNbh6c1EcuPOExDrFkthwoKbJw4w_a-_yp7G-t7mPZhXofleWXM4zlRsry-KxAE3tw3MqC63D-pFTFqrmHrcA7VdURjnZGT08YnNL8l_Yxa0J3eTliEp9Ax2rt5ubMTEcLREHf8v0mu-fFbWdRPjTZh43NW3yYRAWZm687Svy0DIKZP6qMJW5wWy7fymuZZEQBzgT5P09qakyoWGYNcI9kx-Pyqg6tEaKUUNH_R8-w-K53piZLFUVRcySMwmheLjbj_FGovmtHeJ2Q&sai=AMfl-YTUJVUEbd4MUiv7wd9LTtoPNIr-nqNt2drBIx10lrj9nMK8wKxUu129_zNdjJFDY4IgaemRPLcsLBah2Q3G0L3EU1Jn_1FH9b8HZE1KTksp1G-kna23QhxLBIK9DSY&sig=Cg0ArKJSzJUiCqbbu7igEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 71B3 		588 B
265 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYmcSa3gEwAQ&v=APEucNUTaAPrkfGCS1wgCA6_81CUgFAUPg9zJLIIYkfjNxnmZvzFNfmdlvWXnbvGTPv9opGPGeOvpUo4RdfUB1cbCMRavg2WR7hlCZbj-vE4SPSvyLAJks_2X_tK4IgxBfsuAUsTmTxTMJFNZk0HJxvbKRwyb71isaGtO__QUkcjhwfUOwmSiUQ
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7cb745c1c8cffe3edddd856464e624896014f9b980629890b3986c6da3f056f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
245
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jul 2023 10:33:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame F4A0 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ab16567d9da12ec25f3ecac99aaf886c3afd988ce75648c944fe0756a0e433f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29792
x-xss-protection
0
server
cafe
etag
8957437012570195358
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 27 Jul 2023 10:33:51 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F4A0 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AtyPX7JrC8BTACQ5XKN-MRZ5R3Pim58oYlBbnlKH1lU0kgH08lujY88fra4INRZmoyRLeX9VvU1WyBH6mYgTs-WWAI7cIdgM3Pwgf40a2YD60G5lk
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F4A0 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7986871034341223545&x=8&ct=76
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
9c5c019a-b588-403b-b74b-af0c8ca17b54
beacon-ams3.rubiconproject.com/beacon/d/ Frame F4A0 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/9c5c019a-b588-403b-b74b-af0c8ca17b54?oo=0&accountId=24022&siteId=410000&zoneId=2299328&sizeId=2&e=6A1E40E384DA563B856D1B1DB22037DB26E7071C27C98B612A545A6B33AD846192E8BD61DB9276BCB9043718C337E90F9F0BE1F8337FD75D6DD29EA7F748F057BEE5C250112BB618AF386182E885AEF78C6A390E176557DF137594539440537598FD115051A0D33B82F65E2F027AF356252BDED9CD6F16893448BE8B2BF03E7569A8906358651F3345311A17E8554A5442092CC77B2428B4B5C32C1B4CBAA61299D0DE1337144257D32D45C0C3E95BE767BFE7341ACD07B5
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::47 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C412 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuy966LPCkoU_RhybTDyzsmGmrnVIt8pybUk9RxcdO5YUNVHJ-gTFczOszhy75mttABNtp-s_KDep_M1VmWv0vwKCIUtNeSIlQiPz9510j7CBTgl2t_8c12saTkSW20pHnhDwJYB1karpQ8ptgN8U6UiLwlSCDjIVVTcrPBu8gzNRahHeCB2v0vT-k0kKmhUaqpps11TJuOkO3qW1PfYW9495Zb7ZIYtoNKBoWYTzUcK_aJrPzUpm9Pxj-9rucbMzW3DnfTy0iZ3WIbHTFZfMckVuuruJdtn8joTzD3P-hNcepswCd9NF3iay4Th-_YNvr8jOixXx94aGWeLXd7GbA4&sai=AMfl-YQUUNQU_wNXX8hWZG6W9Obe8Qih-6lgFyDg_6B41joNNKy_xP4qUxPEKw2BwsfxCrgeJ1xFbX8bdg04S-m4gg2VPf_uGBhDWrUhf91IKFiSeJmGgs9_7igwG6Hli2Q&sig=Cg0ArKJSzHSlzkLtKFFAEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame DBE5 		648 B
253 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYmcSa3gEwAQ&v=APEucNWEVMXZEKHFtM_Bw3lSPrIenL475uXqhIDz95UP-oHGpwRcNwtffx5siqulsDWqQPuiT3TZv082BqbbkqWr3mlQ_Hl5hDfO-AWXzquKgWhMjGYNo2wPhduoih0D1f1o6UI8sZ9kr7h3vDwIrlz9q2GFt2Hg8l388h_6S670S2gMkXMLHxs
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1abef527f498afd45a968e9d226413e58b40b21872f23164ff7a203a26f40b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
233
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jul 2023 10:33:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame C412 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ab16567d9da12ec25f3ecac99aaf886c3afd988ce75648c944fe0756a0e433f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29792
x-xss-protection
0
server
cafe
etag
8957437012570195358
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 27 Jul 2023 10:33:51 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C412 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CbXc62wkBIbE5pYUMp873Q6-elvIbkEflzlhBIsaQR5Qx5Xg8ihdpRiPIOSOgrQOcJ_LhlueSfO9CyNZjIb_Tr7Uz_iWkE5Y1bFE00-FvanS5CCNE
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C412 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=18187431523072621116&x=8&ct=76
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
f686baaf-c72d-4c4b-b2d0-6c0833ebada4
beacon-ams3.rubiconproject.com/beacon/d/ Frame C412 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/f686baaf-c72d-4c4b-b2d0-6c0833ebada4?oo=0&accountId=24022&siteId=410000&zoneId=2299328&sizeId=2&e=6A1E40E384DA563BD3B1A10869B85D099297C87C5A6B0706A696758E818B737EA76C28C7452E669C489939F7A2CE7A5D1E89CEF2B13BC475BC2CC82C3FD635D9F98B2D42F92498ECDC937872C48698376C48C4D2C14B850CCFC6DA0414C230CED0BC1E71FBFA3565331E151A187EB34ED97DB081400D3739B7A16A07767111BF17484A0970FD32C2A95B382E842CCC7FA20396F8A02C2E8DC78B35C14F8519751922A38E55B87D4AE8212045C71A620084255A5453A79AD6
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::47 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3D95 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuseFao0oFgIlsV0Pj5YVWT7DQTl7A1o4NwouDWkGiqoXUsC1XATsTGoGpJb8jIvHB_I9ajaeCLl6Am7gZ-I3TRpZCqvWunjX2RO330V-wuH-CAwsqdgNluH4qCrxrAUiGLtlUFWTEoOXwBxfNGGlp1jleD9j0h-bAjqKBf-DHuyNEfRIG81-bzQqI-1q7EQtmrTbPkomS8CmsINvesyLELrCgB8EDwg-t8FFzPsPSsU6hCaaWeFgdTzByEufuzBNt7haxCAnhbLNExdv0ZcDSkwV5BR_HoUWNr5xr7l9tNfUo1-bR3dV4gitAge3usS3P0qAz-3TGI22FlMtr_Qsau&sai=AMfl-YQ9urKgBcPAknHugCUntwJImSXUgVjF2OzOUspRqyebKnGlaguNNPqQAax-8nulE7rl7HHMHKynOUCZ4yUpkOTDrIcmuXCMseepqjghTlE22Mmwh9i-tt9fa-E6PhM&sig=Cg0ArKJSzKUmpcDI8cBLEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1470 		648 B
253 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYmcSa3gEwAQ&v=APEucNX6---DExYna6CQNiSBbHnP9ka7Yltik-qE8u9_gSIfOTlo-nm9ba2DGcSCOhSCmW3wjwoCSxK8aOaVLjh2P7vZAzcN4qxDXUlI10lGl3JxNn1DKojZaLKT1VP2EBkZCHpiO0lPzSv387m8bzsUbvI7uZTscmKOsnmbTlvpbMR-pgoGs4Q
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1abef527f498afd45a968e9d226413e58b40b21872f23164ff7a203a26f40b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
233
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jul 2023 10:33:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 3D95 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29781
x-xss-protection
0
server
cafe
etag
4315658989838864570
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 27 Jul 2023 10:33:51 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D95 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dqb1Gq1arSzX0_J95uLx-tQ7eDr8TzkeGExhQCW1zVu6icTfIoPr-E4S0VOEr0qiN2_zdYoy0MdptKlxtPJn2ZwL9Gmi7mqReodlCnMSGiCCav5G0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D95 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10649331717136692410&x=8&ct=76
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
331002ae-91af-40c1-aaa4-056799fc8b37
beacon-ams3.rubiconproject.com/beacon/d/ Frame 3D95 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/331002ae-91af-40c1-aaa4-056799fc8b37?oo=0&accountId=24022&siteId=410000&zoneId=2299328&sizeId=2&e=6A1E40E384DA563B030F7B217D6B60E0C17FD8B86B5236B38F55E38ABA3005B458E073AA243BA4A883417ACD17C9304E6EB69AE2A0CA654BC7A1F6B0E9396A01F98B2D42F92498ECDC937872C48698376C48C4D2C14B850CCFC6DA0414C230CE35F7A8C5E9859F5194046393C20F551C252BDED9CD6F16893448BE8B2BF03E7569A8906358651F33FA1FE6B000688B3F4D6853D0F37951CE225B1D4BBFE05B9B9C729413F1741148DB05C1AECFE2D03AD6AD762FD6C6262E
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::47 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:50 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
bl-3675ddb-7624f037.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 5B67 		58 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/bl-3675ddb-7624f037.js
Requested by
Host: 42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
URL: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24bdce08dff3de800df43916bb99c54a752da5ac3c58fd647b872aa895908c4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 17:01:25 GMT
content-encoding
gzip
via
1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
x-amz-version-id
jRUjaHVih9Dgk2E3pF0V9QQpbI3fLYXI
x-amz-cf-pop
FRA60-P4
age
149547
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
24159
x-amz-meta-git_commit
3675ddb
last-modified
Mon, 17 Jul 2023 13:31:18 GMT
server
AmazonS3
etag
"4932969f806ab8ca6923b2f83395df21"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
1G0yxpzywmxfzSUzEa-Xvi64ii70512hChFXZBJVsSKb6kzZmQ1OTw==
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 5B67 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: 42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
URL: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 06:29:32 GMT
content-encoding
gzip
via
1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
FRA60-P4
age
705860
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
ak5LLivTARDVcJ-aFExIp7IEj_JDzpizMgcm5uXO5FoQHU83KLgp9Q==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5B67 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D8xVbZWsw1PQ-aMDnUh2vXMH6YuMrO9OXIjg2sdZr7kY81Aop8ND6bWbKdpQ4rm1eadHTCqqhGw290aTURnH9ASpmcUsHMYXW7aIShansKD-Ao8P4
Requested by
Host: 42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
URL: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5B67 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=16795556846082358594&x=1&ct=76
Requested by
Host: 42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
URL: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 5B67 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
URL: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29781
x-xss-protection
0
server
cafe
etag
4315658989838864570
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 27 Jul 2023 10:33:51 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230725/r20110914/client/ Frame 5B67 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230725/r20110914/client/window_focus_fy2021.js
Requested by
Host: 42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
URL: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:51:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
70922
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Aug 2023 14:51:50 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230725/r20110914/client/ Frame 5B67 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230725/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
URL: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:51:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
70922
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8293
x-xss-protection
0
server
cafe
etag
11502554701003060455
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Aug 2023 14:51:49 GMT
l
www.google.com/ads/measurement/ Frame 5B67 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS3a6Vxes0Mtc13lajBpkex09BtL4XBIa2vZ6_s5ri9kA_su3YpZqzEBhUyIv_QLpvy2Ape
Requested by
Host: 42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
URL: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5B67 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
URL: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f294f48a5bc171da79776780d32c77ae3323a508cb595a56f116ecb7578a8e7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57383
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1690198756579870"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jul 2023 10:33:51 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A551 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307250101&jk=3112218637313204&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers
bl-3675ddb-7624f037.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame E5BC 		58 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/bl-3675ddb-7624f037.js
Requested by
Host: 42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
URL: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24bdce08dff3de800df43916bb99c54a752da5ac3c58fd647b872aa895908c4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 17:01:25 GMT
content-encoding
gzip
via
1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
x-amz-version-id
jRUjaHVih9Dgk2E3pF0V9QQpbI3fLYXI
x-amz-cf-pop
FRA60-P4
age
149547
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
24159
x-amz-meta-git_commit
3675ddb
last-modified
Mon, 17 Jul 2023 13:31:18 GMT
server
AmazonS3
etag
"4932969f806ab8ca6923b2f83395df21"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
xuijpBw-CJOmNskLXCSi_GBSqzPFcDcmAkh8fKiv7hrgyxI-HF-IvQ==
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame E5BC 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: 42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
URL: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 06:29:32 GMT
content-encoding
gzip
via
1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
FRA60-P4
age
705860
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
z38zxFSpO__58wSI4s_3lFb4xoiaO777Rh-rUwU8gk5iepW-4nbo9g==
gen_204
pagead2.googlesyndication.com/pagead/ Frame E5BC 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BdUTDYlFoX7JP3xv34UYybZW3hci7YFkdfAXiRu4XtTupjpSNCEEJvuh97meP5I7lNOhMGtQWhdVPVbOw7OFULkYqXWcQ0wzqKD-aHorJryV_KNK4
Requested by
Host: 42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
URL: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E5BC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7090846055756203468&x=1&ct=76
Requested by
Host: 42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
URL: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame E5BC 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
URL: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0229dbcb78d16f4e98ccb93decb992b6bb488fffdd85675e586ab6546efd3bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30178
x-xss-protection
0
server
cafe
etag
18056378990419963096
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 27 Jul 2023 10:33:51 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230725/r20110914/client/ Frame E5BC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230725/r20110914/client/window_focus_fy2021.js
Requested by
Host: 42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
URL: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:51:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
70922
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Aug 2023 14:51:50 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230725/r20110914/client/ Frame E5BC 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230725/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
URL: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:51:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
70922
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8293
x-xss-protection
0
server
cafe
etag
11502554701003060455
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Aug 2023 14:51:49 GMT
l
www.google.com/ads/measurement/ Frame E5BC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSwdDGih_GWSCOt3vlIZVhuE1vO5iJymFZMI-65wr2vd7izG1WfJ9_ZtGnuGy9lGrZv1r3h
Requested by
Host: 42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
URL: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E5BC 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
URL: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f294f48a5bc171da79776780d32c77ae3323a508cb595a56f116ecb7578a8e7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57383
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1690198756579870"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jul 2023 10:33:51 GMT
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 6F50 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 06:29:32 GMT
content-encoding
gzip
via
1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
FRA60-P4
age
705860
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
N1b5W7UEeGoXlGODo-2xnyL0d6gQlQsKuql2XdZZtIN7_TEmYcZcrQ==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6F50 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f294f48a5bc171da79776780d32c77ae3323a508cb595a56f116ecb7578a8e7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57383
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1690198756579870"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jul 2023 10:33:51 GMT
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame DE8E 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 06:29:32 GMT
content-encoding
gzip
via
1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
FRA60-P4
age
705860
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
HfQyWB--uuHZTqcsjju057ii1936tBT9j3gQozRQ8sF2cbR2S2-jRw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DE8E 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f294f48a5bc171da79776780d32c77ae3323a508cb595a56f116ecb7578a8e7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57383
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1690198756579870"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jul 2023 10:33:51 GMT
container.html
42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4762 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jul 2023 10:33:50 GMT
expires
Fri, 26 Jul 2024 10:33:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tap.php
pixel.rubiconproject.com/ Frame 71B3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_dbm
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDKtqCS6yYkS6Z-LlOuTvlY&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDKtqCS6yYkS6Z-LlOuTvlY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYmcSa3gEwAQ&v=APEucNUTaAPrkfGCS1wgCA6_81CUgFAUPg9zJLIIYkfjNxnmZvzFNfmdlvWXnbvGTPv9opGPGeOvpUo4RdfUB1cbCMRavg2WR7hlCZbj-vE4SPSvyLAJks_2X_tK4IgxBfsuAUsTmTxTMJFNZk0HJxvbKRwyb71isaGtO__QUkcjhwfUOwmSiUQ
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDKtqCS6yYkS6Z-LlOuTvlY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 71B3
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmJmZWMxMThjOThmYzJlNzgyYzY0MGIzZjcyODM3ZjIzNmQ0ZDViNQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmJmZWMxMThjOThmYzJlNzgyYzY0MGIzZjcyODM3ZjIzNmQ0ZDViNQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYmcSa3gEwAQ&v=APEucNUTaAPrkfGCS1wgCA6_81CUgFAUPg9zJLIIYkfjNxnmZvzFNfmdlvWXnbvGTPv9opGPGeOvpUo4RdfUB1cbCMRavg2WR7hlCZbj-vE4SPSvyLAJks_2X_tK4IgxBfsuAUsTmTxTMJFNZk0HJxvbKRwyb71isaGtO__QUkcjhwfUOwmSiUQ
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmJmZWMxMThjOThmYzJlNzgyYzY0MGIzZjcyODM3ZjIzNmQ0ZDViNQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pug
image2.pubmatic.com/AdServer/ Frame 71B3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_dbm
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&piggybackCookie=CAESENR9kwjRm1LURek_5vOdRrs&google_cver=1
42 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&piggybackCookie=CAESENR9kwjRm1LURek_5vOdRrs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYmcSa3gEwAQ&v=APEucNUTaAPrkfGCS1wgCA6_81CUgFAUPg9zJLIIYkfjNxnmZvzFNfmdlvWXnbvGTPv9opGPGeOvpUo4RdfUB1cbCMRavg2WR7hlCZbj-vE4SPSvyLAJks_2X_tK4IgxBfsuAUsTmTxTMJFNZk0HJxvbKRwyb71isaGtO__QUkcjhwfUOwmSiUQ
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 27 Jul 2023 10:33:50 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&piggybackCookie=CAESENR9kwjRm1LURek_5vOdRrs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
350
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 71B3 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&p=360&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpubmatic%26google_hm%3D%23%23B64_PM_UID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYmcSa3gEwAQ&v=APEucNUTaAPrkfGCS1wgCA6_81CUgFAUPg9zJLIIYkfjNxnmZvzFNfmdlvWXnbvGTPv9opGPGeOvpUo4RdfUB1cbCMRavg2WR7hlCZbj-vE4SPSvyLAJks_2X_tK4IgxBfsuAUsTmTxTMJFNZk0HJxvbKRwyb71isaGtO__QUkcjhwfUOwmSiUQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 27 Jul 2023 10:33:51 GMT
content-length
0
content-type
text/html; charset=UTF-8
activeview
pagead2.googlesyndication.com/pcs/ Frame 1F02 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssjVD9QgxZktxB5eG83oqoA08ps2slnF_PY4_AybHB3Jdp9TYSXx6peYD-ziXi6EEwu85Y3EdrsSvJCxw5r5VIjzCLFS-mNKP5wOVR4rFX5HTvh9EAW3frZOmOdjBYjLRjStlctg1RLTAPd&sai=AMfl-YT4nwcSL12xmxov_DIBXZ-yE1DW-Ggb3Eerct_LvLXm8gPrU-AdNlky2YfcQCCU4tH2gyZ9NW8SYFwyJodnWuF2yeRywfOECKrYkBXI9kLMmeI09fIkQ3Y8N2o&sig=Cg0ArKJSzDbKuBJt8HTlEAE&cid=CAQSOwBpAlJWPr8oU-QVQWgYWY74gVIIGZrjbFI-xIuOkFwXbtdx6fHHKpb1E18Wx9mRKv7V1KP7K95BsFd4GAE&id=lidar2&mcvt=1352&p=1110,805,1204,1533&mtos=0,1352,1352,1352,1352&tos=0,1352,0,0,0&v=20230724&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=995907353&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690454028957&rpt=1188&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1F02 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4622544921320&version=m202306200101&ct=77&x=1&cor=13651656272493320000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame DBE5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEPmSH0looOVBx7lehfjbUIk&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEPmSH0looOVBx7lehfjbUIk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYmcSa3gEwAQ&v=APEucNWEVMXZEKHFtM_Bw3lSPrIenL475uXqhIDz95UP-oHGpwRcNwtffx5siqulsDWqQPuiT3TZv082BqbbkqWr3mlQ_Hl5hDfO-AWXzquKgWhMjGYNo2wPhduoih0D1f1o6UI8sZ9kr7h3vDwIrlz9q2GFt2Hg8l388h_6S670S2gMkXMLHxs
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

expires
Thu, 27 Jul 2023 10:33:51 GMT
pragma
no-cache
date
Thu, 27 Jul 2023 10:33:51 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEPmSH0looOVBx7lehfjbUIk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame DBE5 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYmcSa3gEwAQ&v=APEucNWEVMXZEKHFtM_Bw3lSPrIenL475uXqhIDz95UP-oHGpwRcNwtffx5siqulsDWqQPuiT3TZv082BqbbkqWr3mlQ_Hl5hDfO-AWXzquKgWhMjGYNo2wPhduoih0D1f1o6UI8sZ9kr7h3vDwIrlz9q2GFt2Hg8l388h_6S670S2gMkXMLHxs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

expires
Thu, 27 Jul 2023 10:33:51 GMT
pragma
no-cache
date
Thu, 27 Jul 2023 10:33:51 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
partner
sync.search.spotxchange.com/ Frame DBE5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEPqlq0TTlxv2IIovOfIqMA&google_cver=1
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEPqlq0TTlxv2IIovOfIqMA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYmcSa3gEwAQ&v=APEucNWEVMXZEKHFtM_Bw3lSPrIenL475uXqhIDz95UP-oHGpwRcNwtffx5siqulsDWqQPuiT3TZv082BqbbkqWr3mlQ_Hl5hDfO-AWXzquKgWhMjGYNo2wPhduoih0D1f1o6UI8sZ9kr7h3vDwIrlz9q2GFt2Hg8l388h_6S670S2gMkXMLHxs
Protocol
HTTP/1.1
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Thu, 27 Jul 2023 10:33:52 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
137
Connection
keep-alive
Content-Length
43

Redirect headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEPqlq0TTlxv2IIovOfIqMA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DBE5
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MTQ0MmNhMWYtMmM2OS0xMWVlLWJkOWMtMWE3Y2I5ZTMwMjA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MTQ0MmNhMWYtMmM2OS0xMWVlLWJkOWMtMWE3Y2I5ZTMwMjA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYmcSa3gEwAQ&v=APEucNWEVMXZEKHFtM_Bw3lSPrIenL475uXqhIDz95UP-oHGpwRcNwtffx5siqulsDWqQPuiT3TZv082BqbbkqWr3mlQ_Hl5hDfO-AWXzquKgWhMjGYNo2wPhduoih0D1f1o6UI8sZ9kr7h3vDwIrlz9q2GFt2Hg8l388h_6S670S2gMkXMLHxs
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 27 Jul 2023 10:33:52 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MTQ0MmNhMWYtMmM2OS0xMWVlLWJkOWMtMWE3Y2I5ZTMwMjA2
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
93
Connection
keep-alive
Content-Length
0
um
sync.teads.tv/ Frame 1470
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEPmSH0looOVBx7lehfjbUIk&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEPmSH0looOVBx7lehfjbUIk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYmcSa3gEwAQ&v=APEucNX6---DExYna6CQNiSBbHnP9ka7Yltik-qE8u9_gSIfOTlo-nm9ba2DGcSCOhSCmW3wjwoCSxK8aOaVLjh2P7vZAzcN4qxDXUlI10lGl3JxNn1DKojZaLKT1VP2EBkZCHpiO0lPzSv387m8bzsUbvI7uZTscmKOsnmbTlvpbMR-pgoGs4Q
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

expires
Thu, 27 Jul 2023 10:33:51 GMT
pragma
no-cache
date
Thu, 27 Jul 2023 10:33:51 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEPmSH0looOVBx7lehfjbUIk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 1470 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYmcSa3gEwAQ&v=APEucNX6---DExYna6CQNiSBbHnP9ka7Yltik-qE8u9_gSIfOTlo-nm9ba2DGcSCOhSCmW3wjwoCSxK8aOaVLjh2P7vZAzcN4qxDXUlI10lGl3JxNn1DKojZaLKT1VP2EBkZCHpiO0lPzSv387m8bzsUbvI7uZTscmKOsnmbTlvpbMR-pgoGs4Q
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

expires
Thu, 27 Jul 2023 10:33:51 GMT
pragma
no-cache
date
Thu, 27 Jul 2023 10:33:51 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
partner
sync.search.spotxchange.com/ Frame 1470
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEPqlq0TTlxv2IIovOfIqMA&google_cver=1
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEPqlq0TTlxv2IIovOfIqMA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYmcSa3gEwAQ&v=APEucNX6---DExYna6CQNiSBbHnP9ka7Yltik-qE8u9_gSIfOTlo-nm9ba2DGcSCOhSCmW3wjwoCSxK8aOaVLjh2P7vZAzcN4qxDXUlI10lGl3JxNn1DKojZaLKT1VP2EBkZCHpiO0lPzSv387m8bzsUbvI7uZTscmKOsnmbTlvpbMR-pgoGs4Q
Protocol
HTTP/1.1
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Thu, 27 Jul 2023 10:33:52 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
139
Connection
keep-alive
Content-Length
43

Redirect headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEPqlq0TTlxv2IIovOfIqMA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1470
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MTQ0MmNhMWYtMmM2OS0xMWVlLWJkOWMtMWE3Y2I5ZTMwMjA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MTQ0MmNhMWYtMmM2OS0xMWVlLWJkOWMtMWE3Y2I5ZTMwMjA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYmcSa3gEwAQ&v=APEucNX6---DExYna6CQNiSBbHnP9ka7Yltik-qE8u9_gSIfOTlo-nm9ba2DGcSCOhSCmW3wjwoCSxK8aOaVLjh2P7vZAzcN4qxDXUlI10lGl3JxNn1DKojZaLKT1VP2EBkZCHpiO0lPzSv387m8bzsUbvI7uZTscmKOsnmbTlvpbMR-pgoGs4Q
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 27 Jul 2023 10:33:52 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MTQ0MmNhMWYtMmM2OS0xMWVlLWJkOWMtMWE3Y2I5ZTMwMjA2
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
58
Connection
keep-alive
Content-Length
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 88DC 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Origin
https://www.idrlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:37:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71787
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 14:37:24 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/elements/html/ Frame 88DC 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 18:26:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
58042
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
16731591232229431525
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Aug 2023 18:26:29 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/ Frame 88DC 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b2c524428c1a3604e3d1cdc61c2ae371a8f2fc767f801180fcf892db9e07c3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 00:25:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
36483
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11572
x-xss-protection
0
server
cafe
etag
5014499061205845695
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Aug 2023 00:25:48 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 88DC 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 21:41:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
46347
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jul 2024 21:41:24 GMT
usync.html
eus.rubiconproject.com/ Frame 3671 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 27 Jul 2023 10:33:51 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame 88DC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvIW_xBPCF8vuHFZfpCjufHHsQ56_64k0ViPjMNsZUFxY9rQMn1kFqzA1m5f4egcO6hmkiYEuFp6EXdxBglMNsETAG8CpzxJ_iLOyv1vDJe3kWzrAtSpfMUPm_mt38BFNtXdgvSJ44EQUXXte8x1Q7raTeGU54Ot70P8c1fR-JqeTna7Y3CgwvVJ2jELyIz_Y3rdOIokzQqlUo-gt5n2HdMhtR3djRy8F9Jq7x-h3_qMUUjIIsaoXBvZ6ZGQPJD6TzmD8vJtVzTuE-j1JrLRwN_-BKSE9pqPR9B3P_rIxSIt363h6gsU7ordLU91ctw3WNgUBjXya9e6hZyioBmG1Sg-Q&sai=AMfl-YRXELJqA1jS6gaqmA4T7YuYQoBw2pqxj4QBMRx6yMSBSTq6uM0IdmrdjWZ5eBlTv35S3Q_NCrkRXi9fXENfkM8tw6Hy-jiiwmCzx46Ua-NzrN6eFfAkaj-pAhqS7AA&sig=Cg0ArKJSzDZx_pflmP8zEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 27 Jul 2023 10:33:51 GMT
truncated
/ Frame 88DC 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac4525a0d48b44e176fedb3bd552499d626a9fcc5cb3ce6b48f8e544b7a1ba5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame F4A0 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9502403333971&version=m202306200101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F4A0 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9502403333971&version=m202306200101&ct=76&x=8&cor=7986871034341223000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame F4A0 		99 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CAAPrbvHnKBg8gJUaWzZajJfsmOkG2SqmKt-jQvTiH0vkxH_N--ZA5tG3AU-E8EoQ50kDcYGkfxkNkF-SXrYzHfnNecdsYpFVoana51FcNBAJfsN4jdEawzFj6tFlARBc4PP5mmxJunOyXgbXBLWt6Af--awNA0DWjb7n7jaS4QtrTLbM&dbm_d=AKAmf-Bi3ovPk6MDcUBN6udYHGT2WLlaC1-7Ec_OOVJPLqLxPjwIz-jTU0cypL5YP9dBwKbPWrl2UAY2dL9f0cX93jsouk_uo-v5aY4H_3BnjUkYPTl-ImoJV5J7wyWyAceKtLRUPo5gEDcj3CDh4Ao4fXJPzk-biRIQnuXsd7POYRSPKqZEAU0XzpPUY2fWPQmFu5HV_87JFmyw_ZPpPeuS3z22cTs99Fj6Wh9lleCFRNp0quqU9Hm21X9IA_Q5TZ6ie_xwZyAlrDVaaE8558PvW3e2R2WxNKHWg0c_rf7TLuvXwPw-ZcP42Pcprh-tIopy4NmXr7Yy3wUPiF1OU6aKF6MJYazMEptgV_wjMzFxHtGZE7_KCxVx1ZHV2ymr8AsqwTZDQlNa7Rh53_HhZIrzQMYRb9RJTr167LKndg_pFYdzb0fl9kwmvrRf_hlU3pzckG95CJsbcNvekFFutti72zozccEcs7Qiz3gkZ4VlYXv5aUSYjw918BaDZ0Z9lZPUODfTfqXg6jceyoueaWCM02EWEPz-ikyfK7g1FtkkO3kUxD1fbALy4WsN-QOYG5u3CGy780r_2kWJdcCfdENX0p-kEAZ-Nppx5AA-vewUYzPlwWyxY-HhPH1uMfFvsW417gku9alK5KBHsVpT-zIdb73lYcfdmv4MaF6ETffJutvq80sP-znIDfymdD-z4qdz220pK9dRXndJnpaZYd6kDB4eGzhW2LT7zjmTv3kTaUCFH8s1asSF0_SiYKQNv6SHDIFcdUD3uSPAn6w1vFyMk8IZYclSd7UFddaNosQ1oeqZikpuLE2RPXfQ7U88_H5EzyUMPgSiU62-tcl3v4-O-e2lNPmG3GIc7oBt1wnyOXv7aRiqs7yKomcSs4Hd-bE2U4mT59BQ9ye8pM99DaYcsxRrSeLsvanITMFyZRlh3i5J2nGqG6sQQaKFfV6tDQKZtUbK4a36xiYMCeXrwEmb3uxy3LZXgGZmlZjBtTIzLiTIj531KDp3nuIwYXpiKKD8Zn5x6KY8SVJfEf0gsUyenS7I9K705vfbWhaNlVzgkN0JF1p5mLOQuHI3sHpzW_iRI1RR40bFNobTxqcA5YaPRyyHiKOS0dmuSUYGQVOSt45wV2nKPSbeO8zHxK55mCg27_o-TNgJKO5HUfTn0fn6KJI6mSsNOTJzb48vH1Pg6Rl6kvFBMOdL9Dsi7WmomTRUcXMCxfPEWbnaON_7BgpSXFW5QphlRcoPtwGRS8A0Kem6tRda9lNDNaykDIfcpVYo8BeglhYsgv2Ilve36VbAZXXDuR1b0Ua8RUFbkfnX4JUv3C0OhC9I55d48BVlzwYheUj_m1rzadLj5mDj2bi0eeLuGBK4txhWqXBfbVgnIMSupGJShQdbalMTO3OA9LgXtkL6a1fuYg7_INnq8pP0lojHa0h0OEPjnmlrv58XF-binRPlBeYtmyiZjkNafeh1Wo8RSjintS2eEDUaVMCi3nfZpOUvdm3Sjm_Pj_3VKQaKOp9VS0D5KBRrfk0AOyoz5Jg-WIc1QrO4oqNnHeGEvLwGrwIUMYGPKvCpz7hEJUU1e9Xb_HlvdebRyajC6bbn8ae2meHiLQGta7sQxM4X4SPSC5ovYgn6r_tFwjQL5iL6aIswXXPTMvYQLTe7UvIt5SEAucXrFTE_4pIGh1Od-F9kkHtVjV8oxdhsF5lZVs1tS0ntUmx1ePMmyWKlT88JKagiTZwGQTbcY0fyVKCZ_nBP-he5wh3HM9pEf0X1Ke7_SEuJxzLVEqxJT5LoXj6he7T5iHmjImGwVV_MsLvU0vojFQJwLkI5nyRKrp6jR2qMl6G7gIQjA7d_UjryNZm-eOdZCKGhbEp5O3LLM8caVlwQ4PVOUduHsY-kmWP7LDC7BMxcwcSPV2k5JIYIcdBtb9XWzD1YDtCCYdThPfqTKzgaz4Q5qpAC4CBGrt5orUThRkCCnbOkt2zPztSAB11s0-HfmlQ08dkHPhpCHVvxHiZEWlUi6JBVJ_EW3FSXcbbzjmeaTf2dnAr8gUlmh2Wiw7Z5Jooa_5Vb1FoTURzjhoanXJTf99qL_61_agIt1K7SHqQcZxDtMMY7_7ewkBg9yCazkiCQok9B-njFDg8GPeCa0ZPktKnaQ155G90MkagOC23UiaFDNVoY_sHef45mP5FCGgBocBJafe7HcrzEeX29fsOn2tA-CRWHRZGBVfz3OwkszIS3dpXjRZ0nhjjiH8BqJInvdvmS02V-UhYeF8OmLpG-d2E_HNsZT5DoUyu5oHe0FRqkgmmwYdCU1VRUmPRzC8T7ybgVKBq-6FdqdYHfh7ooWA5J8ziXEpunRpfmeebZ5uV5GF992yPj02V8QAuXrZKPoYGtXIhp_YoGljcUvIC-QUpXedEbDdagx6Yp2aRXAP_yYvRv-hlS09gGw3ZSP7lEO6tKX4vHPgSZRlB2sgDF3kN5eBFnwwkw2fUoe30_XOQTEhP6UnESQaaINc1uPqgNtpfgsrNd9jjnYGTPNXlw6uZ5caWNO3Nt0lUhJkNJj3F7lxo2IT7CJw9qJcNGGd3sGbNGgKJED-a69L7MAENvAHt5d-gYjH7Umw0GOS9l26T2rW6cqVhbkOC_YusnGHDc_5Kt7UXPd5h70y0pcfhzuvkbDoMqqdMl8bm5f_00-q799FtsoWVzQBiXAHSWM4wP0_mseYK043QHbC2R_QWMC4E5owUd-HU23TiyZIjl8e6wkpPDJbdfVGNn7Yp6D_MctmiIcAkVRbEuFwEwx7preu7j2hRdaKaZ_Dh_bTVXjl2RgfhmO2TuJj4b6dLYuBMhq_C5gK-IsQmQ97sb3-Up9BwMPxB4NTbmQ4YoIzRdwbLLLETxZC_xLFObx97lrkJXv6V3G601uAKpMtDvJWM3obqeJggYnD238GfCFR4lHh3OgLE1wkYg1IqXVvKskGaBxAi4fDScY8pcedHlhRWL7R7TEHzbaKyp7nP5II7-I_74bX0zk1YpksHViOnkVdCVhR7JTR6KKczF3Uk-VY1-GIGbxDWTXqzaiXKwyTRIFHWs-Glxc9mjRSv8_7K8KTtzHCJRKm1L7ShmayFHOx5qHXjaAbPWY36W7TSkeTjwbs1zgxjOu_xZiW5uGoKvFRabedatSbqWpe03G-4s6Zsd3mCrPrOJ30X6lOTrucFaxy50inMs7ASrN_oxPjrv38-Nst_DuASlr7aWLgk-WZ9Mol-Xd0zbqEeoZlU4oBrrsleGT7CT8UKL87AO2waku8feux5jX8d1VQt_bCFDgt8kzfMK3Ncd_jW_jfSo5cWFiEO8zXvuJuHApe_ZjSZhEWI0JLES5sgCW9NZ_hnqYpenVZNfMNlRgqEhIwDf1r-0ayO6BhiHiEIdGyPnnMFJG2SkTW8O9rGGlm7h7_3E_odRxxeNr-tU7FIuBAdsk91_dlXRoN0l1nwC4Xcxb3HOQCdUeHV-DTepb2376axzsMUfnKXmbWDKFYf6NUkaHTzyAF8ipTMblsW12_mBoiWtxBAYVrppFZ2O2g3PomdvjarhxpNAyMCOa2YgAk9PNFkssM5scIZBGCL_lGoKzgvxzmpt&pr=8%3AE82BC2E6C1234C66&cid=CAQSMgBpAlJWoL3BaTdS5ZXKTY7HoB-pvzd8w711cCgfSKyX2BBuAmf0CbOLHkY0lldxTzxqGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dc_eid=31076402&dv3_ver=m202306200101&rfl=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&ds=l&xdt=0&iif=1&cor=7986871034341223000&adk=3557561371&idt=100&cac=0&dtd=10
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86ef35dbbd768a4cbed3505864f88158208d36356d3cbea1111ac0a75cad67cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39508
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C412 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1745217455936&version=m202306200101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C412 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1745217455936&version=m202306200101&ct=76&x=8&cor=18187431523072620000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame C412 		99 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DPWIqhrQ64J2DEiVatSNwS6zbjFiHNjO4erJmGVL_1097TcYzwmwlBj09k7z9-FHW3C1MGILOrW6jMcnO5Lj87sWd_Qvbcq5w9ZTDULJnMFMdm6Y3pEInSU1FAPeRuHVnWaPUTyGdWM5A0-hbo881q_WRWDmBWphDwXDnQu_U_ZV0SKIE&dbm_d=AKAmf-BYIG98z91l0-SF8-QUb0d8HW9iKalf04GEGZ3EOnoPrCSxpZ2MSOLnTckrbDfbF0Q4KN_c8xsM2jxAeUraK5PQSy7T5iITJEAX_sJsPNEs86eB-_K-XcNvQZi8OM-fPpe85Vbe3gg1cfwzg8mEppZN9d9zu5Xcstv6Wteg4ml5F0GMmNhUSNgQfD9JkYgbhHD2kmInLli8qlKUwrAP5_lEQdWKUhyy_AgamCV_HTbg9qpt56GcltRDre9Lc-VMXhl2w8xJoNBzcdFmLzWveRa_84E-flTWKAMG9nLXKGj6-SoFwuZsxc1AEJMlAGatnuraSBRqb-XZr31PnmLmMLOOhjA0xlNYhl6WGlIZbmHgUS9zzgkun-oVj2Z_-Jg12Xznc_fIX5cgfkaebWxAT1TwAQYHptAf3ln-_ilkEHxWbo-SpiSXfU4I_L1MS-s2_Yq0fSx65gbuTS3P3cJq1I370uZdFYYReDQ0SKQFqmRSm4D0iyjpXeWx0LKNWTh97PIlIBvFkIPzv95So8ZZsLSCHpTVBp8mE53uwkffc8ptFC8wFX0hrscEICk8dFsJU1aourR2yCVkLR2kvGWOfLl67PN2cJoEMFEC7axay-Nx6xmGg9X1F-h0wYjcj0Q5FmIsY-G6qYrSJcqyWv0bwuimmnm0jvur9rJUIfJniS5tQrHmNO8RG-mVCelyzDxIXQZySMPDR4eHsAc1H7HRBe1GBLlRAMAxKi-11hrGvMUj-WPz3j3tFeHohUAWP5v84ehEmFrqC-iUh0Kk0pKbjkhVwmSxVgS5Jz75UwLeDwKNzdTkFlTdBRlBPlufP0PQDsCgnCrF6YDOC4flsWGxH8g3TQVGQ0IPU0CKRLHPTe2dQgW8STW61Ij6Y93VoQCQ7XUrX_6x-uJMzMviem_0d2WBaUdtUO7P7be9ttQiBhYSTyNt1lG2WHncjgOdOPPwl9Hgp0pdDvYePA46oKfmwRNsuXcj6v3SSh7brNVoVtxHSCEKRt-sE6l_xpg2lvF1BhYB1R7dTyhBan2124m435JS7_2-D5I9G9NBpsvi4gAXR4BgqblrgIf95jck8M3xzVBMQNaZ7SDfwKa8E193-vj1Dn4-PKJ_gsI6noXxSWNsjK1L2QutjzpFWCUDtq5sxG4iux1z8ZsoaymMPtE0RF9tOZq1bhzvp22vUXlWMZVVTrpSpD-mj4MOU3CpMRxEUDnbG4zITzlClHZzkW-THg7j1ns74Dij79JfDwQYU5cOyf27jA__FUcJnN0ShYrEJmrRB7a0nSC1u_pVoeq7Mvih_NEYtva6omxjp9PRgSsrh-gagH0RpslFOsXdoI26pCJeV0go5Dmedp9t0dk1L0qdvUZS9jAPNuXGN_GaEVX_gkU2uKdaYpQGnlyHY0NM-ZYMS8TR9fjgyKK-2ZWWXRC00FJKWSEjtAZWq6hvJny8Retsi16WcCJ_kDvd9sU9NLi-o8wOnC8am1FvQazac7kA41qTJEM01X4Kq8vNekIxBRsKf31MuZQm4b0l9Fh_EPJop_LQhJw-KX8imY_o6f6OS48ShUegGSZu3k-gByevPKqazE1WcEzsu_T4k7Iu7b8sHg-1bUcZAoLF_ZKUpYAzrxbockIhPovWyYCmiwTsA3dskm1YUauQ0PYV3mH7LjokLprbCdLjcXbnHp0-mZcDxAljyiviOaxRYxH0_80eLilUvBKakz54xFjCTCiupNPCXfceax9mDyH9DoXVqgHG3Cw0zCCZ1G0rHrvMh7kD5aNcZSHJowPvtH2T1TBvC3aDg79niV34y2_z7TTFhFcC04yQjaYtGoQgVYXX7-75GqN9NbJMJ5vKglod4ZVflzV3Ychnxto-a9yRO9naOv3zFHFAB0-4dH9IcMH-tXg8NLCAGBU0CPzN8N78akiw7os-kBGAUWM-LiH5Vdmtvp5UZP_7Y6gmsc2hxU_PqTXia2m0H0BIXrI1gEWcdrgU7r__ip7Q8dC21dFRljvO65iw_SMCeMy5ZafL-1CklXbgQ1-I2Tjcac4y2EzyVXZtltm-3nFX37gi1pEW4U-XbS8_k2XwTEfGBKC2_EUw3QBxRp43qDB-RngQS2FXsgJsIoOxKyhQOFSsQD5YHtsc493Th3zf5UP6uaYZg_e1G_hyqeCuOj3fc2S5TYbVuT7tctL0F5KdKnrlppgZ3YvJpiwiWnUjdgdb1zgymwzWKlTsm5I7AdNb3Xc2eS3Iws8fSONOM9ViLVKPFbMwQeJpdXZOd-TzML_iaRFcanLptW7_bf3-AH72TXc4AcUDqGitahqFbWuZ4TksKFwpDKhiXmT9O46G1ThGrHSIHSebbAYYy1llsEP8UWk6R63KmDVi5jZJxh_vIgTRG_3XvhVesN8_1NYdI0aZTSQLuTyZld1KwijowmlEBveD0zxcVzrWF4ajQ3-6ErQMVbXrlJ8we76ALnFOQeGJZhDO0UpxefccvxB0FGrUpWmubmuW8_NNqSctnFZCqZ_l63z4pgiOZQ7fq_KYOS4oGdQ8DIn40sUKSafhJtLjjLbvYJMqe3iktEjwM5psZFlbTsmX1q1HZi6M9zC-dr7lftVgnPmnn5JZwcadVd_ysmq-FbZ-E2i2XrztcnELS8HjhmPGTUSybaW3vkRSK7qZsK3LjJa5UkdhkUEd_yU1A-0B0cGYw6d52czTHoFb-LWzbhG9nBzdur_Ah04NZQK24pWJZ528HX2Vn_14e3Yulzqh9qe4UKQi6VNu2suy2oIx1ORP2woe5TGpWTjRxcKi7BWq_3uGKypTpTUhexRYneIezv4KS2gt7o76gg5OSQfaBKtmm9GlG-xx0ebg0xj0nuZWRTU32XERWFSF7OxlTv6P61K1j3M_btv9rFed1a_4V5w8FoVkgDrqrGuAoFPJYzR396DXHDjWRzKuI6_8GencPA0Eo_ySytO7X5hE8Q0C8SaY-NEJnbvSp0SMCtJ_j3VtJ9PA4xQmGvSDzMRSzk5HFzTeHvUkbDC_NELN3QnLAFWiniO0cxEs7hh35kJ2eCWN2MvQ3QDkQnrZel6ASe8seTODFCNmnoJIrvicTVquerZz2Bn-O0l9UN4_5bZGjy7aozTP0d-fxOlFr8jWmrS1UXmH4AEOVAnwQhef1mcUPI9hCVzQBdWihO-25I3KOX-v1B9N_-uYViJ_tJVXAKF9pxp465qzOqGx5NhzdjN2UBjGUBzoh3HUq6FapXgDecs91kbnfr-P6sO7vtCqpRmAGS_RtW2Y1A343R8ToykkVpsYpZuH6mC4n_C9Dr9zEORBuKtyjoUhcuIfldyhailT5D5p_O2qyDk43lpZ1EFIU_ULy7FrCnmCQ_C8GSKH93oFUucqndacmTrKpU7b05ue1ynqe7wZ_SrBhqOP3xSqfw3CSQeWnPLq2w5Xq0_x9aom5TU7Lo_Www0Ayhksojw_JRztXTwBUiqJ94oqj82pZjmVXk2_GIV-o9TITTvEJ2HjiMLeagc7MR55JwOXmcaer1C3VB-dQA8G6BwRcWE_kflwRKmI8SdxctU-5c_MWYwsp6gDrLkmAQN7eexh7wbna2BpyYGkLOFYQa0t&pr=8%3AE82BC2E6C1234C66&cid=CAQSMgBpAlJWO9DgTAMKIuCHA1qPxGGdtNfwlYijq0UgGHi394Hn9sUMBBziprNP445PadE_GAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dc_eid=31076402&dv3_ver=m202306200101&rfl=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&ds=l&xdt=0&iif=1&cor=18187431523072620000&adk=2208096648&idt=103&cac=0&dtd=2
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7dc1717b59936405876bc8bacfb1e7a8d5b55fe96e197bf92736f96eea44503e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39472
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
pagead2.googlesyndication.com/bg/ Frame 12D3 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:18:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
72943
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14704
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Jul 2024 14:18:08 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6F50 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssLRKM58NDH9rqy8g8-4HlA8Ub_NKcZ93f-gweCENWjMRAcppw0v1kY5YG4pboLpZCeCG8XBohrz8c7AnlJVLq2slamZwmDl5OsFOA3Z64mVq_vbvYCnk293JToe0fdst3PyILclN2CPn235ufU1myvI23YDiFbD-nW3UIaeP6WkzvaEA5Ka5_kgw_OVEXoqtxIzE79OBgKvUDHtXGM6FMmPH23757GDD9r0HlikMRxBv1XXOQ-cnx26HIw46KSVo46JRLbspmJQ8XsG-ODMIf3Sp1qqnK4yXu_4bPY7G9B4Y3TSwcRBM2D1cO1fOuDllLoSqoFOVKBiQdmB_tANa6B&sai=AMfl-YRntUuynHw11PydS5JKVjbQrEhXlIaiVjX4D32UBPR7DKSedqhqTbt34XdOj9ql0UUWIKEaCgpJ6MzL5pYo4dFWyvYFtFnBs55GkOXEf-Hm0t957YezAHMyplX8Dac&sig=Cg0ArKJSzBWmvs2jM_9CEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 076B 		648 B
253 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARi7977cATAB&v=APEucNWU-P2O9ApK5UZUQIQhihROxeHJY-znuLaB59GBNWkXTYs9JDWDS_sZOeexhrMFJWbGwYl-HHG1bQDzukEX8podr0T-wsE2ZzCTiANGM9gho3ryeJGZ99FQufae1TsyiiGbyx9KwFff0Yz0xPOf6SeCQSjgx_ZjY14qMQIFxlQnjtpA5cc
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1abef527f498afd45a968e9d226413e58b40b21872f23164ff7a203a26f40b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
233
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jul 2023 10:33:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 6F50 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29781
x-xss-protection
0
server
cafe
etag
4315658989838864570
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 27 Jul 2023 10:33:51 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6F50 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DMzprH4Nsxy-LctWdh1b8YJehgRIGmyNcl_GFH3gwacvwaUKOdCKQOSN3stE03B6PySyR4yeZiiDbwmKVfEhbTZYltZGvHO9-LGiNNiOzaCF1TkMU
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6F50 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3646188446745544219&x=8&ct=76
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
85798d6e-cde4-442e-abe5-9fcc0771ade8
beacon-ams3.rubiconproject.com/beacon/d/ Frame 6F50 		43 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/85798d6e-cde4-442e-abe5-9fcc0771ade8?oo=0&accountId=24022&siteId=410000&zoneId=2299328&sizeId=2&e=6A1E40E384DA563BE3EFE9736E49C6D5C20F45276ACAD1304611507ACE18E5964E31A1F6952D3B373C42DE6DD6E2A8EFFE5D718BBE08EF1C9BA8FF9E06EAD2A2BEE5C250112BB618AF386182E885AEF7EB44574B24B9B2B7990D7B5584E7400551E0A5B3612EA740225E1D587660F7A0C67EDCCAAD5EA1E8D790B53F704D0E9A2605645952F6017831AA91020CD8673986F5144BA9FB897904C18C97BBD600ACA31408EE6DD332CDA6ADB0F0C301E2BB560467A91EB34A69E82A954C1004678A
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::47 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:51 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DE8E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssCOM0XEJTFM1XhVkkkhGon9NeARNWKuAep1uT7lhCqIPGutBrpUrhvcxdcXQaCTELxSbBidDTn25iqiHkPhgaAjC4-3LtQeQBbtcDnWWIpnINZInYWx5wJq4gdnpuucIWJVN7iUBvzwbBLyL-FB80fEu9p3HygR_PA_3UPXLgm8GzZ5fH7pJ-ellaaCuunNbf62UANDBkopJpdOs4BM3KzSvQ_tYh46WBa04xWpfWrXfrymPa01UCMpAFPKRtozOT9BBjfcrbiSrStAgEvErrd8J_xaUjaYAA89AfLGeUcrOaLJfjK0Mj4EkZ6cor4ya2FRG2cW3QpT0f373lKsqjp&sai=AMfl-YRZJDZrArZ2g1i_jiiER2R8sCk-3sq9JVFkp3vlxUAVvQ7VVl-uaW-4gz62_aBEnAwTJAyswYpSXKCz1WeW3a60zoLolXBgebm9jV3vFpSwt9sGUxQwM-MPd-G3z6o&sig=Cg0ArKJSzOOate_8mchfEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5259 		648 B
253 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYmcSa3gEwAQ&v=APEucNXNKrXCvWpwh24gJJwyk6gJeSc2wk2FSEIsOw5NDqiSe1baPrJSniGSNNSw8soWdCxQiNjsEH47jcQQcDpWJ67FbafkFZZaDKCaeF0JWlAH6hRiNIcEnSfyPumznkUqzLR200eshpwOfdoPVyFj7NZh33NEU3jIh1huj77zdN-kzWZHBZ8
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1abef527f498afd45a968e9d226413e58b40b21872f23164ff7a203a26f40b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
233
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jul 2023 10:33:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame DE8E 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29781
x-xss-protection
0
server
cafe
etag
4315658989838864570
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 27 Jul 2023 10:33:52 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DE8E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DTQjFmvwCem0RYVWXXdReJyo-i6HYZ_fFLxqT_W3rgzrM33pUOxftM85LgZYNRODum5mdfDFnYgi5gS6pb3wmO7id6R-4VXzBOrz-hZ-HpKaWRzuk
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DE8E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2135363407950230394&x=8&ct=76
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
38a9be8f-e460-48d3-949b-39ef5aaf9f13
beacon-ams3.rubiconproject.com/beacon/d/ Frame DE8E 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/38a9be8f-e460-48d3-949b-39ef5aaf9f13?oo=0&accountId=24022&siteId=410000&zoneId=2299328&sizeId=2&e=6A1E40E384DA563BD7EB4A0DCDDE74D7BA469E4CE617E95A97A8136A38486F6128A8C86CB304A8F49EA42B936127EF3EC1EBE65E7377AC8D85510E6247B51DE1BEE5C250112BB618AF386182E885AEF78C6A390E176557DF1375945394405375DED1B7B63B07854691C342A33303F25BC67EDCCAAD5EA1E8D790B53F704D0E9A2605645952F60178C2C4D05E32F226266B3F42DDAC5D20F8A9747EB04B9DC850489F8FB121AE9A7D8B1853CDDAF259903EC8311DCDB4037BE82A954C1004678A
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::47 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:51 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D95 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1815985291351&version=m202306200101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D95 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1815985291351&version=m202306200101&ct=76&x=8&cor=10649331717136693000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 3D95 		99 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BevAZFmO6JT7u10fsWNz2hX3HfgqxYqSha362RTT6qRV6ji6SvMv6RXkoydLgKUjywGp5yBOoGCSun5SX1JoJeMbkxC4vfpACgf_QqY0sSZpksm0HY31lT2uQBoqFxYETvWbD6QV_W-sJA4nbt2YeaIvnvWJOBmrfWmylnzxFxtquwlNU&dbm_d=AKAmf-BItFxR437OZVmow9nfh-ykOBPs71Ywl1PjPRzGZ29epj5sYX_bjv3GoR13efB4gqFzsjWnqXSoVdoyWvCUXeYweW_2VcST2LkQqjGXFyfPThO8LRpvBPrxkfBmLRtg41nv-YBfqF6d1EA1X8jpSphAGaWiWlDT-O3X6nmNBs3zJJykiOXDWlJELgSmCehxNzQDodLadGrvbFg80wqQu7PFIIYvM7dPAvKPnBopHA8877O2gh7EsBM5DHYp9KaCVGZIfcP7Gf-Fn7yqvXFsyfbq34xISv-Vm7Ze8bNJg3fo167_xb0niI1mrbYzYGJtpS2BFaOXB1UpMQjVlhQuOyXByHoqnsxbgZ_AGWafmvM-TK9SeoRp4IUkYSSPtX_hz3mAGSTv-sjfIFABtnyiiBF8KWTBjaFXs6_n-yrMXxTjuEgk_87vyfpqzdoPZ76c3Iy4S952PkEN0-t_6AOrqW-VFn_ioPwO_TFIAbkC16PHB9en9_XKxN2c0p7BJR5RGGsDDydmUp_Z5uWt8tZA6AhnZz2kHKknkRkpeZlgjFlgANgjP1xH-J6tQU28Ye75sNVRyIWcXHPggzo8Dx29ZHDyr6e7DTgmG9T3lLZgjuh9pwSDc_dmJguv76SlwLhQDf4gFaIuuhaIGCRCz32tRDL154KbU9RJNKE1f2bOH82tpPCn3vQypg8CvGUKxx0iMZAefJUf64whXj93hZBYjCH5TfrBRObc6UJSUrK22ETVt9FhMk5IJ2lCgjko_up5Xze7SC7YrGYbQsh2ZhGrZhQgrp_MnIS0a6lNBhY4qi_D1DA8iTcF0jbzpCmc0aawrgGHq27iZSgXY7d0Wp_wxJdyyMEo3oE0xl-ZCyJs0h5RHaKwDh68iYMD_r4UQVMwu7f57a3IZyh6EEtSGJaEWCVZPn5CmA5ATmASK9LKlhRTFgNLJj_D_dr_bMgKH_aG27gCuIWdk-ZI8_7buLcK5JDs3EYXPSU8SQHmKLHCBPiJA77VyQDQLDJ5ss8aH60SpHc8EFPF5GSMFgM9rkEed8IHqrmu_doh2HUixVOB2JREhkiG5BFm9SnrxLCPfvW7lfnEdgWjEE5l7YjxbPjGUWABoCUvim31H8Dc_yUel_I1mWd8_RWNbIu_QkHFWjoqGBBwaW6mdvl34ujIpxF8XsxL6oCkYP8s3MuqosjT8DhpKfmaUNzcGvOLtTIb_sq__A9i-BnC7mH6h96BQEInaMuy7gXR9yMp7G822w5opRV6fGEyf3BW9OlseJepsJ5nKAUfLBqTRqMiEp07e_SRAmhHdprnqY_2anwWdshtm2RrJnHTA0JyiEy4ri-aZuKSrTtpfWk9bbiQhldiMokVL-V0W8LCU5hNBAlo1zEyItUQdCipcKzI3jjYIEqEijYBVpsLtTtcYKcnNCkM18Rb6CBjuMBM5Jih6SAKIPs83WXpq7-rB9JAA1iCxVxe8PSPwEok1NQcjTBjhbMpfDdNDB7wZDbwxJahw5zQf6LOIrquSnUGbz_nIXajbBrcCSZ0yVSjDYFh0UbVYswNBoewROIcFY0kgKrL3Qy_V5zLkcgsfBR3yWdi6lFFFRjBcSlqxwCPqsVHBE8SjZmlVBTyagRdoKHELib0kCA6FypI2V9pgBdus8SXn7W1yz5H_q-fzC2kruzMEOfZPbAxtmqxKTQy8tsFfzGUl_2Z5-QkIWmAM4L_mW0WIvRY50Bijh1LzBmJj9h5sPcpDdWFsceorjIFt2FoEqwBUErKaGiMEg8_va_izSWwr8pT7Jk7Y330zjTTFpfOPN2yCyiA7XnliAAao3jSlDzGJk8oOVBqqAP-xrzqf6l5IWCtIC83Zou064wBKRkqTAYgzMjjDg7jenyKYa8yEUG3k6BJ-oxNMeyKbd3pC8y7acDgp922zi__g4GUFz81axaORF6l7wQQFJhCbWhEmo6gsOJtJxMpr4MWUk126bpr08T2gY9tDyqbfl7tUCQFQ9_-7gQ0OMLVeDJsEq5WobXAvVmZLUl_ysuI7fCGWqDzkkJsZCInahb4wHzhLNBu-Ddu7lsP969lqftBtUF2gGH610KxyuQzly9Cj0lub5kHrzdqCQ4asWy0rMHxyN8gyKiHS-Aa-fjfh1Jn8K-qZHsM9jNkuh3DpG6WzpKgKb2IqSHWf2Av20eNnU0q_VLmZPSnHlXNtM9hR3BYaC2T2Txy198xUGFo7VtWJvJMSeyy3IRJ1sAzwyX-MZ5aNGytK5jTMAkPYHzgra2rSoyire_Mhy2j3EZJJcFMQc4G5RMYaVMtQ58s0dmkJ2RpwpoNtRfUeK-82qJ07IRhqchIsI5IjHaJxsV2hK1hUiCv6gPTG_iCpI0BdR0Kou1tVQCy_GKhRVFVGgIyigOStgomzrX-3g8jiTe0fsMYvfIiAJudWAeMWoAqC3ZgNFMem9lRz2EtA82oj4eKQY0l6fCcPjbxkEpzNuSfy_R_j6QuvriClasR-MH-6N6g_773qjz9DCkHQp3S0mFO80w7zlEhlqq4gCiH6KNa1T1i5LYsvjT39cftJcHSpgx6coM3-oTxQg0-Ghw5B-UpbE4FOzi04DPVQIAinuvspu4vqpobGhIhUM9VJTGpdh0uBV15jILAeUsr5l5Eb__Nl0eD2j9gVtobVwiu89Uy8PSztDQoiBeuV2f6prYpYzeWtr5mhgYZR9njk-6ApvPXwlxK8L01J-HaJ6pUc2XuTUXCl2d9qyR4ZI_gmUjfqIWjMPy1binkcNI0M-GsKY4FOofPQLapeEkCyqWqWpsodbwSLtyJPDCRgL89ErD1MAgjFD0qSujj2OUe-YSwp9nXQRZSCWeGg1IRyYfWH8FCQZRlsPHMjSESZtZLgt-lyLkn6IW8t5gBDNuFtqNxX-iMghBftsETbnXsoPmuxnp5GM29HWvoKaq6519wrm5eHQFKQM-WN5I_LwXkgWDnHpCxAN8xIe8QoHTBWyyjuyDvSYZxa4BytnYA7JJ20cHU-sgfCXsvsCw16q2q8CByaA7s3o_29-2yIov4Anx5-91Fkju7Lx5AKxhqPK48IlP2IhfoSTLIEGIda16xBMZxXsQ-xww0DXUQlE0ltSd_6tDLk1ujfMv6MXX8DUpTxM-cgSb1nOY_m38Exel4xksl1vp-xWkfTd0eRBkAC0pBRauiNpFQwPsdys1Sa4PFkufT2IRoiznvOid1pt4KX9m1zEIkGol_ayVDrffT1vKYqP0711UPWliG1r94CnbhELmBBl9W3YyFIHoqUKaG6rWHsH_aYUZtC4oE4_R9YRwqOoLy3F7OE3rexr_LJ2mhF0S3zbry60WYdnut1kjYvyPTuJ8gcuiWVNua7VHMyo7wNLsxxbuF_8zEVzBH1HR-aTCLC-7wHwK-lkSJuJAlb2m_0slK_Y3-0xh50Zhns0kyqORox6shR-k67X1v4YDh2Z5O1Zcg-CqcZzlTrx5Zk-DrAPWCPgmMArnFpRBk0x9Uj5dd2URX0ktfZ7lzyix6_bEwZAueti2Bimo6pPBeWhdj5PzfuubFk6yJa3rr8VEghdpyOgVZakpf6bydv64Cfh-2w31E7cggG0lL&pr=8%3A9B1DA98CC08A8BDB&cid=CAQSMgBpAlJWw-JiZsP_gz5PmysPdNt2IY0WdkkLXWG4xjz9EIsiMazkhWbvRpdnOUMJ75zbGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202306200101&rfl=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&ds=l&xdt=0&iif=1&cor=10649331717136693000&adk=3188165432&idt=136&cac=0&dtd=3
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
72dbda4fc54f9aa4de05a0830d106687cedb0d191a2939a99e6708735413e3bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39424
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bl-3675ddb-7624f037.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 4762 		58 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/bl-3675ddb-7624f037.js
Requested by
Host: 42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
URL: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24bdce08dff3de800df43916bb99c54a752da5ac3c58fd647b872aa895908c4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 17:01:25 GMT
content-encoding
gzip
via
1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
x-amz-version-id
jRUjaHVih9Dgk2E3pF0V9QQpbI3fLYXI
x-amz-cf-pop
FRA60-P4
age
149548
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
24159
x-amz-meta-git_commit
3675ddb
last-modified
Mon, 17 Jul 2023 13:31:18 GMT
server
AmazonS3
etag
"4932969f806ab8ca6923b2f83395df21"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
uvqK34S9yBsCEEC15a9U6cqU6pqVofU7e5Bz1fFMk8k00RwCqXK-Qg==
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 4762 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: 42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
URL: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 06:29:32 GMT
content-encoding
gzip
via
1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
FRA60-P4
age
705861
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
qdheg4jxfHT7ho0Vuym7gs3-IKKWpM7atFnJAKKU4OQKBivBZOQsbg==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4762 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AuwQqcJhr9znpoMWsXZVxnjikiVfJVba06WfH01xI7dia88I9MCMP9SP05uDKmJVmIeCOLdrDZeHoDuVLbZv8N6sBRUDPPnVR-dzTYksMB0HXFK1Y
Requested by
Host: 42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
URL: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4762 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15891779114324221068&x=1&ct=76
Requested by
Host: 42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
URL: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 4762 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
URL: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29781
x-xss-protection
0
server
cafe
etag
4315658989838864570
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 27 Jul 2023 10:33:52 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230725/r20110914/client/ Frame 4762 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230725/r20110914/client/window_focus_fy2021.js
Requested by
Host: 42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
URL: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:51:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
70923
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Aug 2023 14:51:50 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230725/r20110914/client/ Frame 4762 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230725/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
URL: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:51:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
70923
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8293
x-xss-protection
0
server
cafe
etag
11502554701003060455
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Aug 2023 14:51:49 GMT
l
www.google.com/ads/measurement/ Frame 4762 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTcKvLCoJg3CA1AdeMQ9pcswBFtE2ZastZLetxiouIBYxugNfrdreCJLkcP4gCSfaay7GUH
Requested by
Host: 42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
URL: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4762 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
URL: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f294f48a5bc171da79776780d32c77ae3323a508cb595a56f116ecb7578a8e7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57383
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1690198756579870"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jul 2023 10:33:52 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame ACEC 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARihwJ3cATAB&v=APEucNWNc617oqpybTE4DRJggr7fytASd_JdQxJj1EuTdBBuVgPCH1y6DG8gTGRlloY9OJiXkTH793zg-sA_4SllSOnxIaPl5Q
Requested by
Host: 42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
URL: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jul 2023 10:33:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C69 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4513662499549&version=m202306200101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C69 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4513662499549&version=m202306200101&ct=76&x=1&cor=5259020161913071000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 3C69 		76 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ClLiY4eEivinBv_ZH6RJ1YobA-FIcDZPAMFEa_t5JI4LNHT7PBWvKy0FKnTEOBU-Mt6Qca_3HmWg5qEn-P_B0WnHWgZw&cry=1&dbm_d=AKAmf-CUx9O_qhK_RYuGgqob-8K2d6RtzE1cF1X5-76gRdr_U2E3ztB1KdQdi4Vcm23n1L7q7kAtaVJA1-yFvt3lCYchEBlNSNABqRq38m5S1LNP6Z0YmofM7Z_zx64L96rRYd8reZIswxZ25Op71dsMcodKaFTEjWM7EsZV4DlZbSfFAMSFE3b7QgSUgIi3r9hPiW3D8_opNFhh3aI9aRHv39WlK5sDv-0rJO9x1cLcW2nxkXcYsfb4zEq7xs35oCZqBJtnxhgVxgLqAXBTkfxEaFYWdbDehUTIz0pC2rzoH8IcvEllaIWDYCEZUmSGiEqNeDJTFGkAwycTnqv3E6I_btvVnw1_U-Xc7oyEcrcWeNPw4L2lyLd24Rv93Unm0IFa2XtIHFUohSb-caW8FeeDjuU42HQrE9JqgpnXi2IgrEM6fQF5EX0Ee7pSXw53dlcv0AMMRiyPI3YUVKvJXZFJQc2uzylHeOPtfiq14Ru31YAav19wcvXRn2WxxS77so9CtYBLprjvNeJQmpwlATwSFsiZ5piVJCeyKeL6bu-WpL_kguIErWpUbw3GVsxFoiHwM2gCIk7Fw1Znjb2c5CUyI3HQ_XKRYABzx0aCwc2-NV35qH41wX24ofPPdrJpN7YuwO2NlOP0M1mPk6Oyb-oocGEHmOp-r0d_7-JRQG-dfVj64AtZPaxKA81lLgnCqV79oxFtdz-aG4ScwuE4dt1-JXQt9UCYz1PumyGzaJk2k1dLsIfAmQeRNrwfrhjqzV3jMjWqJ776Ub1gAtcI5vFB1EvlibrwUPBK_a21PDFW9ijagxA8TDXn6pQRtNewjQqlE9wCGKkYEaIGmIney1Jjjha3psVtCd4GRGgyu3QRN4b40mFaODY2UEqimGz8KMuGwVkHtJMtPCC1Bb-fd4kjNDV_ougS6BQLw9FgJSza4PLufPPj61EH7DMUCWwS46qjRBaILsKZq9-Iw-bOsxHOTp0iBc6OAtKtJAI2W2U2bGwDYiwurPTKqWR3DkyTlMtzUW8JVBaSMRjmU9Uob9M_EXgHiLmz50ukR-0jqKhDvhcg1Nc1ym-N_TL_Rbxlmnwan93pY5OXZG_mukIR9xJQ9fn63du8T6xDKK6ZmrMAfgZ5ELrFU4apAaneT_TVYPMh2PJ6cjv5rQp53wUaf_vdKNRCpzRDJjf4ezt3EL3GCGTICrvZuj2CKZSl7DVUEeopQSWmQdqSvqfCj7aMGlaDbTa2FdHroQuZo8hQEHW-2x5h0810bQ7-S9JrKyD6FcdbEGAHIG4YjHFIHf5vJKPyl3abQeRsLceWUTg6YuUvRJKf7Pez9_KelGCnq7NO_1sAIjOrFAxunudpErAgf0QKWJaCNuOVLGWw2nV2XvOeUvzyF90u_reXWtOK4AB49Uoc5wCbVHVT8UQ6DDHqiwL2BBT4TGIcNJWhvBFtmBfMjhemmxwEHo6NtCYXk6mqlmuNSdux_Fr6QHxxoYin1WLwFHLnuWjW9lTLh0GvY9RIA20w219isNJF0w37HKyU6yi1qhBjbsFZ2fBHPaKk8xULdn_fWc_2urAWkFyeIPEcRiYN90ml8rNUJFU9h2yxPQzw0GRYQrhRv-qDM3qzMCHwX6ZqL-mcy1hRYUrrYilANjQTqzosPWfHWL8MmOJPMBJb4ihvat3iegvLdlpBLeSVnrefxrpX3CPS5tj6KznNuaYLqvwZtlL0NVEr-NqTSf44wY9nsj4Nomxim2K4RnTJ-e_adYZ9MhjpMF5nXKt1iQtD2iJN1mJJTpMLWeBpk2KVyYAG2hAmPgmEUmhLmc2vU3f9IrQY4VPQsGXcUBlGu6nXmTwkexRcA9hkMCmiypOQmdisi3fdXm0NfCG-vuD9Z_nklWO991Z2oYn_EA1zLf1VoK6SddLzmSSS6mngZI90SnMNISrwtHT7z7Pk8irOI8pzsxw83eVRGkJbtA3Wi8UitPi40ezljo8Rxt5wH1P6U4Vy-EIVaCyZ5ZLL5p_Ktjwk41jlUEqTsB8eS8ntSb7-Z_ZF_HSZI32pKQFfbJ1k5GfSFMDyfPSakGsyeGSPNEgfo0hRN6W8Bi28k7jbeVV-mVFz8PvUmpGDz5E_XILVRMDOkBS4Gp7gwc8V7DhaSiEnJfBLvxJWesxTXpujSMb_AMian3nn7ZebWY2JDkCU2RHocHHY7ndwJOssFN9pESJxQUmH9PxTxnHq18tm_JQ7cbFGIR3-LCPCUpkoWWGoOTx5cmXvS3AaXMFMEIluXGtEg3gsK_Gz3ZIHMQvF2wEPJcnsEqpw6x1SkBbtS2pT_OhRC-QyrE3lImRJ33z5nqBJVmaIg99wVtODkUmrifo50buUKjP3Q-5naFQQZjpvlyrdVaSIoDEl62B3MK0CQABwTy1hqlXWizanwz3a9pUbEjd0fvcYtLUrCBeBkDQFbn6x5-RvrcTP4KSkwocf--C1NrSmLeZdzoGXyoTe595fdR24nvgNSap_x1RGdz5EU4jxKYndgOekLUQcI4wzAJ4kxERK4D5Rx4Y5WuGcg1fXA-vRiJ2bbvtUI93QsNAN2v0jDs0-HEWaotnHoByxvbPIbLrFKHfNLBaqOfI9Tu19ZgmtI2HPRTxte8ldLDcy_039Dpcm-GvfbvYzxrUJ07RIISqsWW3MCbp7KpuM6FSsKRR6ntSklUx5C7oc9EIAOn8gYlAR69WwIjAaOM3UJBAyqNeGmPJyQMwvAe0PFqsf37D6yMDI4euk123O_SHZ-21_mEZYZzwVe0ZJezrl3E2MLkaljQr4xkAteOAW3ryT6p7gjEx1vCjtFB6BjYesSB1AB5VT8NNYdEAvWy52oztvdIMpvB7PIxYJ8gGKYjc46AT6oNbrHR4yh3QecRY56R3IPtI5-IyiijNrpOkllslXBjYiRgYZuUUiZZPKjIbw9HOVQ61gDcBX42-vLd2k_xRm4iiObex0DkcDLUUWVZOjDNlVHCPDMlGOOKogtZNUAbTV3nuyvODAJr_Pk_YZrZgpmZ34r79kvt5cjh8S9muvdgmjAzHmBWBPV7DPE3faJmc7IyNMdObIbVSkZjdRXJfKP7zU39apJNRkDGgg2rCsAfYOYXKXq1psRYEUqRO_MJshbHr4RhqeGGGCdb75cKYRSvpGkSZ82crTMWoBtkpZZQ5thLSa4HjODS5DsKfktxRRXShpCkVZxlBQbbx_INfioBKBRN-egLpk5Q8Oy3iyzwqmUrmqinhZ6xZIqI1rIVztHy0g0_BgHwuUA2G6U8UN9ViHmnCikPA29xeqR1DlrY_t5cSuUTgCkSilRrXzDex4CKdDO_Iq3hVRfS4C8XmZsFbaobIsbGQ2_iQ_cEpMp-8GVXqG4QMdrbhgMDWCr7_kJT1nf_1cHVwFTf-yww8a_SnHeZz1XtCHqw4abRWYfm1PkEm8GNzIxKJZbzwTeUQ9FfMfZqd8FFiap2tC6eaVyJeQLD8XI9ZrtbMOUvysBIUIQg&cid=CAQSPABpAlJWrJEmoAYx0WwZJeqiX417_entLe2BQbA0ZEWNIBO3ELGz2w1B0g0icGZ9U6eDR4Cen-GKNNKIYxgB&dv3_ver=m202306200101&rfl=https%3A%2F%2Fwww.idrlabs.com&ds=l&xdt=1&iif=1&cor=5259020161913071000&adk=2858927758&idt=95&cac=0&dtd=82
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae505391f76877b51939a4042a29ad6437bb24e619bb2719af03880278c3d109
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36388
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BE47 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsthnVh1zVehI1bhBNxaWjmDM_anCuzYu0g9Kldqo476lrop-PjbQ-VROOL9Eu23q6HgGryzR0njeprL5KEL9i2jua5z67e-Lz1iM9UtLRgzFnSWAiY5pVIX6h8KVD1fIfY&sai=AMfl-YQbOMUOKVSJkVTTxf4Pur7CrY120PT0tEeplOflZ1uhWlhCDsQPn0QBqlMwsLQurYQXDZUnJ3WmhKSNASFTvD8l8gd3LU3wyV9fCjq5Ya0egC8dgZT_52k9YPFoYg2E4tmkGDJAqoncQbk0Mg&sig=Cg0ArKJSzEM9z3p6a9EoEAE&cid=CAQSTABpAlJW3PvCY_hZdjb_cWvqd9IibV0l5rHOCs8IB-X8kE-mAD6bUTqwEzVpsxcI79AVArWSo91fknfe6t7nmKYZ595COuRLvXk86RUYAQ&id=lidarv&acvw=sv%3D954%26v%3D20230710%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,168,299%26tos%3D2153,0,0,0,0%26mtos%3D2153,2153,2153,2153,2153%26amtos%3D0,0,0,0,0%26mcvt%3D2153%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2392%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D20%26pst%3D258%26dur%3D15018%26vmtime%3D2401%26dtos%3D2153%26dtoss%3D1%26dvs%3D2153%26dfvs%3D2153%26dvpt%3D2392%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D561231848%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2153&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1690454029983
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 3671 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ecdce583240209e675bd219c031902309f47493f1f3bf05d9329d2186dcd8839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Thu, 27 Jul 2023 10:33:52 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Jul 2023 01:58:34 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=55442
Connection
keep-alive
Content-Length
10115
Expires
Fri, 28 Jul 2023 01:57:54 GMT
um
sync.teads.tv/ Frame 076B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEPmSH0looOVBx7lehfjbUIk&google_cver=1
23 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEPmSH0looOVBx7lehfjbUIk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARi7977cATAB&v=APEucNWU-P2O9ApK5UZUQIQhihROxeHJY-znuLaB59GBNWkXTYs9JDWDS_sZOeexhrMFJWbGwYl-HHG1bQDzukEX8podr0T-wsE2ZzCTiANGM9gho3ryeJGZ99FQufae1TsyiiGbyx9KwFff0Yz0xPOf6SeCQSjgx_ZjY14qMQIFxlQnjtpA5cc
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

expires
Thu, 27 Jul 2023 10:33:53 GMT
pragma
no-cache
date
Thu, 27 Jul 2023 10:33:53 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEPmSH0looOVBx7lehfjbUIk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 076B 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARi7977cATAB&v=APEucNWU-P2O9ApK5UZUQIQhihROxeHJY-znuLaB59GBNWkXTYs9JDWDS_sZOeexhrMFJWbGwYl-HHG1bQDzukEX8podr0T-wsE2ZzCTiANGM9gho3ryeJGZ99FQufae1TsyiiGbyx9KwFff0Yz0xPOf6SeCQSjgx_ZjY14qMQIFxlQnjtpA5cc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

expires
Thu, 27 Jul 2023 10:33:52 GMT
pragma
no-cache
date
Thu, 27 Jul 2023 10:33:52 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
partner
sync.search.spotxchange.com/ Frame 076B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEPqlq0TTlxv2IIovOfIqMA&google_cver=1
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEPqlq0TTlxv2IIovOfIqMA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARi7977cATAB&v=APEucNWU-P2O9ApK5UZUQIQhihROxeHJY-znuLaB59GBNWkXTYs9JDWDS_sZOeexhrMFJWbGwYl-HHG1bQDzukEX8podr0T-wsE2ZzCTiANGM9gho3ryeJGZ99FQufae1TsyiiGbyx9KwFff0Yz0xPOf6SeCQSjgx_ZjY14qMQIFxlQnjtpA5cc
Protocol
HTTP/1.1
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Thu, 27 Jul 2023 10:33:53 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
12
Connection
keep-alive
Content-Length
43

Redirect headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEPqlq0TTlxv2IIovOfIqMA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 076B
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MTQ0MmNhMWYtMmM2OS0xMWVlLWJkOWMtMWE3Y2I5ZTMwMjA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MTQ0MmNhMWYtMmM2OS0xMWVlLWJkOWMtMWE3Y2I5ZTMwMjA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARi7977cATAB&v=APEucNWU-P2O9ApK5UZUQIQhihROxeHJY-znuLaB59GBNWkXTYs9JDWDS_sZOeexhrMFJWbGwYl-HHG1bQDzukEX8podr0T-wsE2ZzCTiANGM9gho3ryeJGZ99FQufae1TsyiiGbyx9KwFff0Yz0xPOf6SeCQSjgx_ZjY14qMQIFxlQnjtpA5cc
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 27 Jul 2023 10:33:53 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MTQ0MmNhMWYtMmM2OS0xMWVlLWJkOWMtMWE3Y2I5ZTMwMjA2
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
73
Connection
keep-alive
Content-Length
0
um
sync.teads.tv/ Frame 5259
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEPmSH0looOVBx7lehfjbUIk&google_cver=1
23 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEPmSH0looOVBx7lehfjbUIk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYmcSa3gEwAQ&v=APEucNXNKrXCvWpwh24gJJwyk6gJeSc2wk2FSEIsOw5NDqiSe1baPrJSniGSNNSw8soWdCxQiNjsEH47jcQQcDpWJ67FbafkFZZaDKCaeF0JWlAH6hRiNIcEnSfyPumznkUqzLR200eshpwOfdoPVyFj7NZh33NEU3jIh1huj77zdN-kzWZHBZ8
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

expires
Thu, 27 Jul 2023 10:33:53 GMT
pragma
no-cache
date
Thu, 27 Jul 2023 10:33:53 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEPmSH0looOVBx7lehfjbUIk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 5259 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYmcSa3gEwAQ&v=APEucNXNKrXCvWpwh24gJJwyk6gJeSc2wk2FSEIsOw5NDqiSe1baPrJSniGSNNSw8soWdCxQiNjsEH47jcQQcDpWJ67FbafkFZZaDKCaeF0JWlAH6hRiNIcEnSfyPumznkUqzLR200eshpwOfdoPVyFj7NZh33NEU3jIh1huj77zdN-kzWZHBZ8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

expires
Thu, 27 Jul 2023 10:33:52 GMT
pragma
no-cache
date
Thu, 27 Jul 2023 10:33:52 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
partner
sync.search.spotxchange.com/ Frame 5259
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEPqlq0TTlxv2IIovOfIqMA&google_cver=1
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEPqlq0TTlxv2IIovOfIqMA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYmcSa3gEwAQ&v=APEucNXNKrXCvWpwh24gJJwyk6gJeSc2wk2FSEIsOw5NDqiSe1baPrJSniGSNNSw8soWdCxQiNjsEH47jcQQcDpWJ67FbafkFZZaDKCaeF0JWlAH6hRiNIcEnSfyPumznkUqzLR200eshpwOfdoPVyFj7NZh33NEU3jIh1huj77zdN-kzWZHBZ8
Protocol
HTTP/1.1
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Thu, 27 Jul 2023 10:33:53 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
102
Connection
keep-alive
Content-Length
43

Redirect headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEPqlq0TTlxv2IIovOfIqMA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5259
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MTQ0MmNhMWYtMmM2OS0xMWVlLWJkOWMtMWE3Y2I5ZTMwMjA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MTQ0MmNhMWYtMmM2OS0xMWVlLWJkOWMtMWE3Y2I5ZTMwMjA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYmcSa3gEwAQ&v=APEucNXNKrXCvWpwh24gJJwyk6gJeSc2wk2FSEIsOw5NDqiSe1baPrJSniGSNNSw8soWdCxQiNjsEH47jcQQcDpWJ67FbafkFZZaDKCaeF0JWlAH6hRiNIcEnSfyPumznkUqzLR200eshpwOfdoPVyFj7NZh33NEU3jIh1huj77zdN-kzWZHBZ8
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 27 Jul 2023 10:33:53 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MTQ0MmNhMWYtMmM2OS0xMWVlLWJkOWMtMWE3Y2I5ZTMwMjA2
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
52
Connection
keep-alive
Content-Length
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 728A 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARihwJ3cATAB&v=APEucNVWgYO9mv8LWmKsgELamkmQM7-ft_RAjADmi5FB5WuUWa1r3WSMlkHpyYjcu_gF3Qn6qZD1Y0-ZuRJRVQCtKJLXLcRmsQ
Requested by
Host: 42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
URL: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jul 2023 10:33:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5B67 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6881705623095&version=m202306200101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5B67 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6881705623095&version=m202306200101&ct=76&x=1&cor=16795556846082360000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 5B67 		76 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CkamjAnsItGmZptdVJqfFsI1Xgcwuys5tc6GcW7uven38Cm84SYbUr5sAVuB-PMWRhWEVeZ_COikScgOkt4KmwRv0K5g&cry=1&dbm_d=AKAmf-Cgf9XG39Ygd4FEwfbkPwD5gleX8ZBUX2RHcuyTvfG6p1g70nMskeeFhIWga_eIgNlmx99b5y_S4PO1T8aOmEXyNizKFDj9KXYEUDukEEJ0eQIW6iUlxd80Q1f5F92Aj1DAoCx299rutHdctg03TKM63A9mN_oxTgsuE9fUdmX0fO3ylTv-vf7dLRU9pz90lE8I9ikErIRXS0iyyJBWGe8iRu1ksQ6BkUF08ZXke-QhLP57-ai_JH3mif8sldlecSUYLzaasfP8q4K5iYchN8_WAAJR3fW-5uQqE6wk43rwmyxtf29xMqzzwPY__xXT1L3jYi_aKGm-2UF1Odgnc9cWUs7NkYqsd4-U8460O7IiHobs23ylviO8I20BN2csU-fBydxmg3BPwaOX9D2Yb8Yp0_Eg466MzhE6cmDqMFpu-mgKDytdss-FS2LPIsh1edxUKM1h_Vrnjkx97t-GC9RxwDyp5pBLdYLhcz8cwrvNC0DPwRXJukfOyH-KRy-U0x1tj_vTFnQ8TKmAnNJ-SEFY_wNxxwCsYAlzWg-w2G6HE1VhAUGRA7GYzQvr52lG2Q9N6EEzxVPFSgy0zdl582oyuoCbxA3SKwDgbnKYsW_9ZKy3w_inICtPMidKYmUsFs6r6QER--Tyey8izIV7MK0TCaoy0g9BfiPmz0VB9MmObm4IzZNo3zL9U9wlyl3SGgeR1Kh6BtnWhzysmGniR2WWHXZed_ST99ZFuN6Z57xd2nSuilR0lYBiDHAkFZgP_4x7RFn465MtKwnhZmGyIbl3FXEA33QlK52oKUa9eku1wr-KVkTxvqKOupt4MaIyqHiGt5FJgB7dMz50E6JRuPWJ8wOCf3r_Sk1wstAdHhFU6nmsoHgffclNB_cv3fWcjjVvFdCvGfIXhrd_UG_JP3czrWf6Qa2E-2iBs5LFpVMdl0Cd2BFGLP4npfNpmMPV9jhix9uGcDs_n0XeueBk8oD_CQ4YqdUyJJYeRi1ML6_0fd8RXuHpSXqodii4jnk-k-1YSrEWFoUyDw923CNwk_r-2jCCg37mcsWOXdWhWYrr5mL7AgpSEB1YHpM1oBEJm6kk9TpP7ubr6yLWRiWDoCCw4JIEyvmtmu70ADBLl5vgU_3jgENZcWamgKAWVmf2oG1Az2jqT8QgKDsGnKQsbmYV3Lk2J2oyG-i3f1RYVKupA_DpDP-mIew0pIIMgD7_HgrHxbPuJkc4-ki9gIam6DcpYnG2xQzRXnromUMWfpc5WN4bjqVbt-ZDgVS_ZZcl743Dyu5p7Xy5n5w9hb6nyfn5TxfpwGwIc_VAhfz1U4mGzH4Gx8awAs3geC9Lwihw2xGSjdHZUuo1ok9h3VV-C7dhSIRqtGhT3qxV3-_iGo_VSk6DAKHWQDsK6-yV8ahHvUk10s0vEVfFsrxAVCJwmkqzFdnhLUjqi17aSbVTGewNLPqsLRiexar3_sL-s_XNeRikmfB8v-TGVSfLbpT3mORZkR_IVnDxSmwosjtdK2X_idF_OItXITRUF2gPlx6xvbtsUonwxxbSaze2CZzNRnAHwY_bN_LlSa8gtWqQQvYpUggpphMuIma8l0UoFIlTKe30RHr5xunq38BgHgIVhVCsNyIo4drvYnrGN0-bRwDAhWkX6yOUQV1U6GW86CBg5WVxQUkI_dVygbiiCKDg9tTT1OCIHCMh3YuSZAtKbJgADynXQA9LKFvK4EG4y9mvFssTiK2PJQvw72Ul-FGHneChJkcw0PfswNOf0oPUObb71DNIsMvn2C_iWuQynHfJcD6pTAke2-_oqcIJIbOliG7xkX4jfOaXfTj2SCVXO6Bk1KSYU8QmJeZtoq_QjMYheRsNLB-li2Tws29LXnBDUzmxQv8Vl3RoR98GJhf1AhTmkDchqSMSv9kN2nq8lkTe916IGVUSaI6IHsEaiGtWQWh7B8dMZSXloD5fKwcbl6Ajs1bJH5R1Ja5onoQ7SKtN4eFKuWwbsXg0TB6MPXX8Ep68bL9o5PSxz9iuV_kwr6ydgUE87W8ogPDY8ex71mihEx49YtACDYH54Mj51gggD1DbstgFq6f-vdXZAeubOJsj-891pwa6YEDQF2jMBcThg_DpHKdDfh_m5-WFW7UNpxYVwd3ohnaZjH42aHldo5PeeDESol9eLo7iCusvrL0bkLbkFZ-cUom6iK3g6gHtVYj0Gu7JBqJg53YDxYtw5edbfI88pCrcl3fDjNELXxJCD4k36vOgNvN6u_tjIu6LjJY6efjNDULhaDBrOR7QYc7xZ2e_U2PjPpSiMzsGh58s38kU3roLc5ZHkvLQZXFzbY3XWBEYPbaBwj5DRn3YI5tE0q3TnCWu9aDHnhuMMkj0wk_-IZvcJNQLJTh1pkUi60_Pcg5aFE2sFP7YI8FkmrpzuPnXtv9rTF0u91OmSMySGNSKjAIICTR8TASeWRRHKYObX-GXmnssdPdCSZW_5PqRKtowORIaA5ve3BTanG8cbZBjVzjBT5KgVzWgBc8En3YNiz6h8UM34v5S7EH07r6qdbXKYYTIXcTMHkUVWsEn3TwAKeOSgNBBDlODyWDc6_GrECnS099fm2PFkXUmMcRF2Ofp4pl81LYTXiC23xAubc0_DerEVi-RNIKKaD8vkfrD23ejXcTywUKChM5UgbVIlf2xb5R5nCKQTgFoadgvgoorQhmq1_cqQSRLzookRb8OwFRJEEQHcFtfs_Ky_VIAUim_Bxi_I8UxrH8h788DvMCMC_4iddVElPgHiOnHE1iecoSqV-psIJEwlpDGUehGRbR6vQFJyD8WXWQA-f-7wrKmIaAnUCSjQhRE7WvYQLI_5WVJffELthvWtdaP-qio0LIwXmRw_2LUyy2CVfAl8jXvlr9uF5yyxhkFxfwtOhfA03IBQsttbZ-rVAangZhyaM16yAdRK2B8yTpYiuwD1FFkJbp185jQi7-eCm2F91aDdt9vZSfqq4fm0cKGSHMGFpsTNqJDbQCapq6f9TTvLo6lNhEu7GCzKTSQ7IJUXwdiSHAwUgb2phjsiO6-EveqBHwdtVp4lEmT61B0O-U6w0lXOBnUgI6TM8yACc1X-MWfeZVAsByaVk20pl5N5Q9qhGDAj6HdlVgl9NHvQ0lmsz2TBnP0gN1kmwHlVON1SWXxtH5YlVkvVjA9s3X6pWkunWF3W-IcbJWl8iEbt2Yw40iYlaMyB2kRftweTCe39ZoHAgscJImZXFoSUvJZX-vxR8NL7n0bT20GUDnyZEWiehPqLKPYD_ihph7VfOBSnHOCVM2VmwEyG9yjrO_QAmIvmCtDqrBvbbgAEiKS3pSTVDWAQX_sl0h7UGiN6Xs-yfsOBhRBHY3iQ91rb-5t70dhFJLm6BivYNsOEPC0X1ZmUL5qWt_amP2N3_lFF8Q061wpVu4dHpcQaA1u1ixxUHLN9kd1H8qW4HYmwKJo0PNMyq9Z6EV-6ejywsAKJzzrRpBTn951Sg&cid=CAQSPABpAlJWTwV5m0pGXciGKDRnTHCAE4Dh2DqAVb56paP_Z-qVr-t5puVlVvrYsrNHGJKyAb2IOMPwm4hqbRgB&dv3_ver=m202306200101&rfl=https%3A%2F%2Fwww.idrlabs.com&ds=l&xdt=1&iif=1&cor=16795556846082360000&adk=3551309950&idt=122&cac=0&dtd=67
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8876b805803aebcc9da38faf6ebb308f30e8e3ade17ca9f9512dc56705a1bede
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36327
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8345 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARihwJ3cATAB&v=APEucNWPkkG2JMVIZFH1fNHNrQJtQYO3kXsZeITANAKkyIg3JKCO99B085l1pk2DYeoYJOXO8iwbt-mXgNZ7xnrq9wrRdYMSKw
Requested by
Host: 42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
URL: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jul 2023 10:33:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame E5BC 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6980813476041&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E5BC 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6980813476041&version=m202307240101&ct=76&x=1&cor=7090846055756203000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame E5BC 		76 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AAPTLht8lIyenQGh2sFRNduTdN6yKHGrp7Rr49Vy234NL-kQEla8FEwxmwXpnfBqLisUzGfe5_am6Hd7ELd9LzH-g7Rw&cry=1&dbm_d=AKAmf-CqrdvUsoOWEDhckFQvbGBonhEtmkOBcl8Zl_Tn0NkRqdQXttq_rlwWNm86h_zho97BJLUzaLMLGGfIeLOwgrRxCB9h_ZIHMzMVFHGmq97E4pnWSLpd_VZhquDqfsFOhnTu6B8gcXmsU_bEd3V-KF-cFc26M7LpGAjY12rrN8SuXwgms-vQATMzMAAYAqdBBqjRg6SEAVLqzdiHSinKbAxpWAiGkd6oQahgEP8X29x-DwgaYgp3qQ4O8zg4Mu4dBDr1L4migOjI7Q2nr1qyWKR2Efg1HdCg6MRGuMLZJvko4reJNdoK_TZp-7AeL4JriB4wlqY5f6wAHi_efSuJ-4D3PzlVqLKd4l1Txg1cdMXdxx1ecQJFI4PWmNoPqOeNY3x1R-taexpkZVI7MWGPa3zv8J9g3TWr5VjJY6TcMIzqMJJZXlXiyYI_A0S-WfFNo2crAbVXwzvmyD89B6GY4Fvp_144ysK-Tob-gm6esAxMhJmo_88TWS2zHlCJT1m-HUIVuIwAnBhjl_e3ltLiMqR2QLH08fTQRYBSoJGxx3jcUzABKP_Ww6xGUBwUykHgfN4raq0XnR90GylNyFVg55-hsQhSAsSfkCGRka0K1_o-OkeavQpW95nmqO6W4eDWIhJo2u6eBA2TW5KhYsldCgH0DS2dUL7PlO1NxIY_cXIdRYwnJbZJLp3dMTxYeQURN5X9-G5ciRRgw3o0Ofxm0BrSceeAh4bErJ5dYx3izkHHZnFYCEsJsVouSuYxGGDl7vSCY0DVpq5BoSB4Kg2vXvBvOQEkx3H0eVg5DRG1l_GlnejBu2135d5oTzex4_y1N5s7aT4vBIvA7XGd07Hk6PAjW9vLAao7qIZXRi0IqotkPJBEBfbnkpRXybzeGj4DZiUL2rFYeS3RmO8KE0bhs4eoWeWaNpNmO9BajaXKo67ELAU4wcpraL7UpRb_Q-UpMNrPR-1hEKqs7HJGOH3Oqp352TN3XzRsx07gTwmp-IqH3XmjAeZNOUWqMg6KzrKF_XsPRNPoSqAPzDCMvvSofIDphl89pNgNnSHZMIdw9qg4q5O7fKHJxja6TgaQ-BIg-kL_eg62JZi_gAsik_TJdGB8GkgWs-lN8V2myXVGRTTRbs9W6swHAQr9pdx6dKRNgKPplvrvmI2gLWTVi6C0RFE0ZvQQb-Wy59HfsgWVEX6OfBm8HTVsnqSO2IXuQMdcIXKJLE5W3Tm3PcSrok-t_aPEEgvrPxrIXYddWjiNeo1fzWKF-J04piQ-5wr5gPG9_qSZIb1YRnYtPaf_bYtPl_wGCSiXOs6M-HVSaKvb6h78seYgWn_X7cUw4glEg2YjbD_tUeQorjHqZyVwlwMOSSSW1dLEwsFhtjZVtUOm6xH7ZEHDwxw7t0bF4kwmv8z8Wuq7xdfn-iL5-ZvDyOujCqb8lODZnu57uQ0RYEzbhVyU7JWpjn3LS5gK1YAVeTyddN3FFTSJ9ku3qWZm698qWZK0SK3Jn8KpO4f2Nt-zvssPoESndqzZI7up5IKx7NYnqFsTLQU-kaT21P7e3-i4YXS1Hga298rjOb-vTAS7UqZ7o9PFYlmX5N-uVCrO0yKne1sPxSWuNuu23ajmKlQvopaTvn7AJ8GRujSP-bm3ZRNxzKj24snEVNuIlSJDZDiY2kzqO40CF4JcW7vggYhWju2Ny0zYVSpid_nU1x6K6QLWBu8zk8Xq_3cIR7YTATWgsUs1CdgDVLHGKoxKCzi0_zicWlayjKYWg3xNvkaXts4oYBg_CVe0T-wNiKgGzr82OOBFTdDk6eBEqoD01TLMbPbsEQ39obdmc7bi64TSzofx8M7nhtJPqnbDmv5QLU63PlAfGO6-4FXp-YaiPg7-Zy5aTZ8fmR3CXm1DBoGLOXh3NoM2zfpzOfjD3HzdJtSvHF-mUcAaHY607PThXN3K8GUqAByNEAzR5wn30i-3ZLjLLF9bq7NX_0-nFktYidWOPhjvSmWBURPVXLiwFidTghtCdmqH64i1xNXZbJH9uoxbcooSFMX4nCzH-KEIsjPh7LvryJ8jBavFAUJVx5DTaKLdtselGKh4t-V2NS_g68N_cmV_RJEQFmOoAB0QBUJTdMVvs2MAElEgRK5fJlUu-D8glsXwmzpCvyoGxO-pZHBBNNJEuY9axlP9R2Rp_nid9ulFMm6DNkhACHlO_YgMJ4TV1zKVTRWauvrkSl13yY4IZY9RrJ7wkfPzs4w2TJN6N_12_uu4g2xDeHNjVF1uPbnsxvp3mDcYfIUArLK3g0Ik7hKxZSUp5pPlM6jNd_CmCcRocHicwzZnN3JdvZflquynjEWd_5mAPGxrgOYDSQw7Ij0IXF8suSAC5I1oai4EGSAAOize-OdeD4FVYClbc8Q1ZP5J83phAK7wjVqcbGgS8QaRZ08FL4MA8RbBqDnZDCiWNlG01jSoL_TalKSWW8BPucja9-tTPdcy6HKp9_9z8J1LGAT0x1-Nu9pgZ7QfDerSb_fhKkAYQYjmFK1DO3IvIPnz6bjWEpoG8pmqMwqPk3Am8xE7hjrtZezp-ugp_1EP8D9Veq_sCHoDdxTsmy1aSDL6HzN2fhpGIr-hHUjcEA9qfwjKjpWCbx3ybeDeoB6XiGDbPvpvc8Z_4uOhSKbW9IQcK9LhYenF7wYoghdBvcGJ-3UfRAnbzmw5bZzjsmjp_M54Fd_NG04DIzvAGd5czcEjus2FlPaK9gN2hiEz6y-daHZ8JWicY4kt7iiE-KvA3Cce4SSHk-Ox-4N0LljaYUn7kc4KautnSAYOat9YA2OK9U5wkQ8Iq4hiPM3cXsMIvpuuq1jVtn8ygy6bdYmwQbNR3NsJtVGXKpIlYs5vmj5qmE4mpUQXYA3N2ix7kHB2HuVHZRJHd_oAJAF_IX_THK8kdNHWT_awb45YeaKZUNPMGqPiR5rFIfJD9MSL5ybEcVqy5vN5PXbW9fPBzTBbUMU78a7E0qUZ4q4ILW_ldeL0P-o4piSSb_lsA624hhJnpV6MD4f4oqRChfs-Ld9bDg2ifp3iUvaNYn4XAg6DLKcNoeQ-b-GEsAvPD8U3dp87U5qCahfYPJyM2fEqxYXOzICeWpW0LxBOvc9qcoGxHxOD8VLtjreB3QKeROePaIFS1QV-tGmAanYn6ijow-Cv_nNPeEih8ePrn3E-ziDfzFf_J7oxsDK_zM8P-BYcHU8nMUWjxx1XstL39AzVaMWrBmJ8CNA95oxerJEp4gk2dm2sQFDP_SVhefX7Vk5LcUu714oVR1krqstlQSxVJYhBQkeFBKLcvzes6azkPDycemZmtasVg-UZhOHOgrh4WYz0qhsNEPbFyu6EkgW_L6IaIZwcqejXxni-2yaFDnUS9W8xxUn6wH-lvwOnkFmN7mEFwQdxa3z8rdXOMW3QL1WeKEWOPxFCk0Wil-rfk1hVUiMwLAvVfJ4JIxWCW_0GvMtXDgZpqJC6T2pf7t59ThfX4gLRWg&cid=CAQSPABpAlJWDJQjrzmLQqy1kOw0gGHArED7LhRuZZuK4Ca4eRnES3gFWZ5Q5aCapzp6bCSC_yLDg52trGoEfhgB&dc_eid=31076403&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.idrlabs.com&ds=l&xdt=1&iif=1&cor=7090846055756203000&adk=2688415457&idt=150&cac=0&dtd=75
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
be489508881c98d351634adff8adbf7a8670e6d98a943c9b7f9936a00f77975b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36013
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame F4A0 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Origin
https://www.idrlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:37:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71789
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 14:37:24 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/elements/html/ Frame F4A0 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
16731591232229431525
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Aug 2023 10:33:53 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/ Frame F4A0 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b2c524428c1a3604e3d1cdc61c2ae371a8f2fc767f801180fcf892db9e07c3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 00:25:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
36485
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11572
x-xss-protection
0
server
cafe
etag
5014499061205845695
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Aug 2023 00:25:48 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F4A0 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 21:41:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
46349
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jul 2024 21:41:24 GMT
usync.html
eus.rubiconproject.com/ Frame FD45 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 27 Jul 2023 10:33:53 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame F4A0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvcuW5OI-RhmL_lBeBKm_HNg2K8drWO6rFmaIu-105HahurP2iTvPEoVrN_gjzH0kq86iYZMIwjXAi_iW8MwYOnmLI4ss_4-ueEp-EV42bjfc1sPuskZKJcbVU8lHrizROgP6wuXOogUu2dR0vk6xr1JjmMXqtAxura7tt81fADyUxdFL6a5E7YxOIF3jvDEmvxZPAul74mUDsuS7e3BltawluGInrHfKndlmv6Nmd3GwWlNVS9lWXKVESE0d-0_iZYk5cZMPk_CUgddYNRGnjQ0rQMLIULv_fwBE2rNoNSqtB5PJw8Yn4dgAQhlbgb7rFE-Q9-TygZn1cVKvrAtjXBEaY&sai=AMfl-YR8I11AQYOeJNNrTygS1cSlEDuESpUpUiiHd4XZ5eDG_fVCc8YBkxFff4DZ11Hc3UBaOwNigkkaKnG83TR42uPgv0G9wVsqsVbvAGceakhhdGYGn-sCe2p833rUyug&sig=Cg0ArKJSzPuwHVlcyR1eEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 27 Jul 2023 10:33:53 GMT
truncated
/ Frame F4A0 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
780b3414d0f7f9eb878bc7c050b3a4061c72eab40726134873273c99fc14bb78

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame C412 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Origin
https://www.idrlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:37:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71789
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 14:37:24 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/elements/html/ Frame C412 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 18:26:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
58044
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
16731591232229431525
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Aug 2023 18:26:29 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/ Frame C412 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b2c524428c1a3604e3d1cdc61c2ae371a8f2fc767f801180fcf892db9e07c3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 00:25:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
36485
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11572
x-xss-protection
0
server
cafe
etag
5014499061205845695
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Aug 2023 00:25:48 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C412 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 21:41:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
46349
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jul 2024 21:41:24 GMT
usync.html
eus.rubiconproject.com/ Frame A2A7 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 27 Jul 2023 10:33:53 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame C412 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv0E6eNotSMYeg2MBuAbly-oPlnOUvkXMy2tsT09JjK2h44nukHI7EOB3MNlbtwjEMHGVYdYZQ_kn9Q5LBv9mZlfN35rLhJh_Ev7Xo3b1eq4wSkhzt3V4xsNx_OZFAFyxdcQAE-89OZRWbfdXQy40csJ-MHkFgJSkO3q2NJnlNmelSNSN4Mw5buMjyRdJPsGBiEqTZNs5ELJ17ksf7h4sk3SBzUHPngDSFvleLfNKzMT-14lW9Cgx39xaibNWenY_1QYi-HQM45KUTbRtLcM1W9yklLJYXbUMmQgS_SUC2uXyBLw3ojuYOA8vOa_AsSJjQcX-ouSA9uHGwOa3hFpc_oghw&sai=AMfl-YQh_GpF3UdZWkXJvFuf7hMGS3CKj6Hq_3RtH1hk2rRGmnSdh_IOIjb_WiGuZjgCMcjAqz9RoS6lg4P7FLTADGyzXEOVKNep19OSXcixoqEcTVml5VIQjJtkEpi0ex4&sig=Cg0ArKJSzG5gSNka5M-9EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 27 Jul 2023 10:33:53 GMT
truncated
/ Frame C412 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10eff5604b04a32c56f6661f3c57d9651358392acd667204fbac86daa8ba6242

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6F50 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8503434407864&version=m202306200101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6F50 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8503434407864&version=m202306200101&ct=76&x=8&cor=3646188446745544000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 6F50 		79 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B35EJ2ur86Z0X5MNFa76iVPLojstkKtU1QSln5UfYkA7jCiGk4NHQ2cQNclp7tQJEwafLBiT-KG9J2_PV1frVYOs0PYWX3UXGQcfaHVvWOZBdcn48zWVbQiKQnsnD2tACeGVPoN5B8XdPZyI6Vd3arpPhjaGbxJZKV8_1sh6_k8PFYn_I&dbm_d=AKAmf-CvUPsPu40IIZbd8nqOu9V4VnvIPnzFY3MMiu3GhDmd0XppuP-LMWSh2g9c9gY8legiFKfQOUIrW1SpXs1KTRT_ZcQ3cQf7jF3bx3q6nw-2EYWCXox9P3Sk2sLjlbOu3NzLXAocqrYkaFoecttunILeqiXTs9pOam4VC91tOx8Xo4vkhgTwiWjZKgT_6_4idCYSMPBMWubpvrqMOTOMjY2uxZR3Hgo9h4Azp_zCck7y04nVckej48hQiR8Umu9nssIPRE4dsgxlxo5wYe9MeGksnxSn5-Jw-P8nXRryMU3_4R0oTzDxZ9YFseGLtGt2tunqYpqFUdcyNmavtt9yMrhrmG9-HNxRQ9lG9u6DIUlUeN29h1cXsYq6vuoFA8eRxwW6JDjoxKbz2Fn73cAifkQr4xRvWhsHwyS0mSYMrwoi4VtaYrOl-SZuQ1VTBcSQFO1s3RzxqaUoGvruPlh1SCqslQmdrX6RqsGsIeHfJtXTn1lwN5Ml8z7kTgolrcWiOZMcYZCLrtb5f1A36Vu6pefqxFLKePr2L1El010WJeJ8tGzmncvvHoaQXZt8P0Ejw-SFEgWTtEySyKARTdC6M9DVuNADEV0ghQ9WR8WxlFw2cG0HQhwPanPp36EayLzumecj-BMItZMtBH15uRwOwnOry-KxmaF2xMQVN3bYPcNK1KTj27sclyPn01ThAxJGDda43UQ8OGtVnfdXyZERfrjcPVLuOGP8Oqp2IGtlXkQcbyATuPkXbbtRx03QUn9CZql-IgOe8WtkEONvthviJxkLeEAHTcINsxudl-1G2OD9rI_nhDeOzBIAoPRgdXlf8gPdVCkSrtyIwM0KD3LCDHN0hwEzgz7D1sUR0mgyWZWExtljQIoIiLITztYAYiVl5lPpsAICK3YqAK5rEmVWSKWQeo3q7sl_c41rfYl7loXYv1xpTE9A13gTChzP-XUCjwP-1-M2Te7PoybVdOxA6WBSPuHyzkA-oKd5o9dbpig1KiUR8JTOfJZf848RHcDDoFbsqI5V7S4QwLyOHkRFWW7JvtYIujW9XtnIFvCVz_WhSxn_KVyTZEN0jvdEdUIK2ofTdcKOEMHsRjq7SlUO9XIVRDwhmjZYZ9AtUajX8X7ycZG9y7mJJ5vADGzNJkXdZTsnia3eQ9Fj8a7klr8W7RA3p2hyjGIn7n6RuIQIosZ5aBmXnv3eQus7ao1wD08ktiyE8zSUm2Hb66PdvSNMEPf3uk6IhQfclR6CLompIhCz_apWAXyYeu88ELPB01Lry8OCkz3S7UMsF4YLY-MiTsj3ktJ8A-Tuxqs6O0kCn-rwt7UxuMK41ZsvZA8oIDjSxd6Khvt_g4TmlCIM3FSM9U732rzoxW9UImptSbfMUy8V6ZMOa6Supcd_dFR3zA7B65NoeVV23FH5z7INkN8mfBQrb8dsb1Gt7IzyHCEROtmyios3CsnOCZ54i0eRHk4dPaV0jc34oiBlS3WI1p013g7ygt46f8o4iuolxMia_83_82P1dsUiBCy8pZimP2eDgQFVEKIaqFTdptmreoWcbs3ZqoWMI6e2ww0vbwBhV25kw004tfk4VY1T8mhDFN2d4-qLsdcbj39YPN8KyQ8iDloQh0WBVkdwK3VcQN9vGA5a3VS7PGP-UBHJkvgwGzQ7zrfLOE8nFonB0hxVaneaF1kcxvg2WXJXVcID7CeFBxA_sf863tTDFgbeAV45M6Y5M-qZ1A6EisNu4ruiExjc58zXQtI3yRbMf7xjE34L9vDiY3LF8g6GPI4sbslHqNusvSz8jMSETfeMXotlHAB1uKIPufkizcTQcIjgIoj3gMxA_nFvPAIgbx0pDx-0X2PCpNzOyE6L1Eq-4-L4uUlwRrNsnpS25s_k2tbxxRVcJf3HhEkz4WB191JziSr0Q3sC4tEhqHoslaZ-Qy8-SOCPJ982aT9MCTd8m7_1Z1DKbVJgO93r3_raDlCCZ8Auyzmz6YVAVpXsqqnqgomXmXi_N6Qq2aO3SyLL4NSiMKquDAEeT98jFSKfu72pxiBYvBL8vTHbEcPc5gzPNc0isTkLHhZXpKlDT2oAjmfwC2zbtQxDPdeAvCPXzEkdcvmX9_Y5S035LMZfIQa_scvsq_9J6hZNHJ-E5J6gTGZO0ma7m1BAlD94u1lCPQsEmkITYAdNwxunQMHz3ieOQw71LiM8qBhL96rLjdSfI-iqg_HtFHL40oNCKiyDY3fAhjKfIEQ8Gll5a1EKkD9cjHf2-tvqRvfb4tYKv0W8ZNBN6BvxCXANYIwO2VyEFLObR4O91jk6c7f-dHyclJ1n_VRwLEfUNnVfM3rkcWtOEHS6q_B5w3kQ-0I6xsbRYPwBzcI_PoZx243x1Oqf0xTp_6F2x1_wRaKTYX-FcQqSV3-yKBObh__g9Ala6GBw-sgGCJmmP-pwOpacEfvKKLUFlE3LfUo7Yy_40tzPTRRL7KG3rCFrxV7D1RTXzPMUeIxBB6ixKA9NERWMb3cvVB9iK-2upMclMxpWhiqh3VQoyhD5MOAEqPXfhjzAjDmg3VnoRRQjTiWmgeM3exDoMV9_m29VPJtH2MborgaBjqtV2TfXOLsgBxV03mTbqk4MHj9flucgJS6WAjQku3NMDMiJI5iO--WJPnI5zfqA9rPEl-2FBkszFX4T7a0qBPrJ6N0PH7aYo-391Alb6zf7TK92LogOoIN5hWg7-q1Qys_GNmPojrNUAWzCTL1RthFcz_KwEVvJ7V0Bv4f8OBIc807HZy5qzoJc2m5gthpPcvMp6VyXLSZDK1gKpD23cdv4b0_Dhhez3NkD8fGEdtHz-RgDjWZJ2VojUAwCooHCBpqLKw5oOo6Ltrk67H0AR9tk_V1ehXwnbMu3qARxZMH47R3ZYY639hanzIlW7praJ5qvkn1RLj9eNVKBJnRia-fIsYy1CEJW0eyjQxXdEk-Pv4cNqeb6q5wIMUX4aseo0RvdCNXjG7p85TdCLKmMH3J15UQKi46cJLo9v1QEMyoS_oAh4Eb8pNFYmR6LGCg2xkKLijx2MKXZkMZszFvqFCC6PUu7e5pVI-mADTN1vOIyFIRmaJJlZpnKhXyU9IA-RxUShD4PYsmBgIrgET1HuIKQb6Kb6WYKg1vfg-S45VACfACgfOcdChLlMRRgEffKD2_IlHTQS_Ax6VLMbOcMubppm4OATUdJOJdpcDmtl5MdrOVntvXDYsMQf0QCSmnDX0wvXvhjqO8uHMV4es3YWBjYsJ091YiGJ5F9Sb8BjX-GYfr_N7Z7hXoLqwuPagQaBBRKm6j8BX6JlrhtBDb1iu5YhOq0lS9fR0JGwhugGvomFQ2lxuo3AK2P1cIwIsKGP6edM8a2M7sLeyIpjS7Mf1Cka1Q8Pw3PzOov7178AiKZgw9S8y119dxWxOFV4UWmi3SIyotsytNl5uzd-17og-n7ibpP3TmLfIdNVnxmFNwobIsHNjjoFjcokzB03e5gO2VgQDCHQFOWyqeDj3hpbcq3wMxb5NYYVLB9NGUdzdW2o7eb7RMzInrU4hhk846NkN4NT-M65thCptgJ91HzsbaFLUaG8uEaDKmQLWCeFcz5&pr=8%3A7DD6C45D6229FC47&cid=CAQSMgBpAlJWg6ja0qcZb-544amG1alL8RdW6prDJ5jg1rMmcDsevziIuoHEL8Ij1nmtApdXGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202306200101&rfl=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&ds=l&xdt=0&iif=1&cor=3646188446745544000&adk=1712077736&idt=83&cac=0&dtd=10
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d6b0e3583f1be410524d9985b3f29e9a46ea72a4c2bf1040ef6f044c2fd28c0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 88DC 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f294f48a5bc171da79776780d32c77ae3323a508cb595a56f116ecb7578a8e7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57383
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1690198756579870"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jul 2023 10:33:53 GMT
index.html
s0.2mdn.net/sadbundle/4392446959382407207/ Frame 3D29 		1 KB
931 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=Yx0KQy4Nsj&t=1&renderingType=2&ev=01_250
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4666fc10b69d09643e362fb814add39f50877b8b9e7afc839d287a794c28342c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
737
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jul 2023 10:33:53 GMT
expires
Fri, 26 Jul 2024 10:33:53 GMT
last-modified
Thu, 27 Apr 2023 13:50:09 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 88DC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstL0HdFaIQFwCH350MHjl-3umswWqlSoN7Xi0B1GvNAwvl6YFdLZ05AxzmL3uEuRrPGhicX4GYXexVmZKhrHAxrGBl4Haxgg9ZqCkX4Ih4EuAEQgzKEYWWZ36dc7b2ciBefBcNzj8VL0nA6fRf1rZodK7xyaTVOVfVN99L4qcUQeMp7mCuGic8NV-BZJ-wxhsEk9dUFeLSiyxfbIAV8nbh6n41a9XFDIPRz2XuNKkpSaxR2P3R_WjoZjbMnjjMPxJJiAS0hB-kHsjD-_5EBaaCLkwP4Uu0KU9AweT7JUH2M3L4Yzo1jQQV4K3RX_CwSJ0guMrTM7xUWo6Lkf0wYPJWhG6grZzzjL3OT7080M-eSenZJaA5LRUHf7GqvzdQgsmFh-vfOhoV-gZl-G8KBMVG6USKUb8f7MIUr3iNi5kGg72KUwDaJRIOjfd-ljcjpAsAnmLurNOWE00IiCCLfO_6BCdRmKIPUTnxqYs79Bz_bQZzHw7fOZq0JV-Kip59Fm4-_nJnopp6Txpef-F7gGw4eDgF_euRHOpjZv78Y3xZFf9YA6KbmYyXYEjDPw393faKDrjv_TWPJoJjPaHcksriRMaTInp6WF4pUWtLp2K5lPustDHsp-GrKAJlvCo_3Myzi7ynHOLdtp92kwAMvBMCLh9UolgxpDcoYOZ0nDOYeavNyx1seGkk40lBixf_dQfpEvqdr2IEziO1_1dyir2e6IDx1zB1BJKXnOOqi6Ae_8_-ImNxTZ5zbHbboRqzTE2z42PRlupA8YA9esVO4DNwzceQuRFJms1xZKQ7Dcm-4IM4KHwB9s1sBUZVhwgDVwlt08LMiR_38rB4P9Y4c_nf3te237O3U86XbVhMOQ5XBjgpXJ3MRH1jWSCejOi-kioLOnmPIsHQSRqM8tph3JPQ-1ICHIfLuEK1qxTusw_ZF1Mu_2glOUdtZjQEle03YdvTxVqtyZ9o4-J2FG7ncpBZ8bcIp4lQN9OR6knJ4Vf6e8EKaB4Y4qi2RQC7UymXJhHa3KehzngQV7ffVpK6Zr6K2BeEQbfJqIbJGnxvb1jsL0O1qrh_Gue6pqSQzscU9J-yfJAeqiEC2qLhz1AWeTmZwFgblZEkILG58c2g6SidffuENbA-kS-IMwVCDfR73CFd8WIyLPQ6UIvvZ9q2rbZfKI-cg8qN8w5RFEG3FqL1P79SyLA_VHlwcYywas0CSUSkZ0rni4MvyHdBD5KhjG8RG6S4CqMYgK5MR2PmmW7gZ8f-Ub5DtSxcljD5HXetzx6kaGv5juDiaLfbVevOn7zNehXSZ1NiZAnAHwPmVzCbYpcT4&sai=AMfl-YQueQtZ40a14cy5n8CtKp6NAb3RF6Cz07wp2WTId4riT4jY3RGGlYgRzsf54xyFot6TNlaCfH3_Ovu6jekmEIl_NEoMzkAkBQ775o1JLsvcde0OGLvU1YAdzymFEWUUtRbRrQNIo9_8AaWXQmAP1VQ1clOHeFxyJ9QfforetCz5uUF6rlZUPNrXx1WNc1AX6rLbk4WxAbYyP3dST8ttXB0Fv4bBAyyUlXM-0jJAJZ-_SW8fbEFC4Tz3w8c&sig=Cg0ArKJSzKW3LpMXmbOuEAE&uach_m=[UACH]&pr=8:9B1DA98CC08A8BDB&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1539&cbvp=1&cstd=1529&cisv=r20230725.77719&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 27 Jul 2023 10:33:53 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 27 Jul 2023 10:33:53 GMT
ai.aspx
m.exactag.com/ Frame 88DC 		60 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26966436&extCr=181031724&extPm=357115759&gdpr_consent=&gdpr=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
85.14.248.72 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Thu, 27 Jul 2023 10:33:52 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Do, 27 Jul 2023 10:33:53 GMT
X-ET-Code
11
Content-Type
image/gif
Cache-Control
max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp
1119
Expires
Mon, 26 Jul 1997 05:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 88DC 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstdLbx8Yl7MceqMQtG2ZolZP9qD-tU70cNGakVhwWNyITqwE2UawILSaJ5yoAHoU10Ijh3Bqc43uMt3xga0A7Tb2mAD9jOgKDdgebvyZwEhtcoGIubs&sig=Cg0ArKJSzHquDeVVkJ7REAE&id=lidar2&mcvt=1523&p=1110,67,1200,795&mtos=1523,1523,1523,1523,1523&tos=1523,0,0,0,0&v=20230724&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1332890142&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690454030279&rpt=1363&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 3D95 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Origin
https://www.idrlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:37:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71789
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 14:37:24 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/elements/html/ Frame 3D95 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 18:26:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
58044
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
16731591232229431525
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Aug 2023 18:26:29 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/ Frame 3D95 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b2c524428c1a3604e3d1cdc61c2ae371a8f2fc767f801180fcf892db9e07c3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 00:25:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
36485
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11572
x-xss-protection
0
server
cafe
etag
5014499061205845695
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Aug 2023 00:25:48 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3D95 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 21:41:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
46349
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jul 2024 21:41:24 GMT
usync.html
eus.rubiconproject.com/ Frame 635F 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 27 Jul 2023 10:33:53 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame 3D95 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuW1Bo3Kho_i5j44YDnTXsNYD66XmRKwikClNjDeaClkxG-o4JzQM3gD46LgRn1zhMKU7WeBb1B1JAmhQMpLHCDhWCWKc9ODDxmrf_niyk9eM07HnLcVH0xOUQhlsif6sIuWIdLeYiMF4wYn9yrc2AoC-2lkFJUsOq4g7yLsBMGFkK127f1FPwZlHmlq4EWpna122Rz917J6RSIhcIa-r22QEC8DqZ2N7_RgF-BsNSkCItFdgKi0Yb1wpuGOya1QERmHwzEbx3IjbTmdDwRTRjVAnyzNsTH41tX6RDoOeG1SydqWbaeb7iNZOdaH4xNJ1srC62Tv-y12abFd9CQtRJ0vmQ&sai=AMfl-YT70A7Q4Dj2sxrXeVJD_k_XP6zG4FbfvIQ2XtyypSoBuI558yksBz3y2ZocLF66RBZCxfe5K0k8z7Mggc0FRmwvYDpVJHd8p5pXhgweiQlXtvY8ZiShtkiTbrdFekA&sig=Cg0ArKJSzKu8x52xdvAOEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 27 Jul 2023 10:33:53 GMT
truncated
/ Frame 3D95 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a8a6c7bac8f003014a8f6f91bb27df87072df7d855fe3ebaec33b030ec3b082d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame DE8E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2117447505293&version=m202306200101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DE8E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2117447505293&version=m202306200101&ct=76&x=8&cor=2135363407950230300
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame DE8E 		98 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B3zda9WKjR-Qf5q_aTzRWluljIWtoSnGOQXw6CMHavGSnoTdcg-K9MiQDp_NCXy2drHB4ji1lEzZ1q0pb46miU2L40WxRt38ZGokViF1bZdRBkrTDNSRhl5a3QPLnb9qlnjKe-IhpNj9cWVjmkUQEO7MVqImQGzf0GfnxmSEbY_jUqCYI&dbm_d=AKAmf-DkoLIt2tcLeMa8zUfOldR0hFlR-_eWvHyxjxUBNOnI-h1mIbRcR-h7a394Yzvo4MmubGiP08YT-V79FF_ysbGcndgNg7ldeoX6tc8_jHaKsRC3Bu1ecu1IbPX9DXOzFNlTsd9ispleG1WpNMnT0dRlsjWk28gvttPTzbmJfJfoFl0fyqtdC1LE9p7ZKv_yD3cUhpLefpBfzs_bvJH1sHH2DGoeLUNQGEoM_LeYimCY8X5q_G1rB1ZjKCkzM-ZuuuHOrK0VDYe4pd4B3dO0MXXL2QMspzZVFmgaQ8HuBBt8jr8EFl47wzQyxL06pN9jTs0Pk8l6qtRrOiJSoQ2-MWguUZAIZlp7sQsdc23f6dmyjJ4o1pe7Q7KwZBDVHB4Tr1wOXHawVxQydrCanpe2lS_oK96D3-p7HRSvSloHOS67Y7zuzSbnI_ihMQ3A-yJ-ZqVHFH5vaV4-DzKrxNx1rc-HTGfm1SjvBu9XrCwY51jx1U_noo61OeGmhVze8QpTE4rbQBu0o7Bfua6jFFRFzhAX8h9r5mFX-gcmMFfmfNEOHh5c8FERGTkGvF1KNycLCkNDB30AXjZ417CLfsj2LhAWzg-InSQUYmEI2i38tqheo8nzYP22Xnv8kiaB1b6Oe2ENmrpYQzwJUX6O80BDluyKayZ0NcQhSTqvbPIGy9cnbNWrQ1Fz8olAA5u_LmF5re6e7Q_IEavQcppcOD4tOt4OZdzLH2ZTSsyIFHQSfCUG8pgjOIKDoQ0w9sVUzoScQlONwk4dfOuCc1tzVL8dKt7A6-Og_h0aeB9Ym6uwOJB58L-w90c-0d78yfEVVPO_HeEbx7QEfS_GuKsGdTuTqaCFfo3oXagcUNd6Am273brzBpDxnK7M4CkQ04lr0qxPBQrtSQZAjOPtYGMrLYWgHr4O1UnmVET22jiYrsAY7Zz65otRfdxIiN4teeSRq7sKH3Zu9PWjfr0LD6NemVWyte7Ern99IJSonVZbV_Z3WDFdryHHMudpI1u1z73nVc8bgpUEsFrAnovEhioEqtnajkUl34RizmXimdtk0uW4hCjvLYs9gd1tO-tpwIllmI7H74T4Bpc2_XFxmxAtLcOxKYEI-7oAqGb6v7-A5XPf2gLmGAWIE4zDTIfPqgSxCaapUocn4TWQ_dPvMu-RWgP6tAx1E2mdt8S3T_rtEBZyNvkpys65cAzc8w9By1f0uca5wu21f36VCdHBc8xDtNgtURwHMMgGwkzQX2W_v0OJ6vST_Z93PwjvVlOudUFOG0HgjsYV0kyC-c_zjzi8Nf3X9eTHk8UzP8mr9xx98W7Otc6otNiNDgswlYqIcp3a8_tgl1OcZX_y6dpWLODvpyIERVqdwieZR9Hgm2T43qThyY1WPzFErWDGcSf4Z3pMr9Qfib70nnxzqhFbbVFZgARbuutXs2vYnRMJWZpvhFXX69yakpebOkpXN9GQioEclu4QbBGeh7f9n4OlV9jndElhtzeaQJLxlg4K3UTkNXjsyyaJVrnj6jR_ZdyDal74-hKg0cDlhL_Hf_VCymMXVOygMRn1Z2vpgeVcsrWKr658Kgi7L6V5g7rQGewclF4xWaXtbMrH6P1YeGMmGtZ9ijurslNQxrcBa0t5pOXaDwokZd6uWFFsFmw5Xpz6MZUwMSlC-MF1R6XcB2GTynkARff2q3IBfro4JLTWgvveqpm9lGEEKcsARagiBUbfa8U5iOFrdcgspd01rI6800IOXOBjcCgUb2b2qaZlpgLAV07lCBIenSl3K-6DH_hv7zOBZzjLI6z4blILgEiKUHg3SA6eNd9SpoH9blLhGU2in4ZIjrGHlzyqdv-SCRpf3dEIa9nAA3GRvuatjIcW4N38bIQ-ZZtiCk7CqObywx5HickIpFXhBMCZjE5oCnUEvB39jn5ddjV-QBSLp4oVHIfsTsLQW88hj9CQ9r1npdrrAJ-F2bp29r2wSeAgCnmz5maga_8mdtQmPIOZu_oB9trvAKWxYgoEJpB97dgG8b03EQapt5b86eWY6yrNXTFIb3TrElgVBVvHzE0xmuYrfQ5LWQAB7pz5TFPpdK5xI9hA3MkcI7GsUvnXitIL1jBguhAR6sqqGRRvDczkliJ7kupXbo62JpQ6pfrYNAMSUIb_iSYwhwuaAY6TtA7jkLHG_VrTi9SyH1iB3THJQtP6otZr9WXF2TMNBW1025c1hmIDNeUNtA8zJKRpQE8jwEzusx43BMxpfYOjcaIerCqHNj9L-1De58lSZn6g-Qnut7GC6oDkx4yf4KlER1XmuWmU60I5d1Q8E4_buu80u86nrRA6gAYKuVsoHe2jdxpQA_W90MqLT8UE95F00Ody-FTKXTGGhL0WMNH3gX9Q8sJpKRmprZXwPpcVOzDUDxZFZIFWX3DvVkCXQSLLv0L8cRUf9pymJ3v2by0FeU8ZMzYKuIIgfMpI9Vjy1DW2JHzAREJFWnfZvyUSX5z59Hxmchzeh8qJNO8VPiLxEH6EmbHKjtQEtm57fOmh0G1QuB06CbA5WyHRzaaNdRzrE7qmKvyngvR4ikoa5GDKcUkwXiXjAc9ZsaewnDJOiVEeptj5yEWBOSNlz0Lo2UCjIS4xPhPYqhRwlEuhUqFFQ9ifrHWU0d9LGmK9-wdwz41BNMpSWu-CXNCEWpQXPM7cZf-c3iVVvKYUANd45FSF1ohiEoEHYN6-exXqYBJGVH-W8B7W2r2X4U24xAL9NQnvF8f8iIutihC2gpLjSQPkSZiigyr1EdTRJ9s0HgaU9RZHCpuvc5O821S9nul1zVXlwQF5mSAymEUrcJ1Htz2Az1qbeHRlvVPfvRBpbqvRL6kCyyRW2QjVSOAwmHLuT3vcB3-MXZ2_ucEDv4Tml6mmg7Cu-oY9ZvKfY9tmVbF23R3YlF3wSfwCMnx1VxwgL-je9bA-sXFnXLU6eRG9DDyM_CO5qOM-ifQd81v69bV1DqhvuzVx537idK4twbN2baxn7rZv2tT-HK-8rm93I2nMHWIducYaoMw9PDqeyuRXPmanHwA-XrY-cUilX_dJuV5eK8x1MfqkvwHnupWivJ_nusps2TbDHp8vbhflB08h2I9Q2a082ylpUaCDWSy5VBaKqDs0IxvM291zi9gCNjIS6rWnTLLyLC7t2fsi3wT1M5m8_vH7Lt-DrnCx-vsasK8Dzyr-fEZZsghhNsJMwCbmN_tc7RzwIQEcv0j4-tVW0VIueZsG3OKJjMqFRqZt0rLLX8LJ9C9tg_PIrp87JFnYjusxCwZNUt5qBpD1to_CqZZ8cSl09DZgYlM30IjNgN2jdfYPX_pWBOZT33yCUQu5ScACfNexcD1u6705TfAX4Y_vP7FCyW8jI1lXlmSTQwBYG5eN0qe4ZHJGEmAQ4Im7s6oGuvF7XURRoTjssSUzZh1y5OPddkvfzxiaV-67h4RV-GX_0S2yoUJFIhzF7ibFSpyDwaSn8F1eAnjCxs96N1dSGiD81rt-a3kshLGHY7Pessgp9mARj_8owH1l4lb5iE48NOTx30O2bT-tKckUhSYF7TCoeOEKEMijl_g3seiEKhQ&pr=8%3A70506C40A6522493&cid=CAQSMgBpAlJWHnSmB_EhD5rFNeafmJlmg86E0hAVwz05UWMNctBkCyj2uBWRzjVezasv0wgzGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202306200101&rfl=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&ds=l&xdt=0&iif=1&cor=2135363407950230300&adk=2670186539&idt=119&cac=0&dtd=6
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c631d8ea7b4d7439426b2dba92da05bdfb62db36c457c9788878f02757eb4de6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39320
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame FD45 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ecdce583240209e675bd219c031902309f47493f1f3bf05d9329d2186dcd8839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Thu, 27 Jul 2023 10:33:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Jul 2023 01:58:34 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=55441
Connection
keep-alive
Content-Length
10115
Expires
Fri, 28 Jul 2023 01:57:54 GMT
usync.js
eus.rubiconproject.com/ Frame A2A7 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ecdce583240209e675bd219c031902309f47493f1f3bf05d9329d2186dcd8839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Thu, 27 Jul 2023 10:33:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Jul 2023 01:58:34 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=55441
Connection
keep-alive
Content-Length
10115
Expires
Fri, 28 Jul 2023 01:57:54 GMT
usync.html
eus.rubiconproject.com/ Frame 23FB 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 27 Jul 2023 10:33:53 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 34F3 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=31540
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 27 Jul 2023 10:33:53 GMT
expires
Thu, 27 Jul 2023 19:19:33 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
beacon
ap.lijit.com/ Frame 3046 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13401719
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Thu, 27 Jul 2023 10:33:53 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap5ams1
isyn
prebid.a-mo.net/ Frame 67B7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Thu, 27 Jul 2023 10:33:52 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
pbcas
ads.yieldmo.com/ Frame 241B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.149.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-149-212.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Thu, 27 Jul 2023 10:33:53 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame A438 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
799
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7ed43a0cd9fb39d6-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 27 Jul 2023 10:33:53 GMT
expires
Thu, 27 Jul 2023 14:33:53 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
sync
x.bidswitch.net/ Frame 4405
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=699e7c57-443f-4d74-a517-dcf026e860a3&google_hm=Njk5ZTdjNTctNDQzZi00ZDc0LWE1MTctZGNmMDI2ZTg2MGEz
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEBFdWqsFXhmIYv9J4fVzsJQ&google_cver=1&ssp=sonobi&bsw_param=699e7c57-443f-4d74-a517-dcf026e860a3
43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEBFdWqsFXhmIYv9J4fVzsJQ&google_cver=1&ssp=sonobi&bsw_param=699e7c57-443f-4d74-a517-dcf026e860a3
Protocol
H2
Server
18.195.47.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-47-22.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEBFdWqsFXhmIYv9J4fVzsJQ&google_cver=1&ssp=sonobi&bsw_param=699e7c57-443f-4d74-a517-dcf026e860a3
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
359
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 4405
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=de79739b-e69c-4605-8848-59a4ec57a1d7&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=aG11Y3UwUUgyTmluU1hOWUJrNzI1dw&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESECS-jPgMeUTHLVk3DP4eyWM&google_cver=1
49 B
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESECS-jPgMeUTHLVk3DP4eyWM&google_cver=1
Protocol
H2
Server
208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-848647674d-rqbhh
expires
-1

Redirect headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESECS-jPgMeUTHLVk3DP4eyWM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/ Frame 4405
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5107433829054605955
49 B
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5107433829054605955
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jul 2023 10:33:54 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-10
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5107433829054605955
Date
Thu, 27 Jul 2023 10:33:53 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
generic
match.adsrvr.org/track/cmf/ Frame 4405 		70 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=8b725e5cd3&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 27 Jul 2023 10:33:53 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
us.gif
sync.go.sonobi.com/ Frame 4405
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sonobi
  • https://creativecdn.com/cm-notify?pi=sonobi&tc=1
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=XBW8SfbpMG6RWTauYxCu&pi=sonobi&tc=1
49 B
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=XBW8SfbpMG6RWTauYxCu&pi=sonobi&tc=1
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jul 2023 10:33:54 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-137
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=XBW8SfbpMG6RWTauYxCu&pi=sonobi&tc=1
pragma
no-cache
date
Thu, 27 Jul 2023 10:33:53 GMT, Thu, 27 Jul 2023 10:33:53 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
tweenmax_2.0.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 3D29 		113 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=Yx0KQy4Nsj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=Yx0KQy4Nsj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38915
x-xss-protection
0
last-modified
Tue, 19 Jun 2018 18:02:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 10:33:53 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 3D29 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=Yx0KQy4Nsj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=Yx0KQy4Nsj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 04:01:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23563
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Jul 2023 04:01:10 GMT
usync.js
eus.rubiconproject.com/ Frame 635F 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ecdce583240209e675bd219c031902309f47493f1f3bf05d9329d2186dcd8839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Thu, 27 Jul 2023 10:33:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Jul 2023 01:58:34 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=55441
Connection
keep-alive
Content-Length
10115
Expires
Fri, 28 Jul 2023 01:57:54 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8A34 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
256147
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Jul 2023 11:24:46 GMT
expires
Tue, 23 Jul 2024 11:24:46 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 3E39 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARihwJ3cATAB&v=APEucNVwIOvMzap-NJF5qAI_ERdIskvS3Xbm_0vAtFRrIZ68GjoLrjT_eFpXQbf4jYayw188tVHBdpr2UJ_mMkNZLucWw7r7TA
Requested by
Host: 42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
URL: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jul 2023 10:33:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4762 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2995351524988&version=m202306200101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4762 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2995351524988&version=m202306200101&ct=76&x=1&cor=15891779114324222000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 4762 		76 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BpqLFJANwPsMA0fQipWsocNljzugklViGmx9jQpySi-iORzdwdxGgtonKLKzwXaZb4jN5yf7o0yVlj4J3inweuagu3hQ&cry=1&dbm_d=AKAmf-DDRsktsejd-Br37YRVYdD9XdNiQpAzGQy6NTG0KdGZ0eC1O-PVVi-LgThBFPL0yfFE5x4Ki-4opLSspPXCUPybfUqJ2PkVinMeZkullbut2FUJtNVBUamNgO_1aV59U599Bka29u2GvMONbsPOE86_PZMxIqr0KFk1zzh6nj7RmQO1heE04YoLAye9EVF9Rv1GOAhNk36C1rfBowWkbiZvLUGdBuRPpoopsQsRUDSsmUKlNOOnrKSnNg1DqEt3MwnLCzUYPzrnqjVyWAV4sxcis8PIpR-a4_-Xl_8BAVkfEC0iNTdzHTWscunANfz686Qkk5XWtCb_UD2MLhuOIXqW4IgCw5c4afN7XeY4So2SqiqsVI2uK48VyzZ1MvTNKuj2eETiMdW2MDaBPDM46Qa0r4ZHurGT1n17ErCH-i6VgJ9XcrgPWNFLyCJTZOiP-xHEuIei9iGTtujF8NAUwwOyPxcEtt6mP7XM5BCiqwxevghSp5nkBbPl3kvFNbtCxZl3mdam00H7FqF334JIciNUjz-vBDpow5D1XbcAiJVIJbgTYBExgAVmpjXhaTOXnYoSILwroweVCoP_W4zCnuiLmoM_QdF4bs3vFkAxlAk0bSYpMVSbTZ8oqGHmSITAmQ_PaTTRSWH2E4LrlAm6IRlxoara-HfKWyayBTTCGC8YfgJ7xrCkkvexA0YIXtZFfSDTXxc_6Ry1mT5Xqlov8qoJJgu67uDnlxg6eH8wS9zh4AahRa5uXjV2k3AIesAFM5iPDwjAKIHMsuRKa4Wp6IxQ0QprbG8QnKuAZZHQLS2ETC1zRtupgsFDaw4mDa6VoX2Q9LZTTyw7n-_bvYbEby8zPK9V0vj0f8HuUrYK8-DjMuJyTAv24A-7_XQ2_4eN5tTzOK8ekp0FwfjiyyE-WtKPYP1csAFin4kzU6zi3Hi7atQF6gahdx6XBO-9yO96bFXoIcH5VLDHvv8LLsbwMmIheU6KMhgN37UZ1kp4QJn065GQQPb-zWsIi47PqXLLELzu_ftA-2BMDKsXnbfFTfvikWO8C-wEL8jlrnBcuX1bSzgxXgCiXx9et8hqnya-RVva_m48S3JKWZ5koZ_89kAkLQn9UUqmQC0XEOz1k9ksy9ABr2noC1EyeMQnb4Q-EzxPXQh1zaddDjRGvzxwfXWt54J-ewNIaZCGjuMRo5OWkHEMFt3uW_YUsawc8y8vNrgOTJRVgsp9ogZZS20kWITakl6gFyJo9r2M5Zd257HV0gJfSGsBMYnpk1uS2w84uYnhWpZfQ0DHIfKYRS8mv8prQoL6PZ3nxuIbIslME051V8rEI-buOGMTP0WD_avaCFsiacgF7Rz9BObJBBb42kqZEosbpHeVQnRFyQQSYBRuOCuhKPdx-3-AxhIjj7v8gizjoZVNOOh9In76aCOTeN5sGMtY6GuwDhA_h9Z5P1lW8y7Eesia0uTLH_vNF_pCmOZ_qTKg4jUkwYsDQSlrpF6nvcFCRcb71mND1Fc3jAj5LtP55dPQUljPCrdEtyudL5SHMzqWCQjmC4Xe_GPZbZQiy6jDfSlTyUvxqXdrWGdncE3ZLhc-v_sgmlrW2VloHkTpdWxPbOJTgLNbGIRlYgpS7sjGSvqHILu6BY0q2WqzjXn_mBquRA7DOoxY3WkImA_W1DHeXXfju7mk0bfLOlhhmhJFKGBhCtcUsaChC-OSMZYKgRURd39Jd87FF0RQw_tjQbc1j-A3sx37fqTUkqzWCPmRWnqNRsjYu-QMdzvUjODyhuZoLIC9ksmMkggdBVaa2SYKkT7sUhMe3x9pijQPFm4LrdGtiFstDy0vVn5g9yr8sR-e9tRJDAR5N-e8BijtB-0tHc13gEE49Q4PJm8CRJCdH9AVeW34x9VgBwFoD95CRn4umOuvW8EE5VU4LyJZ6jTk66kygo-6MYULne9dL-DE6u_o40s6YSsbTXBc0AEIDlzEwwfVIvV4XwucCE655Jo0UG5xiB-5qTEmFFSoXKraUhR_U_tYP4baW1_KqNVpyNdZTUKjn_l_GqccNUtxm6SjJAn8nURMDeu_MXExiwJlqX0cBvU0jpLQsPc5T_gBUThVg7rUl9-apDOoz7q_LMIiFBTUqLMEKrMhIujGVqY0s9XHG5PsOgHRuK568-JjYuCXBmmLymNs25oGSaQQ5UJCGbgP-HPvagBRwNDXQM4SOfF5dMoXky08Vi--LkRSJXM5dDwF5a6dHw_g_CKGKJyQ1If5zVqoYiSRqbb5JzHI4gSmEjjHOuD1wMkMXQt_YKTS4LZNqyBNTS70fj2yl1eC66F0jXYQWAwjrQHylJjwxniBkqTzatHJafYQu5HpH-LuLiTxSXS0C_9T_oDjssD1foK3YoeXif1pWeX1Z8XO0L1hh8ae82FGFj-snvPLA5BUOAX1mP4F-pNfx0VSBmDCUF1wxwl0oMPXH5MUGi3OIQVfLNn0eDCYOYvuXW5cgVqwai8fsBcxoxQ9-HIASU5-scfyWW5IrXSHTxIXH4AbEPCeeLtlcqDL4b08AEq9P30FujwJ7u80zyrB11f3oYvYNjb_m7C5I-1Ptd84XzqsGfaQdVg15VzAEH78JJvl_kYZWh9dr_PB4q1oxc4vHcN5o1OBCqMK4GUmXmBGU1VC8whDdfUYAiIAylbuzvmd5QTjaflgJKsjUmM01jAJLyQ_t52t9Y---pK0MxR3nkNT-F0zQ8ZQ-ipD5PYjKOG-ULlX7rVbsryz7a3e6Zus55eb3LIDdBGys_Mcz5Dnzntkv0E13Zqg3S2d06is3c2fRcwGAL2s_pjHL0IC5WWFaOuRQBZ7xzz2gkzu0HT2zENGK2ossaeRoAy1W4OZcQmm-obbLWhZypbwuKMdFWqVoINZxX7jT3iNN8qtzOYIBdyvwkBipcc0qZXPozq7knLAcBQsEUvpbR5Q91JumFwX_UCZ3-eVFkQHNIAX5f-TC2YWN5gVoGl0bwDA-kkoZ3mlrufY2zp248aFT-0m4C9W5BV-CW3W_iw6e2wzFGlVOp8gXcLiSPf0FpXDQ4JhbYXl42dCB5frweO__aGw-M4URGrYMG2CDfUlDn6jtCk8vPFhMQYnUMcOZPxCE8ZlfYRkwrV3TgyCYQvBtJrnCKoIbMlYEp1SJMshQiXoYC47SVnwLh5YXLl-WTv4hKBykvp8tQOaCa6asU1RL0DuMphMKfic7_JWXN48t-val_Gs8K3t3P7dvGnE70cM28Tza8nkFwFSGc1KHW4Gb8qQKvmgtTrR-_B1Zen7Vm6HMmzWwAXJV8E-skSDFtav5A9Wou3S7dk-yvTlueV6K6KzwegGI2y6Vv-12eYZeygaIfagZrQgaTxS_pAwGT7vwmmF7P-BQ-JoSyoRGmJpMuDiR9ZzycvnG1kts0WBXin59Wjuy88HiVACM6KxI74gKKKYVcVrEuxt2YMqblUKHZth30WGkXU8sAE9m-c4EpUsxSmVcpVBIw&cid=CAQSPABpAlJWs27qz9kh8kZuKBNPl8odGow4yBSVMohctem53NfhFKIfRkqUmx7uHKnY2u9zj0YXg-a752dJzBgB&dv3_ver=m202306200101&rfl=https%3A%2F%2Fwww.idrlabs.com&ds=l&xdt=1&iif=1&cor=15891779114324222000&adk=602499853&idt=144&cac=0&dtd=88
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f9c3117051ced028bbe4c1103d1454a6234608d8fac648d5e9171f21212c6af5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36284
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 23FB 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ecdce583240209e675bd219c031902309f47493f1f3bf05d9329d2186dcd8839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Thu, 27 Jul 2023 10:33:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Jul 2023 01:58:34 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=55441
Connection
keep-alive
Content-Length
10115
Expires
Fri, 28 Jul 2023 01:57:54 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/ Frame 6F50 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b2c524428c1a3604e3d1cdc61c2ae371a8f2fc767f801180fcf892db9e07c3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 00:25:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
36485
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11572
x-xss-protection
0
server
cafe
etag
5014499061205845695
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Aug 2023 00:25:48 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/elements/html/ Frame 6F50 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 18:26:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
58044
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
16731591232229431525
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Aug 2023 18:26:29 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 6F50 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuMK0zb4mL5oIIVAzj3R3vpAzRxp2pKs2iiWnkxEFOOt4-oEz2_crLYxX52fhEU6pgMkCsw61RaBDwTGrmxj-v3owIIbffmNF575NxejusCbKVv_t2M89EUCs0wQgmUVIeiqu-iFnHDyvFAsboR44ZZBdODhEtePNog0kdRcA5ROfDkCQjUz4cqFfNTWUpLe8wlbak62GuMzLzRQBPTA_LJtFrvaxDuS0_TUwYNB60TTcm1A24gspeLBHasdUYjkM94uP3CS__-4eQPB6FcgLx31Z1DFA_dc790aigqptYkkyslUifJrNui0VD9_AFlz9UfxxrF6PPlby0RfiDPOm7Za95zLH1G5Wk0AjYXbLqvpXYK4YS3XUWCxtbR1wkkRvucdLMPxm8xcz5OovT0Rr0-WJWszaSbxtpyVU22erQOwo3Q6SFDSsa3v4cYnJBVljJHF4103vSCxCdmiWfVaOtAdt6IrfGfh1dVYHUwGxjaUVXoQ9wLeN9AkuOKpE7VmCKTd9rMwk5YyAHlc85TMAXDggRlSeg55TN98B1qPqRuavEdsJYI4NKqZSYmmL6Un1PIGuIiX9MDk_A5wd97UVCi27VuLEMI2ke8RNdvYZMa5dKaLwMcstCM4luLYtPK9JOY8A5ofXD_hE9Pb0Y-2zV44RC2IeVU2z4_QdCdkq2e9RyiXLvfAVw6PWwbIj8_dNDo5htA9fd_KPIZ4ySJfd-GdjqiP308aQPOdOVegwqW1PLh2sPK9PNBIViEyso5TKZHyos7569qctYkt8knnARD2JGH84X3KvN7qRDvauIyXvtj-sYijfK90OdFKxmdhP5Fpv0dhGWnqDzhM0d86aL7v8Fhrv_TQDQYmlhcIU5dkC2Y6ElMWeJjdJEDcaPhWh0c3XLR7yz35Hkg4fS6_HkohNuHo62krQm2ObRIvGoUVsHpDdQo5AWayMPPIwVpjyEkrjbxlv7XtFKFEATsN2UY6JEibDR895OtJW1ym2pFczSDPS-4lxvCot8ciRb9j1JEz1-lQpcA-DdZyTfD44w9-KoHMfInafsIybt2p0r4ejNhSLJ39h1LnzunKLrvnf-f-dDqVNfvwsTcm3cZo5QvACzfaxsR9Z4Y9I_lPx9Z3bCeK-amorQvyQcnkiEjUbELtLN-1vqFmhKIzQ1_ccCW6zrmB_Ny0z2r8tSFQDw7pYH0O2hL_kbdslA8OVr7-3W-eyuAwTqrPV364nPOu4gZPgKk&sai=AMfl-YTt0-ObKUwH8bm2P_Yn4lRDk_psZdMIPoKSUpBrmkM3z9cHOhgy4JE6DU8_Os7ep-AFTHmG0oz7Qqmu4rjuwBpKDRwKUSq1vsqbogSkyE3GdpJ1yE_ERWLW2V9HKl1vXqgciGxX7c-Ky57dhq0OCYSa9rprQgSHD52t9Dz4CczFOk1GZyBzdJRLMXyNRl6A5mFxvrSsgov5k-EgvdUP3cDeqQE_lAJlQiumOqVSgNHYtmKvgwZyRsS2Y6I&sig=Cg0ArKJSzHiEw6ufVxuSEAE&uach_m=[UACH]&pr=8:7DD6C45D6229FC47&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230725.54817&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 27 Jul 2023 10:33:53 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 27 Jul 2023 10:33:53 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 6F50 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 21:41:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
46349
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jul 2024 21:41:24 GMT
18122660957918268753
s0.2mdn.net/simgad/ Frame 6F50 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/18122660957918268753
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81943eaaed3d4739c31bd71d834b6d2597d7ae14e0114757c35d03f5449b1dfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 22 Jul 2023 16:24:45 GMT
x-content-type-options
nosniff
age
410948
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30144
x-xss-protection
0
last-modified
Sun, 11 Dec 2022 07:05:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Jul 2024 16:24:45 GMT
usync.html
eus.rubiconproject.com/ Frame 625A 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 27 Jul 2023 10:33:53 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
truncated
/ Frame 6F50 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b30f85f41d38e70a8fbb5ca03c653c55b2353e61255a8c0b345421b55931787

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/ Frame 3C69 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b2c524428c1a3604e3d1cdc61c2ae371a8f2fc767f801180fcf892db9e07c3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 00:25:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
36485
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11572
x-xss-protection
0
server
cafe
etag
5014499061205845695
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Aug 2023 00:25:48 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/elements/html/ Frame 3C69 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 18:26:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
58044
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
16731591232229431525
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Aug 2023 18:26:29 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3C69 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvf8WzGjvuGMHzbA_n6AZlaweVCuQ-2x88x1gCAkK3yzOyGfW-RmjoDY5bHkW1HnrW8nbbwX-pp1plv2cmsSZd4mBY2KyiuJ_2PkoM0nxZTV-x4ytxDF1FZ-2yf-DBe7VONUej7KA3t1E6MG6cvAL60lQijBS6By2mqd0zJK6Z7iMLH7Uz7i95c-m5jYkokVacFybrGebOhaSbEO7A4W9vgvamLpfmY0UtUwX2z8IWcXs9EC_gl3VQM8xeXkaXRivtt7gpRmPeJeVoyqK2lTUHoww6LNJVA0oKseYVufihMJsL8JuOs4-paQjXxuTW-N-pN3y7A4pjIeYQ7M_tHzurl8qq5ac0NDiZZLDaFa3G2Dtme70mI8CaUXKGAXQfgAs-fVrqh7XiDcqi_cFR0NxlIns5GyicqrrvVMs_sFuoVjXDOiG17WQxRzpxiqFqmZFp0pQSiZgkMJTs1vxvZMP58duMtwNzSfweYRMqutPDj5SFcFbmyv4KH1Mz5jW-OwRmMK4eKUpI03usIbjVYaYK2ejcQM1v5ymQLPPUQXMm4tDVanU09ivbktgocIydqSC1jmVnJpTQBVKFtXK9Dg8nA4SRANNlMLorcSmhIdLFvhMXcfQ9RyeusBzum7v5ckg_z8EnQ4bDNP80xPTI3HiynGzZhbP0NK3drrvTmBHlGYps3wySds1-BZMLenRTJhm-A7ympmGD8EW9aCYkGVx9jc-cdLuJHLbbP7obcGLMMLsGMBThc6DngaANPFvla6gk60JppeT7klgz7SIJb9kBaJXQXV0Rxv0aTUBWpoMOW7zumJJ5mucwaM7zIh3b_g9q_WMxOq6KhfpUfjee8A1qhA15wUFpVorZWbp7trhG_nT9bBJV9kRiVE-ZIE7IE7kAZmpT9AWCXBL2alVkYGv6JDACK2V2LzhG_2wPr8N1uI_MLEVzEPvwd3rVng4Vc1ULufGgVnS_OnQ_I42FceK6aiTsNzfPV6O6wBbVPVU0I2mXGfXmyNpLKu_nZ8epKpHDoSPtWTjvPfqBZeFgVfcSYT60oEfC4q1DOItuKIY9BVxn3wXr9dQTPuRKoInNpWGcpCeDhcwV7csjQKOb29qeVxTEdUIRpwOhsTTBp0AgBjhfyBwPyJib_O_khCPBW_LF1l2T8ViRyt1v6Gm1LXGIyTVpZtihX9QVLz5il2WRHk_RgyOoHUpA2GX8tCeXHu6baU0CvAsXPAaa_N0gY9GTqk47ZywjR&sai=AMfl-YR1eFipWDhkeCaWwpb6YGzIA7hEnmeSmEhHcZ9VqAdA3PdOQa0Umbh--CSbuV-tC-PV-g1cp2Mq5rhKOrvO3tX2msfFCAJENDC__gophHwdOgoPOE2hlZTnECBD3jf4XKRZy8xQeX6LIrzUOtHZRw0VFsESVhZ0Qhi_ShDXDU8e4zV8WqGnHu6ABryH8IDzrSQFuH2j8nlcGadUWmX6nINa1lKO3GP6FLg__I4k4BCqa13IwRWIEGuqlp9N_6C_uwm76A0&sig=Cg0ArKJSzGkMuDDfbUasEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230725.13315&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 27 Jul 2023 10:33:53 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 27 Jul 2023 10:33:53 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3C69 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 21:41:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
46349
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jul 2024 21:41:24 GMT
10607313996946874489
s0.2mdn.net/simgad/ Frame 3C69 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/10607313996946874489
Requested by
Host: 42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
URL: https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b98dab2e9f1133683f48a15f51a689a010dcf3c0988d3b61bdef17cc68bd5ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 23:08:34 GMT
x-content-type-options
nosniff
age
127519
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44028
x-xss-protection
0
last-modified
Wed, 23 Mar 2022 17:16:20 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 24 Jul 2024 23:08:34 GMT
index.html
s0.2mdn.net/sadbundle/4392446959382407207/ Frame 4C66 		1 KB
765 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=dTjriW4yPE&t=1&renderingType=2&ev=01_250
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4666fc10b69d09643e362fb814add39f50877b8b9e7afc839d287a794c28342c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
737
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jul 2023 10:33:53 GMT
expires
Fri, 26 Jul 2024 10:33:53 GMT
last-modified
Thu, 27 Apr 2023 13:50:09 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame F4A0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvSiivfjzDPG4beD4wNI9gkiH6m9Rca-K3YBQFSOywPtzfD795FPgFA9QdpflMAaEqPoR9V0I7wWDoOeiEyc18SaEEMpI06XAfa7w9thsTQGlLCmRqvDH3ClX0OAs0nGvoTHG9N7Reqe6a8xncKfrMlbPv67VkKOmADjK7qZNKUTyoxxu6I1WdYH29QmuFfmqbnAUY5zLWbfftIDAhUk45lL3hvQQmAN7X8po-SHq4gGm0fkVcr_DFSdSD4f5zNKBvY_7znnSnIjil918rRsSmUCefjRqSjF4sss9MT_EE6Oi5_Mc8FL17izNhwG8sEiOcctWF3ZuwarlPM8E5u4F_vEuf8MJolONO15ONnn9yLmUFNy0NRvmBHKgTmwJZaG_q8GC6Jr6uevl3G6SBQvoAZGoRuT8rJKfmoL7Jwz6LNnrQCC7bmZtRb40BdMlpLYrJQgWyXHpdJ_ovqzW1Y6dk7QfmbPq2ibn2MW6aCr8tHN3VvvGw5figOjTcNSEQRdC5DKS9uheQ3R2rjr3r_e5dHjNWJ2WqaRpMuFd2kILdYS41cZLSmie3DyShJDMKhh7okX8N7OQ-7enQQjTPVqIfiVgZZpFd0lnfj2tu_yLKQU_oKw_O0uVhSnedyjUWKVxJehTPBk3emgIfRLoSGHtdfmvKS6nFJU5G_GkXHxszDWaJLgQ47xyfihbM_sk9H0I0EQo2tLS0r-W300d7WbPV5DE2wsGHAc2nvw7rjGXO1m-xOLnZixsT-IFtADjceRWxpInfSkeTBe77ciPhRDyFIcVGkTqiw3fz9QQ1XUfv5tbZjqBkOAP_1rhP0eZslKqbWXS9FqQFhdSGp2q6BLrS7-TesZCbzKQ06JVvKhvWQ_rnOBreR3E_jZz90gIK8zykJXrq6_J9Fgu356V7PmZr05hH-TSoHjFH2FlgWEsKpZ4sIrrbrxBv8K9a-2lbWKQyepWPE6Ysek-FvlFQ0otBO9579gu6-fqNLB-DXrKqXi9nZnlMymieXKl5Mw9ieSp_WRTILij91a7_4HrbybhTsdGapV2HmIR6VGR4X2dbXYj60JdHxpzryfwgukro0NxIN8x6MrSGBk-RguKNCQte6pgJVr5Fxh3Up4eZt4LgT7Ds0_egUksKW6yn_4hxqFXLV0u7JThSNDc2mBajxPzQtW06MF2kocwzdgsmObHWBsZIBTK-Lj_AZeyYCanu-dwPEMjGH5B1le3ILlCvC7FwmbJZj3KqJGr2ICYiNT1h-SRoD2S_r1eP3oTY9yBo5mVRNVpIYYslGPTWQ9hpefra_U8Xmdv2yaENMhTwdpYopR6Z_&sai=AMfl-YRlfeyVLyJSsEJ_sAFXiUX0wQk5LFZHirdDoScC_7HI0CSx1TEkQ3N4iOC4v5fc05vnO1-REYv8hRIrWyhFvwo0m4ZlJLC8758CzqRBL7Nd0OAR743Z8HU_4M9Yx32HScnZ1f1O9ik8HehYlCGafQelBCy8_VhUap9wMjFosBIUwzC4MmVI1nzx8hv0oC6sc77Jn1iHSCHp-0MnOfDXUfyGPro0WHaJqsr5zBFokYyhyb50l_xU-R-fdPc&sig=Cg0ArKJSzEYs1EwYvgWfEAE&uach_m=[UACH]&pr=8:E82BC2E6C1234C66&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=796&cbvp=1&cstd=788&cisv=r20230725.23751&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 27 Jul 2023 10:33:53 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 27 Jul 2023 10:33:53 GMT
ai.aspx
m.exactag.com/ Frame F4A0 		60 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26966436&extCr=181031724&extPm=357115759&gdpr_consent=&gdpr=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
85.14.248.72 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Thu, 27 Jul 2023 10:33:52 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Do, 27 Jul 2023 10:33:53 GMT
X-ET-Code
11
Content-Type
image/gif
Cache-Control
max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp
1119
Expires
Mon, 26 Jul 1997 05:00:00 GMT
index.html
s0.2mdn.net/sadbundle/4392446959382407207/ Frame 1410 		1 KB
765 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=PKyubwgXhv&t=1&renderingType=2&ev=01_250
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4666fc10b69d09643e362fb814add39f50877b8b9e7afc839d287a794c28342c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
737
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jul 2023 10:33:53 GMT
expires
Fri, 26 Jul 2024 10:33:53 GMT
last-modified
Thu, 27 Apr 2023 13:50:09 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame C412 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstL2duQXrgCJrpDjKPpLmWp6Xq9025r08GeAYY88h7LtlP2A6lbl--vuXaZgn96IWwlVCfwwlRhsDkhl7tWCj5OUpJTBRJq-MrfSa71RCIXVt-XkkqrOKUPPiM8slsch9GUzB6vPk35ckUDrtKN2SFEmXys-V-RfVwk-Yf55twEIj3SvzyKmp9rCb1Kfr1eBwGdRNlg8VFD-xg6PZcOcQrN10nMB5Z1wxzLYIkMeABntn_Cy9ZZQ35voaZKa6jv8pckG54morOuc7VcThae8T7Sw0Cx21xTH8UTx8K2WDIXeI7-l5fAf4shWwcwYTfFXF59aA7P9adlY39Wc_zKnsKb1JwDBkep9fKLu7VOwiiPgsTHIHjpOjFxDLbxtF5lg6p6HhSJuHKkaT4HWgawmXM68LjJaRp93DMP4GDKvX99_Us3t3dGZjvGvuKuzzepuXrTh19VSNSzUpG1AoVR6bGpFXyJd1cEvP6uE3GGseqV6X22gE697uAwazwTTeqCByog0HDMVj0wUplYgP39_GT8uhL6LF11muGhlJnex9BYWoUoVlQ-yqVk6YNhxLIXlJeOpnZDqnSZpdA6_Rc9Pv1lYxS1MZJNcCvm6NvN77Kr0A5rdmQSWpQtV3bkcXQDvI6t7keRFvIXWqsgoWhKzqKeEfSd4obOqx6CV3j60cJTbRVZyLbnXlFp1Nk8wA7VurQIQm-xADzNO7vG0qwJxwhqEVsmzD8DIy4GhmvzNL4FcXpmzrW67uGayK3wCGVMFpzqJZi9EjqdhGMe0S-fBoACfl6_JZCU40LKuIFqutJaIkZCUJptgQvouilgJZ11TNI1Rc3xH2vbVUIxMPEijjfunD1ysukE3Lglh3PW99HSKEaZ0jvUh1Ze1K22VyYpWREIurfvEfK6bVdTfW1a-WZ6ApD9o7zlnAfEAo-tVYLOezYxwR9pkwMXtgjDhhjrDzc5vOcW55zwOUu2xo7KezcPXuiDG6wGpVF4dfXRb_J6sr_GQ-aIir2PHk2xYMSjnU0RFoZO9gZ8lQ7kxyM1tR1_O46HBh81pjvtw1F-T0F3eg9dmgm5nFsEP1PLOTc3w49y35IVkhkogIuV07UGM5S_m2MehpZ6JHCwXAumRNlatI-GrjStx6ufMVdXaxDjf6xHfGgFqQDamjbUst7R2zPThZAmg3_yQI718Jj_lhvKoFcDrUnMt03yMtFtyl1mmmiBe6uo9Vgv0s_E4fQDXJBQ_vFnr0SKu772F8_rpw720sA7eJ0EPLGeERCYahgNu4TmOjwN7g8wunuWIEs90eD4OgNNXhAoJOTRdoz1-AOVMQHg&sai=AMfl-YR_tMvzSqmLkxXz-yOJumgX1kxYqzMsdbaLJp1JR_qT0xabeQ7rsMSIrHjy_VeNjqC6aQ0H8tAyVMx7A8udpV-G4xcXn41rK8F8Lu-O5MYjIkfFkmf3j2UOInRZ9Qyj_UrOA9EYCjZgAJ-CKs2KBlQkob0IP_zvofa3CSdbW8K9yRRo1aT3Df-HpFg5S_aEvApr7wSeS2M6zaT2IHUIH_-nV2YBMz49iaRAG6VJYm0Dju3BjMaUyseDt-Y&sig=Cg0ArKJSzNzz71gmHjIYEAE&uach_m=[UACH]&pr=8:E82BC2E6C1234C66&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=722&cbvp=1&cstd=714&cisv=r20230725.74638&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 27 Jul 2023 10:33:53 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 27 Jul 2023 10:33:53 GMT
ai.aspx
m.exactag.com/ Frame C412 		60 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26966436&extCr=181031724&extPm=357115759&gdpr_consent=&gdpr=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
85.14.248.72 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Thu, 27 Jul 2023 10:33:53 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Do, 27 Jul 2023 10:33:53 GMT
X-ET-Code
11
Content-Type
image/gif
Cache-Control
max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp
1119
Expires
Mon, 26 Jul 1997 05:00:00 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame DE8E 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Origin
https://www.idrlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:37:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71789
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 14:37:24 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/elements/html/ Frame DE8E 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 18:26:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
58044
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
16731591232229431525
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Aug 2023 18:26:29 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/ Frame DE8E 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b2c524428c1a3604e3d1cdc61c2ae371a8f2fc767f801180fcf892db9e07c3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 00:25:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
36485
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11572
x-xss-protection
0
server
cafe
etag
5014499061205845695
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Aug 2023 00:25:48 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame DE8E 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 21:41:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
46349
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jul 2024 21:41:24 GMT
usync.html
eus.rubiconproject.com/ Frame 0400 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 27 Jul 2023 10:33:53 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame DE8E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstHHw0ZuvRG2lJhXCrXwFTdvDKeiGUI99UnF4ML6JH2d_PNTS-4Od8guy8wQxTofpBOubANnA1avVqlx6sAfAAVsuasU8vFPBKlOIWrFog3S4a2ephXMvYVW7xsqw9ZCfJWtD_eVcnGH62cPYPXaYMFnHD1La-qCMlLPWwGDsYjTgoae7dmX_nrmDCxYgq2Cx1-hasps08I-OAFol4QVMDO9ceSE6gUY9EuVS3LhTOqquTSvQhHWgsA1tR8MOSrqYSt3ABxNoQC7CZc6pMhNjO0emrzPu6XjBO_UWAExOwVjKCBUslldXlvYrDshIbjpFFyjOUNe0WwzbZL98BbxMyQdbc&sai=AMfl-YRTN0nU22Z83Xs4qDtbMLZiAaIoPCu0ALtaw6iR36m3pbJXcu_6wc0M68-QjGrnzcpseGTrKB6y2YU1K5Pn4PcKU2RvqQ_ADfnMLHlnCRJbopTh8cnGLLO4--f1JDI&sig=Cg0ArKJSzG1ynGKez2R4EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 27 Jul 2023 10:33:53 GMT
truncated
/ Frame DE8E 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f544735fbae5b06e8b2007f761999a2c9b800a57acd37e7528032b88832726ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 3671
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmJmZWMxMThjOThmYzJlNzgyYzY0MGIzZjcyODM3ZjIzNmQ0ZDViNQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmJmZWMxMThjOThmYzJlNzgyYzY0MGIzZjcyODM3ZjIzNmQ0ZDViNQ
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmJmZWMxMThjOThmYzJlNzgyYzY0MGIzZjcyODM3ZjIzNmQ0ZDViNQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 3671
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/6lu4Op-L_WWV0wSkG6view?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-wVnpNlZE2oIaAA5Jui3DQ7hv1x.stI4aoHRoCQ--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-wVnpNlZE2oIaAA5Jui3DQ7hv1x.stI4aoHRoCQ--~A
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 27 Jul 2023 10:33:54 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-wVnpNlZE2oIaAA5Jui3DQ7hv1x.stI4aoHRoCQ--~A
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 3671
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=7wjd5neURfGl-JMj7L8d-A&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7wjd5neURfGl-JMj7L8d-A
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7wjd5neURfGl-JMj7L8d-A
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jul 2023 10:33:54 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TDA6KEEP2Q8MQCDMT5VH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7wjd5neURfGl-JMj7L8d-A
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 3671
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDKtqCS6yYkS6Z-LlOuTvlY&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDKtqCS6yYkS6Z-LlOuTvlY&google_cver=1
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDKtqCS6yYkS6Z-LlOuTvlY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 3671
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKL0OLCI-3-HZPH
0
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKL0OLCI-3-HZPH
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:53 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 8F085E584A7B4924863CCF96F37C009E Ref B: FRAEDGE1917 Ref C: 2023-07-27T10:33:54Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYBdYA5gm7xcGKzcIJoCw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKL0OLCI-3-HZPH
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 3671 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 27 Jul 2023 10:33:53 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 3671
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEtMME9MQ0ktMy1IWlBI
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKaM8MmvnLk9ueeQ1gmdZaQ&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtMME9MQ0ktMy1IWlBI&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtMME9MQ0ktMy1IWlBI&google_push=
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtMME9MQ0ktMy1IWlBI&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
Expires
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 3671
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=oQP-8fFGQ-WCzhMQ1i5-UA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=oQP-8fFGQ-WCzhMQ1i5-UA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=oQP-8fFGQ-WCzhMQ1i5-UA
Protocol
HTTP/1.1
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jul 2023 10:33:54 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1HPEJSRVTR475Z07DGYB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=oQP-8fFGQ-WCzhMQ1i5-UA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
PugMaster
image6.pubmatic.com/AdServer/ Frame 34F3 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=31604075&p=161763&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
653bf260a94cd414dea986015a409b2a1a2f22a9bf91b5d0e1b2f36940c3fc16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 27 Jul 2023 10:33:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
truncated
/ Frame 3C69 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
556bb24d5db2155513026f7c6594fdd274e420ad541682ec4b72cc1d6cccfc14

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/sadbundle/4392446959382407207/ Frame 8792 		1 KB
765 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=IGgQoL8jxx&t=1&renderingType=2&ev=01_250
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4666fc10b69d09643e362fb814add39f50877b8b9e7afc839d287a794c28342c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
737
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jul 2023 10:33:54 GMT
expires
Fri, 26 Jul 2024 10:33:54 GMT
last-modified
Thu, 27 Apr 2023 13:50:09 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 3D95 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstv3OIUcxf9El7io3g8KAychtrElC3s2iOXVpOPW4DjOy6J82TFyBIC7Ru-6hI4aNWpGHKv68jczuYPBTILkIZwL0tetiJaE-odAwwY-OcNqOwUZj_4ZHI1luhqCgGRJNhz-YVd1kr-kPNK-drNgqm0o__pU5pgAQhcnsAcv_KfaB0MnFxpqW0U8yiWINDL-Nt-jX89qVTLadzId5p8zMgMC0dMTiSny_y1LACi3evaqaSGYpG-nqY_1ZIhvpod1hXHUpgYb98U6XEJ3kBKacibFAKlOiD6YHA02unV3ZMcQorW-RVq_VwFRqTx6wIV6nXFA61ahHgsbogHc-YGjX96NKPUjy6gZHgq6xpBUmjJafJdFFh6VBK7NeTthUhg3UFAOdNK6UkqgSZxo3O4cTpjN8U0qIdnY5ExvTznkjERbz7ncmppzIjAHPavWFYSJjIgALLxBpZPQTHZkgfSe6EaA4xFkSLnvtZcMBpWC_Ya80NfnEdMFJkmAG3yLo65y7toYcRAGHLJzdZ88eRU9-Oys-2cDQ1q1JkO14ApuuSnXynJB4lpBCjMgq-bbrPalV5rg4oaBj9R2Bkxtz_xCEahS5VjeodyMrHWBbwzYE4QenZ0sk20AZlO8s8JAwjfzdCKdKbN6yd84Vn-1n50TqbKovv9pCsbWtu7nXQRmLNEGtm0UGLb_gSHd-bEkVAWIUQNTf_A8h1Ml6Vv22bN_kFzLT7eKCPJb0nt4oQYakY54N4oLL0KWcuKXS9MwSgAq9Tj9LKzXV0u5Wh2rmVCJ8q5jj9fHHgZ2AZsxYA_lFH_1ZcTfDXniBtRoUGSH9HuLnlxK4EB3BGH7CdnqNEjmoS0AiYoLwV1LLz2y0quH8toBalByfy8MNJKSexGzFQchjMB9SYdpXbkSaAQdq10_FZ69iRPzsKM8i-U-f2xyqLvJK0KaxZHtG-T7mGbwPEZ5atXYP1BqdFlID_C9FKQD8QduLd2hqfQaViSNLSPfXbDY3H5wwCqWIIRp2jPRsQ9g8ik_wzDH2QF4xJiB6Ex6FjgJ-ElXz-bmREZY26n4suhZqIjwFhzDy_jiy-JZCUkUnNVu2vZw4V-1EDZ-ZKaFDzu2nZS3lKx5GySH_gA0jN3zw4Gu7uL-kUAWFqbcun3qba6bYB8Ex-L1jzvenPCsEzNuxrf3MfWafkN5_r2rfCXcIT7fVI2thaYTpiNtpQyKmytWMSqMEYL6Ye26_uihS7dhesHywRX8iOyy3eQAizG1PCnWGesPGFOcW_-FoEgK5CK3al8fJCaOp5lru4sg54jAJgjQBpLfCVJ9dxkUvzIsmoM&sai=AMfl-YRVSbVPnLFP4DNMZgxAxPDU2uwP-ZPnh9amA8mFhDT6-CX4H9OdUtTyJbVGrB0Rdo95Mv16t-9EkcjnlMVcWeXVX9366PXp63MWV28L3I5xz_c1m5JS8yAbzlUQOXJiNRVLOkSeYQ_CCembv4NR1pG6c83oHLWUPQiduCyBBx8xnirzaSX3sbnlbSeFl-O87ISzB_R6cod3hpIYJVOCAjF9q8Kt1OMnCM44qWRWXW3s__x73d2D9BHvy3g&sig=Cg0ArKJSzKklMYaYmVimEAE&uach_m=[UACH]&pr=8:9B1DA98CC08A8BDB&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=808&cbvp=1&cstd=797&cisv=r20230725.18438&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 27 Jul 2023 10:33:54 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 27 Jul 2023 10:33:54 GMT
ai.aspx
m.exactag.com/ Frame 3D95 		43 B
1013 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26966436&extCr=181031724&extPm=357115759&gdpr_consent=&gdpr=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
85.14.248.72 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Thu, 27 Jul 2023 10:33:53 GMT
X-Content-Type-Options
nosniff
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
Content-Length
43
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Do, 27 Jul 2023 10:33:54 GMT
X-ET-Code
11
Accept-CH
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.idrlabs.com
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
1119
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
10607313996946874489
s0.2mdn.net/simgad/ Frame E5BC 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/10607313996946874489
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b98dab2e9f1133683f48a15f51a689a010dcf3c0988d3b61bdef17cc68bd5ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 23:08:34 GMT
x-content-type-options
nosniff
age
127520
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44028
x-xss-protection
0
last-modified
Wed, 23 Mar 2022 17:16:20 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 24 Jul 2024 23:08:34 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/ Frame E5BC 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b2c524428c1a3604e3d1cdc61c2ae371a8f2fc767f801180fcf892db9e07c3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 00:25:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
36486
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11572
x-xss-protection
0
server
cafe
etag
5014499061205845695
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Aug 2023 00:25:48 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/elements/html/ Frame E5BC 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 18:26:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
58045
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
16731591232229431525
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Aug 2023 18:26:29 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame E5BC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssnmBg3m18utVPZhPC6snZk0taGIY107mw7soOQjTFDFgG2XIzaEaOG_ZHGgb_0OVzR6bTYD_cFO70k-jc7TVBnmcBisnACUElDEEtNs5y3Kkc7dEunFkzmpD3BzgmHqnoc8MXnyk2pYWunO4T_EN7tmgKChcOJOplRPQCRDq-4pNkkTriNM6Piuq8LPRSG5bhneWmxPwsPiLZbCwN-GIXw0b9NG_SMB125TqwSR_BSzAfPYBtMd9zt-L6THoOCL-pVp8WO9XfuYGldY9-ohlQRC0H5Ijv_Ch-2bnQHnlQzUkkYEzttrJ-G7SijeW1Q9nIAIisIEB0t7EaSb2tWP6nzIASAJ3LISy4xBmq052BHFhr9EZtnRRZ4BIhw6JIq1IbxffEp2IdkddbQiPxzbu8QVEG2W9epVjcoVgOYzj1Sp6RzPjVxsV99mcUwx50cIxFy6neA1G7U43kqVQazwJLiBz3OGhB6UvRtNwZAkGLXYiR82y3S_B4DBGlE9CcMJA7KvdkU6cPabCbcoc99hXI22dHq9hnUFRshV5WGwTA5TJb1MewqyNC2Y80Kzeyej0L2Zx-8ze9oIW5Ri-OTMybgyRQfcXnsPC2XnY7lQ7JrrRuKa4NKLz-xfN2yRBch6oRuq0hHs3JIwZ7xI5WuCPPTjX68zXqidfmzy62euGGeE3zaRvr0IMgVJ5MVbZgZ9pPmBf415eVBI8hiujYb9E55fA1iE1ny7eJWEOGIHt0VuJijh3ZpzVR9HG4_B8gaW0VRk3m0v_lAprtYoB1VQThcAm7edl7YRvax95P5Z1fbK_8RVxV9fY-HYtS-gcU8isSWc5Pe_KIH-tMbR_E9uhd13OwJUHd41KIYcHQd4WG1UfMofRO88dWjs63QsGPjjXMSS2Xvmt7lKVR_BmNy10FerEoFxEHmPDYy5Wf5MdwPVFQQROpMkSq8T5JsGynW7ggjhadFX6c8yUF0pcINXhTRaIGtxPsBcwW62m-Ck6B201jH9m3ymwW64vRpk_OjH8WcxMT3ax_R224xQLsJo-O8XJ5MjKdEAI8Yhoh2328WT8GU4lqokiyuWWZNvytb9UTmBqg9saEYrVgaHfBJ5zu9hBp1Ju0Oo38IyfDPTd0jTgZsAVYu66oavxIgsgHVXGyEEgwauz78WOJQN8JUGRCrQ10YiIvlezazIx57MuvqybXBFZyRoMun4KB0cy7OPL1V8BP1Wo6yc0jRR36EDQesKf1wuyWG&sai=AMfl-YQF3dYXNTRunpMuBQib53FgieOnPyN90MFTBDaDt2UyTRXKw_T9Br5Q0Nbwgy7RMl-LiG34FtTJcmVNv9et4efB4MGuUFg0HC7b1FgmY1mQItvCK7po2rmqmlGSex3TBmWk-WZnnoLoqKoHPsCeThfG6NnNokCVyWoReNUYWEZQ7VhUdeB-H18eJBSPGBe2KPrCt-nWxSpotQLJ54L8wqIAWEUKwdxKy59-spsQEuNBNSazskmNImPOjJR5At7n23Ud7dA&sig=Cg0ArKJSzPDky494tdEIEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230725.37437&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 27 Jul 2023 10:33:54 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 27 Jul 2023 10:33:54 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame E5BC 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 21:41:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
46350
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jul 2024 21:41:24 GMT
10607313996946874489
s0.2mdn.net/simgad/ Frame 5B67 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/10607313996946874489
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b98dab2e9f1133683f48a15f51a689a010dcf3c0988d3b61bdef17cc68bd5ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 23:08:34 GMT
x-content-type-options
nosniff
age
127520
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44028
x-xss-protection
0
last-modified
Wed, 23 Mar 2022 17:16:20 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 24 Jul 2024 23:08:34 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/ Frame 5B67 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b2c524428c1a3604e3d1cdc61c2ae371a8f2fc767f801180fcf892db9e07c3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 00:25:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
36486
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11572
x-xss-protection
0
server
cafe
etag
5014499061205845695
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Aug 2023 00:25:48 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/elements/html/ Frame 5B67 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 18:26:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
58045
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
16731591232229431525
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Aug 2023 18:26:29 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 5B67 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuFrfAowSgiG1tcXeHkPLoxciifz3vCF5LGc1F0hfqTkpX7B0HcC6GVWoQDeSopFVZEt0T9lcrw1VhzSgyB3We2qYLtEyLrMzFfdizfQRqaOSxHCUlSFrc67sK42Pd5_OZHGRdfbkRSAPmxDZn5mK1ZQYnN5hWKTyzdiZmqZXUY6mwXAQVqq7XIUgyz6w8sJYrBOwilH0lV6Eo4LfIu96lVqglIEKl64XW8k8eNWkycxvF7L8Q3yMu3uOH5nDfK_yIkDw3rVnuMPQRAkmicJOlIxuBCyk58tQfKT02Jes0hszL1NtHtqoKbBaVBNm78esMEBLZgD-lzJ0pIHu6nNSYxTQ7yXFTVz2z4EcsAraLPCKvgoumoohbotR9RYFdiFANTBbjl5BsJ71hwrqaKy3hWEQXvU4DwRKUHoJ2toctltEMy_755oM-uD_9qW_vFCIfZb9--ZiZ9MO7HO4ZrtnHs-Q5rAiJZR5JKe1Dm1mtCALrvxljrNlqh6TCZXBZl1Ty-7_bm3wHEhG59wVlRBZieB6Wo__lHLL_VGYsZqGvO9kQQWZhz64nq9ShWJJw2wdgrOrXvnNaImK6bVDOX1wtGTiv5fvdMCFtQt-9AVnenLA6n7Y2tUiWu5VvkjkpcEZsuHNski83Lyq4jMVnHxlKZU7jM-s309k_GvYq5ToPAKb3fT4BViI0Ki6QdVB2ooAqNB8AHS59ZreLfnqDrdt8ip9AMMHYcQNTh_ig5PO6milT-Cd7xuE-5tS8SUO8heWeRyX-3xq76gZKiRHXCAHx8Unu5cCsIcoV3ERO-2Xi6hgJrbnck21gILdZBTDjkzfaESExjnRtqhbQnyaq0UAqkjEF7_dCOWzEe4Xxkpna0HwoDhU8uqxsJSdB1AnBzEELODIQpU9rdsghjzU0-fUyQ1fWRsAIcRT4GR9uQrKgCkXb8HL9x7RZhOPb9LnHiNyZ3coeVHA__pLDsrCCPXeOcEo1jKb6E4oSHL8sc4Xgai3drDu5hW2bnv-GB2sskKg0yQLJ1R3Asvh4ezqj3vJuyUKpBhtoxWnShYht0kuF1qas79-EaMd0KShVuPrJIFVWMkDYsNBaW5DbF6q1MgSPb7wD70LSYQm7gs8unqoljwmd5vrij1kW3AepHItHsz3kpX0jfuNTKK6LjjTPRiJIjvWXmZLaNmjALUp3a0o572GMXXpcbSkN76a_m5g0lP7lZQ4zvc0S28D_uNU_MpMyXWKayBT9y&sai=AMfl-YSvN68PMBi0zeC9KS_ct6oaQc41mucY7nL7uzo51_4AHERdES66MYXOHe88VHkIu-XL3ltDBeR57VKwFQdkL3pRsQt19zdNQh9Vjbysne8jqXOXxydL02jcmWVzaWZZqF4Wq_c3sygDnkZIHX_K3XvNU5FFnnnsVNnJRWbF-qMpARW1sdxnRWXwRkQQuaaAzkeBfZ-asfayjxckZAM1_Kwd4g6Kt2y4-tNxObxQPVEwfDvmrgU-JuIuW0PgMMokQJ6pNvA&sig=Cg0ArKJSzGGdiMP-8zHNEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230725.65781&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 27 Jul 2023 10:33:54 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 27 Jul 2023 10:33:54 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5B67 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 21:41:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
46350
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jul 2024 21:41:24 GMT
usync.js
eus.rubiconproject.com/ Frame 625A 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ecdce583240209e675bd219c031902309f47493f1f3bf05d9329d2186dcd8839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Thu, 27 Jul 2023 10:33:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Jul 2023 01:58:34 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=55440
Connection
keep-alive
Content-Length
10115
Expires
Fri, 28 Jul 2023 01:57:54 GMT
tweenmax_2.0.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 1410 		113 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=PKyubwgXhv&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=PKyubwgXhv&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38915
x-xss-protection
0
last-modified
Tue, 19 Jun 2018 18:02:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 10:33:54 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 1410 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=PKyubwgXhv&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=PKyubwgXhv&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 04:01:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23564
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Jul 2023 04:01:10 GMT
tweenmax_2.0.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 4C66 		113 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=dTjriW4yPE&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=dTjriW4yPE&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38915
x-xss-protection
0
last-modified
Tue, 19 Jun 2018 18:02:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 10:33:54 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 4C66 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=dTjriW4yPE&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=dTjriW4yPE&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 04:01:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23564
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Jul 2023 04:01:10 GMT
usync.js
eus.rubiconproject.com/ Frame 0400 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ecdce583240209e675bd219c031902309f47493f1f3bf05d9329d2186dcd8839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Thu, 27 Jul 2023 10:33:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Jul 2023 01:58:34 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=55440
Connection
keep-alive
Content-Length
10115
Expires
Fri, 28 Jul 2023 01:57:54 GMT
usermatch
ssum-sec.casalemedia.com/ Frame DB2B 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
3bdf11c1503648d8dc6d0d548e4e6b4e98f91ce55decc4f845b6bf16beaa6435

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1521
Content-Type
text/html
Date
Thu, 27 Jul 2023 10:33:54 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
dt
dt.adsafeprotected.com/ Frame BE47
Redirect Chain
  • https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiUVVBUlRJTEUxIiwicHVibGlzaGVyVXVpZCI6ImE1ZGIwMmIwLTJiNzgtNDlhMy04NGZmLTAwNTU5ZDY5N2NiOSIsInNpdGVVdWlkIjoiYWZkZGVmNWQtYzIwNC00MGE5LWI0ZmItOTY...
  • https://dt.adsafeprotected.com/dt?anId=10173&asId=02d94593-4b1c-45f4-b61a-a7fcd961d31e&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A2%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted...
43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10173&asId=02d94593-4b1c-45f4-b61a-a7fcd961d31e&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A2%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoFirstQuartile%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Protocol
H2
Server
2600:1f13:800:7780:2e74:fc05:44c0:c11d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:54 GMT
server
nginx
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43

Redirect headers

Location
https://dt.adsafeprotected.com/dt?anId=10173&asId=02d94593-4b1c-45f4-b61a-a7fcd961d31e&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A2%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoFirstQuartile%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Date
Thu, 27 Jul 2023 10:33:54 GMT
Connection
keep-alive
Content-Length
0
Vary
Origin
Content-Type
image/png
dc_oe=ChMIk52n_9eugAMVTUQdCR3a8AOdEAAYACDv_NNaOhkIkfXfZxCr9_bAsAQY7vmM4wMguJid9eoRQhMIk4Hi_teugAMVZQdVCB12AQMU;dc_rmcid=CAQSTABpAlJW3PvCY_hZdjb_cWvqd9IibV0l5rHOCs8IB-X8kE-mAD6bUTqwEzVpsxcI79AVArWSo...
ade.googlesyndication.com/ddm/activity/ Frame BE47 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIk52n_9eugAMVTUQdCR3a8AOdEAAYACDv_NNaOhkIkfXfZxCr9_bAsAQY7vmM4wMguJid9eoRQhMIk4Hi_teugAMVZQdVCB12AQMU;dc_rmcid=CAQSTABpAlJW3PvCY_hZdjb_cWvqd9IibV0l5rHOCs8IB-X8kE-mAD6bUTqwEzVpsxcI79AVArWSo91fknfe6t7nmKYZ595COuRLvXk86RUYAQ;eps=CIDhgBAQARgdMgKqAjoCgEBIvf3BOg;met=1;acvw=sv%3D954%26v%3D20230710%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,168,299%26tos%3D3960,0,0,0,0%26mtos%3D3960,3960,3960,3960,3960%26amtos%3D0,0,0,0,0%26mcvt%3D3960%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D4199%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D21%26pst%3D258%26dur%3D15018%26vmtime%3D4209%26dtos%3D1807%26dtoss%3D2%26dvs%3D1807%26dfvs%3D1807%26dvpt%3D1807%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3960,3960,3960,3960,3960%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D561231848%26psm%3D31%26psv%3D30%26psfv%3D30%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3960;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1690454029983;ecn1=1;etm1=0;eid1=960584;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame BE47 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CTwp6C0jCZNPPOuWO1PIP9oKMoAGc-8DPcbiYnfXqEZ64iLaDAxABINjV2CtgleqTgqAHyAEFqQJNX8c-XJ6yPqgDAcgDmwSqBPcBT9CYXfLJnPGSdg5iuZfxMGD_NEy-VsjqUJt-dwmge7R9HlxH_84wXNxqAug_cQXSO1GosPyj1zoh5LNmh7RU0X1jxOY-OvHhVlbcLaNJECmlwZVllR8h-3EpbylIcamIKu0Uztx_ziSaT4P3RU7EMmv9WJ7DcVcZIxaeI2frp9zO-acUKv--Ov0FpHVhMxmIfliFsKU61ceq7hS8UHfGovHoMJ75S7WzKlwIgH1uqdQNATxi0vboYMukBGn1vXxZo2vKkUH8h_fAqBB8UvwIfhAC0JQUPfmiBEy3seZ5jp1a5Y2bX6yktwn2h_y68wtkRNa8zI6RQ8AEq_f2wLAE4AQDkAYBoAZOgAfPv8FnqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTUzMTE1MDU0MjkyMzI4MDWACgOYCwHICwGADAGwE5jBjRTIE-75jOMD0BMA2BMKiBQG2BQB0BUB-BYBgBcB6BcF&sigh=ZCDe-Nm9wWE&label=videoplaytime25&ad_mt=4209&acvw=sv%3D954%26v%3D20230710%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,168,299%26tos%3D3960,0,0,0,0%26mtos%3D3960,3960,3960,3960,3960%26amtos%3D0,0,0,0,0%26mcvt%3D3960%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D4199%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D21%26pst%3D258%26dur%3D15018%26vmtime%3D4209%26dtos%3D1807%26dtoss%3D2%26dvs%3D1807%26dfvs%3D1807%26dvpt%3D1807%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3960,3960,3960,3960,3960%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D561231848%26psm%3D31%26psv%3D30%26psfv%3D30%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3960&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1690454029983
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 6F50 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuMK0zb4mL5oIIVAzj3R3vpAzRxp2pKs2iiWnkxEFOOt4-oEz2_crLYxX52fhEU6pgMkCsw61RaBDwTGrmxj-v3owIIbffmNF575NxejusCbKVv_t2M89EUCs0wQgmUVIeiqu-iFnHDyvFAsboR44ZZBdODhEtePNog0kdRcA5ROfDkCQjUz4cqFfNTWUpLe8wlbak62GuMzLzRQBPTA_LJtFrvaxDuS0_TUwYNB60TTcm1A24gspeLBHasdUYjkM94uP3CS__-4eQPB6FcgLx31Z1DFA_dc790aigqptYkkyslUifJrNui0VD9_AFlz9UfxxrF6PPlby0RfiDPOm7Za95zLH1G5Wk0AjYXbLqvpXYK4YS3XUWCxtbR1wkkRvucdLMPxm8xcz5OovT0Rr0-WJWszaSbxtpyVU22erQOwo3Q6SFDSsa3v4cYnJBVljJHF4103vSCxCdmiWfVaOtAdt6IrfGfh1dVYHUwGxjaUVXoQ9wLeN9AkuOKpE7VmCKTd9rMwk5YyAHlc85TMAXDggRlSeg55TN98B1qPqRuavEdsJYI4NKqZSYmmL6Un1PIGuIiX9MDk_A5wd97UVCi27VuLEMI2ke8RNdvYZMa5dKaLwMcstCM4luLYtPK9JOY8A5ofXD_hE9Pb0Y-2zV44RC2IeVU2z4_QdCdkq2e9RyiXLvfAVw6PWwbIj8_dNDo5htA9fd_KPIZ4ySJfd-GdjqiP308aQPOdOVegwqW1PLh2sPK9PNBIViEyso5TKZHyos7569qctYkt8knnARD2JGH84X3KvN7qRDvauIyXvtj-sYijfK90OdFKxmdhP5Fpv0dhGWnqDzhM0d86aL7v8Fhrv_TQDQYmlhcIU5dkC2Y6ElMWeJjdJEDcaPhWh0c3XLR7yz35Hkg4fS6_HkohNuHo62krQm2ObRIvGoUVsHpDdQo5AWayMPPIwVpjyEkrjbxlv7XtFKFEATsN2UY6JEibDR895OtJW1ym2pFczSDPS-4lxvCot8ciRb9j1JEz1-lQpcA-DdZyTfD44w9-KoHMfInafsIybt2p0r4ejNhSLJ39h1LnzunKLrvnf-f-dDqVNfvwsTcm3cZo5QvACzfaxsR9Z4Y9I_lPx9Z3bCeK-amorQvyQcnkiEjUbELtLN-1vqFmhKIzQ1_ccCW6zrmB_Ny0z2r8tSFQDw7pYH0O2hL_kbdslA8OVr7-3W-eyuAwTqrPV364nPOu4gZPgKk&sai=AMfl-YTt0-ObKUwH8bm2P_Yn4lRDk_psZdMIPoKSUpBrmkM3z9cHOhgy4JE6DU8_Os7ep-AFTHmG0oz7Qqmu4rjuwBpKDRwKUSq1vsqbogSkyE3GdpJ1yE_ERWLW2V9HKl1vXqgciGxX7c-Ky57dhq0OCYSa9rprQgSHD52t9Dz4CczFOk1GZyBzdJRLMXyNRl6A5mFxvrSsgov5k-EgvdUP3cDeqQE_lAJlQiumOqVSgNHYtmKvgwZyRsS2Y6I&sig=Cg0ArKJSzHiEw6ufVxuSEAE&uach_m=[UACH]&pr=8:7DD6C45D6229FC47&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=511&vt=11&dtpt=510&dett=2&cstd=0&cisv=r20230725.54817&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 27 Jul 2023 10:33:54 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6F50 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvvbFXlGvPIMsTx7hnjCaN1NKtDpgsTS2jWXahHGTVoFXC0T8zlzAgVEy6rULXrG3eZmJayvpqiduSQUb8V2n5HMYhAhIBCIRqHKeit-P4XqaIwF5PgCFw_teSw_gdwGQtP0HgpTasWfm_6Uhd2yyjkkddYuJ1EEJtV--VlyICmcKeZKmxdkBnIDC4AsxNgyVji6kAWnDlmE0D9d3Fs9uHJO6eEpYwlgmeq8VCqx1YJIrbPWyV9BqTD2bnYO5pbp6B71r6IND818E6qzPXOog1FYXFD-2vfIWd3Q9VqGJrTp8vuNkMNuOkfxcn6KfLZvzFWn39BQmEdFPeb0RjGlM3cuTg&sai=AMfl-YQUffxafxduzVg7_EONWM7MYxZ1ZwnYuPrLKEKgYmPO0PNFfCxkCzTOJieQm4KWWgqGp6SfV3u3T-2QbzMgRqLk4K5QpsTCsdUCwuJvEf6OBGhnYe2YUBrbbWpJDz0&sig=Cg0ArKJSzLofclIPiw3LEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 27 Jul 2023 10:33:54 GMT
tweenmax_2.0.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 8792 		113 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=IGgQoL8jxx&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=IGgQoL8jxx&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38915
x-xss-protection
0
last-modified
Tue, 19 Jun 2018 18:02:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 10:33:54 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 8792 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=IGgQoL8jxx&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=IGgQoL8jxx&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 04:01:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23564
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Jul 2023 04:01:10 GMT
truncated
/ Frame E5BC 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5bffd910e7624e46044c38023206088a5831e9e0acb982a062d9ef039258fae5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 5B67 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c45264ae1e2af885a75703644078313bb362cc4a451cc04005037c29f62353d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 4D62 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
256148
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Jul 2023 11:24:46 GMT
expires
Tue, 23 Jul 2024 11:24:46 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 3C69 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvf8WzGjvuGMHzbA_n6AZlaweVCuQ-2x88x1gCAkK3yzOyGfW-RmjoDY5bHkW1HnrW8nbbwX-pp1plv2cmsSZd4mBY2KyiuJ_2PkoM0nxZTV-x4ytxDF1FZ-2yf-DBe7VONUej7KA3t1E6MG6cvAL60lQijBS6By2mqd0zJK6Z7iMLH7Uz7i95c-m5jYkokVacFybrGebOhaSbEO7A4W9vgvamLpfmY0UtUwX2z8IWcXs9EC_gl3VQM8xeXkaXRivtt7gpRmPeJeVoyqK2lTUHoww6LNJVA0oKseYVufihMJsL8JuOs4-paQjXxuTW-N-pN3y7A4pjIeYQ7M_tHzurl8qq5ac0NDiZZLDaFa3G2Dtme70mI8CaUXKGAXQfgAs-fVrqh7XiDcqi_cFR0NxlIns5GyicqrrvVMs_sFuoVjXDOiG17WQxRzpxiqFqmZFp0pQSiZgkMJTs1vxvZMP58duMtwNzSfweYRMqutPDj5SFcFbmyv4KH1Mz5jW-OwRmMK4eKUpI03usIbjVYaYK2ejcQM1v5ymQLPPUQXMm4tDVanU09ivbktgocIydqSC1jmVnJpTQBVKFtXK9Dg8nA4SRANNlMLorcSmhIdLFvhMXcfQ9RyeusBzum7v5ckg_z8EnQ4bDNP80xPTI3HiynGzZhbP0NK3drrvTmBHlGYps3wySds1-BZMLenRTJhm-A7ympmGD8EW9aCYkGVx9jc-cdLuJHLbbP7obcGLMMLsGMBThc6DngaANPFvla6gk60JppeT7klgz7SIJb9kBaJXQXV0Rxv0aTUBWpoMOW7zumJJ5mucwaM7zIh3b_g9q_WMxOq6KhfpUfjee8A1qhA15wUFpVorZWbp7trhG_nT9bBJV9kRiVE-ZIE7IE7kAZmpT9AWCXBL2alVkYGv6JDACK2V2LzhG_2wPr8N1uI_MLEVzEPvwd3rVng4Vc1ULufGgVnS_OnQ_I42FceK6aiTsNzfPV6O6wBbVPVU0I2mXGfXmyNpLKu_nZ8epKpHDoSPtWTjvPfqBZeFgVfcSYT60oEfC4q1DOItuKIY9BVxn3wXr9dQTPuRKoInNpWGcpCeDhcwV7csjQKOb29qeVxTEdUIRpwOhsTTBp0AgBjhfyBwPyJib_O_khCPBW_LF1l2T8ViRyt1v6Gm1LXGIyTVpZtihX9QVLz5il2WRHk_RgyOoHUpA2GX8tCeXHu6baU0CvAsXPAaa_N0gY9GTqk47ZywjR&sai=AMfl-YR1eFipWDhkeCaWwpb6YGzIA7hEnmeSmEhHcZ9VqAdA3PdOQa0Umbh--CSbuV-tC-PV-g1cp2Mq5rhKOrvO3tX2msfFCAJENDC__gophHwdOgoPOE2hlZTnECBD3jf4XKRZy8xQeX6LIrzUOtHZRw0VFsESVhZ0Qhi_ShDXDU8e4zV8WqGnHu6ABryH8IDzrSQFuH2j8nlcGadUWmX6nINa1lKO3GP6FLg__I4k4BCqa13IwRWIEGuqlp9N_6C_uwm76A0&sig=Cg0ArKJSzGkMuDDfbUasEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=555&vt=11&dtpt=554&dett=2&cstd=0&cisv=r20230725.13315&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 27 Jul 2023 10:33:54 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C412 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvj60wTX74P-SzwfvBK7-hs3yB55y7W6feBhteP8mvC6IquaL2uyZQk-JPEB-nReb7QJKMSXtWHQB4Qoo2j0b_z1aqHRJv2NETZeX5_wL1c36g3JPXg&sig=Cg0ArKJSzNbHDylXYqSuEAE&id=lidar2&mcvt=1207&p=1110,67,1200,795&mtos=1207,1207,1207,1207,1207&tos=1207,0,0,0,0&v=20230724&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3516126248&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690454030733&rpt=2385&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F4A0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv4qEZ99sS5A8eqV3a2_NwNXnAIq4OT28IFa5tJBwDoTL6p8HWTNQllSHG_kS56kcIC94GHUnfvqBJihoCOI3q1NmeDC8wQa1BjdqtzLzxs3J53PYBR&sig=Cg0ArKJSzJ3Ssz2P2Hu5EAE&id=lidar2&mcvt=1210&p=1110,67,1200,795&mtos=1210,1210,1210,1210,1210&tos=1210,0,0,0,0&v=20230724&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2445953488&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690454030700&rpt=2328&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame C2DD 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
256148
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Jul 2023 11:24:46 GMT
expires
Tue, 23 Jul 2024 11:24:46 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 983F 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
256148
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Jul 2023 11:24:46 GMT
expires
Tue, 23 Jul 2024 11:24:46 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame E5BC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssnmBg3m18utVPZhPC6snZk0taGIY107mw7soOQjTFDFgG2XIzaEaOG_ZHGgb_0OVzR6bTYD_cFO70k-jc7TVBnmcBisnACUElDEEtNs5y3Kkc7dEunFkzmpD3BzgmHqnoc8MXnyk2pYWunO4T_EN7tmgKChcOJOplRPQCRDq-4pNkkTriNM6Piuq8LPRSG5bhneWmxPwsPiLZbCwN-GIXw0b9NG_SMB125TqwSR_BSzAfPYBtMd9zt-L6THoOCL-pVp8WO9XfuYGldY9-ohlQRC0H5Ijv_Ch-2bnQHnlQzUkkYEzttrJ-G7SijeW1Q9nIAIisIEB0t7EaSb2tWP6nzIASAJ3LISy4xBmq052BHFhr9EZtnRRZ4BIhw6JIq1IbxffEp2IdkddbQiPxzbu8QVEG2W9epVjcoVgOYzj1Sp6RzPjVxsV99mcUwx50cIxFy6neA1G7U43kqVQazwJLiBz3OGhB6UvRtNwZAkGLXYiR82y3S_B4DBGlE9CcMJA7KvdkU6cPabCbcoc99hXI22dHq9hnUFRshV5WGwTA5TJb1MewqyNC2Y80Kzeyej0L2Zx-8ze9oIW5Ri-OTMybgyRQfcXnsPC2XnY7lQ7JrrRuKa4NKLz-xfN2yRBch6oRuq0hHs3JIwZ7xI5WuCPPTjX68zXqidfmzy62euGGeE3zaRvr0IMgVJ5MVbZgZ9pPmBf415eVBI8hiujYb9E55fA1iE1ny7eJWEOGIHt0VuJijh3ZpzVR9HG4_B8gaW0VRk3m0v_lAprtYoB1VQThcAm7edl7YRvax95P5Z1fbK_8RVxV9fY-HYtS-gcU8isSWc5Pe_KIH-tMbR_E9uhd13OwJUHd41KIYcHQd4WG1UfMofRO88dWjs63QsGPjjXMSS2Xvmt7lKVR_BmNy10FerEoFxEHmPDYy5Wf5MdwPVFQQROpMkSq8T5JsGynW7ggjhadFX6c8yUF0pcINXhTRaIGtxPsBcwW62m-Ck6B201jH9m3ymwW64vRpk_OjH8WcxMT3ax_R224xQLsJo-O8XJ5MjKdEAI8Yhoh2328WT8GU4lqokiyuWWZNvytb9UTmBqg9saEYrVgaHfBJ5zu9hBp1Ju0Oo38IyfDPTd0jTgZsAVYu66oavxIgsgHVXGyEEgwauz78WOJQN8JUGRCrQ10YiIvlezazIx57MuvqybXBFZyRoMun4KB0cy7OPL1V8BP1Wo6yc0jRR36EDQesKf1wuyWG&sai=AMfl-YQF3dYXNTRunpMuBQib53FgieOnPyN90MFTBDaDt2UyTRXKw_T9Br5Q0Nbwgy7RMl-LiG34FtTJcmVNv9et4efB4MGuUFg0HC7b1FgmY1mQItvCK7po2rmqmlGSex3TBmWk-WZnnoLoqKoHPsCeThfG6NnNokCVyWoReNUYWEZQ7VhUdeB-H18eJBSPGBe2KPrCt-nWxSpotQLJ54L8wqIAWEUKwdxKy59-spsQEuNBNSazskmNImPOjJR5At7n23Ud7dA&sig=Cg0ArKJSzPDky494tdEIEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=312&vt=11&dtpt=311&dett=2&cstd=0&cisv=r20230725.37437&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 27 Jul 2023 10:33:54 GMT
dcm
s.amazon-adsystem.com/ Frame DB2B 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZMJIDVI2FTazn26vlFh6dwAACEoAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jul 2023 10:33:54 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WPXDBAA7KA3B5Q9NEVGH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame DB2B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZMJIDVI2FTazn26vlFh6dwAACEoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBhtKKybMjFU71Mb2HGc6K0&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBhtKKybMjFU71Mb2HGc6K0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jul 2023 10:33:54 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBhtKKybMjFU71Mb2HGc6K0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame DB2B 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 27 Jul 2023 10:33:54 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ZMJIDVI2FTazn26vlFh6dwAACEoAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame DB2B 		43 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZMJIDVI2FTazn26vlFh6dwAACEoAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:da00:7cb3:2a5d:49ee Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:54 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
rum
dsum.casalemedia.com/ Frame DB2B
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1690540434
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1690540434
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jul 2023 10:33:55 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1690540434
pragma
no-cache
date
Thu, 27 Jul 2023 10:33:54 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame DB2B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2665416385726008439&expiration=1691663635
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2665416385726008439&expiration=1691663635
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jul 2023 10:33:55 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2665416385726008439&expiration=1691663635
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
ix
ad4m.at/ad/sim/ Frame DB2B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers
sync
x.bidswitch.net/ Frame DB2B 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.47.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-47-22.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
htw-pixel.gif
cdn.indexww.com/ht/ Frame DB2B 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZMJIDVI2FTazn26vlFh6dwAA%262122
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:55 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
63775
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ed43a16ba43367a-FRA
content-length
43
expires
Fri, 28 Jul 2023 10:33:55 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3D95 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu51HGnJD9RQfcdh_b8_CQsvF-x5NmDeArbZKhFuFgf6DFBZJHmJK6qcC6lqwicnZrymipye-bbiDoWWPU3rHVoAKBV35AsQtFaAtmK5Y95yubkMeAh&sig=Cg0ArKJSzEeS1vRtattgEAE&id=lidar2&mcvt=1133&p=1110,67,1200,795&mtos=1133,1133,1133,1133,1133&tos=1133,0,0,0,0&v=20230724&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3272850789&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690454030783&rpt=2470&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 5B67 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuFrfAowSgiG1tcXeHkPLoxciifz3vCF5LGc1F0hfqTkpX7B0HcC6GVWoQDeSopFVZEt0T9lcrw1VhzSgyB3We2qYLtEyLrMzFfdizfQRqaOSxHCUlSFrc67sK42Pd5_OZHGRdfbkRSAPmxDZn5mK1ZQYnN5hWKTyzdiZmqZXUY6mwXAQVqq7XIUgyz6w8sJYrBOwilH0lV6Eo4LfIu96lVqglIEKl64XW8k8eNWkycxvF7L8Q3yMu3uOH5nDfK_yIkDw3rVnuMPQRAkmicJOlIxuBCyk58tQfKT02Jes0hszL1NtHtqoKbBaVBNm78esMEBLZgD-lzJ0pIHu6nNSYxTQ7yXFTVz2z4EcsAraLPCKvgoumoohbotR9RYFdiFANTBbjl5BsJ71hwrqaKy3hWEQXvU4DwRKUHoJ2toctltEMy_755oM-uD_9qW_vFCIfZb9--ZiZ9MO7HO4ZrtnHs-Q5rAiJZR5JKe1Dm1mtCALrvxljrNlqh6TCZXBZl1Ty-7_bm3wHEhG59wVlRBZieB6Wo__lHLL_VGYsZqGvO9kQQWZhz64nq9ShWJJw2wdgrOrXvnNaImK6bVDOX1wtGTiv5fvdMCFtQt-9AVnenLA6n7Y2tUiWu5VvkjkpcEZsuHNski83Lyq4jMVnHxlKZU7jM-s309k_GvYq5ToPAKb3fT4BViI0Ki6QdVB2ooAqNB8AHS59ZreLfnqDrdt8ip9AMMHYcQNTh_ig5PO6milT-Cd7xuE-5tS8SUO8heWeRyX-3xq76gZKiRHXCAHx8Unu5cCsIcoV3ERO-2Xi6hgJrbnck21gILdZBTDjkzfaESExjnRtqhbQnyaq0UAqkjEF7_dCOWzEe4Xxkpna0HwoDhU8uqxsJSdB1AnBzEELODIQpU9rdsghjzU0-fUyQ1fWRsAIcRT4GR9uQrKgCkXb8HL9x7RZhOPb9LnHiNyZ3coeVHA__pLDsrCCPXeOcEo1jKb6E4oSHL8sc4Xgai3drDu5hW2bnv-GB2sskKg0yQLJ1R3Asvh4ezqj3vJuyUKpBhtoxWnShYht0kuF1qas79-EaMd0KShVuPrJIFVWMkDYsNBaW5DbF6q1MgSPb7wD70LSYQm7gs8unqoljwmd5vrij1kW3AepHItHsz3kpX0jfuNTKK6LjjTPRiJIjvWXmZLaNmjALUp3a0o572GMXXpcbSkN76a_m5g0lP7lZQ4zvc0S28D_uNU_MpMyXWKayBT9y&sai=AMfl-YSvN68PMBi0zeC9KS_ct6oaQc41mucY7nL7uzo51_4AHERdES66MYXOHe88VHkIu-XL3ltDBeR57VKwFQdkL3pRsQt19zdNQh9Vjbysne8jqXOXxydL02jcmWVzaWZZqF4Wq_c3sygDnkZIHX_K3XvNU5FFnnnsVNnJRWbF-qMpARW1sdxnRWXwRkQQuaaAzkeBfZ-asfayjxckZAM1_Kwd4g6Kt2y4-tNxObxQPVEwfDvmrgU-JuIuW0PgMMokQJ6pNvA&sig=Cg0ArKJSzGGdiMP-8zHNEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=290&vt=11&dtpt=289&dett=2&cstd=0&cisv=r20230725.65781&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 27 Jul 2023 10:33:54 GMT
index.html
s0.2mdn.net/sadbundle/4392446959382407207/ Frame 6A07 		1 KB
765 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=TF3HqI8J8x&t=1&renderingType=2&ev=01_250
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4666fc10b69d09643e362fb814add39f50877b8b9e7afc839d287a794c28342c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
737
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jul 2023 10:33:54 GMT
expires
Fri, 26 Jul 2024 10:33:54 GMT
last-modified
Thu, 27 Apr 2023 13:50:09 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame DE8E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssMx_1rHClUlscsy2ENvvzY1y_NamtR8O3391Mx5Tf3desn3ZyLIb1ZkmWD3CiCPlE_SkzMkjjIfgp5W07TOKDMokEkCXUN-AxGvfDsRn7X9rrUX7-vevqdx4JgSs5mrlnLZWk7WRtKtb9EY50onAfvX6ePydVqrHBsq7NmP4OjhCUX514hx0D6DFDxumw25PNBJ4UegBEhjB2pju0sp1kCG-myFltzl07e1zHT92COsMAvBo-V88TXC9lDAhMaqBSeUCTCjmFIgpocuPI7x_nyDOxhrrbSOd6k1xWA2nJgKbgMJYQCMoEJUyubJWCYXcmuI41ZJM92zYHzU26m9UCXmMV5NJcSbTdzvN9LYmHQO3uPfOYPO0LCBM57abW41Okc_jiWsdyGvf5vngFb2Tp6GH15VcDF2wzKkFVi1zRXbtiFFHSNAtLa6ludqgGXG0M45ArpMdPfydHEWHUTKEFpntY9C9ZmvTvpGQTMYIeC157pX3T-RXpLW7YjTdkd-OGkJQA8IqxAwyHQFegXhoXVbSpEAbZyuUmzKt0FrKcWPBvUWbXZHty68UnOCtXJhMrQNqC7tiQ8H4yonCw766gE-BtAdGU167yxrNM_8dxtrJ7lopmEGLPX1FS17QZ5VX3wDMMXck2QhuPg_EZhooWUSpa8ymhpOhKcOr734Dc4SKfpOLGol46-Q4V9iMs762nUsBrPRaxNOx_JmAskKYdwjG61_JfWzEGL8czM_J_VFM7CsrDxIP2cOJvyGi5M2NNNUE6scQy5wlTQsPQIyHbST3bqXoE8GWQw9CZV0tXyzXJfx-zYkYTmhJwJ9V85iwmfHr8YKd6gBWxzeqKyAtBSdktpQBM3qNXZ-OYz4tJSeqbjolFyDW-1_2GRG38jC5d6xU6-0N52-1ApqHCe39eQVH0MnLelg_4G_8s9AC2jsjRpyb71AI1VJpYiBBqrBjSEkgni3G-5XTE-ipYTAw6Q9-g4fyq6Sm8TypDEGqkvv12rRh87TSaPu1xS03maRC9UeVtdpFnPdJcEIoAI4wTFNFmRQStcLIMqqNg0AYq4X-jfqx0aNERAZLODYVGj77MocfLGo59p2ReIUkwy9xxMM0S62OPcwrEJS_Dn6e3pXo1_4ChBezHngooAUGt7z8VPYJHbcoLIR34UbkTvXzcVHHq90bJU_6MtzctLC1BLzgHzcT6cqxZRH1CRsgy4MIFOpwhNj9rbNzCOAcDsX0kXzOk64G1zve2omWhB3lxRNkgLVvLdf9zAssNt4mIqCmKl_QX_cCHs0kRJxfsMzGxwr-TnArajSRi1To1w99g&sai=AMfl-YQADZpVHHG_aAdNW0eyJiKqJefhZgc2C7gx1ydxlOhECIS3ydFHCYS-0JJGLq4XD8CK2py4E_6QQfcixu2-B6Ixixk_F5yEpmib9sMfD0PqLhHRDi9p3BUffmgyodEeJGSXEHXj9jOLWBxRJ2SLLh7RBiZBsUoy7ExnzvM1JtI_XdZ8sMHzaiFjDHjXXkWal-OQi_zhXbpHVXqzZBXh8o66HLBMPOfrTsyMK1e20-i96HXBXKrQwZAgCR4&sig=Cg0ArKJSzJDlzV10J2xpEAE&uach_m=[UACH]&pr=8:70506C40A6522493&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=577&cbvp=1&cstd=567&cisv=r20230725.60708&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 27 Jul 2023 10:33:54 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 27 Jul 2023 10:33:54 GMT
ai.aspx
m.exactag.com/ Frame DE8E 		60 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26966436&extCr=181031724&extPm=357115759&gdpr_consent=&gdpr=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
85.14.248.72 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Thu, 27 Jul 2023 10:33:54 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Do, 27 Jul 2023 10:33:54 GMT
X-ET-Code
11
Content-Type
image/gif
Cache-Control
max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp
1119
Expires
Mon, 26 Jul 1997 05:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 88DC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstL0HdFaIQFwCH350MHjl-3umswWqlSoN7Xi0B1GvNAwvl6YFdLZ05AxzmL3uEuRrPGhicX4GYXexVmZKhrHAxrGBl4Haxgg9ZqCkX4Ih4EuAEQgzKEYWWZ36dc7b2ciBefBcNzj8VL0nA6fRf1rZodK7xyaTVOVfVN99L4qcUQeMp7mCuGic8NV-BZJ-wxhsEk9dUFeLSiyxfbIAV8nbh6n41a9XFDIPRz2XuNKkpSaxR2P3R_WjoZjbMnjjMPxJJiAS0hB-kHsjD-_5EBaaCLkwP4Uu0KU9AweT7JUH2M3L4Yzo1jQQV4K3RX_CwSJ0guMrTM7xUWo6Lkf0wYPJWhG6grZzzjL3OT7080M-eSenZJaA5LRUHf7GqvzdQgsmFh-vfOhoV-gZl-G8KBMVG6USKUb8f7MIUr3iNi5kGg72KUwDaJRIOjfd-ljcjpAsAnmLurNOWE00IiCCLfO_6BCdRmKIPUTnxqYs79Bz_bQZzHw7fOZq0JV-Kip59Fm4-_nJnopp6Txpef-F7gGw4eDgF_euRHOpjZv78Y3xZFf9YA6KbmYyXYEjDPw393faKDrjv_TWPJoJjPaHcksriRMaTInp6WF4pUWtLp2K5lPustDHsp-GrKAJlvCo_3Myzi7ynHOLdtp92kwAMvBMCLh9UolgxpDcoYOZ0nDOYeavNyx1seGkk40lBixf_dQfpEvqdr2IEziO1_1dyir2e6IDx1zB1BJKXnOOqi6Ae_8_-ImNxTZ5zbHbboRqzTE2z42PRlupA8YA9esVO4DNwzceQuRFJms1xZKQ7Dcm-4IM4KHwB9s1sBUZVhwgDVwlt08LMiR_38rB4P9Y4c_nf3te237O3U86XbVhMOQ5XBjgpXJ3MRH1jWSCejOi-kioLOnmPIsHQSRqM8tph3JPQ-1ICHIfLuEK1qxTusw_ZF1Mu_2glOUdtZjQEle03YdvTxVqtyZ9o4-J2FG7ncpBZ8bcIp4lQN9OR6knJ4Vf6e8EKaB4Y4qi2RQC7UymXJhHa3KehzngQV7ffVpK6Zr6K2BeEQbfJqIbJGnxvb1jsL0O1qrh_Gue6pqSQzscU9J-yfJAeqiEC2qLhz1AWeTmZwFgblZEkILG58c2g6SidffuENbA-kS-IMwVCDfR73CFd8WIyLPQ6UIvvZ9q2rbZfKI-cg8qN8w5RFEG3FqL1P79SyLA_VHlwcYywas0CSUSkZ0rni4MvyHdBD5KhjG8RG6S4CqMYgK5MR2PmmW7gZ8f-Ub5DtSxcljD5HXetzx6kaGv5juDiaLfbVevOn7zNehXSZ1NiZAnAHwPmVzCbYpcT4&sai=AMfl-YQueQtZ40a14cy5n8CtKp6NAb3RF6Cz07wp2WTId4riT4jY3RGGlYgRzsf54xyFot6TNlaCfH3_Ovu6jekmEIl_NEoMzkAkBQ775o1JLsvcde0OGLvU1YAdzymFEWUUtRbRrQNIo9_8AaWXQmAP1VQ1clOHeFxyJ9QfforetCz5uUF6rlZUPNrXx1WNc1AX6rLbk4WxAbYyP3dST8ttXB0Fv4bBAyyUlXM-0jJAJZ-_SW8fbEFC4Tz3w8c&sig=Cg0ArKJSzKW3LpMXmbOuEAE&uach_m=[UACH]&pr=8:9B1DA98CC08A8BDB&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2833&vt=11&dtpt=1294&dett=3&cstd=1529&cisv=r20230725.77719&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 27 Jul 2023 10:33:54 GMT
YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
pagead2.googlesyndication.com/bg/ Frame 8A34 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:18:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
72946
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14704
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Jul 2024 14:18:08 GMT
10607313996946874489
s0.2mdn.net/simgad/ Frame 4762 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/10607313996946874489
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b98dab2e9f1133683f48a15f51a689a010dcf3c0988d3b61bdef17cc68bd5ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 23:08:34 GMT
x-content-type-options
nosniff
age
127520
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44028
x-xss-protection
0
last-modified
Wed, 23 Mar 2022 17:16:20 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 24 Jul 2024 23:08:34 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/ Frame 4762 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b2c524428c1a3604e3d1cdc61c2ae371a8f2fc767f801180fcf892db9e07c3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 00:25:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
36486
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11572
x-xss-protection
0
server
cafe
etag
5014499061205845695
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Aug 2023 00:25:48 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/elements/html/ Frame 4762 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 18:26:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
58045
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
16731591232229431525
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Aug 2023 18:26:29 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4762 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvLEMJKJKZSAkCvpjtaAUSHwMeyhWhdKV83W0F5dCglnVqo6GwAy4eVqyPo2TEmlPwAE51KULqjc8oKe1joeNi8ZdMsI3s5YPVYnF6zBKE17qc6LtB0xWxNvXl5iPwso7gARieQVR-is0U3daxYJO0gw99QtpvYrBx-DmiVmVV8wqTanls4knuY9LoxvO_1sKNYAoEMY7YcdUQPNP9mE4dkPrQ2lp9K07NRto0HIz1IAEC4LRXexOHw9aRBFqPdaHjODjlyOpC5eg5SmKzx23IxUWCe0kjaF6g39TM0T5NB3IDS6j_cfHrMIry7vX66LHEHVInyk6wA4BGPyvxQge7sLc5D49NMDx5lf0q2gETVEMSWniqQmbMX_lF8XcOibvap4ewHuji4v9tNxr6OUn748jOPWnviHfCECDeI88Ms7MCVHtoNqh3hvUi96089Z11ZPMhwIkUbwf77Vfm-SOf6x0MCF_cbh5TZhT00FQcBstm31FuVZ-EqhewgJcxYVUrnAQAPst23KPh-YWfTK4NosInrJsaYuJ7d0MvbbNlm-jfxcgmKP9IKJtTFlX3i47rnFAQ1U6pvYnajzD7cZ15EVl7GUShGRJ8ryGrRyFMkflkJ-Mg7jMq6JjMvhts12SQzo-oi7z6G53k7IoI56e-k0G0k3PusXB-pVYXtKeVw_B7guvkoJ-ZX09qUfWIJXFS_NPKJpozJ61HJNsPj9wqGWALYDLJQKQQrS_IKkuOaMmH4WH3tkrWlpXsuOf2G9biY-lAv-L5dWA76Rm5U9zKLxCuLjIjHBJbKMiMjvWxq6-P1POsyXtln0cL-AZRd7uDT3sebO2_B2ACn2pCMp0iXiZ2KmCpawgr_KG4hgAS667Y3nPygTqOMY4KessYyJHF-Mhodbiu7razxk-pu6Y3e3P5k2sWJCDfuB8fn2QGN4iHW5mG_u7940q2T5YsC8L6z4qsYKHxcaPE8ySWiwFxkAUodCi-eFkVjNz6NVM8XrB1XjTipFFvekhjBH8JA4cdXibEp7SYGuP0VxuE0FxbUK_8suynJIK4Kuy6DsHrl0ad8XDX-b-i1WLM0IwvmwfvX1ue1Qkq0U_l_VCHn04RTfDil1VHv0Dud_J3dT94NNCN1pXDG-vKmuvXNgbHSJJWWejMgNKQHecC5NAKGSbYm3HMm9EsYetapqch6F03-Gf12EwHB2socKHtbNao-nZrzo-hfJdjLtysolXTdRDkxhDDKfFvDDw&sai=AMfl-YSOjiEWPy2oBWRchyiM9DfdDTJEvB1mMDshf1E7RisHz0hIfnHAAfJm3ke_Q_SiGDT-S0Hx9c9RY1QTwH5lgAcIYlMDFEcJNEET2_tAVh23ElSu_rdOkp8TrDcNv8DcUqN0-DJX-y5WSuKN8V3e819eehWv3VE_93SCFH7bTVQheWEAS8oNtiW79x30ltUoe4KKAcfPmEuNJ77er90No5cWG6M8nn1u6wIt_UAFYPfiXtHnJrc0odBiyUpdCpPnbFgqGIk&sig=Cg0ArKJSzHLrpMH3bT3FEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230725.84682&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 27 Jul 2023 10:33:54 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 27 Jul 2023 10:33:54 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4762 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 21:41:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
46350
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jul 2024 21:41:24 GMT
Pug
image2.pubmatic.com/AdServer/ Frame F258
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4779171506127490503
42 B
196 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4779171506127490503
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 27 Jul 2023 10:33:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4779171506127490503
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 48BC
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 27 Jul 2023 10:33:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jul 2023 10:33:54 GMT
expires
Thu, 27 Jul 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
4887737
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame 5001
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433829054605955
42 B
275 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433829054605955
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 27 Jul 2023 10:33:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Thu, 27 Jul 2023 10:33:54 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433829054605955
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
dcm
aax-eu.amazon-adsystem.com/s/ Frame AF63 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D47DA65B-5255-4629-8516-71A0FB352C91&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 27 Jul 2023 10:33:54 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
J0E8DJ5N6X8VADAZX930
Pug
image2.pubmatic.com/AdServer/ Frame 49BF
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4FI65eJeabP7Xzqx71B057VfYe77VTjktwJ3HMuG
42 B
418 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4FI65eJeabP7Xzqx71B057VfYe77VTjktwJ3HMuG
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 27 Jul 2023 10:33:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Thu, 27 Jul 2023 10:33:54 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4FI65eJeabP7Xzqx71B057VfYe77VTjktwJ3HMuG
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 34F3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1H2mW1JVRimFFnGg-zUskQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:54 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=31539
accept-ranges
bytes
content-length
5606
expires
Thu, 27 Jul 2023 19:19:33 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 34F3 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=D47DA65B-5255-4629-8516-71A0FB352C91&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.165.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-165-126.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:55 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.18.85
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 34F3
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1636278750
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=D47DA65B-5255-4629-8516-71A0FB352C91
0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=D47DA65B-5255-4629-8516-71A0FB352C91
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:54 GMT
via
1.1 google
last-modified
Thu, 27 Jul 2023 10:33:55 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=D47DA65B-5255-4629-8516-71A0FB352C91
date
Thu, 27 Jul 2023 10:33:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame 34F3
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=D47DA65B-5255-4629-8516-71A0FB352C91
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=OGQySERyNUZkelpSNk91MTQxQlZOTVM5dw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=2665416385726008439&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
HTTP/1.1
Server
54.172.28.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-28-235.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Thu, 27 Jul 2023 10:33:56 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 27 Jul 2023 10:33:55 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 34F3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDQ3REE2NUItNTI1NS00NjI5LTg1MTYtNzFBMEZCMzUyQzkx&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 27 Jul 2023 10:33:54 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 34F3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENR9kwjRm1LURek_5vOdRrs&google_cver=1
42 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENR9kwjRm1LURek_5vOdRrs&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 27 Jul 2023 10:33:54 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENR9kwjRm1LURek_5vOdRrs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 34F3 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:54 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 26 Jul 2023 10:33:54 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 34F3
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2665416385726008439
42 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2665416385726008439
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 27 Jul 2023 10:33:55 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2665416385726008439
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 34F3 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 27 Jul 2023 10:33:54 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
generate_204
tpc.googlesyndication.com/ Frame 12D3 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?zxQLOA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:54 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
tweenmax_2.0.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 6A07 		113 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=TF3HqI8J8x&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=TF3HqI8J8x&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38915
x-xss-protection
0
last-modified
Tue, 19 Jun 2018 18:02:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 10:33:54 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 6A07 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=TF3HqI8J8x&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=TF3HqI8J8x&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 04:01:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23564
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Jul 2023 04:01:10 GMT
truncated
/ Frame 4762 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6d827deb3a499659759c9f9c9e34fd3e5829a5632764d477ce9b95918e60f879

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame D2BA 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
256148
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Jul 2023 11:24:46 GMT
expires
Tue, 23 Jul 2024 11:24:46 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 408F 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
256148
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Jul 2023 11:24:46 GMT
expires
Tue, 23 Jul 2024 11:24:46 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 16FA 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
256149
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Jul 2023 11:24:46 GMT
expires
Tue, 23 Jul 2024 11:24:46 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 4762 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvLEMJKJKZSAkCvpjtaAUSHwMeyhWhdKV83W0F5dCglnVqo6GwAy4eVqyPo2TEmlPwAE51KULqjc8oKe1joeNi8ZdMsI3s5YPVYnF6zBKE17qc6LtB0xWxNvXl5iPwso7gARieQVR-is0U3daxYJO0gw99QtpvYrBx-DmiVmVV8wqTanls4knuY9LoxvO_1sKNYAoEMY7YcdUQPNP9mE4dkPrQ2lp9K07NRto0HIz1IAEC4LRXexOHw9aRBFqPdaHjODjlyOpC5eg5SmKzx23IxUWCe0kjaF6g39TM0T5NB3IDS6j_cfHrMIry7vX66LHEHVInyk6wA4BGPyvxQge7sLc5D49NMDx5lf0q2gETVEMSWniqQmbMX_lF8XcOibvap4ewHuji4v9tNxr6OUn748jOPWnviHfCECDeI88Ms7MCVHtoNqh3hvUi96089Z11ZPMhwIkUbwf77Vfm-SOf6x0MCF_cbh5TZhT00FQcBstm31FuVZ-EqhewgJcxYVUrnAQAPst23KPh-YWfTK4NosInrJsaYuJ7d0MvbbNlm-jfxcgmKP9IKJtTFlX3i47rnFAQ1U6pvYnajzD7cZ15EVl7GUShGRJ8ryGrRyFMkflkJ-Mg7jMq6JjMvhts12SQzo-oi7z6G53k7IoI56e-k0G0k3PusXB-pVYXtKeVw_B7guvkoJ-ZX09qUfWIJXFS_NPKJpozJ61HJNsPj9wqGWALYDLJQKQQrS_IKkuOaMmH4WH3tkrWlpXsuOf2G9biY-lAv-L5dWA76Rm5U9zKLxCuLjIjHBJbKMiMjvWxq6-P1POsyXtln0cL-AZRd7uDT3sebO2_B2ACn2pCMp0iXiZ2KmCpawgr_KG4hgAS667Y3nPygTqOMY4KessYyJHF-Mhodbiu7razxk-pu6Y3e3P5k2sWJCDfuB8fn2QGN4iHW5mG_u7940q2T5YsC8L6z4qsYKHxcaPE8ySWiwFxkAUodCi-eFkVjNz6NVM8XrB1XjTipFFvekhjBH8JA4cdXibEp7SYGuP0VxuE0FxbUK_8suynJIK4Kuy6DsHrl0ad8XDX-b-i1WLM0IwvmwfvX1ue1Qkq0U_l_VCHn04RTfDil1VHv0Dud_J3dT94NNCN1pXDG-vKmuvXNgbHSJJWWejMgNKQHecC5NAKGSbYm3HMm9EsYetapqch6F03-Gf12EwHB2socKHtbNao-nZrzo-hfJdjLtysolXTdRDkxhDDKfFvDDw&sai=AMfl-YSOjiEWPy2oBWRchyiM9DfdDTJEvB1mMDshf1E7RisHz0hIfnHAAfJm3ke_Q_SiGDT-S0Hx9c9RY1QTwH5lgAcIYlMDFEcJNEET2_tAVh23ElSu_rdOkp8TrDcNv8DcUqN0-DJX-y5WSuKN8V3e819eehWv3VE_93SCFH7bTVQheWEAS8oNtiW79x30ltUoe4KKAcfPmEuNJ77er90No5cWG6M8nn1u6wIt_UAFYPfiXtHnJrc0odBiyUpdCpPnbFgqGIk&sig=Cg0ArKJSzHLrpMH3bT3FEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=172&vt=11&dtpt=170&dett=2&cstd=0&cisv=r20230725.84682&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 27 Jul 2023 10:33:54 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C412 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstL2duQXrgCJrpDjKPpLmWp6Xq9025r08GeAYY88h7LtlP2A6lbl--vuXaZgn96IWwlVCfwwlRhsDkhl7tWCj5OUpJTBRJq-MrfSa71RCIXVt-XkkqrOKUPPiM8slsch9GUzB6vPk35ckUDrtKN2SFEmXys-V-RfVwk-Yf55twEIj3SvzyKmp9rCb1Kfr1eBwGdRNlg8VFD-xg6PZcOcQrN10nMB5Z1wxzLYIkMeABntn_Cy9ZZQ35voaZKa6jv8pckG54morOuc7VcThae8T7Sw0Cx21xTH8UTx8K2WDIXeI7-l5fAf4shWwcwYTfFXF59aA7P9adlY39Wc_zKnsKb1JwDBkep9fKLu7VOwiiPgsTHIHjpOjFxDLbxtF5lg6p6HhSJuHKkaT4HWgawmXM68LjJaRp93DMP4GDKvX99_Us3t3dGZjvGvuKuzzepuXrTh19VSNSzUpG1AoVR6bGpFXyJd1cEvP6uE3GGseqV6X22gE697uAwazwTTeqCByog0HDMVj0wUplYgP39_GT8uhL6LF11muGhlJnex9BYWoUoVlQ-yqVk6YNhxLIXlJeOpnZDqnSZpdA6_Rc9Pv1lYxS1MZJNcCvm6NvN77Kr0A5rdmQSWpQtV3bkcXQDvI6t7keRFvIXWqsgoWhKzqKeEfSd4obOqx6CV3j60cJTbRVZyLbnXlFp1Nk8wA7VurQIQm-xADzNO7vG0qwJxwhqEVsmzD8DIy4GhmvzNL4FcXpmzrW67uGayK3wCGVMFpzqJZi9EjqdhGMe0S-fBoACfl6_JZCU40LKuIFqutJaIkZCUJptgQvouilgJZ11TNI1Rc3xH2vbVUIxMPEijjfunD1ysukE3Lglh3PW99HSKEaZ0jvUh1Ze1K22VyYpWREIurfvEfK6bVdTfW1a-WZ6ApD9o7zlnAfEAo-tVYLOezYxwR9pkwMXtgjDhhjrDzc5vOcW55zwOUu2xo7KezcPXuiDG6wGpVF4dfXRb_J6sr_GQ-aIir2PHk2xYMSjnU0RFoZO9gZ8lQ7kxyM1tR1_O46HBh81pjvtw1F-T0F3eg9dmgm5nFsEP1PLOTc3w49y35IVkhkogIuV07UGM5S_m2MehpZ6JHCwXAumRNlatI-GrjStx6ufMVdXaxDjf6xHfGgFqQDamjbUst7R2zPThZAmg3_yQI718Jj_lhvKoFcDrUnMt03yMtFtyl1mmmiBe6uo9Vgv0s_E4fQDXJBQ_vFnr0SKu772F8_rpw720sA7eJ0EPLGeERCYahgNu4TmOjwN7g8wunuWIEs90eD4OgNNXhAoJOTRdoz1-AOVMQHg&sai=AMfl-YR_tMvzSqmLkxXz-yOJumgX1kxYqzMsdbaLJp1JR_qT0xabeQ7rsMSIrHjy_VeNjqC6aQ0H8tAyVMx7A8udpV-G4xcXn41rK8F8Lu-O5MYjIkfFkmf3j2UOInRZ9Qyj_UrOA9EYCjZgAJ-CKs2KBlQkob0IP_zvofa3CSdbW8K9yRRo1aT3Df-HpFg5S_aEvApr7wSeS2M6zaT2IHUIH_-nV2YBMz49iaRAG6VJYm0Dju3BjMaUyseDt-Y&sig=Cg0ArKJSzNzz71gmHjIYEAE&uach_m=[UACH]&pr=8:E82BC2E6C1234C66&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1577&vt=11&dtpt=855&dett=3&cstd=714&cisv=r20230725.74638&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 27 Jul 2023 10:33:54 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame F4A0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvSiivfjzDPG4beD4wNI9gkiH6m9Rca-K3YBQFSOywPtzfD795FPgFA9QdpflMAaEqPoR9V0I7wWDoOeiEyc18SaEEMpI06XAfa7w9thsTQGlLCmRqvDH3ClX0OAs0nGvoTHG9N7Reqe6a8xncKfrMlbPv67VkKOmADjK7qZNKUTyoxxu6I1WdYH29QmuFfmqbnAUY5zLWbfftIDAhUk45lL3hvQQmAN7X8po-SHq4gGm0fkVcr_DFSdSD4f5zNKBvY_7znnSnIjil918rRsSmUCefjRqSjF4sss9MT_EE6Oi5_Mc8FL17izNhwG8sEiOcctWF3ZuwarlPM8E5u4F_vEuf8MJolONO15ONnn9yLmUFNy0NRvmBHKgTmwJZaG_q8GC6Jr6uevl3G6SBQvoAZGoRuT8rJKfmoL7Jwz6LNnrQCC7bmZtRb40BdMlpLYrJQgWyXHpdJ_ovqzW1Y6dk7QfmbPq2ibn2MW6aCr8tHN3VvvGw5figOjTcNSEQRdC5DKS9uheQ3R2rjr3r_e5dHjNWJ2WqaRpMuFd2kILdYS41cZLSmie3DyShJDMKhh7okX8N7OQ-7enQQjTPVqIfiVgZZpFd0lnfj2tu_yLKQU_oKw_O0uVhSnedyjUWKVxJehTPBk3emgIfRLoSGHtdfmvKS6nFJU5G_GkXHxszDWaJLgQ47xyfihbM_sk9H0I0EQo2tLS0r-W300d7WbPV5DE2wsGHAc2nvw7rjGXO1m-xOLnZixsT-IFtADjceRWxpInfSkeTBe77ciPhRDyFIcVGkTqiw3fz9QQ1XUfv5tbZjqBkOAP_1rhP0eZslKqbWXS9FqQFhdSGp2q6BLrS7-TesZCbzKQ06JVvKhvWQ_rnOBreR3E_jZz90gIK8zykJXrq6_J9Fgu356V7PmZr05hH-TSoHjFH2FlgWEsKpZ4sIrrbrxBv8K9a-2lbWKQyepWPE6Ysek-FvlFQ0otBO9579gu6-fqNLB-DXrKqXi9nZnlMymieXKl5Mw9ieSp_WRTILij91a7_4HrbybhTsdGapV2HmIR6VGR4X2dbXYj60JdHxpzryfwgukro0NxIN8x6MrSGBk-RguKNCQte6pgJVr5Fxh3Up4eZt4LgT7Ds0_egUksKW6yn_4hxqFXLV0u7JThSNDc2mBajxPzQtW06MF2kocwzdgsmObHWBsZIBTK-Lj_AZeyYCanu-dwPEMjGH5B1le3ILlCvC7FwmbJZj3KqJGr2ICYiNT1h-SRoD2S_r1eP3oTY9yBo5mVRNVpIYYslGPTWQ9hpefra_U8Xmdv2yaENMhTwdpYopR6Z_&sai=AMfl-YRlfeyVLyJSsEJ_sAFXiUX0wQk5LFZHirdDoScC_7HI0CSx1TEkQ3N4iOC4v5fc05vnO1-REYv8hRIrWyhFvwo0m4ZlJLC8758CzqRBL7Nd0OAR743Z8HU_4M9Yx32HScnZ1f1O9ik8HehYlCGafQelBCy8_VhUap9wMjFosBIUwzC4MmVI1nzx8hv0oC6sc77Jn1iHSCHp-0MnOfDXUfyGPro0WHaJqsr5zBFokYyhyb50l_xU-R-fdPc&sig=Cg0ArKJSzEYs1EwYvgWfEAE&uach_m=[UACH]&pr=8:E82BC2E6C1234C66&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1673&vt=11&dtpt=877&dett=3&cstd=788&cisv=r20230725.23751&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 27 Jul 2023 10:33:54 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 648D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
256149
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Jul 2023 11:24:46 GMT
expires
Tue, 23 Jul 2024 11:24:46 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B978 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
256149
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Jul 2023 11:24:46 GMT
expires
Tue, 23 Jul 2024 11:24:46 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
pagead2.googlesyndication.com/bg/ Frame 4D62 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:18:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
72946
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14704
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Jul 2024 14:18:08 GMT
YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
pagead2.googlesyndication.com/bg/ Frame C2DD 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:18:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
72946
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14704
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Jul 2024 14:18:08 GMT
main.js
s0.2mdn.net/creatives/assets/4703545/ Frame 3D29 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4703545/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=Yx0KQy4Nsj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=Yx0KQy4Nsj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:27:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
370
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1100
x-xss-protection
0
last-modified
Fri, 05 May 2023 10:07:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 10:42:44 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3D29 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f1243cdd06aeb9587a5e582238a3a100ad3925de541259debd0677a4d995b4da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5728
x-xss-protection
0
YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
pagead2.googlesyndication.com/bg/ Frame 983F 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:18:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
72946
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14704
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Jul 2024 14:18:08 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3D95 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstv3OIUcxf9El7io3g8KAychtrElC3s2iOXVpOPW4DjOy6J82TFyBIC7Ru-6hI4aNWpGHKv68jczuYPBTILkIZwL0tetiJaE-odAwwY-OcNqOwUZj_4ZHI1luhqCgGRJNhz-YVd1kr-kPNK-drNgqm0o__pU5pgAQhcnsAcv_KfaB0MnFxpqW0U8yiWINDL-Nt-jX89qVTLadzId5p8zMgMC0dMTiSny_y1LACi3evaqaSGYpG-nqY_1ZIhvpod1hXHUpgYb98U6XEJ3kBKacibFAKlOiD6YHA02unV3ZMcQorW-RVq_VwFRqTx6wIV6nXFA61ahHgsbogHc-YGjX96NKPUjy6gZHgq6xpBUmjJafJdFFh6VBK7NeTthUhg3UFAOdNK6UkqgSZxo3O4cTpjN8U0qIdnY5ExvTznkjERbz7ncmppzIjAHPavWFYSJjIgALLxBpZPQTHZkgfSe6EaA4xFkSLnvtZcMBpWC_Ya80NfnEdMFJkmAG3yLo65y7toYcRAGHLJzdZ88eRU9-Oys-2cDQ1q1JkO14ApuuSnXynJB4lpBCjMgq-bbrPalV5rg4oaBj9R2Bkxtz_xCEahS5VjeodyMrHWBbwzYE4QenZ0sk20AZlO8s8JAwjfzdCKdKbN6yd84Vn-1n50TqbKovv9pCsbWtu7nXQRmLNEGtm0UGLb_gSHd-bEkVAWIUQNTf_A8h1Ml6Vv22bN_kFzLT7eKCPJb0nt4oQYakY54N4oLL0KWcuKXS9MwSgAq9Tj9LKzXV0u5Wh2rmVCJ8q5jj9fHHgZ2AZsxYA_lFH_1ZcTfDXniBtRoUGSH9HuLnlxK4EB3BGH7CdnqNEjmoS0AiYoLwV1LLz2y0quH8toBalByfy8MNJKSexGzFQchjMB9SYdpXbkSaAQdq10_FZ69iRPzsKM8i-U-f2xyqLvJK0KaxZHtG-T7mGbwPEZ5atXYP1BqdFlID_C9FKQD8QduLd2hqfQaViSNLSPfXbDY3H5wwCqWIIRp2jPRsQ9g8ik_wzDH2QF4xJiB6Ex6FjgJ-ElXz-bmREZY26n4suhZqIjwFhzDy_jiy-JZCUkUnNVu2vZw4V-1EDZ-ZKaFDzu2nZS3lKx5GySH_gA0jN3zw4Gu7uL-kUAWFqbcun3qba6bYB8Ex-L1jzvenPCsEzNuxrf3MfWafkN5_r2rfCXcIT7fVI2thaYTpiNtpQyKmytWMSqMEYL6Ye26_uihS7dhesHywRX8iOyy3eQAizG1PCnWGesPGFOcW_-FoEgK5CK3al8fJCaOp5lru4sg54jAJgjQBpLfCVJ9dxkUvzIsmoM&sai=AMfl-YRVSbVPnLFP4DNMZgxAxPDU2uwP-ZPnh9amA8mFhDT6-CX4H9OdUtTyJbVGrB0Rdo95Mv16t-9EkcjnlMVcWeXVX9366PXp63MWV28L3I5xz_c1m5JS8yAbzlUQOXJiNRVLOkSeYQ_CCembv4NR1pG6c83oHLWUPQiduCyBBx8xnirzaSX3sbnlbSeFl-O87ISzB_R6cod3hpIYJVOCAjF9q8Kt1OMnCM44qWRWXW3s__x73d2D9BHvy3g&sig=Cg0ArKJSzKklMYaYmVimEAE&uach_m=[UACH]&pr=8:9B1DA98CC08A8BDB&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1527&vt=11&dtpt=719&dett=3&cstd=797&cisv=r20230725.18438&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 27 Jul 2023 10:33:54 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8196 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
256149
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Jul 2023 11:24:46 GMT
expires
Tue, 23 Jul 2024 11:24:46 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
main.js
s0.2mdn.net/creatives/assets/4703545/ Frame 4C66 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4703545/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=dTjriW4yPE&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=dTjriW4yPE&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:27:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
370
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1100
x-xss-protection
0
last-modified
Fri, 05 May 2023 10:07:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 10:42:44 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4C66 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5b5c8f3c05a4174b50e8ffd59f8e1f35b7700c2f411f996a2af47412c0733bf2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5720
x-xss-protection
0
main.js
s0.2mdn.net/creatives/assets/4703545/ Frame 1410 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4703545/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=PKyubwgXhv&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=PKyubwgXhv&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:27:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
370
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1100
x-xss-protection
0
last-modified
Fri, 05 May 2023 10:07:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 10:42:44 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1410 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f932c619cbf5c03780dadd183c7b54f9dc709e418b93fd02383e20ca29c0ecf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5587
x-xss-protection
0
main.js
s0.2mdn.net/creatives/assets/4703545/ Frame 8792 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4703545/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=IGgQoL8jxx&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=IGgQoL8jxx&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:27:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
370
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1100
x-xss-protection
0
last-modified
Fri, 05 May 2023 10:07:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 10:42:44 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8792 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4e9057af3a28694fdce102c4319f80ab077001fe84862c78df39417cdf2f3aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5553
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A34 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BT_HuDkjCZN-AO-2RjuwPkYyUuAQAAAAAOAHgBAI&bg=!7u2l7bnNAAZGOVy5Zjk7ADkAdvg8WpdYFgdi5W2VEVLR_ViiN3YMFrF93wlTjgkTkLefIaFjxBl4N_1xRKAm-97YlOkdAG38FvICAAAAc1IAAAAGaAEHmQLX50ruyfoWNL8fvZ4zt6BIirCPMpZgJ55jX2yRbN_cpb97jGxzEh7Y7Vhr1Mu39h_Nv-MH9Es-KKDcZLeB50qYQ88iOH8T7FZUtWu4GpBRIp-Rpuy-tFWBbpz4QQncxxzFqKsywycGZw63oLTc9SufhehmQhM3QxFTM9B9MWAplypYScs81GQl-y5yrFU2LnR_C_eh36-1gZZfpEM4oB-TjJ1FSCh-WUzNwXlu1VD6U-nWM9LH_k7EuCudJhCcV_r4iogIESq8AM_3tRzo7BxlaGcpC7TlYJ_dh3rBcqyJ-HFRUuh9l6jTcByFZf3Y9rGJpw-RxvhD4R47h7tt2WuTfATQcaQwcAxSbWdhg2XtwaHoOk7SMJKbErRe0-LZdLakJVvU7hAYHC6RaQ103AvvZopTDM-6F7WcqWGH5nz5cez8jbrLn2ZscNDXa1PVyX9oEOD7Oe_efo9c5wrUCjU1mruC24kxRFADH35wCslIJhtgz9toXs0GF1xTwX9-ahQoflvr2ar-ZZQUS7eN9ijxP3ODPiK6C3MtMqDWe051adxWsZXIYQHgXnGLW6AlVxnEd82b4gTJ_oDy4Y0qylg_T5F398lwPtm163-zxHjAN91pXrBsPgP8uWu3e-Unl3SfNNQoVz1vNrfx_zheZwRwrfTymVwB-UkKxL-jBzUGcpI9g19m10TvHxUHAJ5EP5Zqt5Y-jLOxvkJHZDwuGRQ9HLTAlZjp-X7RC5o2S99leikpZiabA4MTtUp-wmW9jPGgdzhSYqPUyKe9OkZaUekBlq_g9L1M2_8H-iUOapNswUh_brKTJslZlCV2EZXEDa0s8-UEG1nZzH0vVaXSEjvg0iMfIcwtbiL9NifUuKCUVq-34bDhGLeBwF03pHa1RURM3scfaLyQHO9m804Bh-RdTiYMYu5CNDpUr4WyPUbQhBSNnv9IUUnhEGcL1ZMjXLup4tW1glpNqg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DE8E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu0qcEX17BuO_wfNHeBLchXujhnFsF1eDNXLyMS9Mxq6vWcFDzXW0_3fnlt9xnCuI23IMdxTda1-WR1It_SQT_utccXPciMh8d8Ob8MqGo1h-AIeFJN&sig=Cg0ArKJSzCvs3dS4O9dwEAE&id=lidar2&mcvt=1001&p=1110,67,1200,795&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230724&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1601445237&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690454031433&rpt=2466&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
728x90_de-de_performance.js
s0.2mdn.net/creatives/assets/4703545/ Frame 3D29 		70 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a76ead21faabcc3ab3ba635396f98ebf83bbfaac869961cb43e8f80d29e0d0af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=Yx0KQy4Nsj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:30:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
177
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18390
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 10:06:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 10:45:58 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3D29 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Jul 2023 10:33:55 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 88DC 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstaso37sezxwjhCxNnPwl0j4Tln0ViTFKOnn1lsmQKgbTSUuYYg5yN6jHh8JOg1mJvSIS_8LxoCk7sJ7GZpisL-M7lfvIGuRlA&sig=Cg0ArKJSzEq9lB55_1PiEAE&id=lidar2&mcvt=1070&p=0,0,90,728&mtos=1070,1070,1070,1070,1070&tos=1070,0,0,0,0&v=20230724&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690454030279&rpt=3698&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8792 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Jul 2023 10:33:55 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4C66 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Jul 2023 10:33:55 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1410 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Jul 2023 10:33:55 GMT
728x90_de-de_performance.js
s0.2mdn.net/creatives/assets/4703545/ Frame 8792 		70 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a76ead21faabcc3ab3ba635396f98ebf83bbfaac869961cb43e8f80d29e0d0af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=IGgQoL8jxx&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:30:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
177
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18390
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 10:06:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 10:45:58 GMT
728x90_de-de_performance.js
s0.2mdn.net/creatives/assets/4703545/ Frame 4C66 		70 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a76ead21faabcc3ab3ba635396f98ebf83bbfaac869961cb43e8f80d29e0d0af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=dTjriW4yPE&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:30:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
177
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18390
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 10:06:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 10:45:58 GMT
728x90_de-de_performance.js
s0.2mdn.net/creatives/assets/4703545/ Frame 1410 		70 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a76ead21faabcc3ab3ba635396f98ebf83bbfaac869961cb43e8f80d29e0d0af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=PKyubwgXhv&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:30:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
177
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18390
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 10:06:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 10:45:58 GMT
YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
pagead2.googlesyndication.com/bg/ Frame D2BA 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:18:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
72947
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14704
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Jul 2024 14:18:08 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame DE8E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssMx_1rHClUlscsy2ENvvzY1y_NamtR8O3391Mx5Tf3desn3ZyLIb1ZkmWD3CiCPlE_SkzMkjjIfgp5W07TOKDMokEkCXUN-AxGvfDsRn7X9rrUX7-vevqdx4JgSs5mrlnLZWk7WRtKtb9EY50onAfvX6ePydVqrHBsq7NmP4OjhCUX514hx0D6DFDxumw25PNBJ4UegBEhjB2pju0sp1kCG-myFltzl07e1zHT92COsMAvBo-V88TXC9lDAhMaqBSeUCTCjmFIgpocuPI7x_nyDOxhrrbSOd6k1xWA2nJgKbgMJYQCMoEJUyubJWCYXcmuI41ZJM92zYHzU26m9UCXmMV5NJcSbTdzvN9LYmHQO3uPfOYPO0LCBM57abW41Okc_jiWsdyGvf5vngFb2Tp6GH15VcDF2wzKkFVi1zRXbtiFFHSNAtLa6ludqgGXG0M45ArpMdPfydHEWHUTKEFpntY9C9ZmvTvpGQTMYIeC157pX3T-RXpLW7YjTdkd-OGkJQA8IqxAwyHQFegXhoXVbSpEAbZyuUmzKt0FrKcWPBvUWbXZHty68UnOCtXJhMrQNqC7tiQ8H4yonCw766gE-BtAdGU167yxrNM_8dxtrJ7lopmEGLPX1FS17QZ5VX3wDMMXck2QhuPg_EZhooWUSpa8ymhpOhKcOr734Dc4SKfpOLGol46-Q4V9iMs762nUsBrPRaxNOx_JmAskKYdwjG61_JfWzEGL8czM_J_VFM7CsrDxIP2cOJvyGi5M2NNNUE6scQy5wlTQsPQIyHbST3bqXoE8GWQw9CZV0tXyzXJfx-zYkYTmhJwJ9V85iwmfHr8YKd6gBWxzeqKyAtBSdktpQBM3qNXZ-OYz4tJSeqbjolFyDW-1_2GRG38jC5d6xU6-0N52-1ApqHCe39eQVH0MnLelg_4G_8s9AC2jsjRpyb71AI1VJpYiBBqrBjSEkgni3G-5XTE-ipYTAw6Q9-g4fyq6Sm8TypDEGqkvv12rRh87TSaPu1xS03maRC9UeVtdpFnPdJcEIoAI4wTFNFmRQStcLIMqqNg0AYq4X-jfqx0aNERAZLODYVGj77MocfLGo59p2ReIUkwy9xxMM0S62OPcwrEJS_Dn6e3pXo1_4ChBezHngooAUGt7z8VPYJHbcoLIR34UbkTvXzcVHHq90bJU_6MtzctLC1BLzgHzcT6cqxZRH1CRsgy4MIFOpwhNj9rbNzCOAcDsX0kXzOk64G1zve2omWhB3lxRNkgLVvLdf9zAssNt4mIqCmKl_QX_cCHs0kRJxfsMzGxwr-TnArajSRi1To1w99g&sai=AMfl-YQADZpVHHG_aAdNW0eyJiKqJefhZgc2C7gx1ydxlOhECIS3ydFHCYS-0JJGLq4XD8CK2py4E_6QQfcixu2-B6Ixixk_F5yEpmib9sMfD0PqLhHRDi9p3BUffmgyodEeJGSXEHXj9jOLWBxRJ2SLLh7RBiZBsUoy7ExnzvM1JtI_XdZ8sMHzaiFjDHjXXkWal-OQi_zhXbpHVXqzZBXh8o66HLBMPOfrTsyMK1e20-i96HXBXKrQwZAgCR4&sig=Cg0ArKJSzJDlzV10J2xpEAE&uach_m=[UACH]&pr=8:70506C40A6522493&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1305&vt=11&dtpt=728&dett=3&cstd=567&cisv=r20230725.60708&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 27 Jul 2023 10:33:55 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F4A0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstLJcpwrSHtpJp27-9mPeDd3756Dgugw2EYu5Tdq7tJ_n0XFKjSg7leIWs2iuF6Ji6ATrstrPBYTMkGAkpEO5iof_SAyDb5uQE&sig=Cg0ArKJSzOcoyBQWWHaVEAE&id=lidar2&mcvt=1043&p=0,0,90,728&mtos=1043,1043,1043,1043,1043&tos=1043,0,0,0,0&v=20230724&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690454030700&rpt=3434&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
pagead2.googlesyndication.com/bg/ Frame 408F 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:18:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
72947
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14704
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Jul 2024 14:18:08 GMT
YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
pagead2.googlesyndication.com/bg/ Frame 16FA 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:18:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
72947
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14704
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Jul 2024 14:18:08 GMT
YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
pagead2.googlesyndication.com/bg/ Frame 648D 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:18:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
72947
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14704
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Jul 2024 14:18:08 GMT
YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
pagead2.googlesyndication.com/bg/ Frame B978 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:18:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
72947
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14704
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Jul 2024 14:18:08 GMT
YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
pagead2.googlesyndication.com/bg/ Frame 8196 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:18:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
72947
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14704
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Jul 2024 14:18:08 GMT
YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
pagead2.googlesyndication.com/bg/ Frame 0CA8 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:18:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
72947
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14704
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Jul 2024 14:18:08 GMT
star_alliance.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 3D29 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/star_alliance.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
563d8b655debf02dc76ee9cad7e2114692c770d009bfc9ed1f9153eb384593d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=Yx0KQy4Nsj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:24:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
589
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2334
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 11:06:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 10:39:06 GMT
lh_logotype_single.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 3D29 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/lh_logotype_single.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=Yx0KQy4Nsj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:31:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
145
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2151
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 09:41:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 10:46:30 GMT
lh_crane.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 3D29 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/lh_crane.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=Yx0KQy4Nsj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:32:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
105
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1311
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 09:41:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 10:47:10 GMT
NH_D_WD_Affinity-Music-Piano_728x90.jpg
s0.2mdn.net/creatives/assets/4703548/ Frame 3D29 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4703548/NH_D_WD_Affinity-Music-Piano_728x90.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f12934e19a70be7c9e84d154ccbc9128bb0361bb2a2c76a574ee2fe8cf84ffd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=Yx0KQy4Nsj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:19:55 GMT
x-content-type-options
nosniff
age
840
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55637
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 16:51:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 10:34:55 GMT
LufthansaHeadWeb-Bold.woff2
s0.2mdn.net/creatives/assets/4714589/ Frame 3D29 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4714589/LufthansaHeadWeb-Bold.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=Yx0KQy4Nsj&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:23:05 GMT
x-content-type-options
nosniff
age
650
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51548
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 11:46:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 10:38:05 GMT
main.js
s0.2mdn.net/creatives/assets/4703545/ Frame 6A07 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4703545/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=TF3HqI8J8x&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=TF3HqI8J8x&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:27:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
371
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1100
x-xss-protection
0
last-modified
Fri, 05 May 2023 10:07:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 10:42:44 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6A07 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
125409fcf19c41c3c6de0bf55beb7891aa9b98c7f48c1ae7c059bae24731acf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5713
x-xss-protection
0
YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
pagead2.googlesyndication.com/bg/ Frame 02FA 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:18:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
72947
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14704
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Jul 2024 14:18:08 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3D95 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssSJnCQLQEzlPm5jSSBb7dDQIizd5cSBeKwnf7Vvb2wH1kNoTTDRshyEpedWeHt_7XAzzuRQbn55YSfyv4xAs7LdNGEvoIHle4&sig=Cg0ArKJSzJqQOjvRUQVUEAE&id=lidar2&mcvt=1044&p=0,0,90,728&mtos=1044,1044,1044,1044,1044&tos=1044,0,0,0,0&v=20230724&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690454030783&rpt=3459&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C412 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstc0V3ahPomnIA6wK-wcTNs2NdYV-gpFNWePb1Q8oFcecmDVm9Kas7RUpNDDAWXT24h66D1cqexAZ25O2kpN2P-7YIjVHdM-yU&sig=Cg0ArKJSzBZJfFob1fHpEAE&id=lidar2&mcvt=1046&p=0,0,90,728&mtos=1046,1046,1046,1046,1046&tos=1046,0,0,0,0&v=20230724&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690454030733&rpt=3429&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6F50 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstfRflcLaCiUKOLWh8T4O-lJrOooo_gGSif76WbmRN5McQAVdgahjTtoPNAXx1bYzqE3d78LOUCu4UYZ6Arf71BetORxGLHo60&sig=Cg0ArKJSzHQ7xnxVs98uEAE&id=lidar2&mcvt=1049&p=0,0,90,728&mtos=1049,1049,1049,1049,1049&tos=1049,0,0,0,0&v=20230724&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=32&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690454031401&rpt=2826&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6F50 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss_p7ESe6yxz8JdWSjzNasKsO1rWyHuRg9AWP5GIrzwDF3KTpTqDFAtp7pyFhrbG5qfcP6fLJubzy91oCmuuwEOfSR-dM4Irxo7YwVN_xdUUNIqH1r-&sig=Cg0ArKJSzLBbnrxx5haCEAE&id=lidar2&mcvt=1051&p=1110,67,1200,795&mtos=1051,1051,1051,1051,1051&tos=1051,0,0,0,0&v=20230724&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2059224439&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690454031401&rpt=2822&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
pagead2.googlesyndication.com/bg/ Frame F6EC 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:18:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
72947
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14704
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Jul 2024 14:18:08 GMT
YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
pagead2.googlesyndication.com/bg/ Frame 6CA6 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:18:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
72947
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14704
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Jul 2024 14:18:08 GMT
star_alliance.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 8792 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/star_alliance.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
563d8b655debf02dc76ee9cad7e2114692c770d009bfc9ed1f9153eb384593d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=IGgQoL8jxx&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:24:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
589
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2334
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 11:06:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 10:39:06 GMT
lh_logotype_single.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 8792 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/lh_logotype_single.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=IGgQoL8jxx&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:31:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
145
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2151
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 09:41:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 10:46:30 GMT
lh_crane.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 8792 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/lh_crane.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=IGgQoL8jxx&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:32:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
105
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1311
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 09:41:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 10:47:10 GMT
NH_D_WD_Affinity-Music-Piano_728x90.jpg
s0.2mdn.net/creatives/assets/4703548/ Frame 8792 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4703548/NH_D_WD_Affinity-Music-Piano_728x90.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f12934e19a70be7c9e84d154ccbc9128bb0361bb2a2c76a574ee2fe8cf84ffd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=IGgQoL8jxx&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:19:55 GMT
x-content-type-options
nosniff
age
840
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55637
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 16:51:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 10:34:55 GMT
star_alliance.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 1410 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/star_alliance.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
563d8b655debf02dc76ee9cad7e2114692c770d009bfc9ed1f9153eb384593d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=PKyubwgXhv&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:24:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
589
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2334
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 11:06:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 10:39:06 GMT
lh_logotype_single.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 1410 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/lh_logotype_single.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=PKyubwgXhv&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:31:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
145
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2151
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 09:41:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 10:46:30 GMT
lh_crane.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 1410 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/lh_crane.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=PKyubwgXhv&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:32:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
105
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1311
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 09:41:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 10:47:10 GMT
NH_D_WD_Affinity-Music-Piano_728x90.jpg
s0.2mdn.net/creatives/assets/4703548/ Frame 1410 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4703548/NH_D_WD_Affinity-Music-Piano_728x90.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f12934e19a70be7c9e84d154ccbc9128bb0361bb2a2c76a574ee2fe8cf84ffd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=PKyubwgXhv&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:19:55 GMT
x-content-type-options
nosniff
age
840
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55637
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 16:51:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 10:34:55 GMT
star_alliance.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 4C66 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/star_alliance.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
563d8b655debf02dc76ee9cad7e2114692c770d009bfc9ed1f9153eb384593d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=dTjriW4yPE&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:24:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
589
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2334
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 11:06:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 10:39:06 GMT
lh_logotype_single.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 4C66 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/lh_logotype_single.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=dTjriW4yPE&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:31:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
145
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2151
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 09:41:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 10:46:30 GMT
lh_crane.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 4C66 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/lh_crane.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=dTjriW4yPE&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:32:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
105
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1311
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 09:41:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 10:47:10 GMT
NH_D_WD_Affinity-Music-Piano_728x90.jpg
s0.2mdn.net/creatives/assets/4703548/ Frame 4C66 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4703548/NH_D_WD_Affinity-Music-Piano_728x90.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f12934e19a70be7c9e84d154ccbc9128bb0361bb2a2c76a574ee2fe8cf84ffd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=dTjriW4yPE&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:19:55 GMT
x-content-type-options
nosniff
age
840
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55637
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 16:51:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 10:34:55 GMT
LufthansaHeadWeb-Bold.woff2
s0.2mdn.net/creatives/assets/4714589/ Frame 4C66 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4714589/LufthansaHeadWeb-Bold.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=dTjriW4yPE&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:23:05 GMT
x-content-type-options
nosniff
age
650
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51548
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 11:46:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 10:38:05 GMT
LufthansaHeadWeb-Bold.woff2
s0.2mdn.net/creatives/assets/4714589/ Frame 1410 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4714589/LufthansaHeadWeb-Bold.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=PKyubwgXhv&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:23:05 GMT
x-content-type-options
nosniff
age
650
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51548
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 11:46:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 10:38:05 GMT
LufthansaHeadWeb-Bold.woff2
s0.2mdn.net/creatives/assets/4714589/ Frame 8792 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4714589/LufthansaHeadWeb-Bold.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=IGgQoL8jxx&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:23:05 GMT
x-content-type-options
nosniff
age
650
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51548
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 11:46:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 10:38:05 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E5BC 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssxmI4TmzVY6yRu0M2JxD0O32KBM8OoIlSi2Z8--E-AznlMCW2n19kZfyu_xXKMAuCcTWRZrzCIJVNP_FYKGBv19daSfjCRyor6pC8QJnUOYytsfGzlieY7aKZhd7Y47sjkZPX1Ta2ZRsKW&sai=AMfl-YQ1MmOXikd_TPvXjSzLUBEzYq_smAu2gT0hXLIGHpoCr_2o3KhoHsMYbNJQPPXc3hgNiuAAmI09sRHV9s-H1aqVI_aHMifIaFggF1ZniD9h45x23DBUSRXoA1FS&sig=Cg0ArKJSzJQ9i69eIkWvEAE&cid=CAQSPABpAlJWDJQjrzmLQqy1kOw0gGHArED7LhRuZZuK4Ca4eRnES3gFWZ5Q5aCapzp6bCSC_yLDg52trGoEfhgB&id=lidar2&mcvt=1167&p=1110,67,1200,795&mtos=1167,1167,1167,1167,1167&tos=1167,0,0,0,0&v=20230724&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4283511922&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690454030864&rpt=3418&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5B67 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu0Rq6F6UtfULwRQbitlhnrmgW8URAWAAPlY-GiHtifO0hVPTVorM3EBDj2uNJ3O2a7RdYraCJB9aeeVDEXqsGNnV23hTx3GwDCyboggmy4Ywyc0jTAFeVQndTr9KgGWhysjE5rekFOsF3B&sai=AMfl-YQsLhB_MzK4yi_i7lFMdkrCAme1UVntBNKeua2QxOiEzVdgJfTaKOjDwba1nc4URWYV6FMcq4NE-0vY4AExW1htPx44TH05GoAEeM9cQCNatqprXJmC7reaHJ49&sig=Cg0ArKJSzJAPrFigmrcAEAE&cid=CAQSPABpAlJWTwV5m0pGXciGKDRnTHCAE4Dh2DqAVb56paP_Z-qVr-t5puVlVvrYsrNHGJKyAb2IOMPwm4hqbRgB&id=lidar2&mcvt=1170&p=1110,67,1200,795&mtos=1170,1170,1170,1170,1170&tos=1170,0,0,0,0&v=20230724&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2587397766&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690454030833&rpt=3478&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3C69 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsurulwpywAhqmtnKDY0hbg3R4QMK2oZ74fiKOl2X0pqgGoVDCitnaq8ioASZyLOLI5-4Lok6-1X6pk5jYRdbjxDtzMpDlST6s_1aJyJJcyu7UFge7Jc-mN7qCKpS59PdTp7UvKKcwBfQLZP&sai=AMfl-YQNZ6iRyZY2IbC5-e0qRIv93MkB7Na-ZJh3vxg-NLXM-zCMksHK8iBd7wfohKTATkoiI6dDEQs50_cT8XRAH43bZ9LAdj6h54OYyJsDQ4DSTF6mK2mG8et3JT87&sig=Cg0ArKJSzMdM62J_ewHuEAE&cid=CAQSPABpAlJWrJEmoAYx0WwZJeqiX417_entLe2BQbA0ZEWNIBO3ELGz2w1B0g0icGZ9U6eDR4Cen-GKNNKIYxgB&id=lidar2&mcvt=1173&p=1110,67,1200,795&mtos=1173,1173,1173,1173,1173&tos=1173,0,0,0,0&v=20230724&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=658150668&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690454030690&rpt=3639&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4405 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307250101&jk=3112218637313204&bg=!4-Cl4LTNAAZGOVy5Zjk7ADkAdvg8WpKJRQFdMftI5sCWZ4bHYSxMyIXmKEtL5lQ21OHSmaqDl0M124YT09psYDbC6Kx3tPuq4RQCAAAFiFIAAAAGaAEHCgDRH6PJkPLuAowN29h0fYXZo4O8kNqZHmEDqEOFlBO5yZbK3RsQm_MAs6X4gHbZontwxfZ4vkmkpAfHf72i-AdXJKLEIKbTP22pDhoZfdMLT40GyLpAy_mtXTUbeE3fKxNL1klt_Z_9G1CBy-BIp17pOJW6cfWuwcgsurHOh4eyrtlqwcByoghX8LkHeaXtL2x3jedjBU6P5P6VhkORU50XbSUc3pc7NVOn-QXA64XhdKuswoBeZr9ShaBU5E0JPc3donR5CHy8QmksP3U41aEfk5KZArlPfaPno2UVgVv8a_2dNKIuGBBMLhBAwoXwfh-L41EXhsAalRmovmmMXAoPlt7WMWWKDDUpSZAp_Rhd7Fija0R1pcmWCxBrvq1nZTdgcA5OcD1-rstoGhK99BLfU47S9v3JYEdh8pq4upRRxDkZbFSAQH5UmnnLWqazHUrK_Pja3j2wP3oMGZQLqH0MebEeZhU0vy0Ht5H-J9Bsk8-0CvcHR9t6AquNRm__U6t0pfm3bnBSbxkMZgeRo2svPo9AkYV-MD9pn8YwXiTS3BE2utp8j_2TgFVkJSKcrxf1627laU_OKIRYCNdWtDM-tvb86XWPBSrJCK503GEw2VzZjMYlFEprTUruRgg3aGx309_G2XSF4vEUf58ZayEg8th_ofwfxQT9l6AStwOX0O5mVMwGmjW-08wm5SOftSKjfFaQNRXeEZ0l1dV0r9XB7CNd6YlSnBhd5FMcsFtTPYGL3OgV_1VWXTeb62z-QkMd5bMz2w2YQwqxBsqjK3dup0hY6q1N4gN3JQbAGPgTIaZ-RYB-v_yRogQybeXOvaZ2-BKCWqv7pvzJC18OlajQP5eUkp1yjU5QThKKuazpCaYi4ZWcXxaTvV6qFWgw_0lzSl2o0w06UBztd-h4CSbORVFJBl_5dvvRIDW3RUKFe-CPMbujtgH5Wn_fw7ijSmJ3U3mZMRK3JHtS7h9VplQTbTTNGR_Dp6AWagcIMd64n2DKEgtL7eMa6fQaRqAr_iP3O9pOmPvyoy0NbP1-_NJlCnk7c_jKyUlJEmfrZ8udLdnW0FnOMODLESoJuFZcJZjmf1NMwfIg8wvZw214zzWBVsy-NaRSISyw6xJn7sjjhuOo3qIyKppEFGUK-ynuoV_WM9OWh5afLuMf6qQHlTiDrLgkH0I5psG_6T_qsLdHVym03blv1RH9OW63no-o
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 88DC 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=232721467649&version=m202306200101&ct=76&x=8&cor=315565292662630700
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6A07 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Jul 2023 10:33:55 GMT
728x90_de-de_performance.js
s0.2mdn.net/creatives/assets/4703545/ Frame 6A07 		70 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a76ead21faabcc3ab3ba635396f98ebf83bbfaac869961cb43e8f80d29e0d0af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=TF3HqI8J8x&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:30:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
177
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18390
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 10:06:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 10:45:58 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DE8E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuvH4rNi10U0rzJlcmqU_O2Dv2IjZik94Z40LKfkm67e5nu5hSZAUSkZ_SHblzB78Wr_HJKT6s0yVG5cBOOtXgikdJkXxkNnG4&sig=Cg0ArKJSzCPh_BO5YlorEAE&id=lidar2&mcvt=1100&p=0,0,90,728&mtos=1100,1100,1100,1100,1100&tos=1100,0,0,0,0&v=20230724&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690454031433&rpt=3145&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4762 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvBWCgekC1IgS3reQNoPydy3vu4G1zrD5VaofKZb98Y39zgdOKnTEbA0zlsteAAy2xHH5XYCeEOORA37uR14N7OPgY5hoA9eQE0KJMhu8_UtIPicqmVfyhOkipw3xPTfEE3t6fopedLNL8K&sai=AMfl-YTbs6JRP89vJllwHV3Izg6pVhFCVhvn8cIb7RFC4uBvhs81QJeUSeZvx436UPGyRkj9UhbgSPgSxwlujdo49DvxsJMNlC5djvKOA9WsfNxsbvw8ZCtYdRMp0igI&sig=Cg0ArKJSzGnqzRfSOHSgEAE&cid=CAQSPABpAlJWs27qz9kh8kZuKBNPl8odGow4yBSVMohctem53NfhFKIfRkqUmx7uHKnY2u9zj0YXg-a752dJzBgB&id=lidar2&mcvt=1103&p=1110,67,1200,795&mtos=1103,1103,1103,1103,1103&tos=1103,0,0,0,0&v=20230724&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3085048810&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690454031485&rpt=3127&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C412 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1745217455936&version=m202306200101&ct=76&x=8&cor=18187431523072620000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F4A0 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9502403333971&version=m202306200101&ct=76&x=8&cor=7986871034341223000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4D62 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B-NfjD0jCZNLDKom6x_AP252W0A0AAAAAOAHgBAI&bg=!Li2lLXnNAAZGOVy5Zjk7ADkAdvg8WvdgYLhG_JYtYPFULeLRvf-vwJXuK9Hdh85aHOwuZF8zyrcgO8dq3-2m5YvQ-0_4_rsCUNsCAAACOFIAAAAHaAEHCgA6DGMDvPHvG7VXKaphGg4hTM7-R6NwA1R32LxMYOgJCMqgqHLVxLMfh670DIW-evDBu_yXR18zKOO7EpkC2BR9NXLtEEjY9g9UR5upMSEW4b1AJM8v1KLO43j3z8Q094mtpcUx5i8mCGNmpyLhLKzkW81EgwWvsu0eWBRK-nGVXAUHNrdgAnsvi3_JJCHMMNlJDPVbbuBTO4gFtLN_ghL968iSXAcP4bv6DAmeuyRBrxE8LlF46Hm2d3St5sca1UdEdsV403RGOm5uGV2fI_YASYBEJZh7nk36wYPdk94f_EtCdL-qan01-R4YCdqP-91Nu2yHbia4RqqOI7YoYHoycDIpfIjPs_DN8W5_VslnW798W51RB5rbNw6SAMfN9jLxdTf6dHXbeZhzyxtKHrQPvYhtCV1TAqpxUAktr1k-tOTUQieXtqWGiDa8W4G5ZfrCYSHUlvcn0YMiwCEJaE1Qy0115syxnKRHtElB6_OJgjD7s-bg0oJz2QogBaYKR9q-VEriINwP_BsH30eb18cXih1VoqDOiDWQhWy4riT-baz30DGMu2LTdeJjne7K7JRziYDy9H4kmOHkzNBYqWCb4uBKVHjCYHVRvAIXc0c87VBCGo0n74GeIFO8I_vwdmTEAADjC3ne5nv8apOA8DAiW8QYfAyekJZu1CCUU2d66f-6i4h0jOLhZyTWH_5VYzIJAKlZx2lyz0YMwxmTRnG3iFyAw4pn3C90nYz4rvEb8ZAQT-DKY-PRTFpRG0b2seP2G-D9F8EjjY8ERP2nA7WoZxeXKYlATQCR3E-rjlHa16CsTVS8CqFRbI8iannP2iV4lSe_IbQPuf7bOtGmNajvW4AApFBDBiry5SUX62-eytZRrWk3FECTdLkYZhb1CmNSRXEmPdt_CLycp3T4nFfEuEZ2hgjvEz6qmuHl-GYe951DDx6jJ8CosQgAZPd6AsLgP7loWAzXTp02wuFXLinSm0-L1cvBSA6krUZMNF7GQ-w8IMAw5KHgK_8VvjG1wBtJiK3CAh_LfkREVfhjs1gyVYwIfGCf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D95 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1815985291351&version=m202306200101&ct=76&x=8&cor=10649331717136693000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C2DD 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BBJllD0jCZOH-LcST4gHd2Y34DgAAAAA4AeAEAg&bg=!Li2lLXnNAAZGOVy5Zjk7ADkAdvg8WijnsF7vEsXk2MIDIiB7ZffVhQd3zEkjxY7Y4ZlcM8tRYjBrI5atgzrm8LRL56j1eHgEsUoCAAACq1IAAAAGaAEHCgBQotw6Gh83nK771HrLgWucCV5p0ZBOrEiVZtHfDI0oDHi0FZb6FhOKzvy_xBJH_fyFA0F7tQysuxWnwoEuaKJKlSMoPi465S6yM2_24jVE7sGZAtmNDphdjBRamJKXKfh_4qcx5z9jq2UUOSKlF5m9-VB4ou-2Bbqn3d5ygnEigDMW5Ncsb9YRxZ23kuoekxxTQ8GzdYJrc3kLn9S7ZwQM96TyyfiDXNqCGDEChjumWyJ_kKJrRchjf-28TPbt3kH3eW7c5UKNs9tBd3VQepRxj6IMrOAO1bJw4DxlBkoQZyACpKP-XJ1cL3zMmamwtNWWgwWlOa15nmKRY3Lh5m3RVvSPhjfcrnF-ub6uawVk3m00n_V42tj-lEcoG0grDrfCx4pyuBwAf_uaqcHnDg1UJI3lhYbPTvjIHCogcji3dj7j19GjlBg4jrDrqT1niBUJXaOMPCVhZRRSp2ae2tBSUmQAgqSSG_KgGMTVz5nIxvA7xBA3a53njx-K6_u7-c99tJMoaw8MxKGO4Iq2Dz0CXjFMc5SXFgjZVk14tLDniPt25SJnTXD04hFr5gLSIwglgJxFNA_3fG7OUugJSF0HQnnC0XaGgjnY43d7oH49EuSzzLOtMNDo2f86QQUVgTZKN7PXl8p1Js6XmDVWwbNdax8xnsbtcAm0kiSYREsRrUZduGoATGRliOTSfI2SJD8QbQtmR61Xzw1H2AtvuhelgJz-VGs_f6qp8lkDdqYbqrkgZRrwtN6MFP3lZLXn7_GBccyIcehoBdLNy6mkStaxoP343U7GyX4LOLGlfkUaS8NR-ra8iXfP5zvqqfVr6yzzwYtkNE-0K6UIamx_m6i22QaMUDxqDhIE8Wt67eUIP0zsmVPK_SV1SNHHgFCjDHc9Ere58Ai0_j2ePZkk-oeOS1yo_cR0wlEibjH0DHsYNAZKMzYuXhnm2BKY30fKwfakUwIUu7zKQ6Fquddc5iLmC0lO6HpyQxI5obsJcIeh9zs_r_sE-heTpteqxqC6CzzV_sx_lIjFr_Z2gpi1yF2NRXGN-kv13qdq7APJklBShWZiYfHIJeZeipBEtMQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 983F 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BO0rKEEjCZKf-B82Y-gaBtrbYDgAAAAA4AeAEAg&bg=!xMelx5PNAAZGOVy5Zjk7ADkAdvg8WlXoAGx9rVMU3PAZO1um7upy1tX9d_asCrIdtjNBHdB9tN42s5TcsHZgTRnCdeY6xP91_oECAAAC9FIAAAAGaAEHmQLYlWooDdBTIb29Ttucyf2BbNwkMGuemvZif79lLk19Isb8Q-rDd1Bly0IH5WShnTEUf5M2B6CDZlTvRntpr0ON1GmLnkPJi0Vs8l3-qgkZ2rQqpdfdRVcN1XA2B4Jodvpu0Yozym1orMvg-ZOpFaf03833V-npTUhT84gndUiql7Xh1aI14KMmzw28qIiMpzpVxilVgVFKudIUuzb7LqHkZ7w0LfmDGsBW1JOL7-E0HmT6_wWdlra7EXdK78He8jqphgaNZnhsrHGAHJeTjE82x9_5vJ12U3AQha6og4M2ANDXRiQPrsbByy0TA2eBUVK-UAXgh7UYuEjsVvKuWSbTe0GVOtXgWCYMskxqlETewe1QT8nf9ICeQryYobkAHMlplqFbCC_f0t-UmAmnETvdRHD9QJlO-amuDw-8wORJRhU0NCpFgS2CTS-QEXQ3wokUQMSy-O7R0PtXzRIsfvP6n4lxrG6-p0SteOTbLyZ6xhyqwpYeY6UQCkkIRAF3T3A5zeeWYJh2EqSmLgXSbjn2Y81tLfOt-nLRbaMGDdskCdL7tHJzD0oExeI7zzxv2abrhbFBHOBg8_yTi06mD1whqbADsm29Tr2LEgFTHhyHODPtOaY9yTBD99q7ggGFd9QzWx_OIFqGpjoJxnEk_wMtZxHx1b-IA15SWzwicXYmN2qYCqE9zOG6xn-yaJiuo6yRkSPmictdPF7Y6o_SChhLWxPPVKXQXyYhrC7cMBCw0wVGCcIMz0gua9wizTUobioQqP8y_AJ2sjcFRmWdCa3FwNopReZ0yWEzKiSInaw7tPoofDCI0qfwM6BV7TdQkbZdBSIDu0vGTlT4lRz0o_47jY6FdLbCEhnofyARiGBWV4DRXW-AsPRBK2NuZDK__8UeGGVA4C1GDog8OXlOa2omoFh8RhJs-8BUb3maJXf1AhTLlVRf0BdnVPMtr-sfrFBI3lylPp-R9vk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
pagead2.googlesyndication.com/bg/ Frame BA52 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:18:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
72948
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14704
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Jul 2024 14:18:08 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6F50 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8503434407864&version=m202306200101&ct=76&x=8&cor=3646188446745544000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
star_alliance.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 6A07 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/star_alliance.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
563d8b655debf02dc76ee9cad7e2114692c770d009bfc9ed1f9153eb384593d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=TF3HqI8J8x&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:24:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
590
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2334
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 11:06:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 10:39:06 GMT
lh_logotype_single.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 6A07 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/lh_logotype_single.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=TF3HqI8J8x&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:31:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
146
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2151
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 09:41:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 10:46:30 GMT
lh_crane.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 6A07 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/lh_crane.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=TF3HqI8J8x&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:32:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
106
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1311
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 09:41:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 10:47:10 GMT
NH_D_WD_Affinity-Art-Culture-Gallery_728x90.jpg
s0.2mdn.net/creatives/assets/4703548/ Frame 6A07 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4703548/NH_D_WD_Affinity-Art-Culture-Gallery_728x90.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b2476c125c71e32f5d029a5a808c556916b362db71109a921c70103431c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=TF3HqI8J8x&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:28:25 GMT
x-content-type-options
nosniff
age
331
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39702
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 16:58:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 10:43:25 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C69 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4513662499549&version=m202306200101&ct=76&x=1&cor=5259020161913071000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E5BC 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6980813476041&version=m202307240101&ct=76&x=1&cor=7090846055756203000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5B67 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6881705623095&version=m202306200101&ct=76&x=1&cor=16795556846082360000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4762 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2995351524988&version=m202306200101&ct=76&x=1&cor=15891779114324222000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
LufthansaHeadWeb-Bold.woff2
s0.2mdn.net/creatives/assets/4714589/ Frame 6A07 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4714589/LufthansaHeadWeb-Bold.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/4392446959382407207/index.html?e=69&leftOffset=0&topOffset=0&c=TF3HqI8J8x&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:23:05 GMT
x-content-type-options
nosniff
age
651
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51548
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 11:46:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 10:38:05 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DE8E 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2117447505293&version=m202306200101&ct=76&x=8&cor=2135363407950230300
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 16FA 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQjYyEUjCZOeEEs2Y-gaBtrbYDgAAAAA4AeAEAg&bg=!YWKlYjbNAAZGOVy5Zjk7ADkAdvg8WvcZjzaTswdNs7qW-uj0LklS12KLGh58Mbwt7_2nknTgdbooTiBaMeL0DOLHDjur87e5Ry4CAAAC21IAAAAGaAEHCgAsgoKBpqQ5bdfATm51EYjGSNWknm8iCb_Nq8Z11VcwEYA-u610yoOp_BIVPpmZAtghj4vrDAn_4DOvJg1mjfGJPNyoWI4HXr9vbcXY9zHYRGLrECRLyFvUw-Ak_lFSyfNVPcsCEAi3oPBM0rnLgqNafu5cFYAycmc_zRNN2FbyHQNS2G_bMydFP_UkcGu1Z-a_WHvg6oZnIRdj0QpuUwTaVk8eS3vB8eQ4LtxfK_jGsNOwUHXjIs8zB789rOJICGU41zjb3QXqRtIjvuVJPGBv1_9NnvZNUcMyQUBsnhje_qoMqniXwwh3iNuFxcj4RUuBgoveIezuhzZ1seinccznkRAT_bTUFwyWcLatxzXiPi-5iLgGI6garbHc26njehp1G2481QcJ-ZKx9XjLy4vxN9CQAoHUoxLdqJSOo1I92C3siElZ05wHtNVmijY3govT32lyXUQYFn_ssPjDQ6gSJC94k0YXLSyKFbxkskHYk5Q9ccTmrbEqJ4D8JG6WNeTL-3T9yj8Q4nMoPQzgxPsm4SLN9rxxIWL7fvHaIk0lwvuAc5Tjz_1X6_aEeMsTsMPuhiDYJd1T8lhHPhdSa0qUM7e0EMwoXAVZg6HGv30vr9N84PP4d4Xqhse_VSL9imOGg4DJFmz9F2efaOYWw-20-GvSmxpq9hhFgrlh-sGm-crqbibRKLmlE2_HP_-mhDjF2DsVH8GNOWjpJIrX7QQRDw5S5L5YXmp5zqA2eftd05Ju-uQXnHJOn59xUPVV6HjvI5To4qle9k3HXXtIc9lyZQ7JRpS4dSIdN2ZF56538PFRl3H_nHkSBTQVeWmWIU_KlZlaLXSqycDVjLzZc0evghhFPHk5gXxKTeaFsGuk1dy0w1s6LhdAOlb8ZBMstP6sIY1PsA5AK34_6RtstNIWyuDPHk9Xu2tLCsZrabcBr5xNDu1qY584vJ-mUdFUEILYkP_VJVpoMPkx_vOZxRDGuZ-uSPPWyHvkABo0vjy015GL0-he3rDHrqRrRhyFPpoIA49QwOhYhg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D2BA 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Be-zvEUjCZKyUCpi7x_APkceLiA8AAAAAOAHgBAI&bg=!y8ilyJzNAAZGOVy5Zjk7ADkAdvg8Wmmu2KhC8e7NMUFGTJSDJvIUPamuVsfCvP1FpNizQet5qhOd6ji3tfG5urdTTMoZYFFcKDsCAAADYVIAAAAGaAEHmQLgOR7SGsixrqcmieBpiPqPoCma0e_J9gUIKZNOWgz111yCFF_-RuWsKryt5FgaXJXZFB5c0y7cZ5YTflCYZfkuHOQ-iGMcdHG4yDtTphN8JHI8KZuRpy4xwm0bzhSGwCYvMRKieUmI_F1gKoH9oeIVyWulFpSHPp8aVY4QTVK54-8W3jBLszdrx3SaN4RvO7MXFjJpI3I_gKIzo8UUwMYS_CVO41dJlSsPUM-LeFh_X8pfkEuplc0uDMN7OdQ2ByAfEIzAPBxlwrBacOw8xlFuNFe8MVCu10OsykrDFFl0YXnSvbv2dY0fFZPIwftI3O7BGlXnYjTXHk62mJL8ikKT2rNigGVqMIGIoN3HrkH_ygaAUJCKIxBh4rAFilhoOCZwmkw3nzdiObK8U4QzN6pdcFvGv1zCXmnC7QtEocPA4Cz7alHpLvoVBqQwCsbb5rxu7kXAIkrchhn5n8K7b-q-LOMf8fHUREsOYcFzfAjSTL-cTu5B2SivCGnw3nh2Bn8FSVURh3FR--hoOr11XBXkgW6On1WlPQy8wcAfpIfT3aCRbjDXHu4uXq6eA9XrTTzwLrpLtfBQHA12u7ZQQN3bWsMLpJl0bnEqbrXgK6oXP_0wlFqdRXc0l-TaNrVT8Ou_FuMbBF5NjsDhnslbPO9MHi1P-xQ_ZMGdMfyUzDLu-ZkpkcBJYSA3bbShuVsUpB6Z7s72Gimt4SSLRHRZZkEJxhjwSfYIBJnC3lnYz72V_GOHhB9axpyzCBk55j5GlTkT4jgZa9i9N_0oOushEMhgujbESwYXrSlNA48CPREDa3Th6-Wil_46nMvQSz-Mv9IRDeYtII0Us19uGOcB69y4jkGqNscEUJ-TkmtSCjgvQezEf0OQ0Ble6uBJ6bTAMbNaecnS-garPyRH4IOSuBnJk18dp85Ou7E1K-_HNw1Xcc2ABFS_4h9yhHulJk3zVwNWYxwIpAFDClRWqSQx6OnaMw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 408F 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BFoAZEEjCZM6JGqaOjuwPq9Ge6A8AAAAAOAHgBAI&bg=!5eal5rLNAAZGOVy5Zjk7ADkAdvg8WjGwPoi6kzafUrvXzxoCralWd7pRg0nZLOEtxvqnNOPa7SjzKfYMhEkxo-LguK1EkqmAsSMCAAADSFIAAAAGaAEHmQMMn64Ax89UcTVn2Qdh6QNVjOiyLQ26gtimp9vCxaXI0y9Q0Y6TebD-K2vH6nCS5CCn993lU4LNwCQdas8Krso3_eyAeVcNSYHAoBwYcrnz-3UkFPOx-rkdM8GMi98rGTfQ2NqbGE_2a6UZsRy0EWcd1ioDInYD4zx6Z1aD23Myr8BypbiJm37DZtvJ4fEMLcCt_br-zVRIN8MWOefYfo29cS28bOOZaK8Axp857cL-b8yaj17Gcx1N0LcT5wYKYhVWaliZb2OtPC90gOkevQ_wSmOLqgTcnICKBo73mcmaDkp_WHVAsmIIRVsBYVTWOZhIyVB8usTNzBw0AAkEOP9_DPdiJ1dPrvMMej2IlJp2giTjrftTKCZbPpmjUemO-F0xIcQioo8u7YNddP5kkC3N4UPpyhiiN9B6p-8M8O8Hc3G5Ap69BbU3qT7uEpROz41YXAgIscVf865LoukSc6JaBp6k35yqfh8RMWdiTZZaAIdXDeAR-01-Du9kwqMCw2KNSrleOW5ap3rHuliIiMlMk_AjozddDkr0rJv1STu-Re09-7G71S2pv6K4t5SJiHW9RDRc6WRKTmnzZ_b36wp8aoYIHY68Yd-vJn42XUKQ4l0JHI2sgZEl63j5PyMNAiL1jet5r_jXwo8pZkXlEysAIYjrZWaf8EdcCUgk1UVtY_-BHJ8RDKnJRFTw-a13I3Ri_CLuBywsBNt24eXOIkx_Ny32IKe5NmHQGHSE8awVASw7s5V3-h2fSb7RNnhvhOjFXq2eVJaxJRs6BoZcjdmM6nbEAIn6hSWKxsAlT6hBwRSZFsiAsKBNhKo1EvjTLSE2fmPUJ-Nx-GkR-w3XH0tiUuZ7sdG7FnRTluX8uwkgsMyxMauu5MSqOafURqIpP_tsRPTebNDBC_CQDV8jItshMXYDlDIQ5XYLW-pszwGhtZifrNR_gSKFcCAkAJJJ_GT7oQAtgpQHT6OA_0OyalTY0vVaW44wSJkbW6yzQZI8sQNl3fsV6kqCbkj40IEgHj5-1kQQg_vSEN0mp9GW
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 648D 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BScsaEEjCZPbuOpSU1PIPhJOg-AwAAAAAOAHgBAI&bg=!tLelt-PNAAZGOVy5Zjk7ADkAdvg8WitMDuPYjWjot030hr9Wh1CxmWRMmxaENszN9mi6S-bQq1fuMZTlwQHliG9zjfECiaNngxACAAADTlIAAAAIaAEHmQMOXDFMycyHBtZWZW-imgDUFt5HDpWF-I11gGs9rfz-o2gxu2mEx-k3Q5DLCYF_ZOHrlOWg_VjM5-Yj--phD7iNPlcCkdJCm3xxCtBBnVkVhr0RnFv0mOoMz0-EeKY_-VKC8dxzX_GYV6uQfo1add4_X2SM4tQ63kz6qPYCdh89b94U4lxs2CEIO451IpFIiPadegr5AgagO5kHDDZjBLZgZax2jrUUZO88E1Rw5h_qlAO7qxaug787t3QiT_F7v3ihQ6a_v2LrnUl_6Bsf1GWCE2-qi0nF4CM49apPhsRHJOYdNWYLS4FCEAIbtiOshKdxGs9na3nj_gF_yLkmiuwb8JGc-xW4x9G_uuEt9_Yq7Z95KNvpUUAYIA1D58qrIoULxqtMAEBkQCbqUJBoADdDPOfG3V39TaFAbpBskWDtJ4UfBWOBWewjTYayNkyzwAYt1RLB-u4ENYmNAvKAab0ljGkoUEHwY9gumN4uCsKrjhcW-sep9SS_4ZOvjQKhIBok2T7RPRspgr7zMaPoueCpyfzeil_r1aORuvynLRhK3SiiVnfNzZEzjs8TSpLQhIVgzOFqQd9wESNBoADXSWOvzvXI5p0QPsVUUyWhDFyAIkTJLe8i_m36N6iwpwyVT5aKycDlEI02myFLo1DDbjyvPjSCQllGtMPcgXVjFoz-5bUvslx8Dxy1pnTY8zXrEZ5GDexLmPQwo2diSGkUy2jgvfQww_GcwKjI0mWjpR6Y_B3_e9RbyjPzLM63H_GoCNnYJ0spE1JnfbCTdtv0oo4XdZLAnUl83-bPyI0-hnVKiFsewJIcrzP3b8hQB4U5eVsv1IYUUGRaMomnyqXJHpPy9AX7jUORgRoop57A_1c7vvzzUT_xRrplxtMsmMxe9Ztl0mBsQWkXSjhjXABbIaSq3AK28Et4IhFvIf3DpMzmjwcDuGr7GtopB2Hp_Mgmn63yoaIuikf0H1WE26tZtEBKH3osXrVOfVpEMwQqlMfim-fuxJdal95b17WPrkTW8Oh-NBtpphoGW0nGfgkPgjE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B978 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BcAo6EEjCZOW2NuWD4gG104jwCAAAAAA4AeAEAg&bg=!CQqlCl7NAAZGOVy5Zjk7ADkAdvg8WjkV3y0xwB3imZL2zX9aq_wLxQWuzTzu30yrnYClJz_eekGS1B1C5T2krYOo4nGx-yxDyDUCAAADUFIAAAAEaAEHmQMLpzOuVSC-KefSkEIiJOvmFhgvnq1dQav4Ynldcc4ac0jvaeBYu6EdGf3q4tsqOZupVINA2ymTHPdRLsniXxXEKjilsWuc-EiUjroe5HwCDdpvVO1RB_VMW2bOyuaDphqtk4l7HXeSJU0BpXKOnJNzAwcfmAioT77dH1GX7R4FCUx-jc70zYYEynxFmcGrDmpytmg-v1o0NzpJeFZYsLH0-TRjYEpPmxiXzGHUxK0_VZWfZLwM15LPZxnEmapu8j9y8dlWUYscr4ZDAmXysGcNI2Wpxp03MPYZVAvvxya6FkWCsHkLTdO3xTdINKLoDOLfDD23It0mtlTy1aVf5wyAvCgde0DzCa7VTcrIktWje_M-CDIAicq6rgLnDLmQvsU8SWftzjqo2dkd8auPRzBtXnHVxsd8PEPi9ewW5DRL9SpCck_4XfdsTE4283LXWilCSsYn-CYCUMtIGP7fyejc-582RBGiQ_-IfaMagKbuoJMEu-5r7-G-MSjsLpa5KcH_v4a2kYkXpwwTvjE45X6A42ZjN3u8AMcsCCbBCeuoCjvoFjreURonoB1KCo7pLCxFty4TjpjWOX7vkK6wKXcFjlmR0P3g6Xm-P3yjOHigpRRPiYUmdYI4q7pElYDbMlkuwd2uK3Roudbv5HmFlciueNBK_Zp28rLmKbduejACKop0SCO5IwTDcU2qklk8-lU_KZ6J4h5FYKyCmkKj059PXHkDHvKiPXgA31ArHUA0Ax4ROAEpEo3_IMuQ40wCQVjtpXKfDSPQMAlilsNOGLy2yDkc0WW_XJFFfj3FD8ssYUs4cufL2pHECD2_scRuBb3m4A_JZkQ9pnACWomksTOQt27_eP-hqPUoaWFtpbtBEdguuKzVDgofvW_wbAs8uOKNmni1ZuAsscVSjuxF3-83iJHqifScF9ITHmWT8mywvHZBgC14i5eWm2BSL1L-LvvLQs1liRUWNJw1w60js4XPijaagquhL5w7lj1b7ZY7Gdi0HILicAF7KrlVQCfev4CvX-npjG-SyjSljV0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8196 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BloNoEUjCZOKOKuqwx_AP76OQsAYAAAAAOAHgBAI&bg=!_P-l_6vNAAZGOVy5Zjk7ADkAdvg8Wp-KmU__75PwHu1CAns-78IWbi_I1pwPZUEqUIFtoVqvufe0l6BzhqNyWsfyDJ_IPpTiHOcCAAADTlIAAAALaAEHmQMXklTYfPD2zZAkRJ4ths7Ha5LN9y-v-2RoRNjZUVCGbVylpr-mBU09tOkA4f4LdrZseYh8xlSacya6svTXL6LDdAYL_qrhT-GwH5kVFWjZLqr_cnDtk34XGIKZmewgmGwLRPQr9UKj56dW5MQmEGtlyw-6lO1fH9NxWpmuvzLUwi7R1N3fD1aL5bKR1zmNwRYE6puyN5WYHK0orWLjjNhUvUp4AkL7h9m4nmexRtEfa-3UmGAwaIR7QnmzV0dBs4_oWokCAYxB_oOY0VmKy35NOQMa4H-nJVCQnEMSDDoWnf7Ak6a0xM3ucJmED6g0bKAnkO4b7f41KC7gvpTw-ntCpcFR_rLgwginmEBHIpaJ53HPPN7aZBVWERuBmaiM68i3sCy1-FbX2PeNKxJWLkLQj2uekpcYIWbpyeTAk_t7Zg7RiAgv6XtdpUQhwm0uYFCmilQWHr3nCZuweM0rA45vgWNAQMWiPK2MNvVa6PplbbrBw0he2AA8prDzNqWbSjuEcMI62RHmG8sOTds5WYPCQWTWRX5TO0atrZu9jDeuQtmI1bs5BzRP3rAHzhzvdfq4VposTmsK3tYBsh-3Sfhbvr_dJrhc507RT3rY1FjaG6RQd4VYe-jINn89zLDrWNGNeBYXp7xPMmkZMBOifXiJwGR0_SuLm-xxolmXZrLC1UfixR2ybggdz6pr4rGGW6GY0imnAP3q_W6cXVkRAlUn0ZmY31acgDN5dRwLJfl059AU63jDC0bNT3jw09QBK6RTMvxk0RFcaJU2U7juKa0Q97WRkygQe9Diaww5Y8HtmEfCgzlS_2uqlrfOn71l1Xm_slt9St8fmnHpzQyhb7ZEGUG_je1I3Yw7Vu-nPgawm49VBmszfnwN8jtuGUysOY_o-uT-MiL2zV7Yk6WdgAzPKsJCgs1VNQlU7G5H3K1u1clUX2ExWX_aO6pM7nppl7ysSFmWtKyKcdqFbA6kV9yjhVYkXUDz_VPXJ1G0hHafLIySb_6A5Nzc9Jb4XOLCfo1lxyvx6YLWxskUdxaTk6vmw4BGRaJmXSI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 34F3 		0
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=161763&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:54 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 34F3 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=48508620&p=161763&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
feb50eec5349c63d890dd7f11d216d3f9899f2a53875b8c48a2113193f12a69e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 27 Jul 2023 10:33:56 GMT
content-length
1882
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 220E 		35 B
592 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=D47DA65B-5255-4629-8516-71A0FB352C91&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 27 Jul 2023 10:33:57 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 60DA
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5298221637248241030&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5298221637248241030&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 27 Jul 2023 10:33:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
840fef52-7fd5-4530-9f6f-60053ec487b2
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 27 Jul 2023 10:33:57 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5298221637248241030&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
178.162.209.131; 178.162.209.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 38C6
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7260444804319934604&gdpr=0&gdpr_consent=
42 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7260444804319934604&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 27 Jul 2023 10:33:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Thu, 27 Jul 2023 10:33:57 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7260444804319934604&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame E3CC
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ahGjWPxAUa1kWs2TPT1hcbKi0YM&gdpr=0&gdpr_consent=
42 B
376 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ahGjWPxAUa1kWs2TPT1hcbKi0YM&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 27 Jul 2023 10:33:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Thu, 27 Jul 2023 10:33:57 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ahGjWPxAUa1kWs2TPT1hcbKi0YM&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame B230
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFKVURFN0poSkFBQUNqbFNvNDQyZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAJUDE7JhJAAACjlSo442g&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=8213357817086859722&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAJUDE7JhJAAACjlSo442g&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D8213357817086859722%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=8213357817086859722&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAJUDE7...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAJUDE7JhJAAACjlSo442g&gdpr=0&gdpr_consent=
42 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAJUDE7JhJAAACjlSo442g&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 27 Jul 2023 10:33:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Thu, 27 Jul 2023 10:33:57 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAJUDE7JhJAAACjlSo442g&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
sync
t.adx.opera.com/pub/ Frame 7EF9 		0
0
mw
mwzeom.zeotap.com/ Frame 34F3 		95 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=D47DA65B-5255-4629-8516-71A0FB352C91
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:57 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7ed43a2578eabb43-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 34F3
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=D47DA65B-5255-4629-8516-71A0FB352C91&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=D47DA65B-5255-4629-8516-71A0FB352C91&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=D47DA65B-5255-4629-8516-71A0FB352C91&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:34:07 GMT
frontend-id
6
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:34:07 GMT
frontend-id
2
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=D47DA65B-5255-4629-8516-71A0FB352C91&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 34F3
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=D47DA65B-5255-4629-8516-71A0FB352C91&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 27 Jul 2023 10:33:57 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
D47DA65B-5255-4629-8516-71A0FB352C91
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 34F3 		43 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/D47DA65B-5255-4629-8516-71A0FB352C91?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:da00:7cb3:2a5d:49ee Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:57 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58292/ Frame 34F3 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=D47DA65B-5255-4629-8516-71A0FB352C91&redir=true&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.64 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:57 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.64
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
x.bidswitch.net/ Frame 34F3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=699e7c57-443f-4d74-a517-dcf026e860a3
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=699e7c57-443f-4d74-a517-dcf026e860a3
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=1ea58c8e-20bd-4aec-a0e0-52ce7f4a6fa8&user_group=1&ssp=pubmatic&bsw_param=699e7c57-443f-4d74-a517-dcf026e860a3
43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=1ea58c8e-20bd-4aec-a0e0-52ce7f4a6fa8&user_group=1&ssp=pubmatic&bsw_param=699e7c57-443f-4d74-a517-dcf026e860a3
Protocol
H2
Server
18.195.47.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-47-22.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
//x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=1ea58c8e-20bd-4aec-a0e0-52ce7f4a6fa8&user_group=1&ssp=pubmatic&bsw_param=699e7c57-443f-4d74-a517-dcf026e860a3
date
Thu, 27 Jul 2023 10:33:57 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 34F3 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=D47DA65B-5255-4629-8516-71A0FB352C91&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:57 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 34F3
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7863977536294349538&gdpr=0&gdpr_consent=&us_privacy=
1 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7863977536294349538&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 27 Jul 2023 10:33:57 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7863977536294349538&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 27 Jul 2023 10:33:56 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
dt
dt.adsafeprotected.com/ Frame BE47
Redirect Chain
  • https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiUVVBUlRJTEUyIiwicHVibGlzaGVyVXVpZCI6ImE1ZGIwMmIwLTJiNzgtNDlhMy04NGZmLTAwNTU5ZDY5N2NiOSIsInNpdGVVdWlkIjoiYWZkZGVmNWQtYzIwNC00MGE5LWI0ZmItOTY...
  • https://dt.adsafeprotected.com/dt?anId=10173&asId=02d94593-4b1c-45f4-b61a-a7fcd961d31e&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A3%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted...
43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10173&asId=02d94593-4b1c-45f4-b61a-a7fcd961d31e&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A3%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoFirstQuartile%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoMidpoint%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Protocol
H2
Server
2600:1f13:800:7780:2e74:fc05:44c0:c11d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:57 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43

Redirect headers

Location
https://dt.adsafeprotected.com/dt?anId=10173&asId=02d94593-4b1c-45f4-b61a-a7fcd961d31e&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A3%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoFirstQuartile%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoMidpoint%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Date
Thu, 27 Jul 2023 10:33:57 GMT
Connection
keep-alive
Content-Length
0
Vary
Origin
Content-Type
image/png
dc_oe=ChMIk52n_9eugAMVTUQdCR3a8AOdEAAYACDv_NNaOhkIkfXfZxCr9_bAsAQY7vmM4wMguJid9eoRQhMIk4Hi_teugAMVZQdVCB12AQMU;dc_rmcid=CAQSTABpAlJW3PvCY_hZdjb_cWvqd9IibV0l5rHOCs8IB-X8kE-mAD6bUTqwEzVpsxcI79AVArWSo...
ade.googlesyndication.com/ddm/activity/ Frame BE47 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIk52n_9eugAMVTUQdCR3a8AOdEAAYACDv_NNaOhkIkfXfZxCr9_bAsAQY7vmM4wMguJid9eoRQhMIk4Hi_teugAMVZQdVCB12AQMU;dc_rmcid=CAQSTABpAlJW3PvCY_hZdjb_cWvqd9IibV0l5rHOCs8IB-X8kE-mAD6bUTqwEzVpsxcI79AVArWSo91fknfe6t7nmKYZ595COuRLvXk86RUYAQ;eps=CIDhgBAQARgdMgKqAjoCgEBIvf3BOg;met=1;acvw=sv%3D954%26v%3D20230710%26cb%3Dout%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,168,299%26tos%3D7387,0,0,0,0%26mtos%3D7387,7387,7387,7387,7387%26amtos%3D0,0,0,0,0%26mcvt%3D7387%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7626%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D33%26pst%3D258%26dur%3D15018%26vmtime%3D7648%26dtos%3D3427%26dtoss%3D3%26dvs%3D3427%26dfvs%3D3427%26dvpt%3D3427%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26ic%3D512%26cs%3D50332435%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3427,3427,3427,3427,3427%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D561231848%26psm%3D255%26psv%3D254%26psfv%3D254%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,7387;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1690454029983;ecn1=1;etm1=0;eid1=18;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame BE47 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CTwp6C0jCZNPPOuWO1PIP9oKMoAGc-8DPcbiYnfXqEZ64iLaDAxABINjV2CtgleqTgqAHyAEFqQJNX8c-XJ6yPqgDAcgDmwSqBPcBT9CYXfLJnPGSdg5iuZfxMGD_NEy-VsjqUJt-dwmge7R9HlxH_84wXNxqAug_cQXSO1GosPyj1zoh5LNmh7RU0X1jxOY-OvHhVlbcLaNJECmlwZVllR8h-3EpbylIcamIKu0Uztx_ziSaT4P3RU7EMmv9WJ7DcVcZIxaeI2frp9zO-acUKv--Ov0FpHVhMxmIfliFsKU61ceq7hS8UHfGovHoMJ75S7WzKlwIgH1uqdQNATxi0vboYMukBGn1vXxZo2vKkUH8h_fAqBB8UvwIfhAC0JQUPfmiBEy3seZ5jp1a5Y2bX6yktwn2h_y68wtkRNa8zI6RQ8AEq_f2wLAE4AQDkAYBoAZOgAfPv8FnqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTUzMTE1MDU0MjkyMzI4MDWACgOYCwHICwGADAGwE5jBjRTIE-75jOMD0BMA2BMKiBQG2BQB0BUB-BYBgBcB6BcF&sigh=ZCDe-Nm9wWE&label=videoplaytime50&ad_mt=7648&acvw=sv%3D954%26v%3D20230710%26cb%3Dout%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,168,299%26tos%3D7387,0,0,0,0%26mtos%3D7387,7387,7387,7387,7387%26amtos%3D0,0,0,0,0%26mcvt%3D7387%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7626%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D33%26pst%3D258%26dur%3D15018%26vmtime%3D7648%26dtos%3D3427%26dtoss%3D3%26dvs%3D3427%26dfvs%3D3427%26dvpt%3D3427%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26ic%3D512%26cs%3D50332435%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3427,3427,3427,3427,3427%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D561231848%26psm%3D255%26psv%3D254%26psfv%3D254%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,7387&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1690454029983
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:33:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 34F3 		0
129 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=161763&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:33:58 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dt
dt.adsafeprotected.com/ Frame BE47
Redirect Chain
  • https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiUVVBUlRJTEUzIiwicHVibGlzaGVyVXVpZCI6ImE1ZGIwMmIwLTJiNzgtNDlhMy04NGZmLTAwNTU5ZDY5N2NiOSIsInNpdGVVdWlkIjoiYWZkZGVmNWQtYzIwNC00MGE5LWI0ZmItOTY...
  • https://dt.adsafeprotected.com/dt?anId=10173&asId=02d94593-4b1c-45f4-b61a-a7fcd961d31e&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A4%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted...
43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10173&asId=02d94593-4b1c-45f4-b61a-a7fcd961d31e&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A4%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoFirstQuartile%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoMidpoint%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoThirdQuartile%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Protocol
H2
Server
2600:1f13:800:7780:2e74:fc05:44c0:c11d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:34:01 GMT
server
nginx
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43

Redirect headers

Location
https://dt.adsafeprotected.com/dt?anId=10173&asId=02d94593-4b1c-45f4-b61a-a7fcd961d31e&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A4%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoFirstQuartile%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoMidpoint%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoThirdQuartile%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Date
Thu, 27 Jul 2023 10:34:01 GMT
Connection
keep-alive
Content-Length
0
Vary
Origin
Content-Type
image/png
dc_oe=ChMIk52n_9eugAMVTUQdCR3a8AOdEAAYACDv_NNaOhkIkfXfZxCr9_bAsAQY7vmM4wMguJid9eoRQhMIk4Hi_teugAMVZQdVCB12AQMU;dc_rmcid=CAQSTABpAlJW3PvCY_hZdjb_cWvqd9IibV0l5rHOCs8IB-X8kE-mAD6bUTqwEzVpsxcI79AVArWSo...
ade.googlesyndication.com/ddm/activity/ Frame BE47 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIk52n_9eugAMVTUQdCR3a8AOdEAAYACDv_NNaOhkIkfXfZxCr9_bAsAQY7vmM4wMguJid9eoRQhMIk4Hi_teugAMVZQdVCB12AQMU;dc_rmcid=CAQSTABpAlJW3PvCY_hZdjb_cWvqd9IibV0l5rHOCs8IB-X8kE-mAD6bUTqwEzVpsxcI79AVArWSo91fknfe6t7nmKYZ595COuRLvXk86RUYAQ;eps=CIDhgBAQARgdMgKqAjoCgEBIvf3BOg;met=1;acvw=sv%3D954%26v%3D20230710%26cb%3Dout%26e%3D3%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,168,299%26tos%3D11102,0,0,0,0%26mtos%3D11102,11102,11102,11102,11102%26amtos%3D0,0,0,0,0%26mcvt%3D11102%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11341%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D37%26pst%3D258%26dur%3D15018%26vmtime%3D11366%26dtos%3D3715%26dtoss%3D4%26dvs%3D3715%26dfvs%3D3715%26dvpt%3D3715%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26i3%3D33554707%26ic%3D0%26cs%3D50332435%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3715,3715,3715,3715,3715%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D561231848%26psm%3D4095%26psv%3D4094%26psfv%3D4094%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,11102;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1690454029983;ecn1=1;etm1=0;eid1=960585;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:34:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame BE47 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CTwp6C0jCZNPPOuWO1PIP9oKMoAGc-8DPcbiYnfXqEZ64iLaDAxABINjV2CtgleqTgqAHyAEFqQJNX8c-XJ6yPqgDAcgDmwSqBPcBT9CYXfLJnPGSdg5iuZfxMGD_NEy-VsjqUJt-dwmge7R9HlxH_84wXNxqAug_cQXSO1GosPyj1zoh5LNmh7RU0X1jxOY-OvHhVlbcLaNJECmlwZVllR8h-3EpbylIcamIKu0Uztx_ziSaT4P3RU7EMmv9WJ7DcVcZIxaeI2frp9zO-acUKv--Ov0FpHVhMxmIfliFsKU61ceq7hS8UHfGovHoMJ75S7WzKlwIgH1uqdQNATxi0vboYMukBGn1vXxZo2vKkUH8h_fAqBB8UvwIfhAC0JQUPfmiBEy3seZ5jp1a5Y2bX6yktwn2h_y68wtkRNa8zI6RQ8AEq_f2wLAE4AQDkAYBoAZOgAfPv8FnqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTUzMTE1MDU0MjkyMzI4MDWACgOYCwHICwGADAGwE5jBjRTIE-75jOMD0BMA2BMKiBQG2BQB0BUB-BYBgBcB6BcF&sigh=ZCDe-Nm9wWE&label=videoplaytime75&ad_mt=11367&acvw=sv%3D954%26v%3D20230710%26cb%3Dout%26e%3D3%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,168,299%26tos%3D11102,0,0,0,0%26mtos%3D11102,11102,11102,11102,11102%26amtos%3D0,0,0,0,0%26mcvt%3D11102%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11341%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D37%26pst%3D258%26dur%3D15018%26vmtime%3D11366%26dtos%3D3715%26dtoss%3D4%26dvs%3D3715%26dfvs%3D3715%26dvpt%3D3715%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26i3%3D33554707%26ic%3D0%26cs%3D50332435%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3715,3715,3715,3715,3715%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D561231848%26psm%3D4095%26psv%3D4094%26psfv%3D4094%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,11102&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1690454029983
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:34:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI37-ZgNiugAMV7YiDBx0RBgVHEAAYACCspqlWQhMI1rjW_9eugAMVlmbgCh1O4gLY;met=1;&timestamp=1690454044743;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 88DC 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI37-ZgNiugAMV7YiDBx0RBgVHEAAYACCspqlWQhMI1rjW_9eugAMVlmbgCh1O4gLY;met=1;&timestamp=1690454044743;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:34:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIkofGgNiugAMVCd0RCB3bjgXaEAAYACCspqlWQhMI8cfu_9eugAMVD2TgCh341gmG;met=1;&timestamp=1690454044781;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame F4A0 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIkofGgNiugAMVCd0RCB3bjgXaEAAYACCspqlWQhMI8cfu_9eugAMVD2TgCh341gmG;met=1;&timestamp=1690454044781;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:34:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIocLJgNiugAMVxIk4Ch3dbAPvEAAYACCspqlWQhMI2K3t_9eugAMVSbN7Ch3jDgw_;met=1;&timestamp=1690454044781;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame C412 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIocLJgNiugAMVxIk4Ch3dbAPvEAAYACCspqlWQhMI2K3t_9eugAMVSbN7Ch3jDgw_;met=1;&timestamp=1690454044781;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:34:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIp8bggNiugAMVTYzeCh0Bmw3rEAAYACCspqlWQhMI57fs_9eugAMVFiXgCh2bcgzn;met=1;&timestamp=1690454044791;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 3D95 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIp8bggNiugAMVTYzeCh0Bmw3rEAAYACCspqlWQhMI57fs_9eugAMVFiXgCh2bcgzn;met=1;&timestamp=1690454044791;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:34:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame BE47 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=a~lkl0olt8&c=8749460887194&slotId=4374730443597&qqid=CJOB4v7XroADFWUHVQgddgEDFA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=744&mt=video%2Fmp4&vs=854x480&dm=15000&met.4=5s.5qc~10s.9d4~2sbc.btl&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fprotected-by.clarium.io%252Fpixel%253Ftag%253Dwt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6MzAweDI1MA%253D%253D%2526v%253D5%2526s%253Dv31h6beisgf%2526id%253DeyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDIxODA3MzIxMDY2L0ZKNDAxTS9GSjQwMU0tRERTLkIiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LTJkMGYwZDZkLWZjMzctNGU5Ny05ZmQzLWY0YTc4M2VmYTZkMV8xXzFfYWQifX0%25253D%2526cb%253D7968653%2526h%253Dwww.idrlabs.com%2526d%253DeyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyMzY3MjU1MDEwLCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0%253D&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4007:80b::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:34:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame BE47 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=b~lkl0ox23&c=8749460887194&slotId=4374730443597&qqid=CJOB4v7XroADFWUHVQgddgEDFA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=744&mt=video%2Fmp4&vs=854x480&dm=15000&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Funified.adsafeprotected.com%252Fv2%252F1434172%252F70774489%253Fmon%253D70774493%2526omidPartner%253DGoogle2%2526apiframeworks%253D7%2526bundleId%253D%2526ias_xappb%253D%2526blockedAdTracking%253Dhttps%253A%252F%252Fgoogleads4.g.doubleclick.net%252Fpcs%252Fview%25253Fxai%25253DAKAOjssiK9daSfy9laDwwWoXysbARpZ2PMc4l-Y45eJ6DIinI8aTX2EF6bHY584VDp_ztUVtuBOpk0G7sVbweQDhcLw9S8lT3oovQjF23oZxWlgBiMUGyxAe9uGh90dxYz0IiSxgrLQEia7XCVN7M_UDUgvvvz6E57_ZzRuKmNmlprsz4eyaHmE9Xy0yT_63B9Ri8iGwHuW7g9HBn6ED0izHKGAI%252526sai%25253DAMfl-YQptRs6ZBBwJrJyEMC3JZZPfGljtmRMJT3nyRHudNM5ZRBvT4gykZBZNmIgW-ZQYmUMFcxSVNXf3L1J9VBB2Q6_wCASewfc_fG-dPzb55cmKDyT55aQfzdXqB__8nAiXTwgXAQHft8dX8TUrB5v2rI7pg%252526sig%25253DCg0ArKJSzCqZAepnxOPkEAE%252526uach_m%25253D%25255BUACH%25255D%252526urlfix%25253D1%252526vt%25253D13%252526adurl%25253D%2526redirectedRetries%253D0%2526ias_dspID%253D3%2526ias_campId%253D1013136622%2526ias_pubId%253Dpub-3944954862316283%2526ias_chanId%253D1%2526ias_placementId%253D20224732309%2526bidurl%253Dhttps%253A%252F%252Fwww.idrlabs.com%252Fbarbie-character%252Ftest.php%2526ias_dealId%253D549644393847793680%2526adsafe_par%2526ias_impId%253Dv4~~ABAjH0jU9Q1_9LVt2T2_xbu5DhY2%2526originalVast%253Dhttps%253A%252F%252Fad.doubleclick.net%252Fddm%252Fpfadx%252FN6024.328593VIVAKI.COM%252FB29808231.364634258%25253Bsz%25253D0x0%25253Bdsp_id_0_%25253D3%25253Bdsp_campaignid_0_%25253D1013136622%25253Bdsp_publisherid_0_%25253Dpub-3944954862316283%25253Bdsp_chanid_0_%25253D1%25253Bdsp_placementid_0_%25253D20224732309%25253Bdsp_bidurl_0_%25253Dhttps%253A%252F%252Fwww.idrlabs.com%252Fbarbie-character%252Ftest.php%25253Bdsp_dealid_0_%25253D549644393847793680%25253Bdsp_impid_0_%25253Dv4~~ABAjH0jU9Q1_9LVt2T2_xbu5DhY2%25253Bord%25253D%25255Btimestamp%25255D%25253Bdc_lat%25253D%25253Bdc_rdid%25253D%25253Btag_for_child_directed_treatment%25253D%25253Btfua%25253D%25253Bdcmt%25253Dtext%252Fxml%25253Bdc_sdkv%25253Dh.0.0.0%25253Bdc_osd%25253D2%25253Bdc_frm%25253D2%25253Bdc_sdr%25253D1%25253Bdc_ref%25253Dhttps%253A%252F%252Fwww.idrlabs.com%252Fbarbie-character%252Ftest.php%25253Fves%25253DdGltZXN0YW1wOiAxNjkwNDU0MDI5MTEzCmNsaWNrX3Rocm91Z2hfdXJsOiAiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L3Bjcy9jbGljaz94YWk9QUtBT2pzdGNQN1oybVU1SXZnOFdxQjdCVWJCNjUwajVyTW5OVE5KR3N5Qk1zU19MRlpkdEFTNkpqQ0NxY0IzeTRxenloZ0pvQ3lmLUVrWGRBYU5iMmlCVHdadk4ydEFYVkJZY1gyblJSYTR0ZkpxVFgtY2MzVmFaVDUzZmpDT3hTeXhQNXk5SENqQjNUX1hmSVJaQU1taUVaYmpxUmNCczI5SEtjV0dMOHlnTzhMOXFJak1WYnRrUnRkTmN1YU11aUNIWXkycUNyT21RTHJPUVNZZWtWajMwV1Q0R3BiTjRRRnBhSzROeWV3aEZCeTFVa3Q1YUpVS3lIVHZ0UzBEeFo0NXJUUEhXZTBoZ1BPMnRyNWM3NVBzdUxrMU51WDVXX1NFak1EQ0hPZGQtTXpFdTlfS3VncGV3dWloWFFpM0QzN055bFlxOF9DcXE3MW1JUUppOERDekVXTjRpM1FEbDREdndvS3hOQTFNbnFwWnlqSGNKZTFPWmNHWHJya25EQmxwZC1DUUtrVGVJLUNrbU4xMV84bFJkaU1xMWxRT2dzM2I4bjVVT3hoUXJ0eDBacHRVb1NXQ2RGSlNHUmtnblNGNnlpNkRQcFVQenhBd0FvVUU2cWdGMUlZQjRpNnFTZXg4UVZHMmh6ZC04U0RZdGRsakNjcnU4SF83Zi1kdi1ST3RQcEpiNGVuMDc1dzF4OFpXSWRSMjdGT3hLTXpPdEtRWGVvQzFaTUh5R2lZWmlqalJDSnJXWnFFcTR2TllLTHNDV2ZLQ1NNNWJVTmxNQ3FlRzVpRUZqZlkwRlBKamxidklNQ1liVC1tdnNkYUxWY050TDVSdnVkbjJTU25iZUlOZHUydE9hRGpEUGJCaXJLcUsyRGNDUDAxYnotTnhlMU93NTkzMWoyUHVxYkIySkZaZnhWcmJTVi1yUEo4NEV4WTJRTHVfZXMxd3Y1VlZzNmVRMjhud2REQXg3ejI5MGZhMVNhNVRQeXRIUGxrbURUUGRrbXFrUUNraFpGOUVUbEdaZm5xd1BuczVMT0x1UW5MY3VjdmtfNURYY0JoVGxFMUtLd3hISjA3VXpvZ1cwMWxlQ0hpdWJDVXNtOVBHMTZ0YWpxWE1RMXdaSzJ0LXdTQ29EY0JTSG1zMm9pY1Y2UVRqWFktNGlGN19aM0RVWWEyNGo4MUlIVG5kcTBFMjJTM1ltcjU5SXd4dWk3cjk3Nm5TY1pXMGtFWnlqTlA5MVhNZU5sTnR6QzNwZURVT1FXaWg3Ymxtc2ZHMEoyU1YxcS1YTzl6MkwtOUpaUV96WkZUbzBGMmlyMHpPSlhFRXJJRlU2M0pSOTJTUDJkNENERmQyRldWTm05Tm9tb1FaNEMxVXhRVVo0V0ZiSTV0clo2TXloamR5V1FCNVg4QVpYR1ZQWXR0TDRhd251WWZsWGVaQ29jLXlDbVZWYzU0WVhKNXdqS0ZZQ2FCVXpFUU9VVms4RFpoSnBDTnotR2tXVV92eklHdHF4S1czVjZWdnRRSGJiOURnYU4tSXpFc0lRN05pcFRhRXVvY0pGZk9zWVRBZkVwT0dtTWVpbFNlZWUxRXdhOXh2WTF4bVpqRFBlQzhfTGhyZlRybnRILUxnU3h1QlNxVmNLQ2x3ZDJUbGJXZjBQRWpNcDJtbDZhUlNpcTNoejdvQ0QtT2xWZHVtNVZMRENubTd0YkhjVlEyREg4VnBMX2djS3NPa0lXYmVUdHotMDRPNjBTbm5uZlVsb0NMOUI2NkRJZ3Q4SVpBcFczckZ6cDZBU0hTcmxHaXdLQ0ljX0NUaDNiQmgyY0JZUTVkVmpya2lKdlhGUS1kQ3dGbkcyZ3UzbmtBJnNhaT1BTWZsLVlRLXBJVmRZWWFHeE5MRTFNQ0FFREpzQTE1N0FPOExEOVZROVRMNWV6STBWU0lnWWxyT2Mycnk0blBGdTg4MEptNWw4TUdlaGtKaXc0dGRSLW9PdlFYNGxxOUVvRWl2ZGhuVU94VS1yeHZnWmdTN09TM05kMnp5V3VhYlFfV2gyQVJOVndoV1RYS0p3M3lTeGx0NGMyMmhSejcxQTNJUmNvcjQ3U0JMYk5fcVdEbm5RYnRqMEV2ZjhIbGQ4Tl8tYldaRXp4RUJ5RHdiRG1jRUtQQkcwUTJieUQtbS1yTmNjbGNVeUg5SVo5a3JKUGpBVU5Bd0VUdTZWZ2liT0Z4Qm9NaEFVNngyN3p3Ykstd1FEU0ZGQi1CRDJuSzBNNlY0ZHdXMG5uSVJjVUZsdnlNOWFJMlBFQXB6UUJuOF92ZDNiVjJlczhJRyZzaWc9Q2cwQXJLSlN6UEQ2cGJYR3VmLTFFQUUmY3J5PTEmZmJzX2FlaWQ9W2d3X2Zic2FlaWRdJnVybGZpeD0xJmFkdXJsPWh0dHBzOi8vd3d3LnZpc2EuZGUvZGViaXQuaHRtbCUzRnV0bV9tZWRpdW0lM0RkaXNwbGF5JTI2dXRtX2NhbXBhaWduJTNEdmlzYV9kZV9meTIzcTNfdmlzYV9kZV9meTIzX3ByZWZlcmVuY2UlMjZ1dG1fc291cmNlJTNEMjc4MjMyMyUyNnV0bV9jb250ZW50JTNEMTkwMTE5NTM1XzU1NTc4MDkzMSUyNnV0bV90ZXJtJTNEMzY0NjM0MjU4JTI2ZGNsaWQlM0QlMjVlZGNsaWQhIgo%252526dc_cid%25253D190119535%252526dc_adid%25253D555780931&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4007:80b::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:34:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame BE47 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=c~lkl0ox24&c=8749460887194&slotId=4374730443597&qqid=CJOB4v7XroADFWUHVQgddgEDFA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=744&mt=video%2Fmp4&vs=854x480&dm=15000&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Funified.adsafeprotected.com%252Fpixel.png%253FeyJ0eXBlIjoiU1RBUlQiLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ1ZDA2OTYiLCJiaWRSZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vNmZmNjFmYmRjNjE3MWVkMGY4ODM0YTM3ZTFlZWM4ZGEuc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS8ifX0sImN1c3RvbSI6eyJjdXN0b20xIjoiIiwiY3VzdG9tMiI6IjIuMCIsImN1c3RvbTMiOiIyLjAiLCJjdXN0b203IjoiMTQzNDE3MiIsImN1c3RvbTgiOiI3MDc3NDQ4OSIsInJlZ2lvbiI6ImllIiwieHNpZCI6IjAyZDk0NTkzLTRiMWMtNDVmNC1iNjFhLWE3ZmNkOTYxZDMxZSJ9LCJ0aW1lc3RhbXAiOiIwMDAxLTAxLTAxVDAwOjAwOjAwWiIsImhlYWRlcnMiOnsiaGVhZGVyMTAiOiIyMDIyNDczMjMwOSIsImhlYWRlcjEyIjoiYWQuZG91YmxlY2xpY2submV0IiwiaGVhZGVyMyI6Ikdvb2dsZTIiLCJoZWFkZXI0IjoiNyIsImhlYWRlcjgiOiJpYXNvIiwiaGVhZGVyOSI6IiJ9LCJjYiI6IjE2OTA0NTQwMjkzNjM4NjA4NzkiLCJhZER1cmF0aW9uIjoyMTE1MDk4MTEyLCJpYXNTaW5nbGV0YWciOnRydWUsImlhc1NpbmdsZXRhZ091dGNvbWUiOiJPVVRDT01FX01fX1ZBU1RfX09NSURfX1dFQl9QWEwifQ%253D%253D%2526advEntityId%253D1434172%2526pubEntityId%253D70774489&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4007:80b::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:34:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame BE47 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=d~lkl0ox24&c=8749460887194&slotId=4374730443597&qqid=CJOB4v7XroADFWUHVQgddgEDFA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=744&mt=video%2Fmp4&vs=854x480&dm=15000&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fs0.2mdn.net%252Fdot.gif&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4007:80b::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:34:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame BE47 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=e~lkl0ox25&c=8749460887194&slotId=4374730443597&qqid=CJOB4v7XroADFWUHVQgddgEDFA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=744&mt=video%2Fmp4&vs=854x480&dm=15000&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Funified.adsafeprotected.com%252Fpixel.png%253FeyJ0eXBlIjoiU0VDT05EQVJZX0lNUFJFU1NJT04iLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ1ZDA2OTYiLCJiaWRSZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vNmZmNjFmYmRjNjE3MWVkMGY4ODM0YTM3ZTFlZWM4ZGEuc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS8ifX0sImN1c3RvbSI6eyJjdXN0b20xIjoiIiwiY3VzdG9tMiI6IjIuMCIsImN1c3RvbTMiOiIyLjAiLCJjdXN0b203IjoiMTQzNDE3MiIsImN1c3RvbTgiOiI3MDc3NDQ4OSIsInJlZ2lvbiI6ImllIiwieHNpZCI6IjAyZDk0NTkzLTRiMWMtNDVmNC1iNjFhLWE3ZmNkOTYxZDMxZSJ9LCJ0aW1lc3RhbXAiOiIwMDAxLTAxLTAxVDAwOjAwOjAwWiIsImhlYWRlcnMiOnsiaGVhZGVyMTAiOiIyMDIyNDczMjMwOSIsImhlYWRlcjExIjoiRENNIiwiaGVhZGVyMTIiOiJhZC5kb3VibGVjbGljay5uZXQiLCJoZWFkZXIzIjoiR29vZ2xlMiIsImhlYWRlcjQiOiI3IiwiaGVhZGVyOCI6Imlhc28iLCJoZWFkZXI5IjoiIn0sImNyZWF0aXZlSWQiOiIxOTAxMTk1MzUiLCJjYiI6IjE2OTA0NTQwMjkzNjU1MTg5OTIiLCJhZER1cmF0aW9uIjotMSwiaWFzU2luZ2xldGFnIjp0cnVlLCJpYXNTaW5nbGV0YWdPdXRjb21lIjoiT1VUQ09NRV9NX19WQVNUX19PTUlEX19XRUJfUFhMIn0%253D%2526advEntityId%253D1434172%2526pubEntityId%253D70774489&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4007:80b::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:34:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame BE47 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=f~lkl0ox25&c=8749460887194&slotId=4374730443597&qqid=CJOB4v7XroADFWUHVQgddgEDFA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=744&mt=video%2Fmp4&vs=854x480&dm=15000&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fpixel.adsafeprotected.com%252Frfw%252Fst%252F1434172%252F70774493%252Fskeleton.gif%253Fxmtp%253Dv%2526xmapp%253D0%2526xsId%253D02d94593-4b1c-45f4-b61a-a7fcd961d31e%2526bidurl%253Dhttps%253A%252F%252Fwww.idrlabs.com%252Fbarbie-character%252Ftest.php%2526ias_campId%253D1013136622%2526ias_pubId%253Dpub-3944954862316283%2526ias_placementId%253D20224732309%2526ias_chanId%253D1%2526ias_dealId%253D549644393847793680%2526ias_impId%253Dv4~~ABAjH0jU9Q1_9LVt2T2_xbu5DhY2%2526ias_dspId%253D3%2526ias_creativeId%253D190119535%2526blockedAdTracking%253Dhttps%253A%252F%252Fgoogleads4.g.doubleclick.net%252Fpcs%252Fview%253Fxai%253DAKAOjssiK9daSfy9laDwwWoXysbARpZ2PMc4l-Y45eJ6DIinI8aTX2EF6bHY584VDp_ztUVtuBOpk0G7sVbweQDhcLw9S8lT3oovQjF23oZxWlgBiMUGyxAe9uGh90dxYz0IiSxgrLQEia7XCVN7M_UDUgvvvz6E57_ZzRuKmNmlprsz4eyaHmE9Xy0yT_63B9Ri8iGwHuW7g9HBn6ED0izHKGAI%2526sai%253DAMfl-YQptRs6ZBBwJrJyEMC3JZZPfGljtmRMJT3nyRHudNM5ZRBvT4gykZBZNmIgW-ZQYmUMFcxSVNXf3L1J9VBB2Q6_wCASewfc_fG-dPzb55cmKDyT55aQfzdXqB__8nAiXTwgXAQHft8dX8TUrB5v2rI7pg%2526sig%253DCg0ArKJSzCqZAepnxOPkEAE%2526uach_m%253D%255BUACH%255D%2526urlfix%253D1%2526vt%253D13%2526adurl%253D%2526ias_xappb%253D%2526mon%253D70774493%2526redirectedRetries%253D0&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4007:80b::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:34:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame BE47 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=g~lkl0ox25&c=8749460887194&slotId=4374730443597&qqid=CJOB4v7XroADFWUHVQgddgEDFA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=744&mt=video%2Fmp4&vs=854x480&dm=15000&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Funified.adsafeprotected.com%252Fpixel.png%253FeyJ0eXBlIjoiUVVBUlRJTEUxIiwicHVibGlzaGVyVXVpZCI6ImE1ZGIwMmIwLTJiNzgtNDlhMy04NGZmLTAwNTU5ZDY5N2NiOSIsInNpdGVVdWlkIjoiYWZkZGVmNWQtYzIwNC00MGE5LWI0ZmItOTY1YTE0NWQwNjk2IiwiYmlkUmVxdWVzdCI6eyJzaXRlIjp7InBhZ2UiOiJodHRwczovLzZmZjYxZmJkYzYxNzFlZDBmODgzNGEzN2UxZWVjOGRhLnNhZmVmcmFtZS5nb29nbGVzeW5kaWNhdGlvbi5jb20vIn19LCJjdXN0b20iOnsiY3VzdG9tMSI6IiIsImN1c3RvbTIiOiIyLjAiLCJjdXN0b20zIjoiMi4wIiwiY3VzdG9tNyI6IjE0MzQxNzIiLCJjdXN0b204IjoiNzA3NzQ0ODkiLCJyZWdpb24iOiJpZSIsInhzaWQiOiIwMmQ5NDU5My00YjFjLTQ1ZjQtYjYxYS1hN2ZjZDk2MWQzMWUifSwidGltZXN0YW1wIjoiMDAwMS0wMS0wMVQwMDowMDowMFoiLCJoZWFkZXJzIjp7ImhlYWRlcjEwIjoiMjAyMjQ3MzIzMDkiLCJoZWFkZXIxMiI6ImFkLmRvdWJsZWNsaWNrLm5ldCIsImhlYWRlcjMiOiJHb29nbGUyIiwiaGVhZGVyNCI6IjciLCJoZWFkZXI4IjoiaWFzbyIsImhlYWRlcjkiOiIifSwiY2IiOiIxNjkwNDU0MDI5MzYzMzgxMjEwIiwiYWREdXJhdGlvbiI6MjExNTA5ODExMiwiaWFzU2luZ2xldGFnIjp0cnVlLCJpYXNTaW5nbGV0YWdPdXRjb21lIjoiT1VUQ09NRV9NX19WQVNUX19PTUlEX19XRUJfUFhMIn0%253D%2526advEntityId%253D1434172%2526pubEntityId%253D70774489&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4007:80b::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:34:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame BE47 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=h~lkl0ox26&c=8749460887194&slotId=4374730443597&qqid=CJOB4v7XroADFWUHVQgddgEDFA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=744&mt=video%2Fmp4&vs=854x480&dm=15000&event_name=first_pause&asset_bytes=1965802&video_bytes=1766397&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=29&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=9&video_played_seconds=15.02&video_muted=true&video_seconds_loaded=15.02&vqdf=1&vqtf=375&vqfr=25&endedMediaDiff=-18.66700000000128
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4007:80b::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:34:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame BE47
Redirect Chain
  • https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiQ09NUExFVEUiLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjV...
  • https://dt.adsafeprotected.com/dt?anId=10173&asId=02d94593-4b1c-45f4-b61a-a7fcd961d31e&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A5%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted...
43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10173&asId=02d94593-4b1c-45f4-b61a-a7fcd961d31e&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A5%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoFirstQuartile%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoMidpoint%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoThirdQuartile%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoComplete%2Csl%3An%2Cad_duration%3A2115098112.1151%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Protocol
H2
Server
2600:1f13:800:7780:2e74:fc05:44c0:c11d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:34:05 GMT
server
nginx
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43

Redirect headers

Location
https://dt.adsafeprotected.com/dt?anId=10173&asId=02d94593-4b1c-45f4-b61a-a7fcd961d31e&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A5%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoFirstQuartile%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoMidpoint%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoThirdQuartile%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoComplete%2Csl%3An%2Cad_duration%3A2115098112.1151%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Date
Thu, 27 Jul 2023 10:34:05 GMT
Connection
keep-alive
Content-Length
0
Vary
Origin
Content-Type
image/png
dc_oe=ChMIk52n_9eugAMVTUQdCR3a8AOdEAAYACDv_NNaOhkIkfXfZxCr9_bAsAQY7vmM4wMguJid9eoRQhMIk4Hi_teugAMVZQdVCB12AQMU;dc_rmcid=CAQSTABpAlJW3PvCY_hZdjb_cWvqd9IibV0l5rHOCs8IB-X8kE-mAD6bUTqwEzVpsxcI79AVArWSo...
ade.googlesyndication.com/ddm/activity/ Frame BE47 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIk52n_9eugAMVTUQdCR3a8AOdEAAYACDv_NNaOhkIkfXfZxCr9_bAsAQY7vmM4wMguJid9eoRQhMIk4Hi_teugAMVZQdVCB12AQMU;dc_rmcid=CAQSTABpAlJW3PvCY_hZdjb_cWvqd9IibV0l5rHOCs8IB-X8kE-mAD6bUTqwEzVpsxcI79AVArWSo91fknfe6t7nmKYZ595COuRLvXk86RUYAQ;eps=CIDhgBAQARgdMgKqAjoCgEBIvf3BOg;met=1;acvw=sv%3D954%26v%3D20230710%26cb%3Dout%26e%3D4%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,168,299%26p0%3D0,0,0,0%26p1%3D1,1,168,299%26p2%3D1,1,168,299%26p3%3D1,1,168,299%26tos%3D14749,0,0,0,0%26mtos%3D14749,14749,14749,14749,14749%26amtos%3D0,0,0,0,0%26mtos1%3D3960,0,0%26mtos2%3D3427,0,0%26mtos3%3D3715,0,0%26mcvt%3D14749%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26a3%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D14988%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D48%26pst%3D258%26dur%3D15018%26vmtime%3D15018%26dtos%3D3647%26dtoss%3D5%26dvs%3D3647%26dfvs%3D3647%26dvpt%3D3647%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26i3%3D33554707%26ic%3D0%26cs%3D50332435%26c%3D1%26c0%3D0%26c1%3D0,1,1%26c2%3D1%26c3%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3647,3647,3647,3647,3647%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D561231848%26psm%3D65535%26psv%3D65534%26psfv%3D65534%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,14749%26ss0%3D0%26ss1%3D0,0.02,0.02%26ss2%3D0.02%26ss3%3D0.02;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1690454029983;ecn1=1;etm1=0;eid1=13;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:34:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame BE47 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CTwp6C0jCZNPPOuWO1PIP9oKMoAGc-8DPcbiYnfXqEZ64iLaDAxABINjV2CtgleqTgqAHyAEFqQJNX8c-XJ6yPqgDAcgDmwSqBPcBT9CYXfLJnPGSdg5iuZfxMGD_NEy-VsjqUJt-dwmge7R9HlxH_84wXNxqAug_cQXSO1GosPyj1zoh5LNmh7RU0X1jxOY-OvHhVlbcLaNJECmlwZVllR8h-3EpbylIcamIKu0Uztx_ziSaT4P3RU7EMmv9WJ7DcVcZIxaeI2frp9zO-acUKv--Ov0FpHVhMxmIfliFsKU61ceq7hS8UHfGovHoMJ75S7WzKlwIgH1uqdQNATxi0vboYMukBGn1vXxZo2vKkUH8h_fAqBB8UvwIfhAC0JQUPfmiBEy3seZ5jp1a5Y2bX6yktwn2h_y68wtkRNa8zI6RQ8AEq_f2wLAE4AQDkAYBoAZOgAfPv8FnqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTUzMTE1MDU0MjkyMzI4MDWACgOYCwHICwGADAGwE5jBjRTIE-75jOMD0BMA2BMKiBQG2BQB0BUB-BYBgBcB6BcF&sigh=ZCDe-Nm9wWE&label=videoplaytime100&ad_mt=15019&acvw=sv%3D954%26v%3D20230710%26cb%3Dout%26e%3D4%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,168,299%26p0%3D0,0,0,0%26p1%3D1,1,168,299%26p2%3D1,1,168,299%26p3%3D1,1,168,299%26tos%3D14749,0,0,0,0%26mtos%3D14749,14749,14749,14749,14749%26amtos%3D0,0,0,0,0%26mtos1%3D3960,0,0%26mtos2%3D3427,0,0%26mtos3%3D3715,0,0%26mcvt%3D14749%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26a3%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D14988%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D48%26pst%3D258%26dur%3D15018%26vmtime%3D15018%26dtos%3D3647%26dtoss%3D5%26dvs%3D3647%26dfvs%3D3647%26dvpt%3D3647%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26i3%3D33554707%26ic%3D0%26cs%3D50332435%26c%3D1%26c0%3D0%26c1%3D0,1,1%26c2%3D1%26c3%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3647,3647,3647,3647,3647%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D561231848%26psm%3D65535%26psv%3D65534%26psfv%3D65534%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,14749%26ss0%3D0%26ss1%3D0,0.02,0.02%26ss2%3D0.02%26ss3%3D0.02&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1690454029983
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:34:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIp9GngdiugAMVTYzeCh0Bmw3rEAAYACCspqlWQhMI0bv6_9eugAMVe8C7CB1DEA7d;met=1;&timestamp=1690454045331;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame DE8E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIp9GngdiugAMVTYzeCh0Bmw3rEAAYACCspqlWQhMI0bv6_9eugAMVe8C7CB1DEA7d;met=1;&timestamp=1690454045331;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:34:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Thu, 27 Jul 2023 10:34:05 GMT
trinity.json
apex.go.sonobi.com/ Frame 4405 		730 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221886c0d11f574a24%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&s=f80f785d-c1e2-4c2c-ad7d-48029800b882&pv=2029681b-8fd4-41a7-84a2-e9062532c535&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.110%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22650c21b2-57f6-4f80-b65c-998cd7daa494%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
0261eb4da30fed924167e89d8f33c31bb7d888ceb98fc8de07d464280b34f302
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 27 Jul 2023 10:34:05 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-110
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.idrlabs.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
443
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 4405 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Thu, 27 Jul 2023 10:34:05 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ Frame 4405 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Thu, 27 Jul 2023 10:34:04 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.idrlabs.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 4405 		12 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000628,1,,,&eid_pubcid.org=650c21b2-57f6-4f80-b65c-998cd7daa494%5E1&rf=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_728x90_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=194e47d3ac975bbc&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90_desktop&slots=1&rand=0.11944081303720067
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0a277c008c63fbed19d2973161f71d1e13c51aeb6dbf3bf430eb01884edaeeec

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:34:05 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 4405 		38 B
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3e0602ffa7bfadd0bbf7a3dd8f754c9460d7af53c478732e1ac37a644294de9

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:34:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pm5Yfl3isbIf6%2FPQ4B1rO%2Brl6%2Bgqm1Q%2FCUb3EcueETQLetHCQaJD1%2FpfqqjKf%2FSNp4H9rBUlFpkTDPyqUjIGQuuGCzJjLJP8hlnC4yRU4868Y3T2MsvjT4S0z2LcpDJWoE5tVMKx"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7ed43a57bf406901-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
translator
hbopenbid.pubmatic.com/ Frame 4405 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Thu, 27 Jul 2023 10:34:03 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ads.yieldmo.com/exchange/ Frame 4405 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-0%22%2C%22callback_id%22%3A%222009497f4e1180ac%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&bust=1690454045392&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Barbie%20Character%20Test&w=1600&h=1200&pubcid=650c21b2-57f6-4f80-b65c-998cd7daa494&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22650c21b2-57f6-4f80-b65c-998cd7daa494%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.149.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-149-212.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Thu, 27 Jul 2023 10:34:05 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
bid
ap.lijit.com/rtb/ Frame 4405 		95 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b6882f9682542dd867e2598e6276f7eee1414bda6da42767b3e58fb152818801

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 27 Jul 2023 10:34:05 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
728x90_recoveringbro_v1.gif
saambaa-static.azureedge.net/direct/ Frame 4405 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa-static.azureedge.net/direct/728x90_recoveringbro_v1.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CF0) /
Resource Hash
8d7f01627330fa17bc2f10271f3d8ce6b3b3509528b5587066e88a9a568614c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 27 Jul 2023 10:34:05 GMT
last-modified
Tue, 18 Jul 2023 23:04:48 GMT
server
ECAcc (frc/4CF0)
content-md5
YHZgbv5idepTgmd7PvSL2w==
age
100380
etag
0x8DB87E3625B4BF3
x-cache
HIT
content-type
image/gif
x-ms-request-id
d021fdea-101e-0058-028c-bfe979000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
73587
ads
securepubads.g.doubleclick.net/gampad/ Frame 4405 		27 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3112218637313204&correlator=1278214453962201&eid=31076487&output=ldjh&gdfp_req=1&vrg=202307250101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=11&adks=1332890142&sfv=1-0-40&ris=15&rcs=1&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.09%26hb_adid_rubicon%3D20421271f4bedd51%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.09%26hb_adid%3D20421271f4bedd51%26hb_bidder%3Drubicon&eri=1&cust_params=domain%3Didrlabs.com&sc=1&cookie=ID%3De4b1d398bbd2b6bc%3AT%3D1690454027%3ART%3D1690454027%3AS%3DALNI_MZdY6R1hAKKHFC2GyinxYcaLCnxNg&gpic=UID%3D00000c47be9d06e2%3AT%3D1690454027%3ART%3D1690454027%3AS%3DALNI_MaonnsMk8zZfJc7D_aP15HTJjoSEQ&abxe=1&dt=1690454045676&lmt=1690454045&adxs=67&adys=1110&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=benkljhmwksw&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&frm=23&vis=1&psz=728x90&msz=728x90&fws=384&ohw=0&ea=0&psts=ABnkTfAeitK6yxC3z4-EwsKe_1ysUox4BkeSdDJ_QwBabykg9RAFD4L2qTpubm6MT1FyKE9v0dJLipq4JOlJG6aZuayhnMWC4TF2Dz4%2CABnkTfDuHMSR-k6nYBYYOeovVj-fElNjKrYg1yx7EC7pbQ7kiGCbP-q0UOVJrGAUqOVrCeKxMUz5rBKTCwdYsim0j4gAqfGXfS7SBok%2CABnkTfAYQHVdrk3fb1P_bMO9zBNEo5GNIbpxnkhI3mTHKRr9tQtxheLaRRRP8zwtJuqOi7CoERpsFgmyEuptTY9pwI3Cm0A9_7aUTes%2CABnkTfDS288MQ4ihqmwNHsfuFzhb6r9mmQTb1cpZ_VSAa_Ujm1lJDRb34eX1aJGBfN9q0WR3oT8ZLLErTuCBzXRTZZ8CTVA1jcfa7Cg%2CABnkTfAAxgFgwDiLsEfxbMbixCe4lQv0z3vPdOERoj8q3nzeSO7XkuNt3W5rQJnhEHBcNsNuw00d_u7eVHIBzUlKOjT1aeQnXghoKVA&ga_vid=1114138523.1690454029&ga_sid=1690454030&ga_hid=601230816&ga_fc=false&ga_cid=628320600.1690454027&dlt=1690454028280&idt=933
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250101/pubads_impl.js?cb=31076487
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
67b5544fe9d3017f4eac6be1cf984811497795c955f8f3b3e07ee400da25a3f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:34:05 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11632
x-xss-protection
0
google-lineitem-id
5111853553
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138274875292
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 88DC 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 88DC 		0
0
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 437F 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 06:29:32 GMT
content-encoding
gzip
via
1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
FRA60-P4
age
705874
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
VDR8zGpICkSA0fIYAWQM5wFoCzNNJfDB_GBcx3qbUo0Ug-aY58x8kA==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 437F 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f294f48a5bc171da79776780d32c77ae3323a508cb595a56f116ecb7578a8e7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:34:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57383
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1690198756579870"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jul 2023 10:34:05 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 437F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssVZzDQ4jznMnVm8HMbjPyh_B8ZXb-ukvHPr2n24rp9T-yT9So8S5nehPmiuHlrCFCEMg8pWYUEEBQ3SWt_x0oPI3es86L6-u4zpjmsIhLSYBUGgaGWDgpnAfnBwLIksuYS9-IYl2vx9AfMRPjQ9Hx7IUXdv7fgpG3YwHjJ5XYzHtZML7eKHlX4GQczwYgYlstmCAP1we_zOEhvl3LDmCtYyvSm3ZD0sm_rETGsAqxSjbaQnyYI4tGU9S4fRTvw4_csWkpeaNruYYimcIK4_am_ZIVfByVQKQr7x4ZKRKG6aAWVztdx2YUAVpSaTNZ-NC7iaxljPPixrCWPbmwhGkI&sai=AMfl-YQyTgUTUtBa8UFFb7kuOAHM4ki3iOTpFAY1lBNelblmspO-ecUhqa14PaCJS-MayvG6YR6xL31wQylcZHOIZTWxFpb2zWB7BiP6n-p5olIJ5qtIy8gQcQL4LiNGhVw&sig=Cg0ArKJSzKZy74R2JRG0EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:34:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 25E0 		241 B
145 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbIhtYEEM2TpN8EGIrL8O8BMAE&v=APEucNXDnp54VeglWCN53S75wWzAtO6lP3xXVD20kit5l4VSzJcksGl-bazOEYBLDw7enX8YzsE_pXjvoUThUsvu7WhIGJ1ZNpY95q5i8XhVuEv_CYPHvo0u_27F6QkXJbVN5VrIYgSNBWjJr7edAtlEGZsH3yxNd4kKH8xXK80gNMu5bF6NUFY
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
493cca1c2b95032b6d3bf5a310bf618b3bd7c8426fdeedaa0b2f1e1fb2ae48ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
125
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jul 2023 10:34:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 437F 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:34:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29781
x-xss-protection
0
server
cafe
etag
4315658989838864570
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 27 Jul 2023 10:34:05 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 437F 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DManmTBHEan86LDhZpiCexKtomtf_paSpXO4CR1_hdxbxJ86qensq79iudqSQx3LwcD6tKY2_LyTQKuLzUtYevdRHmF8U9k5Vm8YD4GjSIGYRqhr8
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:34:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 437F 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8849564555633989170&x=8&ct=76
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:34:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a0c20c96-b56a-4338-b690-f3aa0aa8cd90
beacon-ams3.rubiconproject.com/beacon/d/ Frame 437F 		43 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/a0c20c96-b56a-4338-b690-f3aa0aa8cd90?oo=0&accountId=24022&siteId=410000&zoneId=2299328&sizeId=2&e=6A1E40E384DA563B6358B826E96C58D98C58C8AB36C66153307D05EAB6999540F40561BC288492B4EEEE7D9A32F9A445683D50851BF2EEDFCFA9AEE6324F0937FE3392432800EDBFAF386182E885AEF7C5F90AEB777B3D1C4EF799F747D7BA057CEE1132438E0FABBF410BF74A2BCDA1C67EDCCAAD5EA1E8D790B53F704D0E9A2605645952F60178DBCDBE51DA18039B42FC5E84ECA67613071A9F377E962C7A492C749DB0FD4AC339EA5036079D75803F414E4F55755028E82A954C1004678A
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::47 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:34:05 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
sync
ups.analytics.yahoo.com/ups/58269/ Frame 25E0 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbIhtYEEM2TpN8EGIrL8O8BMAE&v=APEucNXDnp54VeglWCN53S75wWzAtO6lP3xXVD20kit5l4VSzJcksGl-bazOEYBLDw7enX8YzsE_pXjvoUThUsvu7WhIGJ1ZNpY95q5i8XhVuEv_CYPHvo0u_27F6QkXJbVN5VrIYgSNBWjJr7edAtlEGZsH3yxNd4kKH8xXK80gNMu5bF6NUFY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.64 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:34:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.64
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
demconf.jpg
dpm.demdex.net/ Frame 25E0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFIGsPTYrUGRmUBWw09hso8&google_cver=1
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=771&dpuuid=CAESEFIGsPTYrUGRmUBWw09hso8&google_cver=1
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=771&dpuuid=CAESEFIGsPTYrUGRmUBWw09hso8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbIhtYEEM2TpN8EGIrL8O8BMAE&v=APEucNXDnp54VeglWCN53S75wWzAtO6lP3xXVD20kit5l4VSzJcksGl-bazOEYBLDw7enX8YzsE_pXjvoUThUsvu7WhIGJ1ZNpY95q5i8XhVuEv_CYPHvo0u_27F6QkXJbVN5VrIYgSNBWjJr7edAtlEGZsH3yxNd4kKH8xXK80gNMu5bF6NUFY
Protocol
HTTP/1.1
Server
99.80.170.99 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v050-086da38e5.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
V0f0Pw8gQoE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v050-0a9eadf0a.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
59ue7wvHSaA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=771&dpuuid=CAESEFIGsPTYrUGRmUBWw09hso8&google_cver=1
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
gen_204
pagead2.googlesyndication.com/pagead/ Frame 437F 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2283908709830&version=m202306200101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:34:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 437F 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2283908709830&version=m202306200101&ct=76&x=8&cor=8849564555633990000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:34:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 437F 		106 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BGSxtTBdZgph4alZiDB4zrBf3Ew3WgqYWeaNb76RolXWHogMCQy6tFxCZoXEc5BOnqzbdWTc13Wd2FVRMWnlsmjX0KjS0cNC5fdk2btB33i2sHyXbDzPEBOIBVtdycyGmnxdEETU2GFq5nMM3lQGHnzr-PJBN7oTA1YKXlT6Fgm6va1r4&dbm_d=AKAmf-DxanTGnruQ6Zh6Pg_odMmgAWTO1dex5nT1wXnI1eCz-e87Or0aPbxkIIZtv_mjrmJQSFS8HxlEOw5ENTn-eUya15OdI5G3RXsF0G15c1p0Aym6EvSIb58QJSwoRoB2hLFUKb82QxCkVX_Y2TKgnKaSlzb-_7w_iD9hh01ESZ5w2tvM7r5x1LGdrnveM3O8uqdygub--wV2bz6ybU8LPk5oAZ2Zksqkk55AwFa4P8fboGiUcKykY6ulOAA_wmeBjAOnNCJvSJKfiSAu6CBGTrxEdqDY6Qt5EySU5QPbvy8g85UqgK-gdqvm7xtrtGbUjzEOP99NMW-FHPNTm4HDTnRmlP7FKmGnMmV9moced6UCT51dDpuMzFrMt82a-6p5-2YJi1Dx2yW9-XVV1W5YVMTdnaZf3Bb3OJT0E1sfUXV4Vg6fvPCBknQk8PqdrqcHYo0L462QZ5NtP9x13SIze8y1OSNlq27uAuhMEW7NmcH54wLn0fcTeCkI9FIcNz4i1SyyRo0Uph8zqqFKT7nY5O-K3Ajz0U5X21eoHDeJkeQ8Edbmq9Dqx8ylfronn6Ny-AhhBvvyx2u-L3qMUgm7EFqnltR1iWx6BOIP4-FbgKfbV2if7B5iMVYe7hZDTgjbrnA0SIuvG_pW5xs-5sY6U7Y8bXbBakDebAehakMlhx5cyesmdYovbhAqcvZj5Wvc7k2VvAmTNJnhdVNepP5i9Gqc7h9bF5HkYeW3uhAyfqNG1SYwQyNT5EvGqMAkmydQjvsppX7YjHFnHtqa0hb6q67zKO0rpRJUeo2tjynZCalwg3-4lydlvO3iLZPbD52qtH15eH2tuH8--4x7KnyFJUUuAiGpjLtR7zkSYxGMwo8Z_J5D4verYoNxWNjFmXgRtde1PLXbkgnPJWa7KDcLENcLr5-nvGEDTD43df2t1v8aBdzfE4pp3KNRkUjyzmDXKf2RsN3OT_iMWtXDW5R1qq0Mm0WDXxCt2NlWmrKQvdfzhuYItHq8FfHO0vKgXo9TfTcaKu2K3IHZuikomncEt0iMUqAxoBh_tH__KVfXVZD3_aa-acB6_8Lkzc5Asi1OjL9yzd__jtdgY8c6yI31M84YS_vLrjoX-Vf2RknDNGI8zl3Uktq-kjU3iHzLrBN8LwXxvTypSP9fVOBjtbfTBxLOm3Cl-j6m7V7NrYklHrys0jg9aDkwPo8wmjkQN0pp0Yypjrf1LrwEKW1TPkTqOUPTQ39acP5SlNYO_Nf3nqgORSCNJe9AnmQCgi_Q7mQtxfTjxHBWwEGx_WmZbcFvOX-H9fFURphWxltr4vQgn3tmXibQgVEE_N5A_bsqmQHdSxrS58ARUkWajyGDezv8jjnT0X4EDYVKTs9_Ne1nn2MalZuelo0Jss0c4vSWm27g9-CT0DZKZdUqp6c-qnDX_e_OZ6oM-lKwVMKq6l5iN75YuMGYs4Upqahz4DrVDiP0N0guuEhDET-05wVPuWwpnrO2wTJUAu3DiqLQxzfjtrEZVEU5XBcX7aaRfycS6o1TZYsn1Nng8Rh9RfQFNoy8yXiipoBf2PRdvo0OqlxZUh9_9c5FTrBw3dQDGk8TuS6XcwU9IJO49CsalrtzDYYguBv9MV0fP9dnEncIJXMtC87C5IKbW09mCzvJ00TGD6I1Jv3LjzMBU5eagMNkGPR0lQYEvD2oDm5RJL5dQl1wsJs_GEgWBnd431A_NH0Fzp9TE1xK9pbjbYb2v380wD1MNyXKm7NgpsJjcq03CGKNDZAyU-vPt3HOXVa_OL108-zcc5-S0gYOnh-plZ1qa3U4-wDpDfJHUgG5IVJwTEiaHWG9221ETu3LRhnmkSM61XJ3f9KczfW5n4YX2XRn7AkgAHpydJHY-Z88yUb-fm3Al9DVXxuo7TzdgS28dB8M150Ml6X5eBwqVrOnKeLilBL8xJWqqGo3tO93WIMJZuKDnLMtGtD7zsbYbb9EKv1_c0q2AbNWHb8ayXtCPAqO13-gp4c406AaTQ3SFGHfS1yvQYf7e_nJrPKlJaTRfmXDn0vc0Mgm4oRgCwYLrSEf044uZRhLb6vBEzKrXQVUh0NCBqimp2vrMHDIr79K1dsGq3wZsqQi92pDrraPl3brL3Z_3xEuLF4KrcNxlw1ZBAY_S-1Sy52D9vWwGS1cQa7YO5T2IS6lrQbaPHFSfj2MdRPv-KaQwtkz_ZO5tqe5rGhsjg-2KbvMv2zb78VnyNK7XLVvbJPtYNgRZliD54G05mn84Yact0L0CCto96HjXb6qut62IzZC1kp5yoYIe5DvPQk33CnfOoVdPQ-WQz8seodJigPM84_0lrWqC5zHIW6QlUZbpe4ukv3rWTWbFII3ir3Kqu9xjcnxYBu3Tt0DJNAnXl-TBkOJ3uYVDZakFpzrdygOMDem-BCCWPQtjzY56O2uq5vBeNmdF0m-AooBOJ8epqtexI2bhHv1B4th40FgEKujfK4IhKFFtCgszOlH33lvKdfZA48-4o1xN3B6ilBVNv8WQnTTssYq0WoRBh6iIthQkMEj6YeawiZyIlToQBwh4jLorsvnguSSRvJ9LdaVRvMlnVvj2DBVuTLthoy7sIUaaXR4SrR0X8WdtZ0PwlwVFdg0uD320ay54x9q7rTRy8nVp38SfhmrC6lrifmzsBObfEPqt9rQd1b4uSJ22M4PYpXSBtNDw3CPsT-1EV76LPJJYTEuesiWCTKmH1j4s_Vh1zlyFG5797AqYioUpE5rUn7sh0_EgPNOSNOtNPxXVWSyjasuLATex_UWKHBMXQRvMxZkhQESJ89Bikp0WJRuNRlBk6dmUi6yaXpRXQhyF1Uw17zcLLJTlxwG0Ty74HJVmMV8XwJ2i9NIJ-VP01zj_CqMQ24eRlVS2wmCog5ljJaW96dJf1PqmxnAr__8cNaKM1gdWQ8Zveb1YqxQ-uUos0T9On0LY0Cx-m72PrSIepLi7wZAH8mubKA7troIbOwil2m6GceIGogjF7FdlJNrbZEPExZJwxT_u1pYNIkp6BSo3Ema5PRmsKp2oh4D7xwFHg-fqAZrhzvm4LEz3ug-ReMRm8P78HxRJatZG7_j9MUyK6tjmD8PU83wk6TN6o_mBiJ3nSlTnV-fsOt1r3KKXDW43_Eimuq4B4l_wVnBK2WGSe7SWnG87V5ddX5TSgj_KD8RGogoffwyZCu6u2kvGRPLmCFW34_qozdS45rUI8Uaq7Q6V7s9aa9b57r33Cg1Mjg54MCnyDdMmJriSbXiNe873p1_F6CXcWllfw9xNTx-A9Xp0bWGVX1ok_gJ51oyOBvLy8g&pr=8%3A8174E1057FF5ADDB&cid=CAQSQABpAlJWSele7_FcIsiffNq8akGWSanRqxUvmisrrVer5EdxUIIMGUwMwQSIKFhEr3OaHpuTkCiG8QPITPfvP-oYAQ&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202306200101&rfl=https%3A%2F%2Fwww.idrlabs.com%2Fbarbie-character%2Ftest.php&ds=l&xdt=0&iif=1&cor=8849564555633990000&adk=2814917605&idt=63&cac=0&dtd=54
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd2c2b4b756865a51190dcea5fe6fdc3ab03f89b219996af5d1f4315f27af017
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:34:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41218
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/1549653/72464741/ Frame 437F 		249 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1549653/72464741/skeleton.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.218.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-218-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
858d94c5c6997d659f923ddc661575aeeed8ea443cc9e2297e311f769b5fe730

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:34:06 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 437F 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Origin
https://www.idrlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:37:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71802
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 14:37:24 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/elements/html/ Frame 437F 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 18:26:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
58057
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
16731591232229431525
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Aug 2023 18:26:29 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/ Frame 437F 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230725/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b2c524428c1a3604e3d1cdc61c2ae371a8f2fc767f801180fcf892db9e07c3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 00:25:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
36498
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11572
x-xss-protection
0
server
cafe
etag
5014499061205845695
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Aug 2023 00:25:48 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 437F 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 21:41:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
46362
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jul 2024 21:41:24 GMT
usync.html
eus.rubiconproject.com/ Frame 1BFA 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 27 Jul 2023 10:34:06 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame 437F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvPSZWsD-99i9VDO8PI_9Fqy5JlQhluoCpzgZ_x-QLyJfctB6f2GqtRvA1lS8ZHInQyqUREfcVSpF-TTS1eKwvF4iOeWfzaKQ3q3Rs-LspANeld2Jdcee2lVaO__T68UwpqGJVqwrWdGgxBjPVsw6LoPtVdikBI6l42auFoz34aZYsEKl4LA-kG4WBxVneUB-KJSmB-UiV79s_tDBDVgMibPGWL7ui-LfkVv5i_RLr3Ux8bU4zYqXQj6p0Q9-tKg0La9-wTlkuJUCNHgU-NKmnV9OpgG8axjWzeJDOsyvApWwYvTpVOGK60GVsyiOx9XW8l66axDMcHPOlN_MCrf-D4Qw&sai=AMfl-YRP9FU5p6MRWo529_qN5CjwDj-lLRNQ3Oc_6nX3Q7sH6Lje4I3GBEazob-AykykyG-tkvtVNDVJDsL3ZQPe-_ECiv-cx5Dyc4GoXWO-0IUniek8kfBVAfekZzioR_E&sig=Cg0ArKJSzIAW31b5uJJrEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:34:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 27 Jul 2023 10:34:06 GMT
truncated
/ Frame 437F 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fdd13f05ac71efd56f80454a8673fce5d1e7d14e432dcf9aec5aafd8d16df65f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png
usync.js
eus.rubiconproject.com/ Frame 1BFA 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ecdce583240209e675bd219c031902309f47493f1f3bf05d9329d2186dcd8839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Thu, 27 Jul 2023 10:34:06 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Jul 2023 01:58:34 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=55428
Connection
keep-alive
Content-Length
10115
Expires
Fri, 28 Jul 2023 01:57:54 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame F41D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
256160
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Jul 2023 11:24:46 GMT
expires
Tue, 23 Jul 2024 11:24:46 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/16657667486557792069/ Frame ED5C 		2 KB
792 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16657667486557792069/index.html?e=69&leftOffset=0&topOffset=0&c=HF8xVkKqbw&t=1&renderingType=2&ev=01_250
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10758a73345558a9e7da252a34f9f613d42486a847875f938d71232b6bfe040e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
756
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jul 2023 10:34:06 GMT
expires
Fri, 26 Jul 2024 10:34:06 GMT
last-modified
Wed, 28 Jun 2023 06:22:15 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 437F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvqRcYZyUjlRBJaj_iUShCbBv5uXyYgP8EKrpaV-Pr3qB7z4-qN_qdPhT4cHIAAdWy_V6Db-Z5qdsIvDluo4c-tT_HbSRwHwGD9FCqlW05-pL1jXs5PFPEk8uyoZ-5d97q8I9hGdH0fXVjYzR3TGbeL1Uu4qS7xwZz_hbgV_I1ATOeCaDCrfgqeaQTu7msr5xA9L4Pbd08Ub8RfK8Tfp_KZcKz36QjdXsl-6eGnYZyvl0yLOj7tqVZ1QlRIDPrskbKCaohlbaldGiKj2E0mCVGeQXQvbYQm3WkWJCVkPyNuwddtYj8hvDj5svHgM3nTbQpx8jUa0EbBzBWEOa5pT5y_aPfG9LqhJ6Poh1iznkp6Mfib8VTY2YuLKE1hGfxJCtAxR5BHBNEdNq4BA4eJhb06ReZCBNKhEBTP9UP_onAPBdS524pyWe5DdDJA3arFx_8J8bMTJ_oOkgk7Ang1qEuDEH7c1WCife4F-xDpj29vHzUkbam5EwAWjkEgJUSAQAIRfkJWphKyYOa9iRuGCFWmHsEF-L7buf4fIfXQann8150IIkoKnMNRK3jRLw1HX98ho6J9VcT4-ISJHnrj46lBJULPdb6s6OfrFSq0__fsl-U7tQ7hD39rzaHFJGBQElT45H4dFlWvflPK5szOPp7RejpSWIepNnGHsfTZGQAo3WQHN8Hkh76qiea4ma_FtctnC3cfO-sKh5N9MEKZrQmRnZYJN_0ArrBFUh9g1QNMyH4m0lBAxCSITW-kVmQbK86F-Lv7mzH_OmXCUJ27-FLxBFJ4VOBIWKfP2dWrNy52GcA0TiFFKf9t_FOyQrbKc_hLAt_yBFBHJ6E3Us2pwlcijfidumAnD4ed1LrFU57p6-1dEl8bjWqa0fvOCcW4K7wUMh7nDvD9A0gsKGj2Jhhb3V6rtAPgi0fxyyf1C44UBQT7g5yuAucOZpXIa61uUdkvTXvEAgsvqwIVvXUftUJzceTu7orHvQtpv3t9h4GTCY5HrbZZ0NrP25VVrCA1E5rhQE-712QY_2hL7ZarbyfT9Plw7lUWIDxdzgvPSdqATyVMpTscfTIarkGpVgn5Z6O7vTToj_-ZNna55WUvOWnpnrSxcxG4c1XlBi9k80T3KK8c5Yv8EK9bSbE2epJBTs1mPTxpawqCj-Xn5i5soUzCkxm6R5t5qLJGp7261hcaVkpOwySXrpLe1TlWvzL_Ix32HBx4G1X2eZadsxmQA_Sf4HQ5RYv2Bow3lRSnOskGmddNTXclsIR1SFjiAp7z2a_d&sai=AMfl-YSgNv-fdpCPrVJDjy2yMhWps93Ak8OHMgAz0G3JuI-v6lelXWHlOFS4tfJklfNmGLBuBjmC4f4-Q37V6YwlGZ9thnOD4eOWK_MwpVe4B_nLGN_quntat7h1RYF4KyWUGzTM_coJyx7IXwGi1XVdr-fGjZUMeCwXwMxt5xZ6BO8CIVC_M4B7EhwbdE3lr7T2C1PtiqpAyN9BqJqPFCQa6ZijRKDq-oXhAiPwkF5nejCbT9zSbTWQaiqxLNlK40gTOql2pAFveWDllnkApzGSEZCQie92IttwQ7JbSS8bLPhWCeM&sig=Cg0ArKJSzP1wSVfA25EnEAE&uach_m=[UACH]&pr=8:8174E1057FF5ADDB&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=67&cbvp=1&cstd=60&cisv=r20230725.22053&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 27 Jul 2023 10:34:06 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 27 Jul 2023 10:34:06 GMT
YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
pagead2.googlesyndication.com/bg/ Frame F41D 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:18:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
72958
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14704
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Jul 2024 14:18:08 GMT
Enabler_01_250.js
s0.2mdn.net/879366/ Frame ED5C 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16657667486557792069/index.html?e=69&leftOffset=0&topOffset=0&c=HF8xVkKqbw&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16657667486557792069/index.html?e=69&leftOffset=0&topOffset=0&c=HF8xVkKqbw&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 13:47:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74825
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 13:47:01 GMT
gsap_3.11.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame ED5C 		69 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.11.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16657667486557792069/index.html?e=69&leftOffset=0&topOffset=0&c=HF8xVkKqbw&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fbae080321632ad4ce06e9207ef9a534abd1d6488a96a0a4334fa768d1f93717
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16657667486557792069/index.html?e=69&leftOffset=0&topOffset=0&c=HF8xVkKqbw&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:34:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27635
x-xss-protection
0
last-modified
Fri, 12 May 2023 16:03:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 10:34:06 GMT
script.js
s0.2mdn.net/sadbundle/16657667486557792069/ Frame ED5C 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16657667486557792069/script.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16657667486557792069/index.html?e=69&leftOffset=0&topOffset=0&c=HF8xVkKqbw&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77b68c37662648a190caae221ee0baa115dc68002baba3137fcebfed8bc508f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16657667486557792069/index.html?e=69&leftOffset=0&topOffset=0&c=HF8xVkKqbw&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 09:29:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
90302
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4290
x-xss-protection
0
last-modified
Wed, 28 Jun 2023 06:22:15 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 25 Jul 2024 09:29:04 GMT
4a.js
static.adsafeprotected.com/ Frame 437F
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1549653/72464741/4.js?adContainerId=brand_safety_HkjCZOrPA8S4x_APuPiBuAE&cbFunctionName=goog_wrapCb_HkjCZOrPA8S4x_APuPiBuAE&true_pb=&adsafe_pb=https%3A%2F%2Fst...
  • https://static.adsafeprotected.com/4a.js
2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4a.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
H2
Server
2600:9000:223f:3400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 19:17:27 GMT
x-amz-version-id
GhIpPdkXc8Y8o13QvOK0nUkv02TeqfvN
content-encoding
gzip
via
1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
227800
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Mon, 24 Jul 2023 19:17:25 GMT
server
AmazonS3
etag
W/"589d8955c4906ab1b8e63a2f92d932d3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
8dmLyx5K6ToAtt7pxZChROvdTPQ9MO21u1X2aqjHpx89NE4iTMX_Ug==

Redirect headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:34:06 GMT
server
nginx
x-server-name
app01.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4a.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 83D2 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:3400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
26679470
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
uZPGCHizM1BMF1ag3DzexeJVR6eCPOtggzg9rTkrVw2NG1jBxHTmww==
rp
match.prod.bidr.io/cookie-sync/ Frame 1BFA 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.144.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-144-166.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
Date
Thu, 27 Jul 2023 10:34:06 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
check
pixel.tapad.com/idsync/ex/receive/ Frame 1BFA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LKL0OLCI-3-HZPH
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LKL0OLCI-3-HZPH
95 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LKL0OLCI-3-HZPH
Protocol
H2
Server
34.111.113.62 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:34:06 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Thu, 27 Jul 2023 10:34:06 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LKL0OLCI-3-HZPH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
ups.analytics.yahoo.com/ups/58160/ Frame 1BFA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LKL0OLCI-3-HZPH
0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LKL0OLCI-3-HZPH
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
H2
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.64 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:34:06 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.64
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Location
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LKL0OLCI-3-HZPH
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 1BFA
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=87449af9-7599-46c0-93e4-3aa9ec2fdbbd&expires=30
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=87449af9-7599-46c0-93e4-3aa9ec2fdbbd&expires=30
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=87449af9-7599-46c0-93e4-3aa9ec2fdbbd&expires=30
Date
Thu, 27 Jul 2023 10:34:06 GMT
Connection
keep-alive
X-CI-RTID
660a0eda-8376-4504-955b-76fd3568e3b5
Content-Length
144
Content-Type
text/html; charset=utf-8
tap.php
pixel.rubiconproject.com/ Frame 1BFA
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=14
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=ahGjWPxAUa1kWs2TPT1hcbKi0YM
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=ahGjWPxAUa1kWs2TPT1hcbKi0YM
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=ahGjWPxAUa1kWs2TPT1hcbKi0YM
Date
Thu, 27 Jul 2023 10:34:06 GMT
Connection
keep-alive
Content-Length
121
Content-Type
text/html; charset=utf-8
tap.php
pixel.rubiconproject.com/ Frame 1BFA
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=06406124-562d-4d7c-ad1e-5bcf2ab00c63
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=06406124-562d-4d7c-ad1e-5bcf2ab00c63
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:34:06 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=06406124-562d-4d7c-ad1e-5bcf2ab00c63
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
570560
content-length
0
expires
Thu, 27 Jul 2023 00:00:00 GMT
cookiesync
bttrack.com/pixel/ Frame 1BFA 		35 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.132.33.46 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-servername
Track001-iad
pragma
no-cache
date
Thu, 27 Jul 2023 10:34:02 GMT
strict-transport-security
max-age=31536000;
content-type
image/gif
cache-control
private,no-cache
content-length
35
expires
-1
tap.php
pixel.rubiconproject.com/ Frame 1BFA
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1164
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=2665416385726008439
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=2665416385726008439
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:34:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=2665416385726008439
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1549653&asId=fc62a7ca-8662-c496-bc27-58a740d7beb8&tv=%7Bc:jyWr5m,pingTime:-2,time:75,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:402,mdZ:529,beA:544,beZ:545,mfA:547,cmA:548,inA:548,inZ:551,prA:551,prZ:559,si:563,poA:566,poZ:584,cmZ:584,mfZ:584,loA:599,loZ:602,ltA:618,ltZ:618%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:19%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:75,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B70~0%5D,as:%5B70~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:tLcMU3z+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C1831%7C1832%7C1841%7C1842%7C18431%7C1844%7C1851%7C1852%7C18531%7C1854%7C1861%7C1862%7C18631%7C1864%7C1871%7C1872%7C1881%7C1882%7C1891%7C1892%7C1893%7C18a1%7C18a2%7C18a31%7C18a4%7C18b1%7C18b2%7C18c%7C18d1%7C18d2%7C18d3%7C18d4%7C18d5%7C18d6%7C18d7%7C18d8%7C18d9%7C18da%7C18db%7C18e%7C18f%7C18g%7C18h1%7C18i*.1549653-72464741%7C18i1%7C18i2%7C18i31%7C18i4%7C191%7C1a%7C1b%7C1c1%7C1c2%7C1d1%7C1d2%7C1d3,idMap:18i*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:na,siq:20,slid:%5Bgoogle_ads_iframe_/2084257621807321066/FJ401M/FJ401M-DDA.A_0,google_ads_iframe_/2084257621807321066/FJ401M/FJ401M-DDA.A_0__container__,mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1_1_ad,mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1_0_col,mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1_zone,mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1_zonewrap,mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1,mntz-sticky%5D,sinceFw:52,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:2e74:fc05:44c0:c11d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:34:06 GMT
server
nginx
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
view
googleads4.g.doubleclick.net/pcs/ Frame 437F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvqRcYZyUjlRBJaj_iUShCbBv5uXyYgP8EKrpaV-Pr3qB7z4-qN_qdPhT4cHIAAdWy_V6Db-Z5qdsIvDluo4c-tT_HbSRwHwGD9FCqlW05-pL1jXs5PFPEk8uyoZ-5d97q8I9hGdH0fXVjYzR3TGbeL1Uu4qS7xwZz_hbgV_I1ATOeCaDCrfgqeaQTu7msr5xA9L4Pbd08Ub8RfK8Tfp_KZcKz36QjdXsl-6eGnYZyvl0yLOj7tqVZ1QlRIDPrskbKCaohlbaldGiKj2E0mCVGeQXQvbYQm3WkWJCVkPyNuwddtYj8hvDj5svHgM3nTbQpx8jUa0EbBzBWEOa5pT5y_aPfG9LqhJ6Poh1iznkp6Mfib8VTY2YuLKE1hGfxJCtAxR5BHBNEdNq4BA4eJhb06ReZCBNKhEBTP9UP_onAPBdS524pyWe5DdDJA3arFx_8J8bMTJ_oOkgk7Ang1qEuDEH7c1WCife4F-xDpj29vHzUkbam5EwAWjkEgJUSAQAIRfkJWphKyYOa9iRuGCFWmHsEF-L7buf4fIfXQann8150IIkoKnMNRK3jRLw1HX98ho6J9VcT4-ISJHnrj46lBJULPdb6s6OfrFSq0__fsl-U7tQ7hD39rzaHFJGBQElT45H4dFlWvflPK5szOPp7RejpSWIepNnGHsfTZGQAo3WQHN8Hkh76qiea4ma_FtctnC3cfO-sKh5N9MEKZrQmRnZYJN_0ArrBFUh9g1QNMyH4m0lBAxCSITW-kVmQbK86F-Lv7mzH_OmXCUJ27-FLxBFJ4VOBIWKfP2dWrNy52GcA0TiFFKf9t_FOyQrbKc_hLAt_yBFBHJ6E3Us2pwlcijfidumAnD4ed1LrFU57p6-1dEl8bjWqa0fvOCcW4K7wUMh7nDvD9A0gsKGj2Jhhb3V6rtAPgi0fxyyf1C44UBQT7g5yuAucOZpXIa61uUdkvTXvEAgsvqwIVvXUftUJzceTu7orHvQtpv3t9h4GTCY5HrbZZ0NrP25VVrCA1E5rhQE-712QY_2hL7ZarbyfT9Plw7lUWIDxdzgvPSdqATyVMpTscfTIarkGpVgn5Z6O7vTToj_-ZNna55WUvOWnpnrSxcxG4c1XlBi9k80T3KK8c5Yv8EK9bSbE2epJBTs1mPTxpawqCj-Xn5i5soUzCkxm6R5t5qLJGp7261hcaVkpOwySXrpLe1TlWvzL_Ix32HBx4G1X2eZadsxmQA_Sf4HQ5RYv2Bow3lRSnOskGmddNTXclsIR1SFjiAp7z2a_d&sai=AMfl-YSgNv-fdpCPrVJDjy2yMhWps93Ak8OHMgAz0G3JuI-v6lelXWHlOFS4tfJklfNmGLBuBjmC4f4-Q37V6YwlGZ9thnOD4eOWK_MwpVe4B_nLGN_quntat7h1RYF4KyWUGzTM_coJyx7IXwGi1XVdr-fGjZUMeCwXwMxt5xZ6BO8CIVC_M4B7EhwbdE3lr7T2C1PtiqpAyN9BqJqPFCQa6ZijRKDq-oXhAiPwkF5nejCbT9zSbTWQaiqxLNlK40gTOql2pAFveWDllnkApzGSEZCQie92IttwQ7JbSS8bLPhWCeM&sig=Cg0ArKJSzP1wSVfA25EnEAE&uach_m=[UACH]&pr=8:8174E1057FF5ADDB&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=221&vt=11&dtpt=154&dett=3&cstd=60&cisv=r20230725.22053&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:34:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 27 Jul 2023 10:34:06 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame ED5C 		0
0
view
googleads4.g.doubleclick.net/pcs/ Frame 437F 		0
63 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsveRZ25D4mfQdLmK_JTO8iz6wVPT5sSPjcbIqsB9m8WURke9LMbC5jV2ciIwValI1-nzB7OeR4G1fPXobuMCEFc4BXHpaDBPqcIEOH1dtZ3WqZer92RO6lQ2EotBUkDPi0wsHexvWa66hK28aHq6XX2DU9pGI7rxYgz_G456lSctBN2XvWWF_Qy7Gc-9QXtpcf91yxrqOG10jjSs29RRUUE&sai=AMfl-YRg_BFuN9qdPHZGBetLrvH2xKTgSt39VpZirWIo7RgqQV4n5E9HyNVmdIJsWf1JWeaMiRw3skxOwnM6M5hJ7UkzZapMgWZ04b8ul0-HX2IXiyXmuzd4vDqZ6nUrRVzS-qmRuvZoFTr3GQ0XCBwO8wf8s6iAL5eYaA&sig=Cg0ArKJSzKggOPcxYM5qEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/barbie-character/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 10:34:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1549653&asId=fc62a7ca-8662-c496-bc27-58a740d7beb8&tv=%7Bc:jyWr6u,time:145,type:e,im:%7Bpci:%7Btdr:70%7D,imprf:%7Bttecl:253,ecd:77,tsecr:13%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:145,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B140~0%5D,as:%5B140~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:tLcMU3z+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C1831%7C1832%7C1841%7C1842%7C18431%7C1844%7C1851%7C1852%7C18531%7C1854%7C1861%7C1862%7C18631%7C1864%7C1871%7C1872%7C1881%7C1882%7C1891%7C1892%7C1893%7C18a1%7C18a2%7C18a31%7C18a4%7C18b1%7C18b2%7C18c%7C18d1%7C18d2%7C18d3%7C18d4%7C18d5%7C18d6%7C18d7%7C18d8%7C18d9%7C18da%7C18db%7C18e%7C18f%7C18g%7C18h1%7C18i*.1549653-72464741%7C18i1%7C18i2%7C18i31%7C18i4%7C191%7C1a%7C1b%7C1c1%7C1c2%7C1d1%7C1d2%7C1d3,idMap:18i*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:20,sis:111%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:2e74:fc05:44c0:c11d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:34:06 GMT
server
nginx
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame F41D 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BKXk8HkjCZOrPA8S4x_APuPiBuAEAAAAAOAHgBAI&bg=!R0SlRBDNAAZGOVy5Zjk7ADkAdvg8WherIRvH7PWlLWcekiRbBjNEPZJLH7bsKcBRldZpUhskmlc7_uEbkHmrO2QvayLr3OYGnSMCAAAAmFIAAAAIaAEHCgAKiMib2IWlC9W_K5kC2SZB-g5N-v2g6DYTENW9TXjSSHS9_PYXmuxrnHcFINiRKU42WijpfArGPRJ3tidQHM-njju0yibrwQLNg3mKQEyKPbb8Wmw6KJJKHPxBb1ws2OelZzlEgw6IYp-bSYbQGtx_syLRmF_7hiF-hx4wwigSs8cyIV8k6DZ4qAfRxxp0RLT5WHbXzexwnMPcGIZtr82klKRCGrTXsB4SHju58qpH5sP-1VX-A8kLrhYqyv1583-8LkaxbcnqbSRFQva8pMitspFKjua699zvcpJa6DLPqaKS1qV4j4P_0tnTr5wR_vFw2UY4r69WsDIE3TqF27XbVmGE2x8OqyHWOquKB7vwBkNeeBA1bzTe2Te-V3Hne5G2QINvto_i7xuGAKaejhSo1M9W9YGehm4z_1uImxxSHNs0nrwNUDK_DnHoYp_aFEiJ0qMHF8ywuZbzNi9J_DInhX4AYGPqteJYSXl0OYd0C9bfTQI5LPzCL3LzcOU0lcRtqdGa-Q9niUloKZNMh1zQQYMUiEw3pzcZnRmKJOk-TjcrOpri79eq9eRBLrDKS_ywACUx6ulF4T45AYmGVrMN_ZRYiQ_7WjPpyIpDDP9DzDmeMsyasxpjPMKXUZg_lg7t8O37BiT3iAHNO2IYhy9Ea5GT9uToA4a5Ui5w0mOtassjrVbeQaeSu3heH5FWFUxvFaDNuXD-8Fn4QiFNDEDPcCzBObCmYyhgKj1onu2FMXK21PYblIscWJDgt9O7CRrqi7hlxpUIZ6kRCZmiHli2WNLGl7_btJvIU5BNI501Y9-xqgCxPzv9Bq4yg_TPzGy1huxwyLtXEdhc80QOGmazOLhFy-5Pk2tDe1va3vA8rL1imxeOhFRZlGuaPM_TcUn3qFtfBuAwYO8wIDsTYHZ4IoFl2LYPjsOk7SXrvHc8a6WvX6q1FuF_koyWELrMrm1VBWW9oTB8UQ_ZSuTGgyGQyyeyvz1lnw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:34:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1549653&asId=fc62a7ca-8662-c496-bc27-58a740d7beb8&tv=%7Bc:jyWra1,pingTime:-10,time:364,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE1LjAuNTc5MC4xMTAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1690454046665%7C%7C848c470e97be9e5f6f331b6ad46dcb51%7C%7Cd0bbb78e6e470472c335369488825264%7C%7Ccd9fc2c3d54ae6f06d1ae9902fc24f98%7C%7C94fe6e61ee043fa600eec5da6e019a95%7C%7C359bf30568064a6785336a7f3bb587db%7C%7C9b3c870b9462f564b5af9f69bd9efe86%7C%7C40d7456a669b1933236b0b10d29b7cb5%7C%7C1663701684%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:2e74:fc05:44c0:c11d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:34:06 GMT
server
nginx
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame 437F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstUGd6waV-_csDyDhgckPlcYPW-i1FkS0iB7DrdaZ5E8I6mdJUct9l_TcPLL7xXwgTrI2tstbYyoSZGvTeCqFGP40FVWRPsKvEeOxudG-RUUAs26yqp&sig=Cg0ArKJSzDbn8trpOoGmEAE&id=lidar2&mcvt=1000&p=1110,67,1200,795&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230724&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1332890142&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690454045757&rpt=429&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:34:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 437F 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2283908709830&version=m202306200101&ct=76&x=8&cor=8849564555633990000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jul 2023 10:34:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
t.adx.opera.com
URL
https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstdLbx8Yl7MceqMQtG2ZolZP9qD-tU70cNGakVhwWNyITqwE2UawILSaJ5yoAHoU10Ijh3Bqc43uMt3xga0A7Tb2mAD9jOgKDdgebvyZwEhtcoGIubs&sig=Cg0ArKJSzHquDeVVkJ7REAE&id=lidartos&mcvt=13754&p=1110,67,1200,795&mtos=13754,13754,13754,13754,13754&tos=13754,0,0,0,0&v=20230724&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1332890142&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=b&rst=1690454030279&rpt=1363&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstaso37sezxwjhCxNnPwl0j4Tln0ViTFKOnn1lsmQKgbTSUuYYg5yN6jHh8JOg1mJvSIS_8LxoCk7sJ7GZpisL-M7lfvIGuRlA&sig=Cg0ArKJSzEq9lB55_1PiEAE&id=lidartos&mcvt=11386&p=0,0,90,728&mtos=11386,11386,11386,11386,11386&tos=11386,0,0,0,0&v=20230724&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=b&rst=1690454030279&rpt=3698&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Verdicts & Comments Add Verdict or Comment

199 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| $MMT function| $ function| jQuery number| mobile_width string| COOKIE_NOTICE_HTML function| prepareTest function| gtag object| dataLayer object| TEST object| google_tag_manager object| google_tag_data number| currentClientWidth boolean| is_mobile function| postPlaceCanvasSlider object| $qcont object| $range function| onYouTubeIframeAPIReady object| gaGlobal string| c object| blockedPages function| blockCurrentPage object| googletag object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle string| google_user_agent_client_hint function| xDomainCookie function| confiantWrap object| pbjsChunk object| pbjs object| _pbjsGlobals object| mnet object| apstag object| ifvisible object| launchPad object| launchPadConfiguration object| node function| __launchpad object| confiant object| _aps boolean| apstagLOADED object| apscustom boolean| creativeVendorLibraryLoaded function| setImmediate function| clearImmediate object| ID5 object| __id5_instances number| google_unique_id object| atsdetectionmodule object| atsenvelopemodule object| ats object| __uid2SecureSignalProvider object| __uid2 function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_na object| sync16589_wa object| sync16589_xa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_J function| sync16589_la function| sync16589_ma function| sync16589_N function| sync16589_O function| sync16589_oa function| sync16589_P function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_Q function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_R function| sync16589_S function| sync16589_ya function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_za function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Da function| sync16589_Aa function| sync16589_1 function| sync16589_Ca function| sync16589_Ba function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ia function| sync16589_Ea function| sync16589_7 function| sync16589_Ha function| sync16589_Ka function| sync16589_Ja function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_$ function| sync16589_Pa function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa object| lotame_sync_16589 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_139 object| Criteo object| Criteo_identitytag_139 object| _33across object| signal_decrypted object| regeneratorRuntime object| ox_esp object| GoogleGcLKhOms object| plObj object| -1fvyfi59q7ls object| google_image_requests object| googDdmPs

101 Cookies

Domain/Path Name / Value
.www.idrlabs.com/barbie-character/ Name: qsort-barbie-characterEN
Value: a%3A35%3A%7Bi%3A0%3Bi%3A14%3Bi%3A1%3Bi%3A34%3Bi%3A2%3Bi%3A28%3Bi%3A3%3Bi%3A19%3Bi%3A4%3Bi%3A10%3Bi%3A5%3Bi%3A23%3Bi%3A6%3Bi%3A17%3Bi%3A7%3Bi%3A22%3Bi%3A8%3Bi%3A13%3Bi%3A9%3Bi%3A1%3Bi%3A10%3Bi%3A5%3Bi%3A11%3Bi%3A15%3Bi%3A12%3Bi%3A2%3Bi%3A13%3Bi%3A26%3Bi%3A14%3Bi%3A20%3Bi%3A15%3Bi%3A11%3Bi%3A16%3Bi%3A12%3Bi%3A17%3Bi%3A3%3Bi%3A18%3Bi%3A32%3Bi%3A19%3Bi%3A29%3Bi%3A20%3Bi%3A7%3Bi%3A21%3Bi%3A30%3Bi%3A22%3Bi%3A9%3Bi%3A23%3Bi%3A6%3Bi%3A24%3Bi%3A31%3Bi%3A25%3Bi%3A18%3Bi%3A26%3Bi%3A33%3Bi%3A27%3Bi%3A25%3Bi%3A28%3Bi%3A35%3Bi%3A29%3Bi%3A16%3Bi%3A30%3Bi%3A8%3Bi%3A31%3Bi%3A4%3Bi%3A32%3Bi%3A27%3Bi%3A33%3Bi%3A21%3Bi%3A34%3Bi%3A24%3B%7D%40expires%3A1691058826
www.idrlabs.com/barbie-character Name: session
Value: 2cc94ba7-6109-4c75-990f-b85b035f5c57
.www.idrlabs.com/ Name: nonce
Value: 6004663ade23dae69d6d4d%40expires%3A1690626826
www.idrlabs.com/ Name: srv
Value: 6901852a20ef|ZMJID|ZMJID
.idrlabs.com/ Name: _ga_WZ4R7WY0KV
Value: GS1.1.1690454027.1.0.1690454027.0.0.0
.idrlabs.com/ Name: _ga
Value: GA1.1.628320600.1690454027
.www.idrlabs.com/ Name: cookie_notice
Value: 1
www.idrlabs.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
www.idrlabs.com/ Name: _lr_geo_location_state
Value: NW
www.idrlabs.com/ Name: _lr_geo_location
Value: DE
.criteo.com/ Name: uid
Value: 06406124-562d-4d7c-ad1e-5bcf2ab00c63
.openx.net/ Name: i
Value: 57a032b0-19ce-4151-9203-4c997dcd0b47|1690454028
.idrlabs.com/ Name: cto_bundle
Value: v8Ya3l9TaVpsazZENjd5JTJGc0RZRENuZFBTTW9jQ0RVRVB0N2VKeGlMTGprQTZuM1NLa25lZkZJVkw0byUyRnkybU9OSjR1ekNpJTJCa2Zha0hHc0N6b0ZFRFJJNERYRndjTGRqMGVUVjhvTHdWY3RMZzY4eWdYb1JCdFd3dWJoeW9jRkZ2a0FYVFBQZkVPNTNIR1BaMWNHJTJCWG91UVB5USUzRCUzRA
.idrlabs.com/ Name: __gads
Value: ID=e4b1d398bbd2b6bc:T=1690454027:RT=1690454027:S=ALNI_MZdY6R1hAKKHFC2GyinxYcaLCnxNg
.idrlabs.com/ Name: __gpi
Value: UID=00000c47be9d06e2:T=1690454027:RT=1690454027:S=ALNI_MaonnsMk8zZfJc7D_aP15HTJjoSEQ
.doubleclick.net/ Name: IDE
Value: AHWqTUnAfC_CtGkO6VNQ6apHCCmfqRqIsd3DUwkzOedoYvOdsKTCr-PqLjviXKRwE3c
.doubleclick.net/ Name: APC
Value: Aa3gxNoAOM2ul0tEmrP3D2VjZtVVVFyDSu-uZN2gEntNkralmU5djg
.adform.net/ Name: C
Value: 1
.adnxs.com/ Name: uuid2
Value: 5298221637248241030
.casalemedia.com/ Name: CMID
Value: ZMJIDVI2FTazn26vlFh6dwAA
.casalemedia.com/ Name: CMPS
Value: 2122
.casalemedia.com/ Name: CMPRO
Value: 2122
.idrlabs.com/ Name: _pubcid
Value: 650c21b2-57f6-4f80-b65c-998cd7daa494
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C$Qd8(pP!]tbPl1M>e)ZlrFUfJ+tGXxp6L[^_=@hI'PWuSD.AGpXca[SJCXOvy!hAPk+%nugO%v4VB%nlxj)h9tR
.quantserve.com/ Name: mc
Value: 64c2480d-9cf96-0c989-3a3ad
.idrlabs.com/ Name: __qca
Value: P0-1493758404-1690454029415
.rubiconproject.com/ Name: khaos
Value: LKL0OLCI-3-HZPH
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpQjD+UkCUsmS+IXqvPVzt4X6LBWwGzep07cZe5xyGZWaFYE64zX6WOqXKyMctErmC0fgKlSqg69eBxGCOXoSK1K7299Lpi5lu+xUA9sgf/4b7FQD2yB//h
.adform.net/ Name: uid
Value: 2665416385726008439
.go.sonobi.com/ Name: __uis
Value: de79739b-e69c-4605-8848-59a4ec57a1d7
.go.sonobi.com/ Name: _usd_idrlabs.com
Value: 2029681b-8fd4-41a7-84a2-e9062532c535
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: HAPLB8A
Value: s85110|ZMJIE
.ctnsnet.com/ Name: gid_CAESEGfAbnzkYicwaCXMqX2BIvI
Value: 1
.ctnsnet.com/ Name: cid_418c00dee5bf4bf79dfbdf2b724552d0
Value: 1
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22095F8A43-69FF-4467-83CA-AC22AF284EEC%22%7D
.de17a.com/ Name: guid
Value: 1.4779171506127490503
.360yield.com/ Name: tuuid
Value: d0dcafd5-efde-40fb-a422-eb0f42174924
.360yield.com/ Name: tuuid_lu
Value: 1690454030
.spotxchange.com/ Name: audience
Value: 1442ca1f-2c69-11ee-bd9c-1a7cb9e30206
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESENR9kwjRm1LURek_5vOdRrs&KRTB&22987-CAESENR9kwjRm1LURek_5vOdRrs&KRTB&23025-CAESENR9kwjRm1LURek_5vOdRrs&KRTB&23386-CAESENR9kwjRm1LURek_5vOdRrs
.bidswitch.net/ Name: tuuid
Value: 699e7c57-443f-4d74-a517-dcf026e860a3
.bidswitch.net/ Name: c
Value: 1690454033
.bidswitch.net/ Name: tuuid_lu
Value: 1690454033
.creativecdn.com/ Name: u
Value: XBW8SfbpMG6RWTauYxCu
.creativecdn.com/ Name: ts
Value: 1690454033
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwsjQwNTEzMLU0NRXiM9Q18vD2Mo-MyI8393AFAJU37_olAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwsjQwNTEzMLU0NRXiM9Q18vD2Mo-MyI8393AFAJU37_olAAAA
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 5d5c2001d082f189
.pubmatic.com/ Name: KADUSERCOOKIE
Value: D47DA65B-5255-4629-8516-71A0FB352C91
.yahoo.com/ Name: A3
Value: d=AQABBBJIwmQCEFKDRVRbRmnypcog1UAPhuYFEgEBAQGZw2TMZAAAAAAA_eMAAA&S=AQAAAuWIBxj3qgSBN8LKm4epBok
.go.sonobi.com/ Name: HAPLB8S
Value: s85137|ZMJIF
.linkedin.com/ Name: bcookie
Value: "v=2&3e527cf1-4b21-495f-8421-91df0de887ba"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTA0NTQwMzQ7MjswMjEbRTDQtR/NObzfTvGSEPSz21D0CS9Kh81dJLg5Dn+aow==
.linkedin.com/ Name: lidc
Value: "b=OGST06:s=O:r=O:a=O:p=O:g=2693:u=1:x=1:i=1690454034:t=1690540434:v=2:sig=AQFklnt3LYNKC1LemNN_zRPYx69JX1UD"
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.quantserve.com/ Name: d
Value: EKEBCwHIKfijAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmlgYmpiYGxiamS5ShTBNzYxsgAAmNZ3aCAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-4FI65eJeabP7Xzqx71B057VfYe77VTjktwJ3HMuG&KRTB&19420-4FI65eJeabP7Xzqx71B057VfYe77VTjktwJ3HMuG&KRTB&22979-4FI65eJeabP7Xzqx71B057VfYe77VTjktwJ3HMuG&KRTB&23403-4FI65eJeabP7Xzqx71B057VfYe77VTjktwJ3HMuG
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5107433829054605955
.amazon-adsystem.com/ Name: ad-id
Value: A3QatEBfZ0x6jrSe9KjB50E
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-4779171506127490503
.simpli.fi/ Name: suid
Value: FA6987720D4A4098984BE008F13D289E
.weborama.fr/ Name: AFFICHE_W
Value: sxZZOqbh55Oz80
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-2665416385726008439&KRTB&23263-2665416385726008439&KRTB&23481-2665416385726008439
.audrte.com/ Name: arcki2
Value: 8d2HDr5FdzZR6Ou141BVNMS9w!20220908!1690454035140!ip#178.162.209.131
.audrte.com/ Name: arcki2_pubmatic
Value: D47DA65B-5255-4629-8516-71A0FB352C91!20220908!1690454035143
.audrte.com/ Name: arcki2_ddp2
Value: 8d2HDr5FdzZR6Ou141BVNMS9w!20220908!1690454035431
.audrte.com/ Name: arcki2_adform
Value: 2665416385726008439!20220908!1690454035908
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 161763:4
.pubmatic.com/ Name: DPSync3
Value: 1691625600%3A227_226_219_197_201_245_241_235
.pubmatic.com/ Name: SyncRTB3
Value: 1691625600%3A220_21_56_161_3_13_46_71_233_166_54_251_8_264%7C1691280000%3A63%7C1693008000%3A203%7C1691020800%3A2_223_15%7C1691712000%3A35
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-5298221637248241030&KRTB&23339-5298221637248241030
.adfarm1.adition.com/ Name: UserID1
Value: 7260444804319934604
.zeotap.com/ Name: zc
Value: b2e33f10-af44-4371-5439-ecd49b3971d3
.turn.com/ Name: uid
Value: 7863977536294349538
.onaudience.com/ Name: cookie
Value: 594f24b9dc75e8fb
.onaudience.com/ Name: done_redirects147
Value: 1
.adx.opera.com/ Name: UID
Value: OPU4fc58435cd964e5ab37323caec97efb0
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7260444804319934604&KRTB&23369-7260444804319934604
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7863977536294349538&KRTB&23150-7863977536294349538
.bidr.io/ Name: bito
Value: AAJUDE7JhJAAACjlSo442g
.bidr.io/ Name: bitoIsSecure
Value: ok
.semasio.net/ Name: SEUNCY
Value: 6064D90EB46E47B8
.smartadserver.com/ Name: pid
Value: 8213357817086859722
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AAJUDE7JhJAAACjlSo442g
pool.admedo.com/ Name: tuuid
Value: 1ea58c8e-20bd-4aec-a0e0-52ce7f4a6fa8
pool.admedo.com/ Name: c
Value: 1690454037
pool.admedo.com/ Name: tuuid_lu
Value: 1690454037
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-6a11a358-fc40-51ad-645a-cd933d3d6171.pd%2FOeZKnQFVzO5ZKk%2BTLxA5xvKePDGY%2FG5ZVxv1N7to
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-6a11a358-fc40-51ad-645a-cd933d3d6171.pd%2FOeZKnQFVzO5ZKk%2BTLxA5xvKePDGY%2FG5ZVxv1N7to
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AahGjWPxAUa1kWs2TPT1hcbKi0YM.iI38hNuHGlQxin1hL7RWLPTkEbbw%2F9a1hSSQt3UeUms
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AahGjWPxAUa1kWs2TPT1hcbKi0YM.iI38hNuHGlQxin1hL7RWLPTkEbbw%2F9a1hSSQt3UeUms
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKICyQnS2vGiJJDRScFn0sQPajppp8V2tJo8mtHnWDBAysEHwYBCCVkImmBjABOgRVNED5QgSOYdLM.kyF4GTvjZ5pBqBeUwL7hwIxeMc03vpF4mqUmpXf4ouI
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKICyQnS2vGiJJDRScFn0sQPajppp8V2tJo8mtHnWDBAysEHwYBCCVkImmBjABOgRVNED5QgSOYdLM.kyF4GTvjZ5pBqBeUwL7hwIxeMc03vpF4mqUmpXf4ouI
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-ahGjWPxAUa1kWs2TPT1hcbKi0YM&KRTB&23334-ahGjWPxAUa1kWs2TPT1hcbKi0YM&KRTB&23417-ahGjWPxAUa1kWs2TPT1hcbKi0YM&KRTB&23426-ahGjWPxAUa1kWs2TPT1hcbKi0YM
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAJUDE7JhJAAACjlSo442g
.pubmatic.com/ Name: PugT
Value: 1690454037
.pubmatic.com/ Name: SPugT
Value: 1690454038

3 Console Messages

Source Level URL
Text
security error URL: https://6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Message:
Refused to execute script from 'https://m.exactag.com/ai.aspx?extProvId=327&extPu=vf-dv360&extLi=17041403958&extPm=17041403958&extCr=506747991&rnd=1690454028434250' because its MIME type ('image/gif') is not executable, and strict MIME type checking is enabled.
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=D47DA65B-5255-4629-8516-71A0FB352C91&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Message:
Mixed Content: The page at 'https://www.idrlabs.com/barbie-character/test.php' was loaded over HTTPS, but requested an insecure frame 'http://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPU4fc58435cd964e5ab37323caec97efb0&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D'. This request has been blocked; the content must be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

42234476f6ec258d486b449dbd8b204a.safeframe.googlesyndication.com
6ff61fbdc6171ed0f8834a37e1eec8da.safeframe.googlesyndication.com
a.audrte.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad.turn.com
ad.yieldlab.net
ad4m.at
ade.googlesyndication.com
ads.pubmatic.com
ads.travelaudience.com
ads.yieldmo.com
ap.lijit.com
apex.go.sonobi.com
api.saambaa.com
ats-wrapper.privacymanager.io
bcp.crwdcntrl.net
beacon-ams3.rubiconproject.com
bh.contextweb.com
bid.g.doubleclick.net
bttrack.com
c.amazon-adsystem.com
c1.adform.net
casale-match.dotomi.com
cdn-ima.33across.com
cdn.confiant-integrations.net
cdn.doubleverify.com
cdn.id5-sync.com
cdn.idrlabs.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.pathtosuccess.global
cdn.prod.uidapi.com
cm.adform.net
cm.g.doubleclick.net
cms.quantserve.com
cr.frontend.weborama.fr
creativecdn.com
csi.gstatic.com
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
esp.rtbhouse.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcdn.2mdn.net
gcm.ctnsnet.com
geo.privacymanager.io
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
imps.monu.delivery
invstatic101.creativecdn.com
js-sec.indexww.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
lb.eu-1-id5-sync.com
m.exactag.com
match.360yield.com
match.adsrvr.org
match.prod.bidr.io
monu.delivery
mug.criteo.com
mwzeom.zeotap.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
protected-by.clarium.io
pubmatic-match.dotomi.com
px.ads.linkedin.com
r3---sn-5hneknee.c.2mdn.net
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb0.doubleverify.com
rtbc-ew1.doubleverify.com
rules.quantcount.com
s.amazon-adsystem.com
s0.2mdn.net
s1.adform.net
saambaa-static.azureedge.net
saambaa.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.teads.tv
t.adx.opera.com
tagan.adlightning.com
tags.crwdcntrl.net
targeting.unrulymedia.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
uipglob.semasio.net
um.simpli.fi
unified.adsafeprotected.com
ups.analytics.yahoo.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.idrlabs.com
x.bidswitch.net
pagead2.googlesyndication.com
t.adx.opera.com
104.18.10.47
104.18.24.112
104.18.24.185
13.32.99.35
13.32.99.57
13.50.58.122
130.211.44.5
141.94.171.212
142.250.181.226
142.250.185.98
142.250.186.130
142.251.168.155
143.204.215.51
145.40.97.67
161.47.17.28
162.19.138.117
162.19.138.119
178.250.1.9
178.250.7.13
18.195.47.22
18.66.147.69
18.66.97.121
185.184.8.90
185.64.189.112
185.64.191.210
185.80.39.216
185.86.138.153
185.86.139.93
185.89.210.90
185.94.180.125
192.132.33.46
193.0.160.131
198.47.127.19
198.47.127.20
198.47.127.205
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
208.93.169.131
213.155.156.169
216.52.2.48
23.32.185.192
23.35.236.201
23.35.237.56
2600:1f13:800:7780:2e74:fc05:44c0:c11d
2600:9000:21f3:b800:19:8ca6:3640:93a1
2600:9000:223c:c00:6:44e3:f8c0:93a1
2600:9000:223f:3400:8:48e:53c0:93a1
2600:9000:2250:9a00:a:e047:753:be1
2602:803:c003:200::21
2602:803:c003:200::47
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700:10::ac43:266a
2606:4700:10::ac43:db6
2606:4700:20::ac43:4a81
2606:4700:3030::ac43:af3c
2606:4700::6810:5814
2606:4700::6812:4a5
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:21::14
2a00:1450:4001:802::200a
2a00:1450:4001:806::2002
2a00:1450:4001:809::2001
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::2004
2a00:1450:4001:810::200e
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::2006
2a00:1450:4001:827::200a
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::2008
2a00:1450:4007:80b::2003
2a00:1450:400e:8::8
2a01:7e00:1::b903:5c4c
2a02:2638:3::3
2a02:2638:d::d
2a02:26f0:3500:d::1732:83d6
2a02:fa8:8806:20::2010
2a05:d018:d29:3601:da00:7cb3:2a5d:49ee
3.75.62.37
34.102.146.192
34.111.113.62
34.111.129.221
34.111.131.239
34.120.135.53
34.255.171.199
34.91.62.186
34.96.70.87
35.186.193.173
35.186.236.140
35.190.0.66
35.190.39.111
35.210.53.219
35.244.159.8
35.71.131.137
37.157.3.30
37.157.5.73
37.157.6.237
37.157.6.254
44.195.117.16
46.228.174.115
51.38.120.206
52.222.208.154
52.222.253.136
52.46.155.104
52.49.144.166
52.94.223.167
54.172.28.235
54.194.165.126
54.194.37.177
54.211.218.86
54.220.149.212
54.72.84.52
65.9.66.104
69.166.1.10
69.166.1.15
69.173.144.139
69.173.144.165
77.243.51.121
85.114.159.93
85.14.248.72
95.101.149.233
99.80.170.99
99.81.218.213
00df4c71abce5525e275be8f94ee32a07ffbeea94226e8096bbb432e3928e8b1
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
023f3727270b8515fd1083eab91d487e33662c13e207b807b93b037b233e1c6a
0261eb4da30fed924167e89d8f33c31bb7d888ceb98fc8de07d464280b34f302
03aad58f643224f6ce0d2172cb2ed55ca8129bdab96873e2d4ed033972f0c800
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08755abf91e2172786b2f245cc2c4576a5a77c4d4f51e6854e0ecaa67863dfc8
0a277c008c63fbed19d2973161f71d1e13c51aeb6dbf3bf430eb01884edaeeec
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
0b2c524428c1a3604e3d1cdc61c2ae371a8f2fc767f801180fcf892db9e07c3c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d172ab84abfe2832682e1eec3fbb968413f8b0af1bb12416bb7ce51b073adf2
0eebb408bf6f91cfe0bf0c9e32b45329a456cd86d4f9c5b5e6bcd97844561219
10758a73345558a9e7da252a34f9f613d42486a847875f938d71232b6bfe040e
10eff5604b04a32c56f6661f3c57d9651358392acd667204fbac86daa8ba6242
118579ef80b90d5219a15a41da7281aa7745beab905db12d6223c9e89199f258
125409fcf19c41c3c6de0bf55beb7891aa9b98c7f48c1ae7c059bae24731acf6
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1622b01b46b10877eb2b16fb08636d0da4ef3feaab7e60b9d100f1d8881fd9b2
1644090ef9df99af7335d7cc387813083e1798771810590d3ca42fe1213e27e5
169d42624a4027dd6a404dab710dda97036feff6301c49af0ed5789bd1459ae7
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18781204f108650f612cb9bd5777594eeffc7765dbc576a9afb969b5b8ded510
18e004470d36df0f89651125a390e71ffbf42f946d4e1469c716a6e80c10b4d5
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1a9e9a0b165915cb1a7c3ec593ac8e869b916e7f53510015781049d713b9a794
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1c54b9d1b579c59f8245fd21a021725c0dbde06ec90f44df1bbc03458f40dfe8
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1ecc9c67427a770d22e0d29773fe793e793f3b0cd1a0fbe18259096dc8b15703
1f12934e19a70be7c9e84d154ccbc9128bb0361bb2a2c76a574ee2fe8cf84ffd
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
20f0f639f06387e0c726a8c74f626839243e3c614e689f778532d0e3772d0d1f
2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0
2360f283fc3124f54c3265fc545d62fc672d3376c1b0c7b65a6b6daac0364850
24bdce08dff3de800df43916bb99c54a752da5ac3c58fd647b872aa895908c4a
27d733b03f732681e9711ff3bac09505a824e7a15f9c0483a141596c79de5ce5
283ecd57dd69ccad22be51a2887dd27adcb390457233a81bb69fd04a3aee76ec
299c94b98c68b8ee82974c70d5327b44a2e3374c8bf04620d0975c58655a18d1
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2a3dc755b7c979f9d9a3d285dae6e5067e2784fe5b0725f7f0afa5585b3766e7
2a5197525b2d844bd1ce5852e89988181164abcd15bcba5767e37a0800445ec9
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2d8c66e1e4841f76b37118d02e1ce57864b8122f89e7d54e8c9ff9496dedd19d
2e0138178b68ba97b31998b5f81143ca66fab58aade2e92ae9ba3a600decbe66
2f3e7ea17b518b4f09db510225a46097ba164d8a96537d2102884f2abfca0ec7
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
312f4c683989f43a9f943b04a99b721d39e29a1fa05361eaca189290a90ea09a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
342ffd835bbdafaf798793d22e9211f27d79ac730474bf86418bb912f4b1afc1
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79
3642c7e774562f7483d7b0de93dd1759fc6928e85eebd7e62ddae72e9d46c9cb
39483da68896842e4e616b516176894bc880ef9134fad5ed2c9e8cfd018556cd
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3bdf11c1503648d8dc6d0d548e4e6b4e98f91ce55decc4f845b6bf16beaa6435
3c78507ab6c8ae46bf510774b9e64af37f6bcfe6318e90b59b6e387250f9a6a5
3cc8eb288f8cf4dd9379e8bcf53112eba5e8c2e19a878003ad4183761e27d382
3d14af6714f8e174042d16f9ee9938f7986b826935f217c43cd3570945f8a8a5
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
3dd1e025f5c1ca366857cbf5f4bbc217c9c4d17704f0e015e3b85bb71965439d
3e737f1540ca69e824b5cc438630338e05c3c64c191a2273a5a73d18f38de911
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f8cbeba8abc5a0e57203ed554115012a322060a7fbfe3e6a572ddc4f6ee0e86
3f932c619cbf5c03780dadd183c7b54f9dc709e418b93fd02383e20ca29c0ecf
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42732828c18624ec86a36bd51a4fc548519192032bb1d18268905560e87ae65e
427d651cb7462f6f4888e99c232bad1df521e349de72c04f5d12e50b4b0707d8
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
432a5f4e000b6e8faaa2880f9c9d8877443b5e4a5d0a08018c97693e80fc1bd0
43b2801647e3defe00906d92df61e3ce4d7474394a8c4663d26a2bf3c1bf6dfb
441f1bc182513ee0d45b1c148db77b306b9fa95f43d1924405d319c606f2c558
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660
4666fc10b69d09643e362fb814add39f50877b8b9e7afc839d287a794c28342c
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
479b1b54f4fbb78952d6d694f899e28804fd8ce36f1ff182c78e8da11a77cbd8
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
493cca1c2b95032b6d3bf5a310bf618b3bd7c8426fdeedaa0b2f1e1fb2ae48ea
498b2476c125c71e32f5d029a5a808c556916b362db71109a921c70103431c1f
49ece968a476cb06e069eccc7e3bd495dec6d40483f7e906b910ebf330b565a4
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e
4b7f694e4e9187e745352c16e810e96d6299403f22332ea501905043bcd134c9
4d05c369e40eca110695ffb93bf58e3fd68529c45b68cfc5f62dff7c98e3c8eb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e6d119f570ee32c560e1bfaec5ef25d708a2ff84ef5f3ae5aaa44d8236fd131
4f012f0400bfab9cf46ec7b68e200b2584eafc7bae319c5cbf6992952c1f2f93
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
523855e128c620ef94563659656cc1c5dd45f097302c1894becfba8912752081
525f3952a087c1026c64ffa57f80d305074f5258f0840148cc3fff717a21f44e
539f6d811b0bde99469ceb87e815416bdbfc8b15eab1e979d007182638b901da
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
5453f0baadc9dd8733718e2605912eb0133b4450a2b554710a7710693568de4d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
556bb24d5db2155513026f7c6594fdd274e420ad541682ec4b72cc1d6cccfc14
5588fd5e5a07fc4a6a51a8eba813ba8023ea2b23016f2aee59ac00da39d3da14
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
563d8b655debf02dc76ee9cad7e2114692c770d009bfc9ed1f9153eb384593d1
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
58e25f6a3165de1ae7ba125f425747d45f4d1f37634a9b67a719698780bd1b37
58eff2a71fe175affb5df0e69004e8154e82430565ce1cc60501674947f3a570
59195d050da696ec305e77da22e00971b317081e84b53670c0f035d7f778f08a
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
59f720b3d6e4979f6f2ebf485933ad37e7b18d373dced937d12116c7aa4a6fb5
5b5c8f3c05a4174b50e8ffd59f8e1f35b7700c2f411f996a2af47412c0733bf2
5b647edf1597f3427578fc09d41be48660f2388e92022eb0693975efd38acda0
5ba26644a205dcb07c58ffbcf3464d6560231c6a03d7a66e6b41fcf04359c210
5bffd910e7624e46044c38023206088a5831e9e0acb982a062d9ef039258fae5
5ca467bc0d2cc2a04592f0ef77be53568ef085caaa9272a370a5e2898dae2375
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5f37a5338b5d097bdff617319a12958dd6c6540425600f2622b4ef62092785ad
60324999fca19d5610c7e70ce81fb1214f987d7d1fa9986bd1508d7bbd23d9ea
60bee248c137ca26bc133e20134b4e6752d4acfe68d73ce1c71ce7cf23270ddd
60efde7f3cdc8d805dd20d1c783bede89a371c982b02deae27cffd3cf23b42a4
616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
653bf260a94cd414dea986015a409b2a1a2f22a9bf91b5d0e1b2f36940c3fc16
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
67b5544fe9d3017f4eac6be1cf984811497795c955f8f3b3e07ee400da25a3f3
67edbe1fe2a38ebf16fc36b42cc267e37f18629ec79feae7a177178bf6e24d89
6824169a256fb7329607d3f67f5ecafea385a2bbab207b2e1fb6409e9e351420
690e6ededc011ce2dc71166d2f5ed3e106acd9e48d951310fc377a9036ed5178
694232a260aae79863960cde335169eda08872773c6f3fc63a4c16edfcf9a477
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b0b1cdd4961cd7eec42130d8871c362c2b22643085fc67ca43be945ce67c1aa
6cc1b6b1e583192526b0649abdf51e372b8ebef1385f2bc99ded4a6d1225ab61
6ce39bb0d2464ee05172b77c17a94c0e985b3ac7ae0fa2eb69c75e296c23a964
6ce947fcd679a560bde683a5df0fd29b0f848c4492a4a8375a98d1d441536da1
6d827deb3a499659759c9f9c9e34fd3e5829a5632764d477ce9b95918e60f879
70e97e66ebaea700b5f73276c360172bb4c524b1812bf5caad579ae7af055c77
72dbda4fc54f9aa4de05a0830d106687cedb0d191a2939a99e6708735413e3bc
736f4606d75cfbeab18d78bb90d2bcae3229f8e220954679afa585b191988b84
7428148a46f1be021d68608b6443d1812a65ff4b9506b55da9c052cf4627d0d0
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
76233c7dfd05a5b2b360006e2ace766d3cf7eb5e868ed28f15418f9f97b088ec
7688dce79874c2e94aea3f927292bf7f9084145c4ce10158f6d25d74a08862ab
77b68c37662648a190caae221ee0baa115dc68002baba3137fcebfed8bc508f2
780b3414d0f7f9eb878bc7c050b3a4061c72eab40726134873273c99fc14bb78
7ab824a1bddb73d4f78fc70871b4b3a7f2ccb3289372cf0152f0d689319730a6
7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac
7b98dab2e9f1133683f48a15f51a689a010dcf3c0988d3b61bdef17cc68bd5ea
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7cb745c1c8cffe3edddd856464e624896014f9b980629890b3986c6da3f056f3
7dc1717b59936405876bc8bacfb1e7a8d5b55fe96e197bf92736f96eea44503e
7dc8a73a3d26936b5a9a3537619063ae281e1a3c9bedb0c0e742981e4c1d1107
7dedac502ca0c39765cbcaeaea8464cee7eed16289c4627d3ed7cc9c3df7967a
80b3477715167c0f06b1f725c4dc1609a21b734ec5c8745575ae163875f13800
81943eaaed3d4739c31bd71d834b6d2597d7ae14e0114757c35d03f5449b1dfc
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50
838428441c139fbdb2f8976608fb144594cf3393af579f8dfc4a4be1bd7cfe9b
83a59abdf7edbad06741293ce26a7b7144105d7ac9edda0641d4339fedd63c93
858d94c5c6997d659f923ddc661575aeeed8ea443cc9e2297e311f769b5fe730
8593f33fb5122b047b525ac843da2938cfab263e88c82a21ee2b6468c90e3a8e
867b45f6bfe5bdb5e57199a4bddb9115a3e5e122c21541e36334292ee26b93bb
86ef35dbbd768a4cbed3505864f88158208d36356d3cbea1111ac0a75cad67cb
8876b805803aebcc9da38faf6ebb308f30e8e3ade17ca9f9512dc56705a1bede
899f109e56a613e6c5bc13feb3bb503c58456a921413cd0f6ac4131b90dc75d8
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89cae91df8eb3c3cb4de4feb4badec088f405892a4c509fffde1db4f08c86e91
8a1cc9db7df1dfa30cd035968e8576cd0f53130432374913a2e494f50c21ba4e
8b30f85f41d38e70a8fbb5ca03c653c55b2353e61255a8c0b345421b55931787
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d7f01627330fa17bc2f10271f3d8ce6b3b3509528b5587066e88a9a568614c8
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
8eacb244c0416d77a87384908ab6ef2cdf177845393b44dc18a49c0b1ce5f9c8
8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
901c6f75c7a0329035c948aefdf914676d8f157a34c642043b90364d87367dfc
9229ce97168b9fad80cccb0bb2fe7b0b301fcf902b50b78924af7e1f22f584b1
93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
96debb48b959e7206300a08ea3c9d7d159367b988c234f65c84129b660e47ba1
97570defe15fe0a83b49642f0ecf2dcc9c7400d21272372d3b140beb372bd08e
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e6163c244b061e93f8537efc2f03f7c197d46b1d1a8d92ed24162ffb5b55322
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a57258a3f51dc6ee13ca490ab8e780ed443e5725a650e7f085f1c67325784461
a578099a425baf297a1b87427bb1fc19ee037bbb62655ccbf20d10c6247733b7
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a76ead21faabcc3ab3ba635396f98ebf83bbfaac869961cb43e8f80d29e0d0af
a8a6c7bac8f003014a8f6f91bb27df87072df7d855fe3ebaec33b030ec3b082d
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab16567d9da12ec25f3ecac99aaf886c3afd988ce75648c944fe0756a0e433f5
ac2e79a420dbe9766367af46d59263c244e753263c5194bfc393597f90a29aa2
ac4525a0d48b44e176fedb3bd552499d626a9fcc5cb3ce6b48f8e544b7a1ba5d
ac76829473703d25d7fbf6c9156c184ec190966a4d2287f04980fbff55914a08
acfb541441641013fac0e25b3ecf0f516a00f465adc4097aeaa429a9ee13fabb
ae505391f76877b51939a4042a29ad6437bb24e619bb2719af03880278c3d109
af508645414a72d60c0221f01b376785d69cb7aab694cfe0a1f55877a11aea4a
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b118568858df50612fa3591132d6d6bb41ddf00f8c74ad8cccd16e5510691aad
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1bce502c2075eca34d6f4d631801d70e458714824003a3859565e44b3065e5b
b2a17f75640ea7fe968eb8de7ca2e6a8b175b4eac410acb50621d4cd9fc951c5
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757
b4c9f5d8100e67a0735538d15449b8a8c4a6e90e1e92091f001f414535150f81
b4e9057af3a28694fdce102c4319f80ab077001fe84862c78df39417cdf2f3aa
b624a399a26eb5a18c50cfe99c54d2d569d5e0cc6469bdacbe88c83ea72d18a1
b6276bdfd4e4844bffab5fc63afcbf296b5ab01ffab5ec61c7c513ba41089d09
b62efa5f6f775822355fda10731a489044b23a532fe8fdaa7a84c19756a4ecd8
b6882f9682542dd867e2598e6276f7eee1414bda6da42767b3e58fb152818801
ba24eda30cf8adc762f0c2027b5e616f52d83f231c5ddd28f7b6f733d1438fc9
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f
bc0fef732ad97882c112ac353f8827d2a20acbe5a0972217452f3d69260308c4
bd08be9cbf5f35486ce3011abc8286e9e2f59ac1de1ff9840377332383263f19
bd2c2b4b756865a51190dcea5fe6fdc3ab03f89b219996af5d1f4315f27af017
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
be489508881c98d351634adff8adbf7a8670e6d98a943c9b7f9936a00f77975b
bfe889951d907fd5d1b2c128f6f4849737e3c4388647555228e23e4856ed57a4
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c45264ae1e2af885a75703644078313bb362cc4a451cc04005037c29f62353d9
c46261799db2b9293be2af0302b45e51ab5d1e383d0e7b4994432c8fe0ff3d26
c519514b923ec62451dd008e0c80dd00694b531af53d25007b1e4c5ca2937fd8
c631d8ea7b4d7439426b2dba92da05bdfb62db36c457c9788878f02757eb4de6
c7fe6da239be5e83a3d053138d413293ac50686169f09bade4ac60edf7f60120
c8ae668182687f426cfba624d6847e9c4d00360c0e3d2c3d1b4c2d1cae00179b
ca372f1d4ced7e2a37e83eb5b880159ba569a4fbf613b9cc2894a6c8726c13f6
cc028ada26ee60d1b0b42bb64d06eaf99c85a0826d20091d1cfef265c71828da
cdd9a3e5f93beae071bf6d215271850facbb94b138d92cdae5e749fe42fb14c6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d1abef527f498afd45a968e9d226413e58b40b21872f23164ff7a203a26f40b6
d1e578e508abafa7c9b8589a5ba052887719f20d553bb67eb373107f3da0919d
d29cf32ab8985fec580b570bdb4cc53868576050b38589d4dde895c0e43d2262
d3004a2de4e23038e1fc39498bac9861b53cce7b4dde3faf285bca7538c0eced
d33f7513fa0e7c91f0612b7ef6e44aadedc1ea2165b737d22c425835ea130b96
d6a5e09e10f94077749be842a39eccdb423df69e86b81b279683fcfc33ad443c
d6b0e3583f1be410524d9985b3f29e9a46ea72a4c2bf1040ef6f044c2fd28c0e
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
d82c80bff18f735df38c5bfa3761617ac251e21a786b2fb51c5a48e19d8785e5
d8acea1829ad63a90f23eb4d07b54b98c6423dbedbf7acf8538b47b3075d63fd
db556c877765791cfa9dc4febd9a83ab0dfdd29245b4c0ca786911f4ada39bbf
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0229dbcb78d16f4e98ccb93decb992b6bb488fffdd85675e586ab6546efd3bb
e11eecfb74231859c1383152f33d1a1b3c7ceda5a6e8e72f4f5548ba9eae6dc3
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b9d318b3157ccbfc3bb00e82a446613294f9a592c01537662386bd848882b7
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5961598085066e30fcda4edeba2b5aa3e94bc5852db5dbc1ef1296bc0bc2c56
e922a199c0736d84f1cb215cb5950484e8cf7c04011a35ccf28fd755aa5e7133
e95882ecf77b5331288fa14ffd880f4be7020c9fef58e7fa744d099aa3019618
ea9a9a4e30dd7fba18d51b70d4772d84bdca536c8cde09d9bc9cef7c555e5bf2
ecdce583240209e675bd219c031902309f47493f1f3bf05d9329d2186dcd8839
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff404cd1ccd5b3b035951f62095f3967bcdca9b40ce848007a0c887d55d5dbf
f1243cdd06aeb9587a5e582238a3a100ad3925de541259debd0677a4d995b4da
f2561117cd32d190e49906c42e4079e4db3a68203adfecfc13f9ab6b4d8de4a2
f294f48a5bc171da79776780d32c77ae3323a508cb595a56f116ecb7578a8e7d
f334dfed822664140cb14d489a23da9b6d2e1a0907f9af1026df8b8cafa0291a
f3e0602ffa7bfadd0bbf7a3dd8f754c9460d7af53c478732e1ac37a644294de9
f544735fbae5b06e8b2007f761999a2c9b800a57acd37e7528032b88832726ff
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f9c3117051ced028bbe4c1103d1454a6234608d8fac648d5e9171f21212c6af5
f9d9c7a87c8d45bf544e7e77ebd3e5ca06c28c690e4c36bf6def49fa95326941
fbae080321632ad4ce06e9207ef9a534abd1d6488a96a0a4334fa768d1f93717
fdd13f05ac71efd56f80454a8673fce5d1e7d14e432dcf9aec5aafd8d16df65f
feb50eec5349c63d890dd7f11d216d3f9899f2a53875b8c48a2113193f12a69e