www.babiesjh.com Open in urlscan Pro
2606:4700:3030::ac43:ccc3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.jiastar11.com/d/oxal0f?fbclid=IwAR16jk1amm3uglaJHjv4sL6NdQKtRe8MVlBxo25ll2uZPzkVPAfzpTYGVUQ
Effective URL:
https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Submission: On July 07 via api (July 7th 2023, 7:08:45 am UTC) from US — Scanned from DE

Summary HTTP 225 Redirects Behaviour Indicators

Summary

This website contacted 46 IPs in 8 countries across 33 domains to perform 225 HTTP transactions. The main IP is 2606:4700:3030::ac43:ccc3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.babiesjh.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 7th 2023. Valid for: a year.

This is the only time www.babiesjh.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:303... 2606:4700:3036::ac43:a75c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 17	2606:4700:303... 2606:4700:3030::ac43:ccc3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2606:4700:303... 2606:4700:3033::6815:2275	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.186.215.140 35.186.215.140	15169 (GOOGLE) (GOOGLE)
1	92.122.25.231 92.122.25.231	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.115.196.58 3.115.196.58	16509 (AMAZON-02) (AMAZON-02)
10	2606:4700:303... 2606:4700:3034::ac43:d9d7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.38.54.12 3.38.54.12	16509 (AMAZON-02) (AMAZON-02)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:e0:... 2606:4700:e0::ac40:6725	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	119.28.16.172 119.28.16.172	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
1	2606:4700:303... 2606:4700:3033::ac43:d64e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:310... 2a02:26f0:3100::1725:e270	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	108.138.7.39 108.138.7.39	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:e... 2600:1901:0:e207::	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
41	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3030::6815:5f9d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	119.28.134.92 119.28.134.92	() ()
1	2606:4700:303... 2606:4700:3031::ac43:91b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.238.42.234 54.238.42.234	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
8 10	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
3 7	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 5	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
2 4	63.35.89.158 63.35.89.158	16509 (AMAZON-02) (AMAZON-02)
16	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
4	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	23.192.153.172 23.192.153.172	16625 (AKAMAI-AS) (AKAMAI-AS)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
6	2600:9000:223... 2600:9000:223f:3c00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	87.248.100.137 87.248.100.137	34010 (YAHOO-IRD) (YAHOO-IRD)
9	2600:1f18:1ac... 2600:1f18:1aca:4282:2d30:88da:dd2d:1d93	14618 (AMAZON-AES) (AMAZON-AES)
225	46

2 2606:4700:3036::ac43:a75c (United States)

ASN13335 (CLOUDFLARENET, US)

www.jiastar11.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700:3030::ac43:ccc3 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

www.babiesjh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:3033::6815:2275 (United States)

ASN13335 (CLOUDFLARENET, US)

store.babiesjh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
popup.babiesjh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
count.babiesjh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
twstat.babiesjh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com

ad.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.122.25.231 (Munich, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-25-231.deploy.static.akamaitechnologies.com

static.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.115.196.58 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-115-196-58.ap-northeast-1.compute.amazonaws.com

nt.compass-fit.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:3034::ac43:d9d7 (United States)

ASN13335 (CLOUDFLARENET, US)

static.rifusy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.38.54.12 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-38-54-12.ap-northeast-2.compute.amazonaws.com

api.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.scupio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:e0::ac40:6725 (United States)

ASN13335 (CLOUDFLARENET, US)

static.intentarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.28.16.172 (Central, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

count.xxxssk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:d64e (United States)

ASN13335 (CLOUDFLARENET, US)

health-am.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3100::1725:e270 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

dmp.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-39.fra56.r.cloudfront.net

l.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:e207:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

audiencedata.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:5f9d (United States)

ASN13335 (CLOUDFLARENET, US)

yaya0506.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.28.134.92 (None, )

ASN- ()

twtpstat.zhentoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:91b8 (United States)

ASN13335 (CLOUDFLARENET, US)

pic.logkb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.238.42.234 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-238-42-234.ap-northeast-1.compute.amazonaws.com

sync.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.226 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.171.85 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 63.35.89.158 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-89-158.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

js.akusehat.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.192.153.172 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-153-172.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:223f:3c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.248.100.137 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: o2.ycpi.vip.ir2.yahoo.com

ads.yap.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:1f18:1aca:4282:2d30:88da:dd2d:1d93 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
69	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com 5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com 9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160	419 KB
31	doubleclick.net 8 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 cm.g.doubleclick.net — Cisco Umbrella Rank: 254 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 346	600 KB
26	babiesjh.com 3 redirects www.babiesjh.com store.babiesjh.com popup.babiesjh.com count.babiesjh.com twstat.babiesjh.com	256 KB
19	adsafeprotected.com 2 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 951 static.adsafeprotected.com — Cisco Umbrella Rank: 624 dt.adsafeprotected.com — Cisco Umbrella Rank: 542	200 KB
16	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 325	685 KB
10	rifusy.com static.rifusy.com — Cisco Umbrella Rank: 483342	501 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 635	5 KB
6	google.com adservice.google.com — Cisco Umbrella Rank: 113 www.google.com — Cisco Umbrella Rank: 10	3 KB
6	intentarget.com static.intentarget.com — Cisco Umbrella Rank: 338936	11 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 257	4 KB
4	akusehat.info js.akusehat.info — Cisco Umbrella Rank: 405784	8 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 433	166 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63 region1.google-analytics.com — Cisco Umbrella Rank: 1623	21 KB
3	logly.co.jp l.logly.co.jp — Cisco Umbrella Rank: 61233 sync.logly.co.jp — Cisco Umbrella Rank: 68396	1 KB
3	im-apps.net dmp.im-apps.net — Cisco Umbrella Rank: 24528 audiencedata.im-apps.net — Cisco Umbrella Rank: 26833	4 KB
3	dable.io static.dable.io — Cisco Umbrella Rank: 22485 api.dable.io — Cisco Umbrella Rank: 19709	38 KB
2	yahoo.com ads.yap.yahoo.com — Cisco Umbrella Rank: 13923	892 B
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 538	42 KB
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1425	326 B
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 496	418 B
2	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 662	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	139 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 274	42 KB
2	jiastar11.com www.jiastar11.com	2 KB
1	logkb.com pic.logkb.com	45 KB
1	zhentoo.com twtpstat.zhentoo.com	582 B
1	yaya0506.com yaya0506.com	1 KB
1	health-am.com health-am.com	1 KB
1	xxxssk.com count.xxxssk.com — Cisco Umbrella Rank: 216136	565 B
1	scupio.net www.scupio.net — Cisco Umbrella Rank: 317705	2 KB
1	compass-fit.jp nt.compass-fit.jp — Cisco Umbrella Rank: 88578	17 KB
1	sitemaji.com ad.sitemaji.com — Cisco Umbrella Rank: 105036	12 KB
0	googletagservices.com Failed www.googletagservices.com Failed
225	33

	Domain	Requested by
41	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.babiesjh.com www.jiastar11.com pagead2.googlesyndication.com f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com googleads.g.doubleclick.net 9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com s0.2mdn.net 5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com
22	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.jiastar11.com www.babiesjh.com f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com s0.2mdn.net
17	www.babiesjh.com	3 redirects www.jiastar11.com www.babiesjh.com cdnjs.cloudflare.com
16	s0.2mdn.net	www.jiastar11.com s0.2mdn.net f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com
10	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net
10	static.rifusy.com	www.babiesjh.com
9	dt.adsafeprotected.com	9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com 5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com
9	securepubads.g.doubleclick.net	ad.sitemaji.com securepubads.g.doubleclick.net
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
6	static.adsafeprotected.com	fw.adsafeprotected.com 9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com 5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com
6	googleads4.g.doubleclick.net	www.jiastar11.com
6	googleads.g.doubleclick.net	www.jiastar11.com pagead2.googlesyndication.com f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com
6	static.intentarget.com	www.babiesjh.com static.intentarget.com health-am.com yaya0506.com
6	store.babiesjh.com	www.babiesjh.com
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	js.akusehat.info	static.intentarget.com js.akusehat.info
4	fw.adsafeprotected.com	2 redirects www.jiastar11.com
4	ajax.googleapis.com	api.dable.io static.intentarget.com s0.2mdn.net
3	www.google.com	tpc.googlesyndication.com
3	adservice.google.com	securepubads.g.doubleclick.net
2	ads.yap.yahoo.com	s.yimg.com
2	s.yimg.com	www.jiastar11.com
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	tags.bluekai.com	9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com 5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com
2	sync.logly.co.jp	nt.compass-fit.jp sync.logly.co.jp
2	9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.scupio.net www.googletagmanager.com
2	dmp.im-apps.net	nt.compass-fit.jp dmp.im-apps.net
2	api.dable.io	static.dable.io
2	cdnjs.cloudflare.com	www.babiesjh.com
2	www.jiastar11.com	www.jiastar11.com
1	pic.logkb.com	www.babiesjh.com
1	twtpstat.zhentoo.com	cdnjs.cloudflare.com
1	yaya0506.com	static.intentarget.com
1	region1.google-analytics.com	www.googletagmanager.com
1	audiencedata.im-apps.net	dmp.im-apps.net
1	l.logly.co.jp	nt.compass-fit.jp
1	health-am.com	static.intentarget.com
1	count.xxxssk.com	www.babiesjh.com
1	www.scupio.net	www.babiesjh.com
1	twstat.babiesjh.com	www.babiesjh.com
1	count.babiesjh.com	www.babiesjh.com
1	popup.babiesjh.com	www.babiesjh.com
1	nt.compass-fit.jp	www.babiesjh.com
1	static.dable.io	www.babiesjh.com
1	ad.sitemaji.com	www.babiesjh.com
0	www.googletagservices.com Failed	www.jiastar11.com f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com
225	51

This site contains no links.

Subject Issuer	Validity	Valid
www.jiastar11.com Cloudflare Inc ECC CA-3	`2023-02-11` - `2024-02-11`	a year	crt.sh
www.babiesjh.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-05`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
babiesjh.com GTS CA 1P5	`2023-06-19` - `2023-09-17`	3 months	crt.sh
feebee.com.tw R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
static.dable.io R3	`2023-05-02` - `2023-07-31`	3 months	crt.sh
*.compass-fit.jp GlobalSign RSA OV SSL CA 2018	`2023-04-11` - `2024-05-12`	a year	crt.sh
static.rifusy.com Cloudflare Inc ECC CA-3	`2022-08-25` - `2023-08-25`	a year	crt.sh
*.dable.io Sectigo ECC Domain Validation Secure Server CA	`2022-11-17` - `2023-11-17`	a year	crt.sh
scupio.net E1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
intentarget.com GTS CA 1P5	`2023-06-02` - `2023-08-31`	3 months	crt.sh
count.xxxssk.com TrustAsia RSA DV TLS CA G2	`2023-05-05` - `2024-05-04`	a year	crt.sh
health-am.com GTS CA 1P5	`2023-06-16` - `2023-09-14`	3 months	crt.sh
*.im-apps.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-13`	a year	crt.sh
*.logly.co.jp Amazon RSA 2048 M02	`2023-04-05` - `2024-05-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
audiencedata.im-apps.net GTS CA 1D4	`2023-06-08` - `2023-09-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
yaya0506.com GTS CA 1P5	`2023-06-16` - `2023-09-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
twtpstat.zhentoo.com TrustAsia RSA DV TLS CA G2	`2023-03-19` - `2024-03-18`	a year	crt.sh
logkb.com GTS CA 1P5	`2023-05-11` - `2023-08-09`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
akusehat.info E1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
teads.tv R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-03` - `2023-08-23`	2 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
*.pubgw.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-03` - `2023-08-23`	2 months	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh

This page contains 36 frames:

Primary Page: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Frame ID: F90D8365A959F06B1ECC147F307DF9F6
Requests: 53 HTTP requests in this frame

Frame: https://health-am.com/gmifr_lei.html
Frame ID: DE8308A2940C5AB1909B0271C34D8382
Requests: 7 HTTP requests in this frame

Frame: https://yaya0506.com/gmifr_lei.html
Frame ID: 54F5766E739577DF537156B471774FF2
Requests: 7 HTTP requests in this frame

Frame: https://api.dable.io/widgets/id/goP0dJoQ/users/00000000.0000000000000?from=https%3A%2F%2Fwww.babiesjh.com%2Fdoc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09&url=https%3A%2F%2Fwww.babiesjh.com%2Fdoc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09&ref=https%3A%2F%2Fwww.jiastar11.com%2F&cid=00000000.0000000000000&uid=00000000.0000000000000&site=sddmovie.com%2Fpal-mate&gdpr=1&service_id=10086&service_type=news&country=TW&client_id=2011&randomStr=8a82b9dc-7630-4944-a6ae-7f88bf4e22da&id=dablewidget_goP0dJoQ&category1=%E5%A8%9B%E6%A8%82%E6%98%8E%E6%98%9F&author=0&ad_params=%7B%7D&item_id=4830320&item_pub_date=2023-07-04&pixel_ratio=1&client_width=890&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1&is_lazyload=0
Frame ID: 8C68FD13FFBF0E0CAD46B611D2EA9703
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 6D675321BEDE7E05491681C9F47317F7
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 36E2170AE00920819355F0B5BA7C81DB
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 8C064D3D4E89A63B043C45070314C269
Requests: 7 HTTP requests in this frame

Frame: https://f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: B5E5A9C9809D20FAACDC35EF9E06CBD1
Requests: 1 HTTP requests in this frame

Frame: https://5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 7F66F0BBE3441665E140BAAF8D3F74F1
Requests: 1 HTTP requests in this frame

Frame: https://9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 9709A246EE929D08BC64545D124A7C3E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: ABE692B4382632B0F3C030147BD175B4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 17EE9E439F735A1C7BB04DDD9ABE4375
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 048B8D1DC0D905FA0DC737E9AF91E316
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F2EF868B1924B35060DF91680F7F1A5C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 96DB4164D69205DCEFC950D0FD6E9A61
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 52FDF5915AA5357EBE07442A924BB32C
Requests: 2 HTTP requests in this frame

Frame: https://sync.logly.co.jp/sync/sync.html
Frame ID: 89DD21ED1BCE9705D78250D7F46CD409
Requests: 2 HTTP requests in this frame

Frame: https://9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 5DF652900EAC170CAD6B490C4A1E7ED9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGLaEw-ABMAE&v=APEucNW18hI4-7I6YvG7HnAiMycwZUE8eOfSymqZSMgu0n23YCvMFDp94VBPC2JRTeJSv1ZFe8wr3q06rz-SMBYJRjV1Bmbzflo7DfDvSNOG978DBr_wvyo57GD9LPBn0vgXmSihOlvftT0aRIga2-l1S5u4cgyavSY9e6J6bpBb_QoLss70Vxo
Frame ID: DC6F001D9731C08077F84A91C019E575
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: AF55E705B3D760D74D69A83EE349230F
Requests: 24 HTTP requests in this frame

Frame: https://f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 9534FB08214A72FA7A38E9DD8200558E
Requests: 17 HTTP requests in this frame

Frame: https://5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 0C0BA80EF5BA48954DAEC67FBBA1EBD1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY3OT4xgEwAQ&v=APEucNW1_C8U3OJI-k8rhysGQskm5zwIet_otCVSOaovnWt9VgBFV3b9zNOnRzx_xDrm5S6RrUyGOt0caNj0NZNECFMzPSnU2UFf2WR1cXt5CJiNOAjvArYnlHkozEhK9xuZ_U419_0JoNtllNd15IscY_s2OOQP4OKmi2q5L4JnHJKIAknqAHw
Frame ID: 9DB300DF1D3CF9E4FA59BC7C51438CA3
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGLaEw-ABMAE&v=APEucNXpXgYIAYwAzqUeEKG25Z2YQ6SCGBZ7qXuPnF4zqWczZ0K0bm6R8WR6qPuf2iFvaEO1lcf1CZtssCIASvd5PfmjxRdSIVFQeDb-PnZWe_szqY1-z90zgWt6cxVVCNR63Si3DMplTEIkeUnQnJXVykqUGecfcXB44lLoqEvech3VfnW1Dqs
Frame ID: F2EEEDD2317A5E265BF1A97135C10100
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 75E5A570FC7D68B0906406001CD64EBD
Requests: 25 HTTP requests in this frame

Frame: https://js.akusehat.info/track/js/gemini_2getherclick_ifr.js?size=336280&cssHost=//js.akusehat.info/track/css/&cssUrl=//js.akusehat.info/track/css/336280_4.css&aid=0&apiKey=VSG456M5Q7NDTBYP8WCB&sectionCode=edf3c975-487e-4e93-bb98-6aefc2499b88
Frame ID: 6567E8E0924FBA6374A39A277C322F6E
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C1A208E5AA5B7F5FCB2A8BE2F234F6A7
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4271265271591442913/MediumRectangle_AllgAwareness_300_250/index.html?ev=01_250
Frame ID: 11A056278CA65EAB489D23BDD597ADBE
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14408604554560116435/index.html?e=69&leftOffset=0&topOffset=0&c=kLFlwtZkJE&t=1&renderingType=2&ev=01_250
Frame ID: 96F18DB90F575B4A6E402123CD2EC416
Requests: 12 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: F3B6451B97339306B9E1D9EB0066AECD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F432E21E9C1BB8AD6D070FC41E54A0DD
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 393BA2A7E5F84090C7EC8F9D9625C2D8
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16400272318598704360/MediumRectangle_VerticalGastroHotel_300_250/index.html?ev=01_250
Frame ID: 7D1128378E6E03A5EC8B288626B453A3
Requests: 2 HTTP requests in this frame

Frame: https://js.akusehat.info/track/js/gemini_2getherclick_ifr.js?size=336280&cssHost=//js.akusehat.info/track/css/&cssUrl=//js.akusehat.info/track/css/336280_4.css&aid=0&apiKey=23J6S4YK6MVCTD7HCBM8&sectionCode=d0f1f448-4828-4ed1-934d-614e40ebf651
Frame ID: 667D17965453621B9CAC6233BD348170
Requests: 4 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 2226B79B894A6374A69851CC25AFF6DB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js
Frame ID: 9737A011B948C058A447CA2C41022E8D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

劉亦菲徹底放開了？僅一塊「三角布」出席，顛覆以往玉女形象，網友：太性感了

Page URL History Show full URLs

https://www.jiastar11.com/d/oxal0f?fbclid=IwAR16jk1amm3uglaJHjv4sL6NdQKtRe8MVlBxo25ll2uZPzkVPAfzpTYGVUQ Page URL
https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09 Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

225
Requests

91 %
HTTPS

62 %
IPv6

33
Domains

51
Subdomains

46
IPs

8
Countries

3225 kB
Transfer

6929 kB
Size

24
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.jiastar11.com/d/oxal0f?fbclid=IwAR16jk1amm3uglaJHjv4sL6NdQKtRe8MVlBxo25ll2uZPzkVPAfzpTYGVUQ Page URL
https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://www.babiesjh.com/xstat/pop/4830320/1 HTTP 302
https://popup.babiesjh.com/js/ad?lang=zh&aid=4830320&host=www.babiesjh.com&type=1&count=0

Request Chain 31

https://www.babiesjh.com/xstat/index/2673 HTTP 302
https://count.babiesjh.com/?2673

Request Chain 33

https://www.babiesjh.com/xstat/moneystat HTTP 302
https://twstat.babiesjh.com/stat

Request Chain 107

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPdEaHV-Gm-l3pWfTXVlFnU&google_cver=1

Request Chain 108

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZKe5.-Mn9lOEHmA8ebaBIQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPdEaHV-Gm-l3pWfTXVlFnU&google_cver=1&google_hm=2

Request Chain 109

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOpTq28PjCllPT7pPYNTu0Y&google_cver=1

Request Chain 110

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE2NzQ3MDkyMDc2NTE2NDM0OA%3D%3D

Request Chain 142

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPdEaHV-Gm-l3pWfTXVlFnU&google_cver=1

Request Chain 143

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZKe5.-Mn9lOEHmA8ebaBIQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPdEaHV-Gm-l3pWfTXVlFnU&google_cver=1&google_hm=2

Request Chain 144

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOpTq28PjCllPT7pPYNTu0Y&google_cver=1

Request Chain 145

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE2NzQ3MDkyMDc2NTE2NDM0OA%3D%3D

Request Chain 150

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEB528_bAW6QJCHppWlHxn4c&google_cver=1

Request Chain 152

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEE0NoJggD3ZLFHRutfUYifI&google_cver=1

Request Chain 183

https://fw.adsafeprotected.com/rfw/st/1350098/69352127/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1013337800&ias_pubId=pub-8798765870329885&ias_chanId=1&ias_placementId=20333851613&bidurl=https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gqcHfLVfjNJbItbUaf7lLS&adsafe_url=https%3A%2F%2Fwww.babiesjh.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.babiesjh.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2F9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=bed&adsafe_jsinfo=,id:ad2a4dd1-fe8e-f230-edff-ee681f7fb922,c:hFadJR,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6b6dfd5f7-wvbfq,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:119,mot:0,app:0,maw:0,fm:tJj0GH7+111%7C12%7C13%7C141%7C142%7C1431%7C1432%7C151%7C152%7C15311%7C161%7C162%7C1631*.1350098-69352127%7C16311%7C163121%7C16313%7C17,idMap:1631*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:135,oid:1bdae8c2-1c95-11ee-bc43-dae2f59971af,v:19.8.425,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}

Request Chain 203

https://fw.adsafeprotected.com/rfw/st/1350098/69352127/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1013337800&ias_pubId=pub-8798765870329885&ias_chanId=1&ias_placementId=20333851613&bidurl=https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gSwuJbTNLFtrEj9Wq1MUUv&adsafe_url=https%3A%2F%2Fwww.babiesjh.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.babiesjh.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2F5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=bed&adsafe_jsinfo=,id:9ca935c2-b8b2-09a7-2d08-c17aca844532,c:hFadMq,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6b6dfd5f7-cltbn,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:103,mot:0,app:0,maw:0,fm:tJj0GK1+111%7C121%7C13%7C141%7C1421%7C1422%7C1423%7C151%7C152%7C1531*.1350098-69352127%7C15311%7C15312%7C15313%7C161%7C162%7C16311%7C16312%7C16313%7C16314%7C17,idMap:1531*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:114,oid:1bf48aeb-1c95-11ee-b883-5ae611245538,v:19.8.425,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}

225 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 oxal0f Show response
www.jiastar11.com/d/ 1 KB
1 KB 724ms
444ms Document
text/html 2606:4700:3036::ac43:a75c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jiastar11.com/d/oxal0f?fbclid=IwAR16jk1amm3uglaJHjv4sL6NdQKtRe8MVlBxo25ll2uZPzkVPAfzpTYGVUQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3ed601de85eb9a34a7063ae949e45949915754e0c14dfb337d422e602affb13b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=28800
cf-cache-status: DYNAMIC
cf-ray: 7e2e41f09de437ca-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 07 Jul 2023 07:08:40 GMT
expires: Fri, 07 Jul 2023 15:08:40 GMT
last-modified: Fri, 07 Jul 2023 07:08:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wu13wvVyI7KmkIcn3mP4E9IBH8j%2Bn%2Bjn1LuKvGL1WrqYztsfIr2KdeyH%2FItq7oPV%2Bwn%2Bw%2BDOtd4wSDap9Hu8YcJJWtri0fpiUUdE0nyE2o0KOjfW1p5s%2FjCYLVADHKpf%2Fztv4wWKsw4l09rAPCJhZw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET
H2 200 redirect.js Show response
www.jiastar11.com/Content/js/ 128 B
499 B 219ms
218ms Script
application/javascript 2606:4700:3036::ac43:a75c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jiastar11.com/Content/js/redirect.js
Requested by: Host: www.jiastar11.com
URL: https://www.jiastar11.com/d/oxal0f?fbclid=IwAR16jk1amm3uglaJHjv4sL6NdQKtRe8MVlBxo25ll2uZPzkVPAfzpTYGVUQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b8362bf9d3ffe89b915643ae086a9f0e652e7c411e6717f4d751b4cfa81c3b0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jiastar11.com/d/oxal0f?fbclid=IwAR16jk1amm3uglaJHjv4sL6NdQKtRe8MVlBxo25ll2uZPzkVPAfzpTYGVUQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:41 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 28 Apr 2023 03:54:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4b22b168579d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jmRgD%2FIHvwmeQooNSvb8%2F%2BwBrMVWPOAa9d3fUk18ndB1rRm5DWbZS%2FHFzYt5fSXARaW0ZMuJNnZ5DLFemw0z1Ynkw%2BwvjMb4RSkTCVpvlWAiyk7jecEznzYzPfnHmAj6Ep%2BEd7Dcd1Htka48h8dkfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=28800
cf-ray: 7e2e41f359d037ca-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 07 Jul 2023 15:08:41 GMT

GET
H2 200 Primary Request doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09 Show response
www.babiesjh.com/ 40 KB
10 KB 497ms
432ms Document
text/html 2606:4700:3030::ac43:ccc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Requested by: Host: www.jiastar11.com
URL: https://www.jiastar11.com/Content/js/redirect.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:ccc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: db33d1de8b67ce35297935c9be95aee450afdb3edf20d5768773e947577bc918

Request headers

Referer: https://www.jiastar11.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7e2e41f56bcb35fa-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 07 Jul 2023 07:08:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n0bWHfXweeNuzJ8reqb8xP%2FnP7pTuf%2FGFaO5T6C3f3Uc5WFz7o4Wt8z8vFYZBa%2FXELGtWvALqS0n5LLvVFkt4DYjx1XEgeq9c8tB5JI6vpOppHHJte1yrSIy9gAH7d1IQg1EeO3QZZ14ZKdPtW5g"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET
H2 200 font.css
www.babiesjh.com/Content/global/default/font/ 3 KB
1005 B 17ms
13ms Stylesheet
text/css 2606:4700:3030::ac43:ccc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.babiesjh.com/Content/global/default/font/font.css
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:ccc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1a57db2d20d256da701a75ba8d9ab28c27e9b98a25bd39f7f683efde70e2328b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21664
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 12 May 2023 03:55:26 GMT
server: cloudflare
etag: W/"0cba0958584d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EXwn9UMlc78XGzXH53dkCrQHkZ%2BZyOVYvYTD8%2Bjp6J9bNSkkhWdZQSIsY9Jfe%2B4b7mlQDPHIonzPieKHGMOBGjGWKcz6X%2BvRA4spQBdyN0qNIBP2hZQHgtJG%2FEknJvBENP5NaxvwuF4Ya7ptGkPj"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=28800
cf-ray: 7e2e41f83eff35fa-FRA
expires: Fri, 07 Jul 2023 09:07:37 GMT

GET
H2 200 css2.css
www.babiesjh.com/Content/global/default/ 27 KB
5 KB 23ms
20ms Stylesheet
text/css 2606:4700:3030::ac43:ccc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.babiesjh.com/Content/global/default/css2.css?v=29
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:ccc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a8cba822b9b0aa7010f007e77604100a5e7b0590a37defdecf92e776f24ea0e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21558
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 07 Apr 2023 09:18:45 GMT
server: cloudflare
etag: W/"808e0f33169d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G9KRHolSKfy0bplujPe%2FEZpZBuvNaEHT3Hm72Tj%2FObUXxos%2Fy9X5olHY1HBMKpY5vCmrmeiGB0ivET%2FuxP%2Fr2g7KrYHo1KgzlGenhnUO73SpsikQgrc%2FLbMm74CIsYW61LzVOEBw0WQa8z720Ui0"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=28800
cf-ray: 7e2e41f83f0035fa-FRA
expires: Fri, 07 Jul 2023 09:09:23 GMT

GET
H2 200 globaldefault.css
www.babiesjh.com/Content/css/ 362 B
528 B 17ms
14ms Stylesheet
text/css 2606:4700:3030::ac43:ccc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.babiesjh.com/Content/css/globaldefault.css
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:ccc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b5921a88d975cd06e472d39db8123d6cdf35edb9a96a6f72c124f0478d78273c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21546
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 13 Apr 2023 08:54:19 GMT
server: cloudflare
etag: W/"6256af88e56dd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g9wfXnKLeDy4Kb3Rx7INyJ%2BHZrw8MdQfo4KHV5MCU8uANjy94hEiTxPFRG33MlKgl8W9p5NknfnOoUeKFqmAYXaJuWouEmcTJAETwyiQDzK58j5Y9xEoDsPTiI02tRSpFgR%2BToYS4ox2raIIWl3w"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=28800
cf-ray: 7e2e41f83f0135fa-FRA
expires: Fri, 07 Jul 2023 09:09:35 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ 86 KB
28 KB 42ms
12ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.babiesjh.com/
Origin: https://www.babiesjh.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5136484
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27748
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-15851"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ckBZVkA%2FxEPF0w7QeoC4d0qiGyafn9KVtEL74wES7H%2FduERKfk6P0YTcQD8LnZ6aUd114k45FBkRasB5VNha3euTCS2F3BPZZCXItE595DY7DxHKuk6t55vBjUwy8rXMgtICssknNDRb9CvJIDZk0sOJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7e2e41f85e2d6934-FRA
expires: Wed, 26 Jun 2024 07:08:41 GMT

GET
H2 200 contents.css
www.babiesjh.com/Content/css/ 7 KB
2 KB 18ms
16ms Stylesheet
text/css 2606:4700:3030::ac43:ccc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.babiesjh.com/Content/css/contents.css
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:ccc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b1ede5f6c20a18e0e28467f98d21dc394f6dce158cdf898610ca109867eba989

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21489
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 22 Mar 2023 12:07:29 GMT
server: cloudflare
etag: W/"80d6a3dfb65cd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jn%2B98XutZA2imMVjlNd21mKMFfskyhAWW3opQEQt53c61cgPV9ggr0bI7%2FcYKj3iVw%2Bn3%2FxVmIqfoDZAydj9aQNHJt68NC4HPrx09C%2FRqiYRRPmqfl1Ov2IGLRlAti83agNk%2FPYK5585DaCUebyb"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=28800
cf-ray: 7e2e41f83f0335fa-FRA
expires: Fri, 07 Jul 2023 09:10:32 GMT

GET
H2 200 openart.js Show response
www.babiesjh.com/Content/js/ 86 B
449 B 20ms
18ms Script
application/javascript 2606:4700:3030::ac43:ccc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.babiesjh.com/Content/js/openart.js
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:ccc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bfc29c17292ecabcf6ac3123497ef8e0684c078f1b2a58cdd65da41fc29b28fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23900
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 22 Mar 2023 12:52:20 GMT
server: cloudflare
etag: W/"d27cbb23bd5cd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uxiTs8%2B0YzEO6VifD6JFALFd3r%2BrOdP62U9nARhlKm%2FAwD50c5pG0oCOEYBHOSduLw0WxLwfrdwRG0%2FX9zE8oKNZIQNqBkLZxOhFrNPjSRwBDr8HCyFlZL73JZBbc0qa3%2BamWhXupq0bv%2FlYPTvE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=28800
cf-ray: 7e2e41f83f0435fa-FRA
expires: Fri, 07 Jul 2023 08:30:21 GMT

GET
H2 200 119BE0C8D451.svg
store.babiesjh.com/logo/2023-02-24/ 18 KB
5 KB 61ms
20ms Image
image/svg+xml 2606:4700:3033::6815:2275
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.babiesjh.com/logo/2023-02-24/119BE0C8D451.svg
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:2275 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e18047dd3d47f6dd8e97fd994bca884945f749c936147825e60e70241a8c4b5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 423136
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 24 Feb 2023 07:58:00 GMT
server: cloudflare
etag: W/"31172bb72548d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sS%2FZndTCxs7Xxt8xcqFck7OPm1BwjGg1GG9vGZU4xd%2BDfDWe9H0%2BeankpS6WzwJDT0yWVDPDcbS2wwmU1EyfYUssUdXgFAFkBBH9GLwpShtkfZ40tC8wxwUzD140OusJXAoJZJBOqXy7cRt5h5st4Y4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7e2e41f8bc011c3e-FRA
expires: Sun, 09 Jul 2023 09:36:25 GMT

GET
H2 200 ysm_docilepuppy.js Show response
ad.sitemaji.com/ 39 KB
12 KB 37ms
8ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_docilepuppy.js
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 5b2d07f444380914a71b578ca63ac48f88bacbd0af29333166862fad6a62f255

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:31:46 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 05 Jun 2023 08:20:45 GMT
server: nginx/1.12.1 (Ubuntu)
age: 27415
etag: W/"647d9add-9aee"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12131
expires: Fri, 07 Jul 2023 23:31:46 GMT

GET
H2 200 DD46FE884B30w717h414.jpeg
store.babiesjh.com/uploads/20210601/DD/ 40 KB
40 KB 68ms
40ms Image
image/jpeg 2606:4700:3033::6815:2275
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.babiesjh.com/uploads/20210601/DD/DD46FE884B30w717h414.jpeg
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:2275 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0ac8e488353ad6b93011388d8b46d58ddb80c05d70f747f5352712602aad1187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:41 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Jun 2021 01:17:33 GMT
server: cloudflare
etag: W/"a75585e68356d71:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uM1EpY4Dfd2YB75OFoj90GVXlsABn10bUVhc2kTn1fA0LDxS7uWeNKMbReoeB2tnISDxcgwNxP%2FniIu%2FemeETfqIeVZ7Y4ZV8bVA3ly2AvSVN046PdLLSQHow%2Bkc3u%2BaKJ2KTTVyZg7aHxAbDwjb3Kg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7e2e41f8bc031c3e-FRA
expires: Fri, 14 Jul 2023 07:08:41 GMT

GET
H2 200 CC98F15DF792w712h554.jpeg
store.babiesjh.com/uploads/20210601/CC/ 24 KB
24 KB 77ms
49ms Image
image/jpeg 2606:4700:3033::6815:2275
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.babiesjh.com/uploads/20210601/CC/CC98F15DF792w712h554.jpeg
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:2275 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 71ebdaf6142d01d2c5a1398783ef56f76f6962b73223344d4b24f7cc341d4914

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:41 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Jun 2021 01:17:34 GMT
server: cloudflare
etag: W/"417c8e68356d71:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R3Doc7WH6xyjfXqwt%2FgV%2FkQnBgapiAvc5KHFECEeNihV%2BvYc5Wdojj2JsxpEqsJhS5XVxwi89EaM8s6qZRk60kOLj1D%2FQerJualk6hfsoQieY%2FmArZTRBkIeH9lPT2ezEf%2FZb3hfCfAs0a87QR7RABw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7e2e41f8bc041c3e-FRA
expires: Fri, 14 Jul 2023 07:08:41 GMT

GET
H2 200 C66D91761D6Fw670h890.jpeg
store.babiesjh.com/uploads/20210601/C6/ 44 KB
44 KB 83ms
56ms Image
image/jpeg 2606:4700:3033::6815:2275
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.babiesjh.com/uploads/20210601/C6/C66D91761D6Fw670h890.jpeg
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:2275 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ec5bd3cd257e9fa2482b79462c6cb48266dbf1a3d80c4d123187e7a89d57e6e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:41 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Jun 2021 01:17:34 GMT
server: cloudflare
etag: W/"424b5e68356d71:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hPsbGf%2Fi2xMoEpMoppWVGT7cXU%2Bq08FgNT4y8VaS0EbCffFkQJ53ahRK0wvdD2t6gC58%2F1%2FmP2B3qkIBkGiG46l3qdBkLl2VkMpxCBeDM1z9PdIFNJlKjYNrzIR2mtX4PwM8%2FIeC8G7ftPT8QjWDs%2BE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7e2e41f8bc061c3e-FRA
expires: Fri, 14 Jul 2023 07:08:41 GMT

GET
H2 200 B4B2E75A925Fw896h1297.jpeg
store.babiesjh.com/uploads/20210601/B4/ 69 KB
69 KB 70ms
43ms Image
image/jpeg 2606:4700:3033::6815:2275
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.babiesjh.com/uploads/20210601/B4/B4B2E75A925Fw896h1297.jpeg
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:2275 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d7b54783306384fbc89a7a0beb39ba78ef5eea3d71bd5bbce802ad9d59c6a240

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:41 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Jun 2021 01:17:32 GMT
server: cloudflare
etag: W/"1671bfe58356d71:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8bZoOhARBKjitVCFrtI%2Fb2YK1T4BnHRnVCmtkgGrrPoSntsge9iS%2B7c0jfvXFVGkMdzXo0A5bSkmz8u%2FvmY67qVI9t7WjLbwC1oHD2wp10UWSFzWVJPLjfglnBie%2B%2FkMVm8KLwLzRGv4Er5c6Cq6Gjc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7e2e41f8bc071c3e-FRA
expires: Fri, 14 Jul 2023 07:08:41 GMT

GET
H2 200 079C5942BF74w689h526.jpeg
store.babiesjh.com/uploads/20210601/07/ 36 KB
37 KB 75ms
48ms Image
image/jpeg 2606:4700:3033::6815:2275
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.babiesjh.com/uploads/20210601/07/079C5942BF74w689h526.jpeg
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:2275 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: dd0201e74a6d8f390f249e33c52e77106cc98dc4cfe7ebfef8cc090848795e66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:41 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Jun 2021 01:17:33 GMT
server: cloudflare
etag: W/"d5a636e68356d71:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o8fiOfQfAUwe0G%2FMWsGQmQr978VegJzoAaM1vOPmjJtY7fTa8T9TmqyD9H5OGjThoxdHPRfjDbRJ9tdGmHdx7XygDqtjcxb8DFzvMXXjpG6R6dyEibMYfSkvDI16PZvD7ooXDpLM3PKSaNhsvPnR4TU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7e2e41f8bc081c3e-FRA
expires: Fri, 14 Jul 2023 07:08:41 GMT

GET
H3 200 innerAD.js Show response
www.babiesjh.com/Content/js/ 11 KB
3 KB 405ms
405ms Script
application/javascript 2606:4700:3030::ac43:ccc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.babiesjh.com/Content/js/innerAD.js?v=1688713721691
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:ccc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f1dae407d996ce9f8b25d5fbd18932e8a9282af677882efa24646e4bb715c502

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 13 Apr 2023 08:48:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"0bedfc0e46dd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CdR3vY6fc3qokRm7oUuoJmhNJhSZ9Cncrv8OCGpjt4msYag6wRjsJGZ5YzSzFHqdHkE%2FjDlujCquTMXQcnU4OAWVA2QRHOuyLB9yjHRIa0DaVdPXOeIWpdToHbkyZukdjnPR%2B2gxCN%2B4gNeMJoup"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=28800
cf-ray: 7e2e41f88922373e-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 07 Jul 2023 15:08:42 GMT

GET
H3 200 gmifr_lei.html Show response
www.babiesjh.com/ Frame DE83 1 KB
1 KB 403ms
402ms Document
text/html 2606:4700:3030::ac43:ccc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.babiesjh.com/gmifr_lei.html
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:ccc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c950bdb3171907dd6adc02a07023992f892095f78f251750ebbb01ff386282ac

Request headers

Referer: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7e2e41f89926373e-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 07 Jul 2023 07:08:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4m7U5m2iekMwhTPlw0qVi63Zffm9bNcD23V3SUSjq9iJhMEJzxS65p7zb0vi%2FKrK18CzEOLJmCU02qz1%2FguCaFbK80j%2FhCRgAR9%2F50KSK99XdP5ihTmGLDWwbi8GJbV29eSvMSM09OmWGSZmaw9i"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET
H2 200 plugin.min.js Show response
static.dable.io/dist/ 102 KB
37 KB 76ms
13ms Script
application/javascript 92.122.25.231
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/plugin.min.js
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.122.25.231 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-25-231.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 6e678a5ff4ee5eb876d00267dd70b450d0d6b53e0fb44818804136c24c425c01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: DX4oMHqPZockzB2.NXoqeUB3JdlpvwEZ
content-encoding: gzip
date: Fri, 07 Jul 2023 07:08:41 GMT
last-modified: Thu, 06 Jul 2023 03:06:20 GMT
server: nginx/1.20.0
x-amz-request-id: SAZVFXQVZD3FXE5Y
etag: "3a3d9a3af04289d232cc5673cbf0c16c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=63244
accept-ranges: bytes
content-length: 37337
x-amz-id-2: P90AbP+w3f6KWpIWOlU/t2H2V8KkRdyJSkqsCuWS1fxVntKEb5vzby8uAg1X3kyZjCtdy5eXyLM=

GET
H2 200 lift_widget.js Show response
nt.compass-fit.jp/ 78 KB
17 KB 981ms
464ms Script
text/javascript 3.115.196.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4300666
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.115.196.58 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-115-196-58.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7c100a5dc753c4ddc44f40728ff8b81e57fe8c32b61ba88a2d94497b75ee1a5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:42 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
content-type: text/javascript
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate

GET
H2

200

ad Show response
popup.babiesjh.com/js/
Redirect Chain

https://www.babiesjh.com/xstat/pop/4830320/1
https://popup.babiesjh.com/js/ad?lang=zh&aid=4830320&host=www.babiesjh.com&type=1&count=0

0
344 B

443ms
412ms

Script
text/plain

2606:4700:3033::6815:2275
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://popup.babiesjh.com/js/ad?lang=zh&aid=4830320&host=www.babiesjh.com&type=1&count=0
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Protocol: H2
Server: 2606:4700:3033::6815:2275 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:42 GMT
x-aspnetmvc-version: 5.2
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZXRUBbQYk%2BzL5yZezF6cc7%2BUOFCtdJqA2pHDwQnWAsKG6mJA1xcx32mE7iimHmCmlgBQb1hD98cUT7GMRMyNZb4AOSZBHDKmoLhTSu1E1KSbBBm%2FYbXkYthayDDLVu5GwhOiHEvMl7GMV4iBge0ZcEY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private
cf-ray: 7e2e41faee901c3e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

Redirect headers

date: Fri, 07 Jul 2023 07:08:42 GMT
x-aspnetmvc-version: 5.2
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=85xNIwvlHDYcoRMclrilps5rOvTEJ5UmsRLwE7EiJvGyq8S4ZZAG5LVX7%2BYpb%2BR9gPMGEYS%2B7dr4UmkPJyqF4FUvue2voCW3hoe9Q%2BgVZDI6kxjM9X%2FdatADLNXyl7H%2FRBKNmbmjH6ppeWM%2BsO%2BT"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://popup.babiesjh.com/js/ad?lang=zh&aid=4830320&host=www.babiesjh.com&type=1&count=0
cache-control: private
cf-ray: 7e2e41f95a00373e-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 A442C5778691w1000h525.jpeg
static.rifusy.com/picture/20230301/44/ 39 KB
39 KB 49ms
19ms Image
image/jpeg 2606:4700:3034::ac43:d9d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.rifusy.com/picture/20230301/44/A442C5778691w1000h525.jpeg
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 50d7a16a23b4043d2eda3df0d29a35a74411076174e6b5c0df75bae6832ff92f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8194
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 39517
cf-bgj: h2pri
last-modified: Wed, 01 Mar 2023 03:34:31 GMT
server: cloudflare
etag: "94881fbcee4bd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IprilH5Si4Kk4pb%2BZkAlUaKnjQU498SzLFBcdm6kjSe5ou7nyslRVnixhmEKfZNo%2FO4dfyuELohIOUh1Op%2FtFD7gNoEkNrhgtUAblmoWfR1OWbRtH5yii7lgWq%2FMLJOJT1fVtucLMkFKPjB2FrU%2BUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=28800
accept-ranges: bytes
cf-ray: 7e2e41f98b67194b-FRA
expires: Fri, 07 Jul 2023 12:52:07 GMT

GET
H3 200 pic.svg
www.babiesjh.com/Content/images/ 949 B
1001 B 14ms
13ms Image
image/svg+xml 2606:4700:3030::ac43:ccc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.babiesjh.com/Content/images/pic.svg
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:ccc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bc8ff5fc4b2d224607e923e1731b32c687d5f9e1f43b0368d57a1713ebc92805

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21485
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 22 Mar 2023 12:52:23 GMT
server: cloudflare
etag: W/"6a9cd125bd5cd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lGx6YRbQkYF407dQM9ezKGM5CfYYRsVUXoW4wzHrbFjs3vkmJoGEKCHgDituBcDhPng1B95jZTq3uHkfjAQQTJRNwCcdRnni%2F2yxhCcc%2Bif7R%2F7JqYdGQEG0nAbCKdii%2BSCuDaNP%2Fp9j2PVvOwTi"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=28800
cf-ray: 7e2e41f95a02373e-FRA
expires: Fri, 07 Jul 2023 09:10:36 GMT

GET
H2 200 2CE2DC22C877w1000h525.jpeg
static.rifusy.com/picture/20230301/CE/ 44 KB
44 KB 43ms
13ms Image
image/jpeg 2606:4700:3034::ac43:d9d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.rifusy.com/picture/20230301/CE/2CE2DC22C877w1000h525.jpeg
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ee966eeb12de776fd944e061de1be8eb1922b118c2c1907b4bcd813c5f289ad8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21564
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 44715
cf-bgj: h2pri
last-modified: Wed, 01 Mar 2023 03:36:20 GMT
server: cloudflare
etag: "7d985efdee4bd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yBfb2ueRzdKK6kMmgGdIlgZ7q8HQaJNNXby9trnnLj%2FL1NOdcThrXdZPqTzWB3Q6Dm9r3JeztCMsWTsJlXzlVXWO%2F3jhWKnjqLRICf8VtAD2CUgXhaeim6nZTMgg0IlXyZ573bsE801xgtN%2BU4VoNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=28800
accept-ranges: bytes
cf-ray: 7e2e41f98b68194b-FRA
expires: Fri, 07 Jul 2023 09:09:17 GMT

GET
H2 200 EDC80A448E64w1000h525.jpeg
static.rifusy.com/picture/20230222/DC/ 60 KB
60 KB 49ms
20ms Image
image/jpeg 2606:4700:3034::ac43:d9d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.rifusy.com/picture/20230222/DC/EDC80A448E64w1000h525.jpeg
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 894d168f5801f5e9b2a17ca08323f46133ee320b4b5137599b845e94de4da315

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21542
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 61161
cf-bgj: h2pri
last-modified: Wed, 22 Feb 2023 03:49:09 GMT
server: cloudflare
etag: "817c49e7046d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ghiTKxnO0%2BdbHH46e5JoYARIWer%2Fc%2F2XuIVUnW01uO1%2FyIsSzcHCnrx5Ecnu4NHxddKQp4eFKBZewCMZrSGU0tdAMLEFuWhcXfH%2BDkOZnDUgNK%2FkWgCpSXjZkVQJWPFOto7%2FLHFgNrWHNwzb18jXKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=28800
accept-ranges: bytes
cf-ray: 7e2e41f98b6a194b-FRA
expires: Fri, 07 Jul 2023 09:09:39 GMT

GET
H2 200 A5A2A806B60Fw1000h525.jpeg
static.rifusy.com/picture/20230301/5A/ 45 KB
46 KB 49ms
20ms Image
image/jpeg 2606:4700:3034::ac43:d9d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.rifusy.com/picture/20230301/5A/A5A2A806B60Fw1000h525.jpeg
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d8057577d026ce7e164c1b0e2df3b29b0da2e10eff5c205b2e9dd1c4a3fd9c1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21484
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 46465
cf-bgj: h2pri
last-modified: Wed, 01 Mar 2023 03:38:54 GMT
server: cloudflare
etag: "6e6ab658ef4bd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3rBuBRyngijBmINChjHacBmmd5H3XSCLvVlv%2BEtCVXt0Ofx8YMmJmkFkAN8QJPzJxGMVjYkNFfGdOx22PgiYhBNCsrQSREL%2F0eKPWVw%2FJmSIpu5saK%2Bl1P9%2FkoViQy3u3D5jFGd5mUBtcPeb9dFj9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=28800
accept-ranges: bytes
cf-ray: 7e2e41f98b6c194b-FRA
expires: Fri, 07 Jul 2023 09:10:37 GMT

GET
H2 200 DF49CF56B00Fw1000h525.jpeg
static.rifusy.com/picture/20230222/F4/ 80 KB
81 KB 53ms
24ms Image
image/jpeg 2606:4700:3034::ac43:d9d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.rifusy.com/picture/20230222/F4/DF49CF56B00Fw1000h525.jpeg
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e29b33da8a331a123568508fbc72399ef6373f95fdd431244258bdb35e993efb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21565
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 82074
last-modified: Wed, 22 Feb 2023 03:51:34 GMT
server: cloudflare
etag: "9b97cf57046d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bj%2BY8WJduFbsbpcXbiaJINVHMV7sW0Kl8RsjcW0WHCzU12PAPsj8McptYbBlRZTt0QXQAsc0ocJ%2BKrkbLp%2BgdYlLP0U6BKf6Qd7Z1dLyZwKeBG65JkU7Vl%2B%2FmSR3EkuRpm5c19zXysSX7tatE4%2F1vg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=28800
accept-ranges: bytes
cf-ray: 7e2e41f98b6d194b-FRA
expires: Fri, 07 Jul 2023 09:09:16 GMT

GET
H2 200 AAFB54978EFCw1000h525.jpeg
static.rifusy.com/picture/20230301/AF/ 42 KB
42 KB 48ms
19ms Image
image/jpeg 2606:4700:3034::ac43:d9d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.rifusy.com/picture/20230301/AF/AAFB54978EFCw1000h525.jpeg
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2b9762ec4c79880a8ee79ba7b32037fa67f4f4afa4540852b70ea98295464764

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13727
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 42547
cf-bgj: h2pri
last-modified: Wed, 01 Mar 2023 03:42:26 GMT
server: cloudflare
etag: "c92bfcd6ef4bd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yisnbu0YKAgDrfEcYRtiP93hxW9mfzPk%2F%2FD%2FXZx5x5U%2FxWiFKce1Gyj9Ff0%2FrysUOeaMDo8PgYfF4U%2BgSOIgAPE4rC6eewq9jEt8knz8%2FpjD3K%2FSEQ93DsJbvkbvXhsDf89Dn2Jv1bK2NKszP%2BmMog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=28800
accept-ranges: bytes
cf-ray: 7e2e41f98b6f194b-FRA
expires: Fri, 07 Jul 2023 11:19:54 GMT

GET
H2 200 C059BB8C2F1Bw1000h525.jpeg
static.rifusy.com/picture/20230224/05/ 35 KB
36 KB 16ms
15ms Image
image/jpeg 2606:4700:3034::ac43:d9d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.rifusy.com/picture/20230224/05/C059BB8C2F1Bw1000h525.jpeg
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 323fb2eeb46fd2a0235f1406fff8ab5979f78717a4957cd507496242e9942a18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21520
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 36242
cf-bgj: h2pri
last-modified: Fri, 24 Feb 2023 07:26:13 GMT
server: cloudflare
etag: "9a5118462148d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7uRThyZfks7HOdmkTFuCiAmtzR%2BS%2BzP0HCXMvEBrYiyAPjW5Vid52d7F9vmOAvE8OjFGThrDuStthX37lsX9LGTdRUSoOYzmERTDk5pCvuMh%2B8jXj1FRDqUJT%2FJRtf1jsjSPyupZLuz3ghKqhKPHTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=28800
accept-ranges: bytes
cf-ray: 7e2e41f99b74194b-FRA
expires: Fri, 07 Jul 2023 09:10:01 GMT

GET
H2 200 8D5FBFCCD6B9w1000h525.jpeg
static.rifusy.com/picture/20230224/D5/ 39 KB
39 KB 21ms
20ms Image
image/jpeg 2606:4700:3034::ac43:d9d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.rifusy.com/picture/20230224/D5/8D5FBFCCD6B9w1000h525.jpeg
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b3abdc43e7ba186c9e18630dbbb447cc79532d799a95840ab7f85586ee681e3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21557
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 39611
cf-bgj: h2pri
last-modified: Fri, 24 Feb 2023 07:27:29 GMT
server: cloudflare
etag: "19f8bd732148d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYhdACFax4MATO7pUsJSYC8kRuAENoa8Hy1nSIVCwNo2XLMZuryc6KvqTCHz%2F5pKN5cPcHT%2FO22wjWG%2Bkq216zfZJ%2FZA5NPFlC0rewhvC%2FRtDNERm6q098OZX%2FF4X%2BtcfKWQdeeqww05xSBOQDqPcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=28800
accept-ranges: bytes
cf-ray: 7e2e41f99b75194b-FRA
expires: Fri, 07 Jul 2023 09:09:24 GMT

GET
H2 200 AF13BEC4B6E9w1000h525.jpeg
static.rifusy.com/picture/20230307/F1/ 50 KB
50 KB 16ms
16ms Image
image/jpeg 2606:4700:3034::ac43:d9d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.rifusy.com/picture/20230307/F1/AF13BEC4B6E9w1000h525.jpeg
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 48c56e5047fc51ccfd3410a13047507a3a8af2a66c1b8f09e2aa22192cad7a6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4859
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 51178
last-modified: Tue, 07 Mar 2023 06:15:17 GMT
server: cloudflare
etag: "c57230bc50d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w8mx9%2FeXGkUApQA7DIewf83pwWZNX6n1h%2BR3U8z%2FPAE35sSPlSbuYPT6SyYSLEyC74Ye05z3U%2BTo4PU9nkTFDk1hJnzO87b452LnPNWfqY2pWLZ0gTOJoIx4tBcp1T69hcwzLog0DrqxEFu5cqUPHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=28800
accept-ranges: bytes
cf-ray: 7e2e41f99b77194b-FRA
expires: Fri, 07 Jul 2023 13:47:42 GMT

GET
H2 200 30BEE5D3AFB3w1000h525.jpeg
static.rifusy.com/picture/20230307/0B/ 64 KB
64 KB 16ms
15ms Image
image/jpeg 2606:4700:3034::ac43:d9d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.rifusy.com/picture/20230307/0B/30BEE5D3AFB3w1000h525.jpeg
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b3ba01c2016e2915de2e6fcf6e0abfa4366b51c915d88529d972624aca26c82b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11835
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 65111
last-modified: Tue, 07 Mar 2023 06:18:33 GMT
server: cloudflare
etag: "179edaa4bc50d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lMPIZNVltIGnz9DApXYsU0gZG8nufRinCBU2QnJS4RqhCGZNy6ynHmlNvtdwP5hqTmKkjPH5lnlU3RCQJi4Jlr61XwKzstUyBAD8QmS9CoT5%2FJjI3ZyLm1CkWdO8e8JBSk%2FNl2PKikX%2B8eoYSEQO5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=28800
accept-ranges: bytes
cf-ray: 7e2e41f99b78194b-FRA
expires: Fri, 07 Jul 2023 11:51:26 GMT

GET
H2

200

/ Show response
count.babiesjh.com/
Redirect Chain

https://www.babiesjh.com/xstat/index/2673
https://count.babiesjh.com/?2673

7 KB
2 KB

437ms
413ms

Script
text/javascript

2606:4700:3033::6815:2275
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://count.babiesjh.com/?2673
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Protocol: H2
Server: 2606:4700:3033::6815:2275 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 28b32413b9dc867b4ca3d3a09d712556bc73b4ef96cd1831332df71212161463

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sZYSSUYwhikoFVRTWtOtZbXxJkenwZpX5ada0Wk02xl2oOuRHLIFiGG6gzWLWxaB1AlbLeHilzLdj2KOR5%2BxvR%2FjWLK52I7rLu4RmuClShl7Rv8yTWHgUYzYjp2G9NZXzIjaN%2FBX1WjJoyVitVw93dw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
p3p: CP=CAO PSA OUR
cache-control: public
cf-ray: 7e2e41fafea61c3e-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 07 Jul 2023 07:13:42 GMT

Redirect headers

date: Fri, 07 Jul 2023 07:08:42 GMT
x-aspnetmvc-version: 5.2
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EkUwXpsUAoY0g41JiL9pLFkxXiuf8IsGwNRSiavgJX2ZU7jBfPmKPTtQrrFuDYFLYc38umn4CXdu%2BCcGPPps6qVkoke7vF4y9oReAmZEEkGdvCGM%2FLzEBkwW7HZsTv6tIjON3LYVc4jDToCOuxSI"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://count.babiesjh.com?2673
cache-control: private
cf-ray: 7e2e41f96a06373e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 crypto-js.min.js Show response
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/ 47 KB
14 KB 27ms
17ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js

Requested by

Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2375325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13972
last-modified: Sat, 14 Aug 2021 20:33:09 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "61182885-3694"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4VK8wmYov8H4s9xW1lnaJKwXqeza3%2F8AFSA7aiKjy7U3MEnC50nXDf6rT4caq2BpNB7goEkWG1wwdhekZLdlbMtd%2Bs0yhChkBWCq9esKP1muQkndtMlM1c5%2BBQISXnVgMxQKQle69fbHvSmk8s%2FiVxom"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7e2e41f96f038fef-FRA
expires: Wed, 26 Jun 2024 07:08:41 GMT

GET
H2

200

stat Show response
twstat.babiesjh.com/
Redirect Chain

https://www.babiesjh.com/xstat/moneystat
https://twstat.babiesjh.com/stat

6 KB
3 KB

609ms
581ms

Script
text/html

2606:4700:3033::6815:2275
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://twstat.babiesjh.com/stat
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Protocol: H2
Server: 2606:4700:3033::6815:2275 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6ae431e5af4a1e78f8655086b97029d0bea2f107751ddc19a406a9982e3ee972

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:42 GMT
content-encoding: br
x-aspnetmvc-version: 5.2
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RgSM3gEW2anOta%2BcQJ4sZMlrjVq8ZvIH07CosRCoEsi7wOOAQ%2B5T66h%2FX57sRrHMNV2vWdnLdiZI525NzFroC0q8y446o1zDAzM1s8rhGH9XfLeQwSq%2BqnxbOzeE0LvTkUS2H9HtAtgnpIazcGPPNR8S"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: private
cf-ray: 7e2e41fc0fc21c3e-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Fri, 07 Jul 2023 07:08:42 GMT
x-aspnetmvc-version: 5.2
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Civq8EurK%2Br%2FS7Dr88%2B7Dkx6HWhqEs8W5mHtLatj%2Fvudv51vWcz8HY4PwMNIW6bmI1geqlzLZdLrV8Npm7emGWl8oyrUiru6%2FcBOz1XcFKENNVu1T%2FENrlrBz3lT19CQS3AlyR%2B8QgfffsOvJL7q"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://twstat.babiesjh.com/stat
cache-control: private
cf-ray: 7e2e41f96a08373e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 top.png
www.babiesjh.com/Content/images/ 2 KB
2 KB 14ms
13ms Image
image/png 2606:4700:3030::ac43:ccc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.babiesjh.com/Content/images/top.png?v=3
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:ccc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9af7fd8d18e80b0ac79b602081f75c658a17a7b4599674bf3822bacc9eec5f79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17865
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 1810
last-modified: Wed, 22 Mar 2023 12:52:23 GMT
server: cloudflare
etag: "73bad625bd5cd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aw8BQwmekIHafb5U%2FEswhX4tPaQcHz47PYsf7LHROEx3LRvdfo%2F7kkmeBwEduPPn8D2DgBnu272bn%2FanvOdo7ihBUGeXNzrGLOnDzmZPl0CWlCnobiAhw0SM8%2FW9BrjTRB8o45YWtHD%2BQN1LFvNY"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=28800
accept-ranges: bytes
cf-ray: 7e2e41f96a09373e-FRA
expires: Fri, 07 Jul 2023 10:10:56 GMT

GET
H2 200 prefs2 Show response
api.dable.io/plugin/services/sddmovie.com%2Fpal-mate/ 839 B
1 KB 715ms
241ms Script
text/javascript 3.38.54.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/plugin/services/sddmovie.com%2Fpal-mate/prefs2?uid=&tcfapiSet=0&gdpr=0&callback=dbljson1

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

3.38.54.12 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-38-54-12.ap-northeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

bf56b14d330ae25ccd631572b03088cf4982d39bea9aaf39df953c1777d94ee6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
etag: W/"347-8GoA0VRJvJkpQNrk5QcObAOdyHQ"
content-type: text/javascript; charset=utf-8

GET
H3 200 email-decode.min.js Show response
www.babiesjh.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 9ms
8ms Script
application/javascript 2606:4700:3030::ac43:ccc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.babiesjh.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:ccc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Jun 2023 09:29:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64941465-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PuVT0BfRF3MOTGFgklOLFvec%2FEO%2BI%2BxDJ8c9rLUv7EDFaJqafBsR3LMknSK%2BI9PXOIqsjPgMCQBDG9EjdiujypdvGR5bsE5PDtqgKlf9PfT0ZxcSfFsD6J5onaZZKVFbzOCZr%2FYPH6E1Mmr67%2BO1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7e2e41fa9b41373e-FRA
expires: Sun, 09 Jul 2023 07:08:42 GMT

GET
H2 200 / Show response
www.scupio.net/kanglei/ 3 KB
2 KB 253ms
215ms Script
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.scupio.net/kanglei/
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.3.9
Resource Hash: 5f04a67133e8d41a751e2030f0c3492cd7438868d74e850b94007eb12805e6d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.3.9
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LwfEotwp9cac5GLkBmPi2TtuzwOAclxEDU5maML7Eb8geqHG59FPHHh2zdBP1TAuPXmZaDd3wB0Ha9BikJ0OEnfshOmAwrHj0j88yL0%2Bg%2B8rDrJcSRG8bQEUVOFHaBWFQaSQSWwznefk5Pb8jQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 7e2e41facb199262-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 globaldefault.js Show response
www.babiesjh.com/Content/js/ 2 KB
1 KB 13ms
12ms Script
application/javascript 2606:4700:3030::ac43:ccc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.babiesjh.com/Content/js/globaldefault.js
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:ccc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0dbd4e4fd5ed44142a5f750462ffd86db00aaa51ba5990381c4740d21b4478f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18886
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 06 Apr 2023 08:04:23 GMT
server: cloudflare
etag: W/"5bab43665e68d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=46pF5Ap%2F%2FXBfxm7FUnTeRVdh3RTxt5BAzxjgE0%2FllBiv7Ubr%2FF95d5YLGOfo8aGPSXoA13RK6XzBbOPQOe0LjiXQxPZvuKk6%2BFgEXTTqW0%2FpnjKxzPPCVOPLZdo%2FDnmipvqdCTCLbVzzOSCA6LIp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=28800
cf-ray: 7e2e41fa9b43373e-FRA
expires: Fri, 07 Jul 2023 09:53:56 GMT

GET
H2 200 / Show response
static.intentarget.com/track/kangleigm/ Frame DE83 2 KB
1 KB 555ms
517ms Script
text/html 2606:4700:e0::ac40:6725
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intentarget.com/track/kangleigm/
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/gmifr_lei.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6725 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7eb19b71e68250796593a940b475ce0295d837b3ca5f57bbc949029f4254fe43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BWgUlGoZLsPNsqcitjDLcao7MOTXvHyiaB%2BuQPKepjukJGbpaeChULsL1lELjQrkfpBshfGA2JFPYfEQgtR3Vt9JU1hhAvgg2c3cGfZ6bqriw0BDquNGk0WAe4377%2Fnp7yT49EmEcJQJZlJBWdUJJtBYU3qP"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 7e2e41fb5e703645-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 gmifr_lei.html Show response
www.babiesjh.com/ Frame 54F5 1 KB
1 KB 215ms
215ms Document
text/html 2606:4700:3030::ac43:ccc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.babiesjh.com/gmifr_lei.html
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:ccc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c950bdb3171907dd6adc02a07023992f892095f78f251750ebbb01ff386282ac

Request headers

Referer: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7e2e41fd8e90373e-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 07 Jul 2023 07:08:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bhwr3bw5Kg2T6WTr5gpU%2BJeQTYr%2BUTJFyAo1048qspDBQZN5eo85yQ4wf9xj7%2B8QcqQ81J4%2B04J%2BJ4q84BOELthG3Y%2FjymDeGx8tCfP%2B3wpuixIMEnjxHNYsDKVQHlrn9LYpIGXZ4Fmb34LPVhxN"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET
H/1.1 200
OK /
count.xxxssk.com/s/ 338 B
565 B 765ms
187ms Image
image/jpeg 119.28.16.172
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://count.xxxssk.com/s/?isentrance=true&guid=6600b1bc-e8d8-44bd-ed12-0622c5eec35e&resolution=1600,1200&colordepth=24&location=https%3A%2F%2Fwww.babiesjh.com%2Fdoc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09&referrer=https%3A%2F%2Fwww.jiastar11.com%2F&rd=0.24340636221229128&sid=2673&dpr=1&appCodeName=Mozilla&appName=Netscape&appVersion=5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/114.0.5735.198%20Safari/537.36&maxTouchPoints=0&platform=Win32&product=Gecko&productSub=20030107&vendor=Google%20Inc.&deviceMemory=8
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.28.16.172 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e93636d3ef399dc7d33a87e01495e525303cdcb7f443dbfa77f05e4c80825407

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 07 Jul 2023 07:08:42 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/jpeg
P3P: CP=CAO PSA OUR
Cache-Control: private
Content-Length: 338

GET
H2 200 00000000.0000000000000 Show response
api.dable.io/widgets/id/goP0dJoQ/users/ Frame 8C68 342 B
383 B 287ms
287ms Document
text/html 3.38.54.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.dable.io/widgets/id/goP0dJoQ/users/00000000.0000000000000?from=https%3A%2F%2Fwww.babiesjh.com%2Fdoc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09&url=https%3A%2F%2Fwww.babiesjh.com%2Fdoc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09&ref=https%3A%2F%2Fwww.jiastar11.com%2F&cid=00000000.0000000000000&uid=00000000.0000000000000&site=sddmovie.com%2Fpal-mate&gdpr=1&service_id=10086&service_type=news&country=TW&client_id=2011&randomStr=8a82b9dc-7630-4944-a6ae-7f88bf4e22da&id=dablewidget_goP0dJoQ&category1=%E5%A8%9B%E6%A8%82%E6%98%8E%E6%98%9F&author=0&ad_params=%7B%7D&item_id=4830320&item_pub_date=2023-07-04&pixel_ratio=1&client_width=890&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1&is_lazyload=0
Requested by: Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.38.54.12 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-38-54-12.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 27f7c8ffc293a47a6c47cdd32cd7c77ae10bba0e9743a91c8ed2af3acf3a3753

Request headers

Referer: https://www.babiesjh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 07 Jul 2023 07:08:42 GMT
server: nginx

GET trkyjs.js
static.intentarget.com/track/kangleigm/js/ Frame DE83 0
0

GET
H2 200 gmifr_lei.html Show response
health-am.com/ Frame DE83 1 KB
1 KB 433ms
389ms Document
text/html 2606:4700:3033::ac43:d64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://health-am.com/gmifr_lei.html
Requested by: Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:d64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c950bdb3171907dd6adc02a07023992f892095f78f251750ebbb01ff386282ac

Request headers

Referer: https://www.babiesjh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7e2e41feee26361f-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 07 Jul 2023 07:08:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HtrfFk2qg%2FZXdvmW%2Bn1cpVSbB56Ir%2Bupv95WGzB%2F7LUkFFTxEI48PdoCC8rnvk4D36H466tkSV%2FTiqnN%2BgR3sZJJpy8BL2961Ny01Lzeran6izwvlqVID2%2BmoSI2kPpOKoVMzyiepabiqLN1"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET
H3 200 / Show response
static.intentarget.com/track/kangleigm/ Frame 54F5 2 KB
1 KB 509ms
509ms Script
text/html 2606:4700:e0::ac40:6725
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intentarget.com/track/kangleigm/
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/gmifr_lei.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6725 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f457ccef28dc61f8af848120963ff145be0078911a0d99097148eb87df1ff212

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0G8soiZHboCIZ8%2BFXRrcnfca73AHxIBoaRYO3G9topPVBbFRSncIdI1Ma28qMkBAdJEGDujV%2Buqli1J6RkSAhO6twyPDmLVKguMdiREwY6sRMVrNxKtWPQhOv32cYLFU8iVo8O1wLStkTEfJBB8XBpNyX4o"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 7e2e41fedf05910c-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK im-uid-hook.js Show response
dmp.im-apps.net/scripts/ 633 B
681 B 60ms
6ms Script
text/javascript 2a02:26f0:3100::1725:e270
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4300666
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1725:e270 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 07 Jul 2023 07:08:42 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
P3P: CP="NOI PSD OTR"
Content-Type: text/javascript
Cache-Control: private, no-store
Connection: keep-alive
Content-Length: 445

GET
H/1.1 200
OK lift.json Show response
l.logly.co.jp/ 0
603 B 262ms
232ms Script
text/plain 108.138.7.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.logly.co.jp/lift.json?adspot_id=4300666&widget_id=54803&auc_id=&callback=_lgy_lift_callback_4300666&render_id=MTY4ODcxMzcyMl8wXzEwNjZmODQwY2U1Mg%3D%3D&url=https%3A%2F%2Fwww.babiesjh.com%2Fdoc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09&ref=https%3A%2F%2Fwww.jiastar11.com%2F
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4300666
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-39.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Jul 2023 07:08:42 GMT
Via: 1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront)
Server: nginx
X-Amz-Cf-Pop: FRA56-P6
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
P3P: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
X-Amz-Cf-Id: xUrLTKT7IripIJ6RYlUSSaxQGomT9d0o68aqEK2mAJ9GgD8BySyetQ==

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 178 KB
65 KB 44ms
23ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-87942765-23

Requested by

Host: www.scupio.net
URL: https://www.scupio.net/kanglei/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6be15c254dbcfecc64732b56ceb430ce33df14ad3074ec9149f853d392c59af3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 65918
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 07 Jul 2023 07:08:42 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 6D67 76 KB
26 KB 100ms
79ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_docilepuppy.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13f9a278e137801f65c934358ad0cd4674c8eddbb4b901ca7dd66aaec9163cd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25854
x-xss-protection: 0
server: cafe
etag: 45 / 19545 / m202306280101 / config-hash: 154671031251390638
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 07 Jul 2023 07:08:42 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 36E2 76 KB
25 KB 143ms
129ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_docilepuppy.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

351552ec814613637605cb1f76449f4b5c74319b8094d8a4a7a904a0adb88fad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25860
x-xss-protection: 0
server: cafe
etag: 835 / 19545 / m202306280101 / config-hash: 154671031251390638
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 07 Jul 2023 07:08:42 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 8C06 76 KB
25 KB 138ms
130ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_docilepuppy.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8b5ba0b9b88b49357cd58b131b075ac8c08e23b364eaca856323ce81ca58cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25855
x-xss-protection: 0
server: cafe
etag: 651 / 19545 / m202306280101 / config-hash: 154671031251390638
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 07 Jul 2023 07:08:42 GMT

POST
H3 200 ad0113 Show response
www.babiesjh.com/xstat/ 1 KB
1 KB 419ms
419ms XHR
text/html 2606:4700:3030::ac43:ccc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.babiesjh.com/xstat/ad0113
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:ccc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 096e753cd5d1a594617f3887409a5a88948000d95bbf7b39e8fd777b5df72255

Request headers

Accept: */*
Referer: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:43 GMT
content-encoding: br
x-aspnetmvc-version: 5.2
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vq9f8EYWkiVkiBuBs%2FHzNZ9Rx095kyf0N283eYHEyNbXgwE0P3QkbQ36un%2FGi1SQs5jx6lwa2N3A0ctSDpyEVIEbkZXgrJzLxFsjsnOg7ba1cFzbGAtFZYgrV7qiZxU0gvGqGV9vlGgCs%2BiE7bTd"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: private
cf-ray: 7e2e41fff9f9373e-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK im-uid.js Show response
dmp.im-apps.net/sdk/ 6 KB
3 KB 7ms
7ms Script
application/javascript 2a02:26f0:3100::1725:e270
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1725:e270 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
Content-Encoding: gzip
Date: Fri, 07 Jul 2023 07:08:42 GMT
Last-Modified: Fri, 21 Apr 2023 06:05:08 GMT
ETag: "14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
Content-Type: application/javascript
P3P: CP="NOI PSD OTR"
Cache-Control: max-age=10800
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2434

GET
H2 200 get Show response
audiencedata.im-apps.net/imuid/ 10 B
184 B 274ms
247ms XHR
application/json 2600:1901:0:e207::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://audiencedata.im-apps.net/imuid/get?cid=6858&vid=01H4QJWZ018D6F6VMKD4MNNQXD
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:e207:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://www.babiesjh.com
date: Fri, 07 Jul 2023 07:08:43 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10
content-type: application/json

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
75 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VCEDQQD6JV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-87942765-23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

afb53fd4ebdbf9a8c0004c833859b00787d43663b922b969b19fe9eeb74ebe78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76404
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 07 Jul 2023 07:08:42 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-87942765-23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 07 Jul 2023 07:04:37 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 245
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 07 Jul 2023 09:04:37 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ Frame 8C68 94 KB
94 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: api.dable.io
URL: https://api.dable.io/widgets/id/goP0dJoQ/users/00000000.0000000000000?from=https%3A%2F%2Fwww.babiesjh.com%2Fdoc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09&url=https%3A%2F%2Fwww.babiesjh.com%2Fdoc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09&ref=https%3A%2F%2Fwww.jiastar11.com%2F&cid=00000000.0000000000000&uid=00000000.0000000000000&site=sddmovie.com%2Fpal-mate&gdpr=1&service_id=10086&service_type=news&country=TW&client_id=2011&randomStr=8a82b9dc-7630-4944-a6ae-7f88bf4e22da&id=dablewidget_goP0dJoQ&category1=%E5%A8%9B%E6%A8%82%E6%98%8E%E6%98%9F&author=0&ad_params=%7B%7D&item_id=4830320&item_pub_date=2023-07-04&pixel_ratio=1&client_width=890&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1&is_lazyload=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 06:02:49 GMT
x-content-type-options: nosniff
age: 3953
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95992
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jul 2024 06:02:49 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
207 B 15ms
14ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2086996401&t=pageview&_s=1&dl=https%3A%2F%2Fwww.babiesjh.com%2Fdoc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09&dr=https%3A%2F%2Fwww.jiastar11.com%2F&ul=en-us&de=UTF-8&dt=%E5%8A%89%E4%BA%A6%E8%8F%B2%E5%BE%B9%E5%BA%95%E6%94%BE%E9%96%8B%E4%BA%86%EF%BC%9F%E5%83%85%E4%B8%80%E5%A1%8A%E3%80%8C%20%E4%B8%89%E8%A7%92%E5%B8%83%20%E3%80%8D%E5%87%BA%E5%B8%AD%EF%BC%8C%E9%A1%9B%E8%A6%86%E4%BB%A5%E5%BE%80%E7%8E%89%E5%A5%B3%E5%BD%A2%E8%B1%A1%EF%BC%8C%E7%B6%B2%E5%8F%8B%20%EF%BC%9A%E5%A4%AA%E6%80%A7%E6%84%9F%E4%BA%86&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1042438864&gjid=1375878176&cid=116886738.1688713723&tid=UA-87942765-23&_gid=575774841.1688713723&_r=1&gtm=457e3750&jsscut=1&z=57351245

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.babiesjh.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.babiesjh.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 34ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-VCEDQQD6JV&gtm=45je3750&_p=2086996401&cid=116886738.1688713723&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1688713722&sct=1&seg=0&dl=https%3A%2F%2Fwww.babiesjh.com%2Fdoc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09&dr=https%3A%2F%2Fwww.jiastar11.com%2F&dt=%E5%8A%89%E4%BA%A6%E8%8F%B2%E5%BE%B9%E5%BA%95%E6%94%BE%E9%96%8B%E4%BA%86%EF%BC%9F%E5%83%85%E4%B8%80%E5%A1%8A%E3%80%8C%20%E4%B8%89%E8%A7%92%E5%B8%83%20%E3%80%8D%E5%87%BA%E5%B8%AD%EF%BC%8C%E9%A1%9B%E8%A6%86%E4%BB%A5%E5%BE%80%E7%8E%89%E5%A5%B3%E5%BD%A2%E8%B1%A1%EF%BC%8C%E7%B6%B2%E5%8F%8B%20%EF%BC%9A%E5%A4%AA%E6%80%A7%E6%84%9F%E4%BA%86&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VCEDQQD6JV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.babiesjh.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/ Frame 6D67 392 KB
125 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075410

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ab758e32437cf86d59e683d808940365c56bf6893f391a96d19e731b21bf154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:06:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 151
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127514
x-xss-protection: 0
server: cafe
etag: 13498126467117012333
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 06 Jul 2024 07:06:12 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/ Frame 36E2 392 KB
125 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ab758e32437cf86d59e683d808940365c56bf6893f391a96d19e731b21bf154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:12:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28603
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127514
x-xss-protection: 0
server: cafe
etag: 13498126467117012333
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 05 Jul 2024 23:12:00 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/ Frame 8C06 392 KB
125 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ab758e32437cf86d59e683d808940365c56bf6893f391a96d19e731b21bf154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:12:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28603
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127514
x-xss-protection: 0
server: cafe
etag: 13498126467117012333
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 05 Jul 2024 23:12:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 6D67 107 B
456 B 58ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.babiesjh.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075410

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 6D67 21 KB
9 KB 573ms
572ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4299962982623993&correlator=2431014426351412&eid=31074651%2C31075410%2C31074653&output=ldjh&gdfp_req=1&vrg=202306280101&ptt=17&impl=fifs&iu_parts=22670248360%2Cdocilepuppy_336x280&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&ifi=1&adks=3507171008&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1688713723077&lmt=1688713723&dlt=1688713722850&idt=202&adxs=632&adys=295&biw=1600&bih=1200&isw=336&ish=280&scr_x=0&scr_y=0&btvi=0&ucis=wafn1nzczzt&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.babiesjh.com%2Fdoc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09&ref=https%3A%2F%2Fwww.babiesjh.com%2Fdoc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09&top=https%3A%2F%2Fwww.babiesjh.com%2Fdoc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09&frm=23&vis=1&psz=336x280&msz=336x-1&fws=256&ohw=0&ea=0&ga_vid=116886738.1688713723&ga_sid=1688713723&ga_hid=1663947884&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075410

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e8b00b16e498a7723688bcfbcf7c91ddaaaaf3004afb60600602d4d25a5b404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:43 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9605
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.babiesjh.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6D67 15 KB
12 KB 90ms
60ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306280101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075410

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d439888e68e559433a32139301c60c4152bc55111ecccf9340d909d7edc0db17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11725
x-xss-protection: 0

GET
H2 200 container.html Show response
f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B5E5 6 KB
3 KB 54ms
14ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075410

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babiesjh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 07:08:43 GMT
expires: Sat, 06 Jul 2024 07:08:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 36E2 107 B
165 B 22ms
21ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.babiesjh.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 36E2 25 KB
10 KB 532ms
527ms Fetch
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3109388854853107&correlator=2988634767681258&eid=31072019%2C31074949%2C31075762%2C44777900%2C31075341&output=ldjh&gdfp_req=1&vrg=202306280101&ptt=17&impl=fifs&iu_parts=22670248360%2Cdocilepuppy_336x280&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&ifi=1&adks=3507171008&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1688713723122&lmt=1688713723&dlt=1688713722856&idt=241&adxs=632&adys=5635&biw=1600&bih=1200&isw=336&ish=280&scr_x=0&scr_y=0&btvi=1&ucis=kjtljnbswe4a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.babiesjh.com%2Fdoc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09&ref=https%3A%2F%2Fwww.babiesjh.com%2Fdoc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09&top=https%3A%2F%2Fwww.babiesjh.com%2Fdoc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09&frm=23&vis=1&psz=336x280&msz=336x-1&fws=256&ohw=0&ea=0&ga_vid=116886738.1688713723&ga_sid=1688713723&ga_hid=1364889457&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c53448776622c5e7d7690c1d6086b02b9084efccfb1f7249fa08f431fb104bd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:43 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10207
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.babiesjh.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 36E2 15 KB
12 KB 62ms
58ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306280101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d94248c9764a4ecdc98e5b03dafdd4c09aacdc61194d734b81c7f1276c4eeeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11748
x-xss-protection: 0

GET
H2 200 container.html Show response
5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7F66 6 KB
3 KB 30ms
14ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babiesjh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 07:08:43 GMT
expires: Sat, 06 Jul 2024 07:08:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 8C06 107 B
165 B 17ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.babiesjh.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 8C06 25 KB
10 KB 287ms
286ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2850778209491309&correlator=3285046484489194&eid=31061690&output=ldjh&gdfp_req=1&vrg=202306280101&ptt=17&impl=fifs&iu_parts=22670248360%2Cdocilepuppy_336x280&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&ifi=1&adks=3507171008&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1688713723143&lmt=1688713723&dlt=1688713722862&idt=271&adxs=632&adys=6223&biw=1600&bih=1200&isw=336&ish=280&scr_x=0&scr_y=0&btvi=1&ucis=5gfn3526rll0&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.babiesjh.com%2Fdoc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09&ref=https%3A%2F%2Fwww.babiesjh.com%2Fdoc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09&top=https%3A%2F%2Fwww.babiesjh.com%2Fdoc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09&frm=23&vis=1&psz=336x280&msz=336x-1&fws=256&ohw=0&ea=0&ga_vid=116886738.1688713723&ga_sid=1688713723&ga_hid=548789724&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c54c70091292885af91266fad912075f87eeb7e18dfbe1cfc1ae7a8e33cf0ed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:43 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10196
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.babiesjh.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8C06 15 KB
12 KB 57ms
57ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306280101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc541db2812eba233c57d8206cc94a66f11d4d9e414844388f05f2982b3741d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11909
x-xss-protection: 0

GET
H2 200 container.html Show response
9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9709 6 KB
3 KB 29ms
15ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babiesjh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 07:08:43 GMT
expires: Sat, 06 Jul 2024 07:08:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
static.intentarget.com/track/kangleigm/ Frame DE83 2 KB
1 KB 499ms
497ms Script
text/html 2606:4700:e0::ac40:6725
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intentarget.com/track/kangleigm/
Requested by: Host: health-am.com
URL: https://health-am.com/gmifr_lei.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6725 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc6738ffbc1a0c4898d481bb4c4cd4c088886a879f822f1ada249204e9dcd48a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://health-am.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xkpfvUmRtT%2BBMLWQd6dGqpG%2FtP9IOTknu7tCSLP4KzPbPcquXgRG0oPwFoB13AmIzwQQ2TlWDQZDJQIHl7xbhTcQwNllcdQH44abMR6PQwXQ3o4kGUFtWdPFqxcU%2BCccFC55BLquQBNTxeyOu2ffSA93%2Fo5b"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 7e2e4201b9fe910c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6D67 17 KB
7 KB 72ms
29ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075410

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 07 Jul 2023 07:08:43 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 36E2 17 KB
6 KB 91ms
54ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 07 Jul 2023 07:08:43 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8C06 17 KB
6 KB 83ms
53ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 07 Jul 2023 07:08:43 GMT

GET trkyjs.js
static.intentarget.com/track/kangleigm/js/ Frame 54F5 0
0

GET
H2 200 gmifr_lei.html Show response
yaya0506.com/ Frame 54F5 1 KB
1 KB 429ms
388ms Document
text/html 2606:4700:3030::6815:5f9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yaya0506.com/gmifr_lei.html
Requested by: Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5f9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c950bdb3171907dd6adc02a07023992f892095f78f251750ebbb01ff386282ac

Request headers

Referer: https://www.babiesjh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7e2e420259df3659-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 07 Jul 2023 07:08:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rXEobT4NXEXZucJarnKZTaC7njSCtOBcjuVei%2BsJ9M%2F1AOjL5KDYR4zojZIkBjyNiqQPtwBBBJd5nh%2F%2FNMAVPKv8lTCUdp8khmwkz6PPmZhpZgRIFimCUOxmN2f16SLJVMOvZ2m9DoSikuc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame ABE6 13 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babiesjh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 40746
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 19:49:37 GMT
expires: Fri, 05 Jul 2024 19:49:37 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 17EE 783 B
1 KB 37ms
16ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5c69b463a28dcb38e0d21884138e0c7809fb4d9adfe0abeab44c8bda77493571

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-INDkQbJRFPcMJxb6CmVixg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.babiesjh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-INDkQbJRFPcMJxb6CmVixg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 07:08:43 GMT
expires: Fri, 07 Jul 2023 07:08:43 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js Show response
pagead2.googlesyndication.com/bg/ Frame ABE6 37 KB
14 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 19:20:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42491
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14572
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Jul 2024 19:20:32 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 048B 13 KB
5 KB 10ms
6ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babiesjh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 40746
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 19:49:37 GMT
expires: Fri, 05 Jul 2024 19:49:37 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F2EF 783 B
741 B 22ms
18ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01dd3d918cf7a4c7b66a6f87c178d62f0c61042cb64216fc48b30b3913e0e700

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gBM93u-_vtB2LJlEQaiu6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.babiesjh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-gBM93u-_vtB2LJlEQaiu6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 07:08:43 GMT
expires: Fri, 07 Jul 2023 07:08:43 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 96DB 13 KB
5 KB 9ms
6ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babiesjh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 40746
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 19:49:37 GMT
expires: Fri, 05 Jul 2024 19:49:37 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 52FD 783 B
737 B 20ms
18ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

43a5f12b9832fbe2071a0a9609c3bf1ce1296251a11c503d212e64ec43fe47dc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BpO_0kk1C1Dt_-6KTghsAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.babiesjh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-BpO_0kk1C1Dt_-6KTghsAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 07:08:43 GMT
expires: Fri, 07 Jul 2023 07:08:43 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H/1.1 200
OK ad0113stat.ashx Show response
twtpstat.zhentoo.com/ 29 B
582 B 1795ms
192ms XHR
text/plain 119.28.134.92

General

Check archive.org

Show headers Download Go to

Full URL: https://twtpstat.zhentoo.com/ad0113stat.ashx?adid=8&position=1&type=0
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 119.28.134.92 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a8c4bc68282ebe0bc7f7a5844c4c28f9775c4a62eb20b9770c7ba7948a705c17

Request headers

Accept: */*
Referer: https://www.babiesjh.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 07 Jul 2023 07:08:44 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Access-Control-Allow-Methods: PUT,POST,GET,DELETE,OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 145

GET
H2 200 B71D586DD112w788h470.Jpeg
pic.logkb.com/ad0113/2023-07-06/ 45 KB
45 KB 57ms
13ms Image
image/jpeg 2606:4700:3031::ac43:91b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.logkb.com/ad0113/2023-07-06/B71D586DD112w788h470.Jpeg
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:91b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 98d10792834c3ae27094cd7d1cfe52b52effbe4779b553997259e3d0ac3e773c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2086
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 45838
last-modified: Thu, 06 Jul 2023 08:39:09 GMT
server: cloudflare
etag: "c5f34c55e5afd91:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cvqhfqziyiFo8LAkAg9kQA4zeOUt0wbOdyGlaoQeZtXQWrvK%2Fuy%2FJydv6E8WcBsplLHnzi714u8%2BPhLfX9kCeGdpNc7cZY4KxD5g8jo7B5dBQiTM4sKtc1jCQcsDeBQ6NgEytqMeWM1UFLum"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7e2e4202dd713a43-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 sync.html Show response
sync.logly.co.jp/sync/ Frame 89DD 495 B
664 B 747ms
245ms Document
text/html 54.238.42.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.html
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4300666
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.238.42.234 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-42-234.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5

Request headers

Referer: https://www.babiesjh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=2592000
content-length: 495
content-type: text/html
date: Fri, 07 Jul 2023 07:08:43 GMT
etag: "64a4d0a8-1ef"
last-modified: Wed, 05 Jul 2023 02:08:40 GMT
server: nginx

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 17EE 0
0 40ms
40ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306280101&jk=4299962982623993&rc=
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js Show response
pagead2.googlesyndication.com/bg/ Frame 048B 37 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 19:20:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42491
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14572
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Jul 2024 19:20:32 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F2EF 0
0 40ms
39ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306280101&jk=2850778209491309&rc=
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 52FD 0
0 40ms
40ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306280101&jk=3109388854853107&rc=
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js Show response
pagead2.googlesyndication.com/bg/ Frame 96DB 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 19:20:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42491
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14572
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Jul 2024 19:20:32 GMT

GET
H2 200 container.html Show response
9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5DF6 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babiesjh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 07:08:43 GMT
expires: Sat, 06 Jul 2024 07:08:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DC6F 624 B
826 B 69ms
47ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGLaEw-ABMAE&v=APEucNW18hI4-7I6YvG7HnAiMycwZUE8eOfSymqZSMgu0n23YCvMFDp94VBPC2JRTeJSv1ZFe8wr3q06rz-SMBYJRjV1Bmbzflo7DfDvSNOG978DBr_wvyo57GD9LPBn0vgXmSihOlvftT0aRIga2-l1S5u4cgyavSY9e6J6bpBb_QoLss70Vxo

Requested by

Host: www.jiastar11.com
URL: https://www.jiastar11.com/d/oxal0f?fbclid=IwAR16jk1amm3uglaJHjv4sL6NdQKtRe8MVlBxo25ll2uZPzkVPAfzpTYGVUQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 07:08:43 GMT
expires: Fri, 07 Jul 2023 07:08:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame AF55 78 KB
27 KB 90ms
90ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: www.jiastar11.com
URL: https://www.jiastar11.com/d/oxal0f?fbclid=IwAR16jk1amm3uglaJHjv4sL6NdQKtRe8MVlBxo25ll2uZPzkVPAfzpTYGVUQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 07 Jul 2023 07:08:43 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame AF55 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.jiastar11.com
URL: https://www.jiastar11.com/d/oxal0f?fbclid=IwAR16jk1amm3uglaJHjv4sL6NdQKtRe8MVlBxo25ll2uZPzkVPAfzpTYGVUQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 19:21:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42428
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 19:21:35 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame AF55 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.jiastar11.com
URL: https://www.jiastar11.com/d/oxal0f?fbclid=IwAR16jk1amm3uglaJHjv4sL6NdQKtRe8MVlBxo25ll2uZPzkVPAfzpTYGVUQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:15:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49984
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 17:15:39 GMT

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AF55 0
0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame AF55 42 B
63 B 41ms
40ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D7iEr1lLewRZkcQHUpH3IBsa2XDjPvpdX2OC2wixm7ho04UykbK_O1pObe_cvQb5Jo0c79jVPoNW8_wWYiocDo39WqgeKWlkVWfbWr7qU59nADp_I

Requested by

Host: www.jiastar11.com
URL: https://www.jiastar11.com/d/oxal0f?fbclid=IwAR16jk1amm3uglaJHjv4sL6NdQKtRe8MVlBxo25ll2uZPzkVPAfzpTYGVUQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AF55 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10285588782632730574&x=1&ct=76

Requested by

Host: www.jiastar11.com
URL: https://www.jiastar11.com/d/oxal0f?fbclid=IwAR16jk1amm3uglaJHjv4sL6NdQKtRe8MVlBxo25ll2uZPzkVPAfzpTYGVUQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame ABE6 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?AfGquA
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:43 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 048B 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?tk5IXw
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:43 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DC6F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPdEaHV-Gm-l3pWfTXVlFnU&google_cver=1

43 B
766 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPdEaHV-Gm-l3pWfTXVlFnU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGLaEw-ABMAE&v=APEucNW18hI4-7I6YvG7HnAiMycwZUE8eOfSymqZSMgu0n23YCvMFDp94VBPC2JRTeJSv1ZFe8wr3q06rz-SMBYJRjV1Bmbzflo7DfDvSNOG978DBr_wvyo57GD9LPBn0vgXmSihOlvftT0aRIga2-l1S5u4cgyavSY9e6J6bpBb_QoLss70Vxo
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Jul 2023 07:08:43 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPdEaHV-Gm-l3pWfTXVlFnU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DC6F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZKe5.-Mn9lOEHmA8ebaBIQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPdEaHV-Gm-l3pWfTXVlFnU&google_cver=1&google_hm=2

43 B
766 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPdEaHV-Gm-l3pWfTXVlFnU&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGLaEw-ABMAE&v=APEucNW18hI4-7I6YvG7HnAiMycwZUE8eOfSymqZSMgu0n23YCvMFDp94VBPC2JRTeJSv1ZFe8wr3q06rz-SMBYJRjV1Bmbzflo7DfDvSNOG978DBr_wvyo57GD9LPBn0vgXmSihOlvftT0aRIga2-l1S5u4cgyavSY9e6J6bpBb_QoLss70Vxo
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Jul 2023 07:08:43 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPdEaHV-Gm-l3pWfTXVlFnU&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame DC6F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOpTq28PjCllPT7pPYNTu0Y&google_cver=1

43 B
840 B

6ms
6ms

Image
image/gif

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEOpTq28PjCllPT7pPYNTu0Y&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGLaEw-ABMAE&v=APEucNW18hI4-7I6YvG7HnAiMycwZUE8eOfSymqZSMgu0n23YCvMFDp94VBPC2JRTeJSv1ZFe8wr3q06rz-SMBYJRjV1Bmbzflo7DfDvSNOG978DBr_wvyo57GD9LPBn0vgXmSihOlvftT0aRIga2-l1S5u4cgyavSY9e6J6bpBb_QoLss70Vxo

Protocol

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:43 GMT
an-x-request-uuid: b6d3b934-0469-4a53-9a5d-9dc5ae4c5cb7
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 138.199.38.132; 138.199.38.132; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEOpTq28PjCllPT7pPYNTu0Y&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DC6F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE2NzQ3MDkyMDc2NTE2NDM0OA%3D%3D

170 B
243 B

39ms
37ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE2NzQ3MDkyMDc2NTE2NDM0OA%3D%3D

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:43 GMT
an-x-request-uuid: 08f0e901-0b7e-430a-a69b-a848f648c5be
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE2NzQ3MDkyMDc2NTE2NDM0OA%3D%3D
x-proxy-origin: 138.199.38.132; 138.199.38.132; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 96DB 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?9AtXFA
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:43 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AF55 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6919743143919&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AF55 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6919743143919&version=m202301230201&ct=76&x=1&cor=10285588782632730000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame AF55 104 KB
40 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DC8l_YdBsqIcH3Eud_w6_LzUf2_G_obOIHmwekKEpLM5pwGZHxc-S3NkVA3DQGJXlrjZeQAZJFrrEhjoAyJj8a9oW9hIMoPvDBhHX_YdjkgBF9LralzWns8khNrY920Ebkui1edCuCfSZI3WSyRauwf-LKIH3Fj9px-acw0HY_1zZGoYw&dbm_d=AKAmf-CVK2JPW2NDaucD4wLkmlYrku0oR0F4I3_CbkMMHDHOK4GurY3TFHzYqHeu44C_OBFYRi21GaWEMe2jVXqD4o5RbqtyyMN-0hUABlPTMNCDKLDYDvIxo_1noAom4u8PtmUT5hWMpTO2n2Of0HW6BzS5BKHSHOQH3Vq7XSWv8r9eClgsuvvFaq-m8TaQsgA-jiGkEehk7gkLjJ4u-js9veqMh-Z3vgmN6C9gECZmYqTP2SXKYkqqf5nb-5cld1YUORDTaT3UMLst7n57yuvSR6s_f4JGvxJbdWu0vKBmWABj24bc8Uu_2cTgeKQzTAldu2oOlmhqzWaCNNJ1KLAicaLY3n0fLVnpz0dWUC3hvMe4n8tb0VbmoGYuZxQ3ikK8o1eVyhOQCqcNyiX8auyMUa6u6obTRHl9Qyhh617y3igXiZbIMddoY32CDUCxRd40Et4r4Pc_BSTS3eGUZJGw7x3u-mpdyOZFcXdcJ2uKhdfoekbBYqVUcj519La0gukO850AeViojMd3rjz_ts2e9jIR6Sy6zF9xtNd7BK0KoLrhgyujBTEAdtkeou4eMeg9SYbMN_oKlKn_4PVG_Qs3xV2BxK2KQfyE2Xdm1yHylXdlICd6IjR8WwXb9HRuN2rVXhdcd2hdZEhTcs_tIaOG-qmFJUVOl8wKGUOtifk8ybo9XOJm5nHKQA3W8D477cLI0scFt46VtAuJLrsQk9eIHw87xhfrxQP61gpwKEB6J_99v2rab_B03skeS05E-36mMi8CX6S1FT8zPG4VU3s-AJqYV8fJvcbMWypWJ9_TfJNU1idAzLjvikVSjbpNw3tbxd4fcDy2ZqrxaSHo7W-C3UaPFqhPWFB6j4cH5p0UlI-XUCnIAsg9MtM52i8oRlKwtKuDt5dO7-iBSYgMfrGtgvVVwC_2WlH9f-oq2zMlEQxYa6zL0JPAZFheCm7JUp498QpJzFZq8AGo4vmAExulU9rNzSFvkvlpD5UvyIgsxqYidhIzpwt00THUHSRVFCFsb-EE-XdS4BmS16_iPHEyITsGXF4s64BzE7u0KwCTqjkGgBBCKAon3kuGwDZl1-qukCbz7ZsndDyDHSOsreqwNZB5i0ysOeoOItzy-efBU7pqrJu3ZnVUFk1cL8kNW5V2HoRBY9EeyPueTtArsG2NegImZvxt3m_D2WOZXcz0tpDLaLhl_76GciVw-5QXDrlVUAniUBjk7G_Uchm9KVPpRk3mOpbWG_zgRBjUIMDdSmIdYWfj-fPZZYNIkk-vhwjuXlNBai4rxpLpad-zNdto2zpouTrdnYuIsr62Yb8E1xQsF6toHnI39Oj8Co67o18aLjG0LPdc7v5WdjRvhpX3XYbx72FsmkrkSwHei9W8U_KNmSQBcDkZm0nqpgn-8RqiI1DWQFyhlfuLp-NbiJ3n1YdVHm5B7qJ5SYHSwFmw3FfYU3EZXwemJpD-luj0QZyWmnFMWjsY3F1Bo6WpIfLQccrPjjlQATBlugAj1soNA4q9soZSUQt46rElm1FoG8bBTgnAkz-MPgS12ONl0-axLkNsEcHWafygJtTWOGqbRKIJb8LSIxslOIRwiJNInsxl_0ncuXR_aPdKWsSHRHHt0bBm0xlBxMEN3tJ_MQHAUyN_mGaC51vSLtGlw8OyhOsJ36Q0K8R8uJLdbefFJq62ikbHtQnzir7cExvK2oMARNot3GV-xmcwvrSu72whRXdiTHUA25X3-m0mNLSD7hKcLauLHpROS7ALUufyjKPXKpLba89AtJKN-UkXhat4rXTKHJ16jyFEssZWYhnCyQ-YzKxI87HSo8oW6GH33EGyI9wCXCdJeOD4FfKZpWlykNT3nGZ7tkVZOS-uanbCHbxSxYiLXMxApkel4-UCHW9_SjzfpALhFHxB4aPalbdE9EhK_7uNkbhn8QqrvyTZRmOeIgyLNUQSuTDh0cpTMcGZzBQo0TNxZSL6tAwDRudiJoqkehkn5Gu9zX8pwjeRGcy5DkmKiU8G2eg5PA8DQX2E7AsSSkiCSRfqjwf7Q_rNGR1BIwQMr41usJFXh8jCINXNUEqLYAw5wdf6fdjCevrHkruAegXGZMFTT5QuJzviOewXesYcM-jmgHO23p2thEBOnuxnLSdu0Xfm8I7evJh_Bf6CRdDRsMkHi9x-fxGhuv8vJbdgXK__GPJ4oZOvr01iV8VALkqlBSK9rbFpkcUDgVYt5JVIznmdMbwTqG6BYUI7GR9C2dfTm1W2ABctPy35eU82Fgjh5qBs4tVLQ5Jbi1iCszZIuLe-xbWx4uvN9cfZ4KHpBQvPYim7rMYik2aG1LK_a522gAc_kXFXGMjPzh_8xwCn7mdSUyGMt9lRWi16XkS9Qd6p21XaAoyZrlUnj7PTXAdmhx8TFGAg8R00XgqRwHazDeEbbUDsndTR9ixcmrp9iQ8YnNer1Meh4D_X9qkhYKocpA7MB60ryZiXeqqAsGiQMWy--oi0E2dnZyO_8O_NPFp8wO1ygiTloDB9DQRHO3Biyf2j_XqQ182AJFW0k7wGQwDKONA-ahu0dtZQ4qbT3rh_62aNCvhfkOsSj7TYTSkCShJtThYqDz9fsb39s9y4NtU_tu5JBK19wcEoV9qUFbH2MOGtSOF-mHt9X3T_b0oxmtJdfQYyu3rTiD8hAce8FvLX8LUAYNZhfsjh_e7sEHMkclqp82I_XhM-RDNzbe4KNXtDWCEFAhpaIS2rsTipzxNOc2L6kE5ITvqLzCReUKbCe65WteCeYvNWMwbEX6b-HTBt94ZeqaoLTHmiZ5sAsdLQdTpg8KSuiZsZRn43FFsjK6Z5oLdBecScuGV6MXrDbLB2agYxvbb9jM1d1T-7Ai-vZXxNocBsIgPp5-kdfkLsk8C2jVqdn-x6uXoCnUKVUC-NzYC_o0I-QCgWHloaEuIdJg3DKRY5LDXb4_2qJoH0RAIwEyrhc8ocLaH6oIs6pWRIdoRhuSpBi9QURvf_c-cmrHozC6nPQoGz4qeoZypnhFlAELTddfk_4WJvM6AAB_v2Sm3gCx4EYHYVFvy1oS9cBo15CErO6eUBLGqPGnoHlkevcjB_uJStNrLcIAI1v7tU6GhP07E8N7or8_NyXLxNmx-JlOOjnDiWVh-NXLcK-VBucpC-sbmwTylGDQW5VuUmKMnUduqBYcfwBLfR-6Fa8vGJdCYfP3Tpe5yrh_H8COAGK-svRQY5NMrWAHp7mVVIyrIlXhcjsbzT_l5n33HGA6UU9LvImPFkyIbS7PAKqszOtWHB5Ja2GS_tsypBEBSpkcLdwJfIEQ6bRQixPrS_ar3uuueyKGCV3zPM19r2XwPp8pNji8kIOKAZkLinyZRUxd6mZbznb8p_GDlw-IBHPv7wh8KsOW0zSl1oOoYUezDJMCVOmvZWC6cO8irtFwX38vaiJohQE5msnGZBvgQLWa92BZvDv9o3amnWRZn3AKXyxxgmWFifKo9_JxmYgbCRLfzbcKSoKfG-Kc-lO8Y1L3XZLFVtPn5KnE3Bg18e-3TcK5H1FR8xvulMsIAIoWa9ZrVMkmuQ3KVRZnFD764a_dloFTu_oxkjaxjqdssu5X0ryu_sCb9YG-3FmoCMsa4LGake8gwUhIN7aST2t-o4UBB2ZYnGTfu2ZtJ5e7Srois8uAROmZ5Hs_tJStk3pCROTcBkwN4I7VI0Qzjn6MjBVCF8wwyfqHTn4RkUIFcWO2FfbCyUMBhu5_wT4UtCDw&cid=CAQSSwBpAlJWpU3er-7OLMi1KAG5Rpp32egnFcBUCZxMfRQ4fBD-HlObT2PHELN-Tr_c5RY0j_tRawu3j4m5n6hnFmvLP7lDffEgx7WYOxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.babiesjh.com&ds=l&xdt=1&iif=1&cor=10285588782632730000&adk=1856210852&idt=96&cac=0&dtd=19

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

331c8fa96921e7ba3efa9d805a0a607155cf726cb89c494d2ab7bbcc00bc0929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40765
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
static.intentarget.com/track/kangleigm/ Frame 54F5 2 KB
1 KB 267ms
265ms Script
text/html 2606:4700:e0::ac40:6725
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intentarget.com/track/kangleigm/
Requested by: Host: yaya0506.com
URL: https://yaya0506.com/gmifr_lei.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6725 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b84f1090fcbb288d38b5ef17a69450a2aa986530ee8d4dda8f7bfb1e3a77da0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yaya0506.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zPjY8V4icrKb1BxYfE6vhDeY1Wc3%2FfhgpWZOD8xx86yayDYvJCM3dPJloY7k74h4ZeXrSRrpQ1HsDjF%2Bfv95hjQyz9DMA%2FyhTa1OdBarPtF5tmo10dYaePIKlbDVWdSZS0MDJQ45NhhXa7WT52fvt2MG%2F8WF"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 7e2e4204dd1f910c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 trkyjs.js Show response
static.intentarget.com/track/kangleigm/js/ Frame DE83 7 KB
3 KB 15ms
14ms Script
application/x-javascript 2606:4700:e0::ac40:6725
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js
Requested by: Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6725 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54fdfac049fcabd73da1e1545f5cdaf17bb5d821f6c404e578c375618ec44708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://health-am.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 07 May 2022 15:03:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 254796
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tkPfeWpmvyn39K37Itwf8izEVzP4drgKfb5a6PHJ1lbndAin1weDSX1cQye65wduus6I5jP7%2FOmh0z%2BzblKUbOIcp%2FFBwNajvDtd0F6HkPnbpSsHUaB1nJk9pGD8gaNMBFH8ccQlGLsTvEjyQ9Z76Tf61abG"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=259200
cf-ray: 7e2e4204dd23910c-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 07 Jul 2023 08:22:07 GMT

GET
H3 200 container.html Show response
f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9534 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075410

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babiesjh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 07:08:43 GMT
expires: Sat, 06 Jul 2024 07:08:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0C0B 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babiesjh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 07:08:43 GMT
expires: Sat, 06 Jul 2024 07:08:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame DE83 95 KB
33 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://health-am.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 07:57:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169868
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Jul 2024 07:57:35 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9DB3 624 B
245 B 47ms
46ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY3OT4xgEwAQ&v=APEucNW1_C8U3OJI-k8rhysGQskm5zwIet_otCVSOaovnWt9VgBFV3b9zNOnRzx_xDrm5S6RrUyGOt0caNj0NZNECFMzPSnU2UFf2WR1cXt5CJiNOAjvArYnlHkozEhK9xuZ_U419_0JoNtllNd15IscY_s2OOQP4OKmi2q5L4JnHJKIAknqAHw

Requested by

Host: f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com
URL: https://f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 07:08:43 GMT
expires: Fri, 07 Jul 2023 07:08:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9534 78 KB
27 KB 84ms
83ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com
URL: https://f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 07 Jul 2023 07:08:43 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9534 42 B
63 B 43ms
42ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CW5oXeAcy9Iqds3gP1BzsqYk-sHoaEB0NnoefR7En1UwrUjROiuLvi6S5hD-tm-V-cSN2w9A8pVmE_Le6msq0PM-jhdL5FLHq0MOOu334nW17OTjI

Requested by

Host: f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com
URL: https://f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9534 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13844688877267512619&x=1&ct=76

Requested by

Host: f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com
URL: https://f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 9534 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/window_focus_fy2021.js

Requested by

Host: f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com
URL: https://f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 19:21:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42428
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 19:21:35 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 9534 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com
URL: https://f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:15:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49984
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 17:15:39 GMT

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9534 0
0

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1350098/69352127/ Frame AF55 46 KB
12 KB 122ms
32ms Script
application/javascript 63.35.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1350098/69352127/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1013337800&ias_pubId=pub-8798765870329885&ias_chanId=1&ias_placementId=20333851613&bidurl=https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gqcHfLVfjNJbItbUaf7lLS
Requested by: Host: www.jiastar11.com
URL: https://www.jiastar11.com/d/oxal0f?fbclid=IwAR16jk1amm3uglaJHjv4sL6NdQKtRe8MVlBxo25ll2uZPzkVPAfzpTYGVUQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.89.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-89-158.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 53ab786b1f3e1fbc8f3a46f2c17bbf0687bf5bc9485b0af444ed242ffa4391a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:43 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame AF55 111 KB
39 KB 48ms
7ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.jiastar11.com
URL: https://www.jiastar11.com/d/oxal0f?fbclid=IwAR16jk1amm3uglaJHjv4sL6NdQKtRe8MVlBxo25ll2uZPzkVPAfzpTYGVUQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com/
Origin: https://9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 13:52:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62149
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Jul 2023 13:52:54 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/elements/html/ Frame AF55 11 KB
4 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DC8l_YdBsqIcH3Eud_w6_LzUf2_G_obOIHmwekKEpLM5pwGZHxc-S3NkVA3DQGJXlrjZeQAZJFrrEhjoAyJj8a9oW9hIMoPvDBhHX_YdjkgBF9LralzWns8khNrY920Ebkui1edCuCfSZI3WSyRauwf-LKIH3Fj9px-acw0HY_1zZGoYw&dbm_d=AKAmf-CVK2JPW2NDaucD4wLkmlYrku0oR0F4I3_CbkMMHDHOK4GurY3TFHzYqHeu44C_OBFYRi21GaWEMe2jVXqD4o5RbqtyyMN-0hUABlPTMNCDKLDYDvIxo_1noAom4u8PtmUT5hWMpTO2n2Of0HW6BzS5BKHSHOQH3Vq7XSWv8r9eClgsuvvFaq-m8TaQsgA-jiGkEehk7gkLjJ4u-js9veqMh-Z3vgmN6C9gECZmYqTP2SXKYkqqf5nb-5cld1YUORDTaT3UMLst7n57yuvSR6s_f4JGvxJbdWu0vKBmWABj24bc8Uu_2cTgeKQzTAldu2oOlmhqzWaCNNJ1KLAicaLY3n0fLVnpz0dWUC3hvMe4n8tb0VbmoGYuZxQ3ikK8o1eVyhOQCqcNyiX8auyMUa6u6obTRHl9Qyhh617y3igXiZbIMddoY32CDUCxRd40Et4r4Pc_BSTS3eGUZJGw7x3u-mpdyOZFcXdcJ2uKhdfoekbBYqVUcj519La0gukO850AeViojMd3rjz_ts2e9jIR6Sy6zF9xtNd7BK0KoLrhgyujBTEAdtkeou4eMeg9SYbMN_oKlKn_4PVG_Qs3xV2BxK2KQfyE2Xdm1yHylXdlICd6IjR8WwXb9HRuN2rVXhdcd2hdZEhTcs_tIaOG-qmFJUVOl8wKGUOtifk8ybo9XOJm5nHKQA3W8D477cLI0scFt46VtAuJLrsQk9eIHw87xhfrxQP61gpwKEB6J_99v2rab_B03skeS05E-36mMi8CX6S1FT8zPG4VU3s-AJqYV8fJvcbMWypWJ9_TfJNU1idAzLjvikVSjbpNw3tbxd4fcDy2ZqrxaSHo7W-C3UaPFqhPWFB6j4cH5p0UlI-XUCnIAsg9MtM52i8oRlKwtKuDt5dO7-iBSYgMfrGtgvVVwC_2WlH9f-oq2zMlEQxYa6zL0JPAZFheCm7JUp498QpJzFZq8AGo4vmAExulU9rNzSFvkvlpD5UvyIgsxqYidhIzpwt00THUHSRVFCFsb-EE-XdS4BmS16_iPHEyITsGXF4s64BzE7u0KwCTqjkGgBBCKAon3kuGwDZl1-qukCbz7ZsndDyDHSOsreqwNZB5i0ysOeoOItzy-efBU7pqrJu3ZnVUFk1cL8kNW5V2HoRBY9EeyPueTtArsG2NegImZvxt3m_D2WOZXcz0tpDLaLhl_76GciVw-5QXDrlVUAniUBjk7G_Uchm9KVPpRk3mOpbWG_zgRBjUIMDdSmIdYWfj-fPZZYNIkk-vhwjuXlNBai4rxpLpad-zNdto2zpouTrdnYuIsr62Yb8E1xQsF6toHnI39Oj8Co67o18aLjG0LPdc7v5WdjRvhpX3XYbx72FsmkrkSwHei9W8U_KNmSQBcDkZm0nqpgn-8RqiI1DWQFyhlfuLp-NbiJ3n1YdVHm5B7qJ5SYHSwFmw3FfYU3EZXwemJpD-luj0QZyWmnFMWjsY3F1Bo6WpIfLQccrPjjlQATBlugAj1soNA4q9soZSUQt46rElm1FoG8bBTgnAkz-MPgS12ONl0-axLkNsEcHWafygJtTWOGqbRKIJb8LSIxslOIRwiJNInsxl_0ncuXR_aPdKWsSHRHHt0bBm0xlBxMEN3tJ_MQHAUyN_mGaC51vSLtGlw8OyhOsJ36Q0K8R8uJLdbefFJq62ikbHtQnzir7cExvK2oMARNot3GV-xmcwvrSu72whRXdiTHUA25X3-m0mNLSD7hKcLauLHpROS7ALUufyjKPXKpLba89AtJKN-UkXhat4rXTKHJ16jyFEssZWYhnCyQ-YzKxI87HSo8oW6GH33EGyI9wCXCdJeOD4FfKZpWlykNT3nGZ7tkVZOS-uanbCHbxSxYiLXMxApkel4-UCHW9_SjzfpALhFHxB4aPalbdE9EhK_7uNkbhn8QqrvyTZRmOeIgyLNUQSuTDh0cpTMcGZzBQo0TNxZSL6tAwDRudiJoqkehkn5Gu9zX8pwjeRGcy5DkmKiU8G2eg5PA8DQX2E7AsSSkiCSRfqjwf7Q_rNGR1BIwQMr41usJFXh8jCINXNUEqLYAw5wdf6fdjCevrHkruAegXGZMFTT5QuJzviOewXesYcM-jmgHO23p2thEBOnuxnLSdu0Xfm8I7evJh_Bf6CRdDRsMkHi9x-fxGhuv8vJbdgXK__GPJ4oZOvr01iV8VALkqlBSK9rbFpkcUDgVYt5JVIznmdMbwTqG6BYUI7GR9C2dfTm1W2ABctPy35eU82Fgjh5qBs4tVLQ5Jbi1iCszZIuLe-xbWx4uvN9cfZ4KHpBQvPYim7rMYik2aG1LK_a522gAc_kXFXGMjPzh_8xwCn7mdSUyGMt9lRWi16XkS9Qd6p21XaAoyZrlUnj7PTXAdmhx8TFGAg8R00XgqRwHazDeEbbUDsndTR9ixcmrp9iQ8YnNer1Meh4D_X9qkhYKocpA7MB60ryZiXeqqAsGiQMWy--oi0E2dnZyO_8O_NPFp8wO1ygiTloDB9DQRHO3Biyf2j_XqQ182AJFW0k7wGQwDKONA-ahu0dtZQ4qbT3rh_62aNCvhfkOsSj7TYTSkCShJtThYqDz9fsb39s9y4NtU_tu5JBK19wcEoV9qUFbH2MOGtSOF-mHt9X3T_b0oxmtJdfQYyu3rTiD8hAce8FvLX8LUAYNZhfsjh_e7sEHMkclqp82I_XhM-RDNzbe4KNXtDWCEFAhpaIS2rsTipzxNOc2L6kE5ITvqLzCReUKbCe65WteCeYvNWMwbEX6b-HTBt94ZeqaoLTHmiZ5sAsdLQdTpg8KSuiZsZRn43FFsjK6Z5oLdBecScuGV6MXrDbLB2agYxvbb9jM1d1T-7Ai-vZXxNocBsIgPp5-kdfkLsk8C2jVqdn-x6uXoCnUKVUC-NzYC_o0I-QCgWHloaEuIdJg3DKRY5LDXb4_2qJoH0RAIwEyrhc8ocLaH6oIs6pWRIdoRhuSpBi9QURvf_c-cmrHozC6nPQoGz4qeoZypnhFlAELTddfk_4WJvM6AAB_v2Sm3gCx4EYHYVFvy1oS9cBo15CErO6eUBLGqPGnoHlkevcjB_uJStNrLcIAI1v7tU6GhP07E8N7or8_NyXLxNmx-JlOOjnDiWVh-NXLcK-VBucpC-sbmwTylGDQW5VuUmKMnUduqBYcfwBLfR-6Fa8vGJdCYfP3Tpe5yrh_H8COAGK-svRQY5NMrWAHp7mVVIyrIlXhcjsbzT_l5n33HGA6UU9LvImPFkyIbS7PAKqszOtWHB5Ja2GS_tsypBEBSpkcLdwJfIEQ6bRQixPrS_ar3uuueyKGCV3zPM19r2XwPp8pNji8kIOKAZkLinyZRUxd6mZbznb8p_GDlw-IBHPv7wh8KsOW0zSl1oOoYUezDJMCVOmvZWC6cO8irtFwX38vaiJohQE5msnGZBvgQLWa92BZvDv9o3amnWRZn3AKXyxxgmWFifKo9_JxmYgbCRLfzbcKSoKfG-Kc-lO8Y1L3XZLFVtPn5KnE3Bg18e-3TcK5H1FR8xvulMsIAIoWa9ZrVMkmuQ3KVRZnFD764a_dloFTu_oxkjaxjqdssu5X0ryu_sCb9YG-3FmoCMsa4LGake8gwUhIN7aST2t-o4UBB2ZYnGTfu2ZtJ5e7Srois8uAROmZ5Hs_tJStk3pCROTcBkwN4I7VI0Qzjn6MjBVCF8wwyfqHTn4RkUIFcWO2FfbCyUMBhu5_wT4UtCDw&cid=CAQSSwBpAlJWpU3er-7OLMi1KAG5Rpp32egnFcBUCZxMfRQ4fBD-HlObT2PHELN-Tr_c5RY0j_tRawu3j4m5n6hnFmvLP7lDffEgx7WYOxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.babiesjh.com&ds=l&xdt=1&iif=1&cor=10285588782632730000&adk=1856210852&idt=96&cac=0&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:16:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49919
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 17:16:44 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/ Frame AF55 30 KB
11 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:16:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49919
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11545
x-xss-protection: 0
server: cafe
etag: 12064860844701496540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 17:16:44 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame AF55 41 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.jiastar11.com
URL: https://www.jiastar11.com/d/oxal0f?fbclid=IwAR16jk1amm3uglaJHjv4sL6NdQKtRe8MVlBxo25ll2uZPzkVPAfzpTYGVUQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 07:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 172754
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Jul 2024 07:09:29 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F2EE 640 B
265 B 51ms
50ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGLaEw-ABMAE&v=APEucNXpXgYIAYwAzqUeEKG25Z2YQ6SCGBZ7qXuPnF4zqWczZ0K0bm6R8WR6qPuf2iFvaEO1lcf1CZtssCIASvd5PfmjxRdSIVFQeDb-PnZWe_szqY1-z90zgWt6cxVVCNR63Si3DMplTEIkeUnQnJXVykqUGecfcXB44lLoqEvech3VfnW1Dqs

Requested by

Host: www.jiastar11.com
URL: https://www.jiastar11.com/d/oxal0f?fbclid=IwAR16jk1amm3uglaJHjv4sL6NdQKtRe8MVlBxo25ll2uZPzkVPAfzpTYGVUQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 07:08:43 GMT
expires: Fri, 07 Jul 2023 07:08:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 75E5 78 KB
27 KB 112ms
112ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: www.jiastar11.com
URL: https://www.jiastar11.com/d/oxal0f?fbclid=IwAR16jk1amm3uglaJHjv4sL6NdQKtRe8MVlBxo25ll2uZPzkVPAfzpTYGVUQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 07 Jul 2023 07:08:43 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 75E5 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.jiastar11.com
URL: https://www.jiastar11.com/d/oxal0f?fbclid=IwAR16jk1amm3uglaJHjv4sL6NdQKtRe8MVlBxo25ll2uZPzkVPAfzpTYGVUQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 19:21:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42428
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 19:21:35 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 75E5 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.jiastar11.com
URL: https://www.jiastar11.com/d/oxal0f?fbclid=IwAR16jk1amm3uglaJHjv4sL6NdQKtRe8MVlBxo25ll2uZPzkVPAfzpTYGVUQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:15:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49984
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 17:15:39 GMT

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 75E5 0
0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 75E5 42 B
63 B 42ms
41ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DwPiW-bC0rG_yev83xDBimhPGE7kTS84GgjeTLI0uKqrlApHy49F0xMAoAHl0DukJJdjnWK7-gb_pZyNxVw13upXb_lMZmcGuBIHMRr_nRMj-Qsko

Requested by

Host: www.jiastar11.com
URL: https://www.jiastar11.com/d/oxal0f?fbclid=IwAR16jk1amm3uglaJHjv4sL6NdQKtRe8MVlBxo25ll2uZPzkVPAfzpTYGVUQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 75E5 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1808654435863986683&x=1&ct=76

Requested by

Host: www.jiastar11.com
URL: https://www.jiastar11.com/d/oxal0f?fbclid=IwAR16jk1amm3uglaJHjv4sL6NdQKtRe8MVlBxo25ll2uZPzkVPAfzpTYGVUQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame AF55 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b646710728af404cec45eff0aac8982f6515e35822ce4ee6369e6d5d9d728f1f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 gemini_2getherclick_ifr.js Show response
js.akusehat.info/track/js/ Frame 6567 6 KB
3 KB 71ms
25ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.akusehat.info/track/js/gemini_2getherclick_ifr.js?size=336280&cssHost=//js.akusehat.info/track/css/&cssUrl=//js.akusehat.info/track/css/336280_4.css&aid=0&apiKey=VSG456M5Q7NDTBYP8WCB&sectionCode=edf3c975-487e-4e93-bb98-6aefc2499b88
Requested by: Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caa352024d28f4ba75cc21bf8858e4ed2387ffa1b3752a2c2b11e69cbe4151ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://health-am.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 03 Feb 2020 08:38:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 109364
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ftrfexZNLw3YMKn%2F7U0AFX8PN%2F7JadFE%2FyobcpYJQN1xyf47Ta549hoIQZ9hTyyEVGowkdFmtcXyn8MzRvhgWiwPrYJb093hvSsqTJIuP6mgmVdd%2BeFEC8RaErl0eZcJDEGJu4Z3GqqzY3Xr4Tv0"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=259200
cf-ray: 7e2e4205bbd9bb8c-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 09 Jul 2023 00:45:58 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C1A2 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 172690
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 05 Jul 2023 07:10:33 GMT
expires: Thu, 04 Jul 2024 07:10:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9DB3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPdEaHV-Gm-l3pWfTXVlFnU&google_cver=1

43 B
766 B

9ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPdEaHV-Gm-l3pWfTXVlFnU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY3OT4xgEwAQ&v=APEucNW1_C8U3OJI-k8rhysGQskm5zwIet_otCVSOaovnWt9VgBFV3b9zNOnRzx_xDrm5S6RrUyGOt0caNj0NZNECFMzPSnU2UFf2WR1cXt5CJiNOAjvArYnlHkozEhK9xuZ_U419_0JoNtllNd15IscY_s2OOQP4OKmi2q5L4JnHJKIAknqAHw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Jul 2023 07:08:43 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=495
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPdEaHV-Gm-l3pWfTXVlFnU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9DB3
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZKe5.-Mn9lOEHmA8ebaBIQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPdEaHV-Gm-l3pWfTXVlFnU&google_cver=1&google_hm=2

43 B
766 B

16ms
10ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPdEaHV-Gm-l3pWfTXVlFnU&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY3OT4xgEwAQ&v=APEucNW1_C8U3OJI-k8rhysGQskm5zwIet_otCVSOaovnWt9VgBFV3b9zNOnRzx_xDrm5S6RrUyGOt0caNj0NZNECFMzPSnU2UFf2WR1cXt5CJiNOAjvArYnlHkozEhK9xuZ_U419_0JoNtllNd15IscY_s2OOQP4OKmi2q5L4JnHJKIAknqAHw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Jul 2023 07:08:43 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=494
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPdEaHV-Gm-l3pWfTXVlFnU&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 9DB3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOpTq28PjCllPT7pPYNTu0Y&google_cver=1

43 B
839 B

114ms
114ms

Image
image/gif

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEOpTq28PjCllPT7pPYNTu0Y&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY3OT4xgEwAQ&v=APEucNW1_C8U3OJI-k8rhysGQskm5zwIet_otCVSOaovnWt9VgBFV3b9zNOnRzx_xDrm5S6RrUyGOt0caNj0NZNECFMzPSnU2UFf2WR1cXt5CJiNOAjvArYnlHkozEhK9xuZ_U419_0JoNtllNd15IscY_s2OOQP4OKmi2q5L4JnHJKIAknqAHw

Protocol

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:43 GMT
an-x-request-uuid: 613e1dea-7c01-4205-a532-92221fa427fb
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 138.199.38.132; 138.199.38.132; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEOpTq28PjCllPT7pPYNTu0Y&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9DB3
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE2NzQ3MDkyMDc2NTE2NDM0OA%3D%3D

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE2NzQ3MDkyMDc2NTE2NDM0OA%3D%3D

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:43 GMT
an-x-request-uuid: 88f560ae-043c-4cba-bb6a-51b3d8e5eff3
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE2NzQ3MDkyMDc2NTE2NDM0OA%3D%3D
x-proxy-origin: 138.199.38.132; 138.199.38.132; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/4271265271591442913/MediumRectangle_AllgAwareness_300_250/ Frame 11A0 96 KB
21 KB 28ms
9ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4271265271591442913/MediumRectangle_AllgAwareness_300_250/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b23d1943800e5bc093e49196170e67ac9fb39a3e8012275c8bb051ff9fbdc976

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 153636
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 21520
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 05 Jul 2023 12:28:07 GMT
expires: Thu, 04 Jul 2024 12:28:07 GMT
last-modified: Wed, 05 Jul 2023 12:24:53 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame AF55 0
0 95ms
52ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssmXxi4kK6EwtOf3JMJ2EN9JfacJMFKiRTzFS429--GffstNtClg157D-a0XQFKPAsXNRfBXBt4mjTAZdfSnEJyhe1Eec9U0gdbJ5hkr9AReBgAQi2as05WEU5_CJ-CoJEBuq4zdsC24QXkjIjBDcrFXksUQcVDew7Ga4IrL4LV6jiNoz1JUmZO9NWKjVM_Z3H_29s8fd_HXQj0PjfklPTmrrNE6ckl8DCX8bwTsfEoJ2oDfPuYd8K-Cy_KVduk6xyArxFVN-DKUfs8UFfA-SAqR1FUnF-b8KkrS14lVCIu4AMiptYc1QWH_QE4BciwO_UpIaUSRFpnb8tJ_VijKbCUqJVHO8-UjITjykL_lJm6GUaqj-6Jpjxczu8kmf7lahxvMe9lgNqcvByaJ1I3R3Ru6LwFgych1R2gcLMvypUdq6VjmaEEsEr_4XUNrOeJ1NppZEQbJT939OqhHWEqUciETx-Q7BFE1KDciHiG60yqlmq8KtI9cjoWmPlE-_FIpiVRIFWFfIv_YR_w-BJWG4ddiixn31p9mGuNgA1ZYMnFNVTW2DPgdBtdsELro1_hQon6eGmwFtHo2iHFViuQAOH-bzQFFgpnwgEy5yjkMFbqX-EOXC3tOs7l-GCkxjXJP0M4rsfQJbmfAVtLySsriQYMUDb6KioW2dNPBQo7QZOELb7bWLoQU5NVAy9LckNelPoJzWbcZ73zTFfIK1rwh1GsEG9s4NsMS8y4HA0x5ypA1FT5-D3Xwxv5FQb6yANeC8k9E9b5P0RmlXTe7rZvE0u99dWTvksHdaoGNtaUP50OMLeVaKUTqh3pdXkGAnqkhD00N978MrnxB90j0G3oWkWO-G03otl8p4EW0LBAdzPYcyLAIF3EE717jfAfPy4-clbBXyk2khGO2OwPobyC0V1woJWtgofS4ZU-zzb6PnZRcoEP7DcZ1Z7gSixc1MHce04tWPmQjiHbk7EpxfNiuinhsvXdaLEkF1zdLgSSnFRINvwmozZtLK5k5dvGqTvTPLx3cxv48hsGyxAEBirROKz055DM3FatOmqJatUrxDZEMP35hkzTD58Ghkucm38PGzX2Q-QnxxqindILe9CGMfX949LvWA-AUBmnE-Yr2X6RloKr_g_ttEdrabyqu6UP74NGzOb8sEJq6SPdPJ101m3AZP3-wBZbLl4qglW5PBF87Mv8VelfODW0yqnfpL2VHIgnbm0lFUpuyudFFVlUwV8lMre8nqXTG697M9veLuwiF9VDicvh4NOEpQ&sai=AMfl-YTgk4_W2_xhMMwS834B5fTE9eFY7iorLKK1S564zAqeqLNU5JXPTzjTiFDz2Kjm0CWhSBD8tP-4nh3DQm-SSPCnEo4eiks3OkGfXfDuBo8SfuzoK0GhnOieIXy3ZYAeyAjVit_ftl6CNdOn5JChWd2VPyUYtI3jWJtYE-cpKthy9Y3LkdtaudF5E9ceAC7HFy8LQoBGgH9X4ydUCkG6RrTaxgU7QKmX-HK8LTW5GyEVSUL8ExE3ms1Voc5aHH1iAUgcMwIUcvYcNT45jIFJArgAWcSZO0XF&sig=Cg0ArKJSzKYGEb8ANXUcEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=106&cbvp=1&cstd=75&cisv=r20230705.77214&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.jiastar11.com
URL: https://www.jiastar11.com/d/oxal0f?fbclid=IwAR16jk1amm3uglaJHjv4sL6NdQKtRe8MVlBxo25ll2uZPzkVPAfzpTYGVUQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 07 Jul 2023 07:08:43 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 07 Jul 2023 07:08:43 GMT

GET
H2 200 93656
tags.bluekai.com/site/ Frame AF55 62 B
574 B 188ms
156ms Image
image/gif 23.192.153.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/93656?limit=0&phint=event%3Dimp&phint=aid%3D6531095&phint=cid%3D29364893&phint=crid%3D194688926&phint=pid%3D359274924
Requested by: Host: 9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com
URL: https://9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.153.172 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-153-172.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Fri, 07 Jul 2023 07:08:44 GMT
content-length: 62
bk-server: d4cc
content-type: image/gif

GET
H3 200 JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js Show response
pagead2.googlesyndication.com/bg/ Frame C1A2 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 19:20:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42491
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14572
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Jul 2024 19:20:32 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame F2EE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEB528_bAW6QJCHppWlHxn4c&google_cver=1

43 B
114 B

43ms
22ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEB528_bAW6QJCHppWlHxn4c&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGLaEw-ABMAE&v=APEucNXpXgYIAYwAzqUeEKG25Z2YQ6SCGBZ7qXuPnF4zqWczZ0K0bm6R8WR6qPuf2iFvaEO1lcf1CZtssCIASvd5PfmjxRdSIVFQeDb-PnZWe_szqY1-z90zgWt6cxVVCNR63Si3DMplTEIkeUnQnJXVykqUGecfcXB44lLoqEvech3VfnW1Dqs
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:43 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEB528_bAW6QJCHppWlHxn4c&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame F2EE 43 B
304 B 71ms
22ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGLaEw-ABMAE&v=APEucNXpXgYIAYwAzqUeEKG25Z2YQ6SCGBZ7qXuPnF4zqWczZ0K0bm6R8WR6qPuf2iFvaEO1lcf1CZtssCIASvd5PfmjxRdSIVFQeDb-PnZWe_szqY1-z90zgWt6cxVVCNR63Si3DMplTEIkeUnQnJXVykqUGecfcXB44lLoqEvech3VfnW1Dqs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:43 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame F2EE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEE0NoJggD3ZLFHRutfUYifI&google_cver=1

23 B
163 B

40ms
40ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEE0NoJggD3ZLFHRutfUYifI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGLaEw-ABMAE&v=APEucNXpXgYIAYwAzqUeEKG25Z2YQ6SCGBZ7qXuPnF4zqWczZ0K0bm6R8WR6qPuf2iFvaEO1lcf1CZtssCIASvd5PfmjxRdSIVFQeDb-PnZWe_szqY1-z90zgWt6cxVVCNR63Si3DMplTEIkeUnQnJXVykqUGecfcXB44lLoqEvech3VfnW1Dqs
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Fri, 07 Jul 2023 07:08:43 GMT
pragma: no-cache
date: Fri, 07 Jul 2023 07:08:43 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEE0NoJggD3ZLFHRutfUYifI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame F2EE 23 B
163 B 81ms
40ms Image
image/gif 2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGLaEw-ABMAE&v=APEucNXpXgYIAYwAzqUeEKG25Z2YQ6SCGBZ7qXuPnF4zqWczZ0K0bm6R8WR6qPuf2iFvaEO1lcf1CZtssCIASvd5PfmjxRdSIVFQeDb-PnZWe_szqY1-z90zgWt6cxVVCNR63Si3DMplTEIkeUnQnJXVykqUGecfcXB44lLoqEvech3VfnW1Dqs
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Fri, 07 Jul 2023 07:08:43 GMT
pragma: no-cache
date: Fri, 07 Jul 2023 07:08:43 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2 200 336280_4.css
js.akusehat.info/track/css/ Frame 6567 3 KB
1 KB 15ms
14ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.akusehat.info/track/css/336280_4.css
Requested by: Host: js.akusehat.info
URL: https://js.akusehat.info/track/js/gemini_2getherclick_ifr.js?size=336280&cssHost=//js.akusehat.info/track/css/&cssUrl=//js.akusehat.info/track/css/336280_4.css&aid=0&apiKey=VSG456M5Q7NDTBYP8WCB&sectionCode=edf3c975-487e-4e93-bb98-6aefc2499b88
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c11c1d9edeb45bc33a3a17f4cac705fbd3973ea9ea9aa1d5b1241036e81145b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://health-am.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 25 May 2022 08:13:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 230718
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2BALNLBVWtQTROwYB%2B5FSNaGHGsKjMu2ItSfH6zSiB6gTtHu%2FsS4thCtg%2B6TjD9tpmjI0jv8xC%2F4PME91JDIVakPxIkmY2wrpgBvinj2b7wjBjJ4jhsDOQu9NtYiR2ao9GclRpIUA%2Bfk4IXd4JwD"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=259200
cf-ray: 7e2e4205ec2dbb8c-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 07 Jul 2023 15:03:25 GMT

GET
H2 200 yap.js Show response
s.yimg.com/av/yap/ga/ Frame 6567 69 KB
22 KB 64ms
19ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/av/yap/ga/yap.js

Requested by

Host: www.jiastar11.com
URL: https://www.jiastar11.com/d/oxal0f?fbclid=IwAR16jk1amm3uglaJHjv4sL6NdQKtRe8MVlBxo25ll2uZPzkVPAfzpTYGVUQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

56cf6c2adb75e276955f3bf951793f0c794ceb51d67d5d2c64b8ec01b996ecc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://health-am.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 06:11:37 GMT
content-encoding: gzip
x-amz-meta-created-date: Thu, 14 Jun 2018 21:01:51 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: PX4Y33ZH8YWD5M9V
age: 3427
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1529010111289407
x-amz-id-2: f0uMwSrFELnFgQa2z32T7bgv07ijbxZ5heIR6G+kHSwDTm5YpcMIk9dxjFoHE620wEki8bRR9tc=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 22 Jun 2018 20:24:03 GMT
server: ATS
etag: "dc33089f908605f46038b49337653924-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding,Origin
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,stale-while-revalidate=30,max-age=3600
accept-ranges: bytes
x-amz-meta-mbst-etag: "YM:1:f804d14e-b940-4c8c-9951-826241a860ad00056ea0688a983f"
x-amz-meta-x-ysws-access: public
expires: Fri, 22 Jun 2018 21:24:02 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9534 0
20 B 44ms
43ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9525903813020&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9534 0
20 B 43ms
42ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9525903813020&version=m202301230201&ct=76&x=1&cor=13844688877267513000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9534 94 KB
38 KB 66ms
64ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DO9GjBRgBcr1Lljj6t9LNTme5mPj-velPeGL5nppiKpcn8yc1CqmI8loY8SNNg_MNVvjOTE67heWYRH4T-k02Yk_yikuySXkWdT7GaL17apKHZNr-4G6hBfXe6m8y10nu2_QYQDsabJIYCtkqX1rH1xd9NrO5CJ3-C27I6bds6aIA7z8A&dbm_d=AKAmf-Ai5VaziHXEz_68RpqYl2ufZbp_3Ps3mm-VlkR2_QLcnRnVRfgSphQMOEKnhsLjf7F3J8AAgzu8-wBUKQGoTvKTi6VXTJRsB4umJaBf5ChwwA892MWsxfj_mSqc2J-zKUG_yxtkvTtDHt3HHBxThfmS7bvO_UMXlB7oedRKIPPcxvgKQQNdu--Vpo5gIihTQPlErQtNT0L9bvVEIt3Zig9m8KOmb43fJu_0y8X6lyuzw-H1KufDhcXosUBm95VnYiDpcZAuXv3ojimqDXp7znAExymBebnGwY8v3UOeDFxxbHoBw_bv-h2-Md_JXVNUHSeCujaVaSX854rt09DERonnPDHyVZbeVlvutARK-1JqkeLQEdCTbq_vlx-Ts9JIRo45WSsR-10UKoMdsJ3cqk7EfzHRMehajzTAlQo-bQWMyqY8UAktcwAHq2DtVT6LK_0ZZuAMTGU8-y9Q0ACz7VqATc7Gc9iVIhc2r417JTghzFZIuGhGMkUALdeW8i4P_uLLAWMBazaPBey38R2IoVoDxjTzosd2blvObOESMXte1YpO_Rr_dZCGyA7kicvjqt_cyKRXUJ_duQQPXCoohjV5EuMgY9n0t5n5QonDULEgUvFvJZjErcm8XN-2d-uowSBtYo2CAbBlHnMR9QFto3mJc9o27SqemExozyM3unYDNlk89RLjYibySByyhKzUU13POnrmOw49ZC6QAgfhqfdcm2OTjkFxVbU8O77ieIdO5uQfZkuExZZ37fPI6ZNUSomsiqr3bCCKsYYjzCCb_UKLuNHiveNMEgGyW80GmhpTlPbWnBU8lUB6-dyni9T3wPJe91i3FF-tCimL4dKUCeAcJvXAsbk0N52GIoyJzW9UjJk-GCxB8Vo3iat3Ai3tkP98yLy3ngOG30FHZcKYz-5BGh4i3ltPNoeMTp2cijTSH562nuW_TXsOLAHt7dQPXDL75IFgS94NO0YktQQ1zYN3I2Skk-DFA6VvkwrSALlyLD8x_hCxxaAUvfz7TpGYyoRsDC4WRZX2A0V9zMnJ7lOUkvx76R_FA6B3IXc48dkHEWTB2ID8FSByP1yBTigg1R8iLIDxmQEZLT5_L-X-wWbLeMz2NWB_Ud3a2QyK3GdJop6pnqiJRTbCDGOi9AsrC3Oq-Uu0zprDv2mbmxgVOtBQ84301wf0scBodzCk2Ce5Dh6cuMuixJXG7vumQnk8IUcoK65_-ctjlqSbl74aEqfoKuA0NR5DXG9_BzLeDeA1YPIbPEdT_tZdDgkdVeVXmXMtDmesI1coWxxzE8hIrM4uljUrrJQ4qPz3YY5UE-8uUyoOiVv4HbGjuSQ_NnAzY3cNb1bCAwrE1hVJiBo8POivhu3dVCYT-363v27QKd53DD_da550VylGv2v7jVVdmQKLfouiMEQO751t7pViD3rpKuGfwu7kN-X3CUT4HRlI3UFCLu9wcwFvusxQSGFObu6OMtzKEHK_qs_jCjRDWDZdMbnkEIJdJaEntyOVoyhH7VymM8_kw8CVlepxUIb84KpwJFGThFMtLlbbjnmO52aVU2c7_kHIu9K5Jva9puEE5TmUBVCWKAMHz0Aei9ZZTuIXUUewk7GCqgINuFwKlkWKpRnJDZFusMrFpbS-MGhWZwQzPL1YKeh5bV_WZJtVFRljCQc4X4dAJqTX7xO-lIkMs9qXXohF7FgiwhVfs5DykpKlYt7efNsyhn8jfj5FWvGH_rkvBnDT24ftmhBTLRg3jxYnys5ahoZXako4HJGLtJizPLDe3-L_mM8-GFH_pVdBAXaWayde88EmLeYismCBA6G8lqpLRUF7M58lBv4rUS3zzImZdkKH3p1zuXf4IlRuKmNtxOntypnFuvracmNXiYLNn_0llN07EcU593KKYm9abHl9t3hCAJjLabaHDnPyAHpvwTY2cwoFBW0bb0kzg0GrcV02QaJXUKEHLTFBY1iyN33mExs8AEWznhuo7fmtzmuPKruzdgUuYENdpbNXK9QL1tP8V1eCKKfpL6OjVCp35yICMxwSsxPQWs-XUkQ-vVp78KQEV4u1G3qrWC_CdOlc0r1-e9_ox4tQLFNaEL2yjDgWcYhBG8VRlaJl92IV-6ICxNLsqEiN0y-3sgdfdUkxYL1B8WeUeUfqxwlLucH6A51Ie3ppsB_YfqDRnW4LQAr3u-8mRJ-agPd1UIrvhkX87ClOU8cRMCN-nRxa1dP8PA7Hkzv4EjrYFYUmnoPt-zotszAKzvXsck_a9ltxVzGkSaofYZN54ZxBGOfVzVbp6Aw1JmwWWZI79fNxHJiveBPLJr_HOYWDEKLLrSk87xP2ghk8WrtrIJ64aVmKr57P_NM5VmNPqdQ8Yli6uBxz2paKc434b9YZZvP5cFRHlOQtsYtS966HGBrZC0jAef1L0dcWHDyFsFAg6ppZLTXRotyR1ZNBQ3fM6-SOIv6ewEOSx0ZXTTHdABMXasuRWgsYhgL42Xo3ooJYEoUkCaZSNwnkhXLP7ltC5BCqrU11_F-YDyuYg6HJQ6YZCTMLI80nBSQYispBokG5Jok2Sg2mb8pF4Ei4rpuHHMrnWuZh5j7xN56c5PfNVq49DxXLDfIr_LQ_7Q3DMdXJfQvkbIZ8_EAX9LuW1gv83PK7Dz-DNADDMHqK7RUM9q5maCt0WNA0DmBrd7oB7qm-EoVfPmv0TGlQi3dOk1BBdFyduU2wOfs_emMe_mAmaiXRtPvACOvvmKJ-l5HQbJOVnpHNLPCTjMrX3GwiA7N6gjJYT1lpp2wFWTigXeCCuec8eXiw5Ata7TY_zqjXoABD-Z-Tflvltw3TULB9-6gZhTuNDVv9XjEvC2if-pm9oc5BeB7CfRVWee4MREmlwMcpqgsv-yN1jSOzsSP_Ds7Dke7uSbLj7GFvJvnXRK2Bp_b0_ToLmCVx_fjrA0ofsXfU5CYJIsBjQEU4yRbZXHfxlVDQXWzug_hRrGks4SI4IzQx7STVtC61mLHbcvKcY75boR4mbv1rSku8kPUaak6yNf059j2JY6iQF4ZrvY-4FeUlM_K8UkHOpFBtMtcfEeohe1nv5j0BZPzhMdNd6Cn6674pO-MtzwwAZlPfLCyDpDBqw7KKjIKssLOPnGi2DAg0RYk50vFbb0VjUIizj8tq0cUVwWs1IDZCImh3xvLSvuDkzsuQPv1j3WPig97ksYBEDa9QDN3orC5S5unRLEBECdEbhl130iohCNZXNtAQyLE3NzJ2j3SfcGzahqKjE9oVpz1vVRdzCztdfRvkIsk2riYD4aC80Is70qD3uHzkzhyCGXigu_8jHm7CnPYNartM7eagtH1npyr8K8ESsHGEU4t28FqpbMBZdwll0Elfac3Sk5Ugal8LMwsz3Kuyef6fd08VSrD55SpKz7HuByLrTci3aHDZQ17Brum1Z5d8KzZbO8R2HV7FM8CaVKfOlD9oWMJyaQjg9W_lzd160amWG5qD4MVG-djLcJdV98I-O1gm3OUoaQAGtalqYD0_ViH_v3uvvQrRx4WjCKznzYov-NWfc1Bl6wSD68i5EvmssHWqKKPBhvIBeHWhq6bXn4ehgRESe9G0hefx9iIamsLeso9TG-K6Ie1sJYIn1-hvbhZ9HCOAirTkLoHLXidbPK0VylC6XuiCGlWnndWGk_Ywnk8wnc_LcV9rvsmkk7s3N3FPRWKpiZ7paJg&cid=CAQSTABpAlJWNUEpB4LQrsq_hZOHQBngwPzMi7F3tfKFsqqZ3eKQQOaTcHxxChLd4d0ebtROPJxbBkAPgTjr6WgHuLqrU1pM7Gz7P1ivqDwYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.babiesjh.com&ds=l&xdt=1&iif=1&cor=13844688877267513000&adk=3466583960&idt=90&cac=0&dtd=15

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26bc4fcd09556030f5b0e1f3a6cdc9fe08c17663ceb6f261772aa675d8e6a7d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38869
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 11A0 32 KB
11 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4271265271591442913/MediumRectangle_AllgAwareness_300_250/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4271265271591442913/MediumRectangle_AllgAwareness_300_250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 04:31:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9411
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 08 Jul 2023 04:31:52 GMT

GET
H2 200 main.19.8.425.js Show response
static.adsafeprotected.com/ Frame AF55 203 KB
63 KB 33ms
6ms Script
application/javascript 2600:9000:223f:3c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.425.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1350098/69352127/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1013337800&ias_pubId=pub-8798765870329885&ias_chanId=1&ias_placementId=20333851613&bidurl=https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gqcHfLVfjNJbItbUaf7lLS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:3c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4d24a3646c524336d1a00d5102a4fab0629caced791ff7f05a89d12253e147d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 21:04:08 GMT
x-amz-version-id: vTMh3VsUfsPfd30Q2lhQhLoWQZlv7Ed2
content-encoding: gzip
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 122676
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 05 Jul 2023 19:42:13 GMT
server: AmazonS3
etag: W/"8325ccb86878f05b0052313c53a93437"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: zG9COT894_MySx2FyZc2loUTkTmbWGEme94lw0e1ZMXdvEBFawxnCQ==

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 75E5 0
20 B 40ms
39ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=537966246417&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 75E5 0
20 B 41ms
40ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=537966246417&version=m202301230201&ct=76&x=1&cor=1808654435863986700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 75E5 105 KB
40 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AfB1TUsac13KgMJdv9VBj1HPQXtQkdGtR5yt-AdCxltKdlNtWb947kguVhUvY6tGDl2JSVKyjTXWC3c3pTYUs1bK7gH_3s6ofMSmhc7gzULtJE0BiSW7q7VJNMyuB3sT40lEdJjXFbzjisxNR7e6mxuAR_YzfntCaEcDhIXeyhZjnvdIY&dbm_d=AKAmf-DzuyQK7FlndLlkpUxIk4gngyeyOPOiGDpADz_7QB_RDwFBrPPBdcdNCm4ilmf6hVzHXcaXQXV96y57WLcBx8JibppI--gtNSunzmqPQ3-UWyQTKmLOoD5FdpvSHXdiThHZMsBrn2PqKhHsm9TfAIxy3AQOPm653RJpq2FuQ5fagf6lzENbiZempDmepzS_DMEncxlTs_3gBJ0Riq1ZfNeix0E8eS0X3_ODdnSr76_cLgQSmg1u6oUbnA1d1si1P6RmY0KwrwDvUBkiiXJfIuX8QgDjnJt1QD8hlRL2TVzC_39o91IgjPUKx4Ooo7pGm24B65pv9CguN5isTGcBiT7w197E1OPG45Ubq99Vxim7i_ds78Kp_Q3ZZxlwYUlWroHGrjcX-R2ui2pnMrkZOMWXSth6js741XFTjEGTmHwzACRn6tCEY2eTGDhwgcl1fbehcpim68AXhflBkY791D60UeD0PtkX2vEw7F-xtf2_FwRTVbCrmGIhgCkgZuAENPTlOLdHfl-Le1q62gGRR_-DMzyRI_Vup561c6wCwIZHwyQRhjScB91lAlXPZxvVokyOAO6s5uWVahxOjwQArVHF_2KIJKIhv3uyiEWtHyHVitbbbKpv2byzzGLncKp_T3WvwOmuK-RnFv6cgecJqDgjKAlSzVh_HTWr8mQH2Yox9nNobYV376FKDbDyDu3nPXgt8MSHFW1GY73BRRbYTBb91Su6E2hFlyyONJGzLug0zL3JC93yi7EzCkfu7MpUFdOg37LkXH6uLFL43XiLBXZYt1kJTT33nG0URjW5Y5TR_2SPUnPp39Ctyy25n9WMHaqGIXP8DB_N6BNpgrHu9onnMtzFMRtrGHxOO93FYsPyID7zTP196wYvk0LDxrCb-LwaqIfB1Sj0NbYKdT3pmpxbR-UUnGCst6DPgU6igv5GK6xeEEcXtH3otCmsAjWQ4V3CAeNnazdpUTxgzrNHcJFjs3YICyeJc5Q6yQ4mlNLK428SBdHHykYORUdIMh5v9_Ax00onxoKo8wUMkNu2NTjVkJUIWDKmjhkJZfu7aGRT7tbFFINg0bgXP0bwYI78ICF7uy8ZSzIJKZqW1w9qJJ19hYHIdwnzkPzk7_bCbsyFIHJSStw_TN97FgEeWrVcOBV_gmLhOLbVyIe25l9fuqC7Q9OcyR5KZo3iZHLwYuP4uAiHepXtPhbDoOH-1vn1rdhcU_nv0bfxN4OASoiN-u6vz_1L2mefLJ-IMEopU0fLAWAPU6XS79Nnc-y_o7kft_DmABwIQkaqMz1PXEQioubFrXEbLxc1XbXQz_Sax24rlA-Wt1zQHy2fpZYsi76JjixbOfB7LzxABCL1xjG9VcymQ1_afm2G0GgakTF_zkgQfndTrGjP-aeF6J9VcUW8PV6MZ8jwNXKLeGMpLrpoGh_J19ZbMUCfAT6lDyPGhyeGJ_aerpTXEfovJTLrLbmq32WoajIn-c24Pyz3hvKZa4eRk3Kv-NwQGHXXMxTiMUYxxR0wHE1CDeo0ZevonjI_IRKcKGDsQbNnz548Amj4attXWToIFGj3YBQQX60nyEAz8jYmaZ3E9hWlzS2k4LeSz17tptrdeSYKi2jyWroSMXhGz6qpLEXEWlQrmKZjzdqPhOKkczpiLc8WHZEUeysUb5MTvMIZSi6B8FI7lGK-pNOIEmSHOxEVEB3_emhME0puLnDFqLsTnxOEeUgIy8e2BLmshoBH6oyPDB1FxdDw-RUFgyesUH_CGUCKOQm4fe7MwWilTjcw9x8vW2UX9G0QrplBwjc6NElB6RaIM4kKLJB7eeBoVnHAc56NMMFwyiPCs0-tVSFnFpBmHLbqonABi74g0Slt7xIVOmFcrcFnwTlzAuA1C_mLvaA6Akm40TavfdXGLWyl0f8E1jJmF1bx52NCNywwoH4UQ9AibDcb8hUBMJooxtJkoJfMytyvHql3nwruDhwUxAtJYaHuHvZwhAdfnL_rijLyVf7WhIclsQaa0e4iVZOO0N1kdlcd1YZ0LKjSBnmWmG0cV4Bnr_9qTGalgOEKBInGBEgRd07BZOkzsxV-ZAdomK6hVluwHQCgx_-uOj1pqULFCSuyUG7WeQj2Wry4td7vFRWcXdOgEA3bQQ8MGR8nzLFEPYFkTixFbnAxYI00VIVO01LIYo2uyz2IaY1_sYB0IEwP6jr0dom5NS-rhu8LcfWaWioszZA5ZkWX3kpAekwQqt9ydVHC1ZF9bvW0yh8hTNmbvNHwNfWuQjQC1TZCdE4WU5XlYJcEQQ8GZOlMyZ9AJNeE3k4Xi2uByqmoJ7-BtLLsSj4XhfPi96-4i434oouLy4DCxDJsUte9bJu29pdsHGYFii6fifDe0K-CDolSlU4RoyJASHdTBDgrGvQCpORYqp1-0Y-k_3oSWS-FlgNVSXMcYCKS67PBPiTo_MbvAcBb6o1FminY6vUsLafjLTKXoKL0b4q0RgW-nJoHTAobHeAIw53maC3Q2Rmpz0N_VoAtWbbSa8nJbKY3ByUxFTUoNELPNy_NFEIteIwaEjc6sTkQ8u-KOlKN_q0N3tc7m9AmNI9CJqKP2r2a9Ry_S00WGb5prmnVC81y2imQTAvxWafgp7KPg_K_8Z_44ToAPDZb5UQI8XIfsKNcfuawHoDlcnjENEPlA2nv0PqYwPn3Quguj1IKzJ823VAEtoOPmBDdQLiizb7ItdFPd39zaD9DZOm5vIZ-vP8qmhjt15B2RNOJgTG0ludsRCdPOYSBjChswv2parxbysLpA4kPOBktwgk6ZEO0zhbC6Ngx5-Keuq4SGHtRegRVm6eA7N1FMcKadncICUk_e827pyAatJsGcVDvRff4ZolAULuu-er9N9Wa-OpwvUwZTg2Gz1nk_pzMWnw6sPL-C5auw1k9it16X0QwkU6lV6ZoEwfy63MbriHY_EfIBjYnrA8mgo-3ao7BDILMD0NjAD9UZ1gV2IIMR0YK2Q1JIYWjpriz9c569VCsIy6Bq2kPKEtrvK60i9f5izCEByXRNDBDuhGlfKsjL0u4gY1tnooja6vycz1jnFK7VAq9Jz58hdOzTYpUlJMJDsUGCFKaYIePTIvh8FpHB9TR6a7_nw6YocP--lTIkSv0DuWliWKNYf_eCeILO8kwxi2ttrMUUbVAN-xiJOb196NrIOcbAZI0DjsVXo3LFEEsF3LG1uP0B28CyamKhlkgtZNGEpKauMzubiaJiuLS3bqZq8rpXrc9A8kue9F_YDK4Z3tLwI3lxd2iLJa31KnW9EKmpK0YE2Y5FMcY2JKlSdluWIFeBacxAahahEXiCCzMf6KYr05ZBK9fvEJk7OoGMfCn7bZQwUjTwtsjRYsOWBuaSsFLLxQWde0NnIvCjPmJG0H-U1LKCOWSeInrxYNrEh1lCxWQnGG3Fe5AEvMkvWBMdshm_5VCY5aOdLKlexZR7IIvjjigduDyD9XWqKiWrARzH-7dEBfh994XPSdl9wK0vY1ig3DTHsPWtQiDt1nD8SjTz7yCISQw__cn3Qq1ZIaVulSjB-NAYwmggsUGfMd_6tffb6wsOEgDNf0vUmvNHcwbP702kxkqgYwElIowL-OTi5e14Ro2jS4DdPMDR0hqVz5CQ1w1DQFbmsKy9oH79WGIzSn_Jq0p9I48bPnevFwfTEZ9Hupay0oR5iuWZdHPZPVH_FSvGVKM8N6YpQT3MooVHlPOh_ea6RtdvFge076yOOf6GEevIQ&cid=CAQSSwBpAlJWE7DgXcp74WALPc_Q96hLbeOBVeaY46FwHO2JuH_fSTHbi_6s7E4mXI1Iguu-BqGFJ5rp7ZSMUKCInUFxWPkLrYjvoPUhkRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.babiesjh.com&ds=l&xdt=1&iif=1&cor=1808654435863986700&adk=1725352768&idt=144&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04782f0dbcd21c94eb5f3d4e9775efcdddab8098ccf97cc1f14ba68c46f6beb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40756
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame AF55 0
0 45ms
44ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssmXxi4kK6EwtOf3JMJ2EN9JfacJMFKiRTzFS429--GffstNtClg157D-a0XQFKPAsXNRfBXBt4mjTAZdfSnEJyhe1Eec9U0gdbJ5hkr9AReBgAQi2as05WEU5_CJ-CoJEBuq4zdsC24QXkjIjBDcrFXksUQcVDew7Ga4IrL4LV6jiNoz1JUmZO9NWKjVM_Z3H_29s8fd_HXQj0PjfklPTmrrNE6ckl8DCX8bwTsfEoJ2oDfPuYd8K-Cy_KVduk6xyArxFVN-DKUfs8UFfA-SAqR1FUnF-b8KkrS14lVCIu4AMiptYc1QWH_QE4BciwO_UpIaUSRFpnb8tJ_VijKbCUqJVHO8-UjITjykL_lJm6GUaqj-6Jpjxczu8kmf7lahxvMe9lgNqcvByaJ1I3R3Ru6LwFgych1R2gcLMvypUdq6VjmaEEsEr_4XUNrOeJ1NppZEQbJT939OqhHWEqUciETx-Q7BFE1KDciHiG60yqlmq8KtI9cjoWmPlE-_FIpiVRIFWFfIv_YR_w-BJWG4ddiixn31p9mGuNgA1ZYMnFNVTW2DPgdBtdsELro1_hQon6eGmwFtHo2iHFViuQAOH-bzQFFgpnwgEy5yjkMFbqX-EOXC3tOs7l-GCkxjXJP0M4rsfQJbmfAVtLySsriQYMUDb6KioW2dNPBQo7QZOELb7bWLoQU5NVAy9LckNelPoJzWbcZ73zTFfIK1rwh1GsEG9s4NsMS8y4HA0x5ypA1FT5-D3Xwxv5FQb6yANeC8k9E9b5P0RmlXTe7rZvE0u99dWTvksHdaoGNtaUP50OMLeVaKUTqh3pdXkGAnqkhD00N978MrnxB90j0G3oWkWO-G03otl8p4EW0LBAdzPYcyLAIF3EE717jfAfPy4-clbBXyk2khGO2OwPobyC0V1woJWtgofS4ZU-zzb6PnZRcoEP7DcZ1Z7gSixc1MHce04tWPmQjiHbk7EpxfNiuinhsvXdaLEkF1zdLgSSnFRINvwmozZtLK5k5dvGqTvTPLx3cxv48hsGyxAEBirROKz055DM3FatOmqJatUrxDZEMP35hkzTD58Ghkucm38PGzX2Q-QnxxqindILe9CGMfX949LvWA-AUBmnE-Yr2X6RloKr_g_ttEdrabyqu6UP74NGzOb8sEJq6SPdPJ101m3AZP3-wBZbLl4qglW5PBF87Mv8VelfODW0yqnfpL2VHIgnbm0lFUpuyudFFVlUwV8lMre8nqXTG697M9veLuwiF9VDicvh4NOEpQ&sai=AMfl-YTgk4_W2_xhMMwS834B5fTE9eFY7iorLKK1S564zAqeqLNU5JXPTzjTiFDz2Kjm0CWhSBD8tP-4nh3DQm-SSPCnEo4eiks3OkGfXfDuBo8SfuzoK0GhnOieIXy3ZYAeyAjVit_ftl6CNdOn5JChWd2VPyUYtI3jWJtYE-cpKthy9Y3LkdtaudF5E9ceAC7HFy8LQoBGgH9X4ydUCkG6RrTaxgU7QKmX-HK8LTW5GyEVSUL8ExE3ms1Voc5aHH1iAUgcMwIUcvYcNT45jIFJArgAWcSZO0XF&sig=Cg0ArKJSzKYGEb8ANXUcEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=190&vt=11&dtpt=84&dett=3&cstd=75&cisv=r20230705.77214&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.jiastar11.com
URL: https://www.jiastar11.com/d/oxal0f?fbclid=IwAR16jk1amm3uglaJHjv4sL6NdQKtRe8MVlBxo25ll2uZPzkVPAfzpTYGVUQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 07 Jul 2023 07:08:43 GMT

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 6567 260 B
586 B 166ms
58ms Script
application/javascript 87.248.100.137
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_us&agentVersion=205&adTrackingEnabled=true&adUnitCode=edf3c975-487e-4e93-bb98-6aefc2499b88&apiKey=VSG456M5Q7NDTBYP8WCB&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fhealth-am.com&caps=16&cb=JSONPCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/av/yap/ga/yap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.137 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o2.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

c2b0c7f2940d420a60c745f07bfa3962c9e7d825653c7bc95aa3d9a52c6b0ea2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://health-am.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Fri, 07 Jul 2023 07:08:44 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 14
x-xss-protection: 1; mode=block
x-request-id: 80d89715-5814-4026-9cb3-78935ee19b09

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 9534 172 KB
60 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.jiastar11.com
URL: https://www.jiastar11.com/d/oxal0f?fbclid=IwAR16jk1amm3uglaJHjv4sL6NdQKtRe8MVlBxo25ll2uZPzkVPAfzpTYGVUQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com/
Origin: https://f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 14:24:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60238
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Jul 2023 14:24:45 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/elements/html/ Frame 9534 11 KB
4 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DO9GjBRgBcr1Lljj6t9LNTme5mPj-velPeGL5nppiKpcn8yc1CqmI8loY8SNNg_MNVvjOTE67heWYRH4T-k02Yk_yikuySXkWdT7GaL17apKHZNr-4G6hBfXe6m8y10nu2_QYQDsabJIYCtkqX1rH1xd9NrO5CJ3-C27I6bds6aIA7z8A&dbm_d=AKAmf-Ai5VaziHXEz_68RpqYl2ufZbp_3Ps3mm-VlkR2_QLcnRnVRfgSphQMOEKnhsLjf7F3J8AAgzu8-wBUKQGoTvKTi6VXTJRsB4umJaBf5ChwwA892MWsxfj_mSqc2J-zKUG_yxtkvTtDHt3HHBxThfmS7bvO_UMXlB7oedRKIPPcxvgKQQNdu--Vpo5gIihTQPlErQtNT0L9bvVEIt3Zig9m8KOmb43fJu_0y8X6lyuzw-H1KufDhcXosUBm95VnYiDpcZAuXv3ojimqDXp7znAExymBebnGwY8v3UOeDFxxbHoBw_bv-h2-Md_JXVNUHSeCujaVaSX854rt09DERonnPDHyVZbeVlvutARK-1JqkeLQEdCTbq_vlx-Ts9JIRo45WSsR-10UKoMdsJ3cqk7EfzHRMehajzTAlQo-bQWMyqY8UAktcwAHq2DtVT6LK_0ZZuAMTGU8-y9Q0ACz7VqATc7Gc9iVIhc2r417JTghzFZIuGhGMkUALdeW8i4P_uLLAWMBazaPBey38R2IoVoDxjTzosd2blvObOESMXte1YpO_Rr_dZCGyA7kicvjqt_cyKRXUJ_duQQPXCoohjV5EuMgY9n0t5n5QonDULEgUvFvJZjErcm8XN-2d-uowSBtYo2CAbBlHnMR9QFto3mJc9o27SqemExozyM3unYDNlk89RLjYibySByyhKzUU13POnrmOw49ZC6QAgfhqfdcm2OTjkFxVbU8O77ieIdO5uQfZkuExZZ37fPI6ZNUSomsiqr3bCCKsYYjzCCb_UKLuNHiveNMEgGyW80GmhpTlPbWnBU8lUB6-dyni9T3wPJe91i3FF-tCimL4dKUCeAcJvXAsbk0N52GIoyJzW9UjJk-GCxB8Vo3iat3Ai3tkP98yLy3ngOG30FHZcKYz-5BGh4i3ltPNoeMTp2cijTSH562nuW_TXsOLAHt7dQPXDL75IFgS94NO0YktQQ1zYN3I2Skk-DFA6VvkwrSALlyLD8x_hCxxaAUvfz7TpGYyoRsDC4WRZX2A0V9zMnJ7lOUkvx76R_FA6B3IXc48dkHEWTB2ID8FSByP1yBTigg1R8iLIDxmQEZLT5_L-X-wWbLeMz2NWB_Ud3a2QyK3GdJop6pnqiJRTbCDGOi9AsrC3Oq-Uu0zprDv2mbmxgVOtBQ84301wf0scBodzCk2Ce5Dh6cuMuixJXG7vumQnk8IUcoK65_-ctjlqSbl74aEqfoKuA0NR5DXG9_BzLeDeA1YPIbPEdT_tZdDgkdVeVXmXMtDmesI1coWxxzE8hIrM4uljUrrJQ4qPz3YY5UE-8uUyoOiVv4HbGjuSQ_NnAzY3cNb1bCAwrE1hVJiBo8POivhu3dVCYT-363v27QKd53DD_da550VylGv2v7jVVdmQKLfouiMEQO751t7pViD3rpKuGfwu7kN-X3CUT4HRlI3UFCLu9wcwFvusxQSGFObu6OMtzKEHK_qs_jCjRDWDZdMbnkEIJdJaEntyOVoyhH7VymM8_kw8CVlepxUIb84KpwJFGThFMtLlbbjnmO52aVU2c7_kHIu9K5Jva9puEE5TmUBVCWKAMHz0Aei9ZZTuIXUUewk7GCqgINuFwKlkWKpRnJDZFusMrFpbS-MGhWZwQzPL1YKeh5bV_WZJtVFRljCQc4X4dAJqTX7xO-lIkMs9qXXohF7FgiwhVfs5DykpKlYt7efNsyhn8jfj5FWvGH_rkvBnDT24ftmhBTLRg3jxYnys5ahoZXako4HJGLtJizPLDe3-L_mM8-GFH_pVdBAXaWayde88EmLeYismCBA6G8lqpLRUF7M58lBv4rUS3zzImZdkKH3p1zuXf4IlRuKmNtxOntypnFuvracmNXiYLNn_0llN07EcU593KKYm9abHl9t3hCAJjLabaHDnPyAHpvwTY2cwoFBW0bb0kzg0GrcV02QaJXUKEHLTFBY1iyN33mExs8AEWznhuo7fmtzmuPKruzdgUuYENdpbNXK9QL1tP8V1eCKKfpL6OjVCp35yICMxwSsxPQWs-XUkQ-vVp78KQEV4u1G3qrWC_CdOlc0r1-e9_ox4tQLFNaEL2yjDgWcYhBG8VRlaJl92IV-6ICxNLsqEiN0y-3sgdfdUkxYL1B8WeUeUfqxwlLucH6A51Ie3ppsB_YfqDRnW4LQAr3u-8mRJ-agPd1UIrvhkX87ClOU8cRMCN-nRxa1dP8PA7Hkzv4EjrYFYUmnoPt-zotszAKzvXsck_a9ltxVzGkSaofYZN54ZxBGOfVzVbp6Aw1JmwWWZI79fNxHJiveBPLJr_HOYWDEKLLrSk87xP2ghk8WrtrIJ64aVmKr57P_NM5VmNPqdQ8Yli6uBxz2paKc434b9YZZvP5cFRHlOQtsYtS966HGBrZC0jAef1L0dcWHDyFsFAg6ppZLTXRotyR1ZNBQ3fM6-SOIv6ewEOSx0ZXTTHdABMXasuRWgsYhgL42Xo3ooJYEoUkCaZSNwnkhXLP7ltC5BCqrU11_F-YDyuYg6HJQ6YZCTMLI80nBSQYispBokG5Jok2Sg2mb8pF4Ei4rpuHHMrnWuZh5j7xN56c5PfNVq49DxXLDfIr_LQ_7Q3DMdXJfQvkbIZ8_EAX9LuW1gv83PK7Dz-DNADDMHqK7RUM9q5maCt0WNA0DmBrd7oB7qm-EoVfPmv0TGlQi3dOk1BBdFyduU2wOfs_emMe_mAmaiXRtPvACOvvmKJ-l5HQbJOVnpHNLPCTjMrX3GwiA7N6gjJYT1lpp2wFWTigXeCCuec8eXiw5Ata7TY_zqjXoABD-Z-Tflvltw3TULB9-6gZhTuNDVv9XjEvC2if-pm9oc5BeB7CfRVWee4MREmlwMcpqgsv-yN1jSOzsSP_Ds7Dke7uSbLj7GFvJvnXRK2Bp_b0_ToLmCVx_fjrA0ofsXfU5CYJIsBjQEU4yRbZXHfxlVDQXWzug_hRrGks4SI4IzQx7STVtC61mLHbcvKcY75boR4mbv1rSku8kPUaak6yNf059j2JY6iQF4ZrvY-4FeUlM_K8UkHOpFBtMtcfEeohe1nv5j0BZPzhMdNd6Cn6674pO-MtzwwAZlPfLCyDpDBqw7KKjIKssLOPnGi2DAg0RYk50vFbb0VjUIizj8tq0cUVwWs1IDZCImh3xvLSvuDkzsuQPv1j3WPig97ksYBEDa9QDN3orC5S5unRLEBECdEbhl130iohCNZXNtAQyLE3NzJ2j3SfcGzahqKjE9oVpz1vVRdzCztdfRvkIsk2riYD4aC80Is70qD3uHzkzhyCGXigu_8jHm7CnPYNartM7eagtH1npyr8K8ESsHGEU4t28FqpbMBZdwll0Elfac3Sk5Ugal8LMwsz3Kuyef6fd08VSrD55SpKz7HuByLrTci3aHDZQ17Brum1Z5d8KzZbO8R2HV7FM8CaVKfOlD9oWMJyaQjg9W_lzd160amWG5qD4MVG-djLcJdV98I-O1gm3OUoaQAGtalqYD0_ViH_v3uvvQrRx4WjCKznzYov-NWfc1Bl6wSD68i5EvmssHWqKKPBhvIBeHWhq6bXn4ehgRESe9G0hefx9iIamsLeso9TG-K6Ie1sJYIn1-hvbhZ9HCOAirTkLoHLXidbPK0VylC6XuiCGlWnndWGk_Ywnk8wnc_LcV9rvsmkk7s3N3FPRWKpiZ7paJg&cid=CAQSTABpAlJWNUEpB4LQrsq_hZOHQBngwPzMi7F3tfKFsqqZ3eKQQOaTcHxxChLd4d0ebtROPJxbBkAPgTjr6WgHuLqrU1pM7Gz7P1ivqDwYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.babiesjh.com&ds=l&xdt=1&iif=1&cor=13844688877267513000&adk=3466583960&idt=90&cac=0&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:16:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49919
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 17:16:44 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/ Frame 9534 30 KB
11 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:16:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49919
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11545
x-xss-protection: 0
server: cafe
etag: 12064860844701496540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 17:16:44 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9534 41 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.jiastar11.com
URL: https://www.jiastar11.com/d/oxal0f?fbclid=IwAR16jk1amm3uglaJHjv4sL6NdQKtRe8MVlBxo25ll2uZPzkVPAfzpTYGVUQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 07:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 172754
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Jul 2024 07:09:29 GMT

GET
H3 200 trkyjs.js Show response
static.intentarget.com/track/kangleigm/js/ Frame 54F5 7 KB
3 KB 13ms
13ms Script
application/x-javascript 2606:4700:e0::ac40:6725
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js
Requested by: Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6725 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54fdfac049fcabd73da1e1545f5cdaf17bb5d821f6c404e578c375618ec44708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yaya0506.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 07 May 2022 15:03:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 254796
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NS1d9Lp2fgb4DqBNbhuY6mp0fR2l79zcL4Ml%2FwyWI%2Bfy4Fi4%2BcWtsCm5lAgp7Mpy3qh57DsQoWgBJdAwUiE%2BNPFNrhms6%2FosoRohAJBYh%2FS%2FrTohwsMJHvuDJdW9H%2BtOYTmSuLw3Q32uZ8HjGwQZixqJGXx2"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=259200
cf-ray: 7e2e4206af77910c-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 07 Jul 2023 08:22:07 GMT

GET
DATA 200
OK truncated
/ Frame 9534 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46872ae309c3c11932c22711cce9cd628932c2ec10ead9b5ba13704c0001d39c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/14408604554560116435/ Frame 96F1 15 KB
2 KB 15ms
15ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14408604554560116435/index.html?e=69&leftOffset=0&topOffset=0&c=kLFlwtZkJE&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77fd60767b6e49f9b53f9b57232465d37704b8bc71d4e95b418aa8f209fed824

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2269
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 07:08:43 GMT
expires: Sat, 06 Jul 2024 07:08:43 GMT
last-modified: Thu, 16 Feb 2023 16:05:04 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9534 0
0 52ms
52ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsslFVMeAu2l8DwKMWrQ42h66el_pYrQnff7Nn7e3m6022kbm9FAPAZZKIkhk2_PwO7bP6om3nQYcPXwhRIA7_uf9ukZ1I2SjYR7hErwJMGhmeFR58ftBIjNkBPU7vRXj84vDXTMuqz3utQ2KwcAkTy3tCkouSCdsNrGB6jIy4uUzRGKvg4ttPbyqm4b-qIkAB8Bwnbq323zXXqctHoXhjo-rJQCfqV27FvqUfn6qTPaKUheU63Nm8WCZnVZvb6BpkNPKU0hjUygQ7UMIFU4SR7fWI3wpUq2SMwvQKLgzI-5pJ_8He1Jyb4zqggGHMTrQ4ihAQQ2q1EM6JeHQG4G3WSWqNamn2t75t_Um5ROs-Q0BOn-aXdyzy0fNAf6cxLEQENWwmxNjzqXbXHeeTOZZNH-uKmJW5QMX2p9EN94WYmvZmFp0DCJKjDPcN8N6Sgd97TqhT5ExOG3Tg-C9k-4wPSAsW8yIfkoktxLNYrRRTKqH5X79tHl2uhYoM8yU4veBBq2izKBDIx-2qNDD9JccGwd93Gz3j3QCn1kbRiVVdA0V53gaJNNzIn8K9-T7ggG_YSSbP50I04qzIW40DZWgAztvDtJ1DzWkiAEHNjC9XzwMtsaBNJ8h5yHEMTy1joPp5XGJS4wWcyMMiNH5pz1L9SwaaomJHonpatbUDrQGL7eYe3yzT57DRtNGAYWrrrpr8fRWC60D3oUaN0lMYSOHiZA5z_8iLvm8DgS-YlTuQTXZtyun3C3YZMHm7QgDSnkP_zwDnnTy732gCTC6qUCTbxG6wtbY9kxkFboFV9G1dvgMFNsHuHlS2tEWdDwFO9Jdq6SlXulPSR5RmraLpYIjqdHMOdDWTaCERulEPTWwx8JSi_BcUPNhQQEk8_LUO18zRoXhJ9JCSpOL4hk1HTLjC3B-zkXd82Z2LwOCuu6agqtS7UWAIeg2zDKOM9aDLjnt5F4kzcgMFjookwkj-uWMj5PyfDVtH_ZRswerTMglj2FMmbUqplG-frjIhP0FIRgixHpOnpve_q3DtIb4NFkfXEcPtHZzndRVjx3Meuz-PSKBUf6NYrld7q3fMQIpzSmUt89CtHEgMcmguHkQlyQ2iFNerxz5HGfq9WmAZ8dozU-yGZQJH2o8MAoWKPKI4lEYMr4r-dxhrtnJ5csrohvkJdUH-EN7h2soMfOYgPqBk01_jFyKkgiN4YiqU5EPYyZe3AgpU-cpK1seSWgmcT7dCbTR6nwqCGNo9hKHIETmW2L94QwpzKua2vkkjYbnlY2kUZxdh_wsyuzB0Tj04yRGnRyCjftfuIVpEt8sSY&sai=AMfl-YQe4m2ZVIuvFnghgwhpUVwzFts4rlfhS6LIV6jtCfQrCFxDZcqipc_n8CyIRYI36EJ3LnM_XJEV74fLxFImjv9H5E40G7eHrZ67Cju0zb1XwiFYQM0tKUXtQ2Di8-0memSptsV7gooODaKhTsIKuDPS9KXyuc4VsfiRBRtPxdML2vx2kQrto7EOv4LbhZtI7iLq5_behpU7vTJ66Ojq29az_wIbiGgarHArmucLoxXsB87A4xaiMTBiL3wALU30Tqg6sFQ8oetK3ZEB76E1-5xCEVuvDEwEnf8z&sig=Cg0ArKJSzAH0c42fBe8zEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=35&cbvp=1&cstd=27&cisv=r20230705.60596&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.jiastar11.com
URL: https://www.jiastar11.com/d/oxal0f?fbclid=IwAR16jk1amm3uglaJHjv4sL6NdQKtRe8MVlBxo25ll2uZPzkVPAfzpTYGVUQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 07 Jul 2023 07:08:43 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 07 Jul 2023 07:08:43 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1350098/69352127/ Frame 75E5 46 KB
12 KB 32ms
32ms Script
application/javascript 63.35.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1350098/69352127/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1013337800&ias_pubId=pub-8798765870329885&ias_chanId=1&ias_placementId=20333851613&bidurl=https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gSwuJbTNLFtrEj9Wq1MUUv
Requested by: Host: www.jiastar11.com
URL: https://www.jiastar11.com/d/oxal0f?fbclid=IwAR16jk1amm3uglaJHjv4sL6NdQKtRe8MVlBxo25ll2uZPzkVPAfzpTYGVUQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.89.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-89-158.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 85f22cedc5b2b7c260e87dd48853197b5e2e9fb70f4a9a8e082457f1412b03ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:43 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 75E5 111 KB
39 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.jiastar11.com
URL: https://www.jiastar11.com/d/oxal0f?fbclid=IwAR16jk1amm3uglaJHjv4sL6NdQKtRe8MVlBxo25ll2uZPzkVPAfzpTYGVUQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com/
Origin: https://5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 13:52:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62149
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Jul 2023 13:52:54 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/elements/html/ Frame 75E5 11 KB
4 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AfB1TUsac13KgMJdv9VBj1HPQXtQkdGtR5yt-AdCxltKdlNtWb947kguVhUvY6tGDl2JSVKyjTXWC3c3pTYUs1bK7gH_3s6ofMSmhc7gzULtJE0BiSW7q7VJNMyuB3sT40lEdJjXFbzjisxNR7e6mxuAR_YzfntCaEcDhIXeyhZjnvdIY&dbm_d=AKAmf-DzuyQK7FlndLlkpUxIk4gngyeyOPOiGDpADz_7QB_RDwFBrPPBdcdNCm4ilmf6hVzHXcaXQXV96y57WLcBx8JibppI--gtNSunzmqPQ3-UWyQTKmLOoD5FdpvSHXdiThHZMsBrn2PqKhHsm9TfAIxy3AQOPm653RJpq2FuQ5fagf6lzENbiZempDmepzS_DMEncxlTs_3gBJ0Riq1ZfNeix0E8eS0X3_ODdnSr76_cLgQSmg1u6oUbnA1d1si1P6RmY0KwrwDvUBkiiXJfIuX8QgDjnJt1QD8hlRL2TVzC_39o91IgjPUKx4Ooo7pGm24B65pv9CguN5isTGcBiT7w197E1OPG45Ubq99Vxim7i_ds78Kp_Q3ZZxlwYUlWroHGrjcX-R2ui2pnMrkZOMWXSth6js741XFTjEGTmHwzACRn6tCEY2eTGDhwgcl1fbehcpim68AXhflBkY791D60UeD0PtkX2vEw7F-xtf2_FwRTVbCrmGIhgCkgZuAENPTlOLdHfl-Le1q62gGRR_-DMzyRI_Vup561c6wCwIZHwyQRhjScB91lAlXPZxvVokyOAO6s5uWVahxOjwQArVHF_2KIJKIhv3uyiEWtHyHVitbbbKpv2byzzGLncKp_T3WvwOmuK-RnFv6cgecJqDgjKAlSzVh_HTWr8mQH2Yox9nNobYV376FKDbDyDu3nPXgt8MSHFW1GY73BRRbYTBb91Su6E2hFlyyONJGzLug0zL3JC93yi7EzCkfu7MpUFdOg37LkXH6uLFL43XiLBXZYt1kJTT33nG0URjW5Y5TR_2SPUnPp39Ctyy25n9WMHaqGIXP8DB_N6BNpgrHu9onnMtzFMRtrGHxOO93FYsPyID7zTP196wYvk0LDxrCb-LwaqIfB1Sj0NbYKdT3pmpxbR-UUnGCst6DPgU6igv5GK6xeEEcXtH3otCmsAjWQ4V3CAeNnazdpUTxgzrNHcJFjs3YICyeJc5Q6yQ4mlNLK428SBdHHykYORUdIMh5v9_Ax00onxoKo8wUMkNu2NTjVkJUIWDKmjhkJZfu7aGRT7tbFFINg0bgXP0bwYI78ICF7uy8ZSzIJKZqW1w9qJJ19hYHIdwnzkPzk7_bCbsyFIHJSStw_TN97FgEeWrVcOBV_gmLhOLbVyIe25l9fuqC7Q9OcyR5KZo3iZHLwYuP4uAiHepXtPhbDoOH-1vn1rdhcU_nv0bfxN4OASoiN-u6vz_1L2mefLJ-IMEopU0fLAWAPU6XS79Nnc-y_o7kft_DmABwIQkaqMz1PXEQioubFrXEbLxc1XbXQz_Sax24rlA-Wt1zQHy2fpZYsi76JjixbOfB7LzxABCL1xjG9VcymQ1_afm2G0GgakTF_zkgQfndTrGjP-aeF6J9VcUW8PV6MZ8jwNXKLeGMpLrpoGh_J19ZbMUCfAT6lDyPGhyeGJ_aerpTXEfovJTLrLbmq32WoajIn-c24Pyz3hvKZa4eRk3Kv-NwQGHXXMxTiMUYxxR0wHE1CDeo0ZevonjI_IRKcKGDsQbNnz548Amj4attXWToIFGj3YBQQX60nyEAz8jYmaZ3E9hWlzS2k4LeSz17tptrdeSYKi2jyWroSMXhGz6qpLEXEWlQrmKZjzdqPhOKkczpiLc8WHZEUeysUb5MTvMIZSi6B8FI7lGK-pNOIEmSHOxEVEB3_emhME0puLnDFqLsTnxOEeUgIy8e2BLmshoBH6oyPDB1FxdDw-RUFgyesUH_CGUCKOQm4fe7MwWilTjcw9x8vW2UX9G0QrplBwjc6NElB6RaIM4kKLJB7eeBoVnHAc56NMMFwyiPCs0-tVSFnFpBmHLbqonABi74g0Slt7xIVOmFcrcFnwTlzAuA1C_mLvaA6Akm40TavfdXGLWyl0f8E1jJmF1bx52NCNywwoH4UQ9AibDcb8hUBMJooxtJkoJfMytyvHql3nwruDhwUxAtJYaHuHvZwhAdfnL_rijLyVf7WhIclsQaa0e4iVZOO0N1kdlcd1YZ0LKjSBnmWmG0cV4Bnr_9qTGalgOEKBInGBEgRd07BZOkzsxV-ZAdomK6hVluwHQCgx_-uOj1pqULFCSuyUG7WeQj2Wry4td7vFRWcXdOgEA3bQQ8MGR8nzLFEPYFkTixFbnAxYI00VIVO01LIYo2uyz2IaY1_sYB0IEwP6jr0dom5NS-rhu8LcfWaWioszZA5ZkWX3kpAekwQqt9ydVHC1ZF9bvW0yh8hTNmbvNHwNfWuQjQC1TZCdE4WU5XlYJcEQQ8GZOlMyZ9AJNeE3k4Xi2uByqmoJ7-BtLLsSj4XhfPi96-4i434oouLy4DCxDJsUte9bJu29pdsHGYFii6fifDe0K-CDolSlU4RoyJASHdTBDgrGvQCpORYqp1-0Y-k_3oSWS-FlgNVSXMcYCKS67PBPiTo_MbvAcBb6o1FminY6vUsLafjLTKXoKL0b4q0RgW-nJoHTAobHeAIw53maC3Q2Rmpz0N_VoAtWbbSa8nJbKY3ByUxFTUoNELPNy_NFEIteIwaEjc6sTkQ8u-KOlKN_q0N3tc7m9AmNI9CJqKP2r2a9Ry_S00WGb5prmnVC81y2imQTAvxWafgp7KPg_K_8Z_44ToAPDZb5UQI8XIfsKNcfuawHoDlcnjENEPlA2nv0PqYwPn3Quguj1IKzJ823VAEtoOPmBDdQLiizb7ItdFPd39zaD9DZOm5vIZ-vP8qmhjt15B2RNOJgTG0ludsRCdPOYSBjChswv2parxbysLpA4kPOBktwgk6ZEO0zhbC6Ngx5-Keuq4SGHtRegRVm6eA7N1FMcKadncICUk_e827pyAatJsGcVDvRff4ZolAULuu-er9N9Wa-OpwvUwZTg2Gz1nk_pzMWnw6sPL-C5auw1k9it16X0QwkU6lV6ZoEwfy63MbriHY_EfIBjYnrA8mgo-3ao7BDILMD0NjAD9UZ1gV2IIMR0YK2Q1JIYWjpriz9c569VCsIy6Bq2kPKEtrvK60i9f5izCEByXRNDBDuhGlfKsjL0u4gY1tnooja6vycz1jnFK7VAq9Jz58hdOzTYpUlJMJDsUGCFKaYIePTIvh8FpHB9TR6a7_nw6YocP--lTIkSv0DuWliWKNYf_eCeILO8kwxi2ttrMUUbVAN-xiJOb196NrIOcbAZI0DjsVXo3LFEEsF3LG1uP0B28CyamKhlkgtZNGEpKauMzubiaJiuLS3bqZq8rpXrc9A8kue9F_YDK4Z3tLwI3lxd2iLJa31KnW9EKmpK0YE2Y5FMcY2JKlSdluWIFeBacxAahahEXiCCzMf6KYr05ZBK9fvEJk7OoGMfCn7bZQwUjTwtsjRYsOWBuaSsFLLxQWde0NnIvCjPmJG0H-U1LKCOWSeInrxYNrEh1lCxWQnGG3Fe5AEvMkvWBMdshm_5VCY5aOdLKlexZR7IIvjjigduDyD9XWqKiWrARzH-7dEBfh994XPSdl9wK0vY1ig3DTHsPWtQiDt1nD8SjTz7yCISQw__cn3Qq1ZIaVulSjB-NAYwmggsUGfMd_6tffb6wsOEgDNf0vUmvNHcwbP702kxkqgYwElIowL-OTi5e14Ro2jS4DdPMDR0hqVz5CQ1w1DQFbmsKy9oH79WGIzSn_Jq0p9I48bPnevFwfTEZ9Hupay0oR5iuWZdHPZPVH_FSvGVKM8N6YpQT3MooVHlPOh_ea6RtdvFge076yOOf6GEevIQ&cid=CAQSSwBpAlJWE7DgXcp74WALPc_Q96hLbeOBVeaY46FwHO2JuH_fSTHbi_6s7E4mXI1Iguu-BqGFJ5rp7ZSMUKCInUFxWPkLrYjvoPUhkRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.babiesjh.com&ds=l&xdt=1&iif=1&cor=1808654435863986700&adk=1725352768&idt=144&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:16:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49919
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 17:16:44 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/ Frame 75E5 30 KB
11 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:16:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49919
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11545
x-xss-protection: 0
server: cafe
etag: 12064860844701496540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 17:16:44 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 75E5 41 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.jiastar11.com
URL: https://www.jiastar11.com/d/oxal0f?fbclid=IwAR16jk1amm3uglaJHjv4sL6NdQKtRe8MVlBxo25ll2uZPzkVPAfzpTYGVUQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 07:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 172754
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Jul 2024 07:09:29 GMT

GET
DATA 200
OK truncated
/ Frame 75E5 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5aec11adaa3d4f79f1459c6e7c35eac3bf267dbfd2eb3fdb1557409acee1dd5a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 1676550659977.css
s0.2mdn.net/sadbundle/14408604554560116435/ Frame 96F1 8 KB
2 KB 9ms
9ms Stylesheet
text/css 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14408604554560116435/1676550659977.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14408604554560116435/index.html?e=69&leftOffset=0&topOffset=0&c=kLFlwtZkJE&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f721f1386a20adccb1de69d549e8d4462f5ce68f592213d3c2a56b9e92e70794

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14408604554560116435/index.html?e=69&leftOffset=0&topOffset=0&c=kLFlwtZkJE&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 22:16:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31950
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2259
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 16:05:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 05 Jul 2024 22:16:13 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 96F1 118 KB
40 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14408604554560116435/index.html?e=69&leftOffset=0&topOffset=0&c=kLFlwtZkJE&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14408604554560116435/index.html?e=69&leftOffset=0&topOffset=0&c=kLFlwtZkJE&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 13:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62167
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Jul 2023 13:52:36 GMT

GET
H3 200 1676550659977.js Show response
s0.2mdn.net/sadbundle/14408604554560116435/ Frame 96F1 20 KB
20 KB 12ms
12ms Script
application/x-javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14408604554560116435/1676550659977.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14408604554560116435/index.html?e=69&leftOffset=0&topOffset=0&c=kLFlwtZkJE&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8001763a4cb0cb81352e07fb9927790673baaeda29140c072f30c5933cf10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14408604554560116435/index.html?e=69&leftOffset=0&topOffset=0&c=kLFlwtZkJE&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 19:25:42 GMT
x-content-type-options: nosniff
age: 128581
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20611
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 16:05:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 04 Jul 2024 19:25:42 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame AF55
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1350098/69352127/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1013337800&ias_pubId=pub-8798765870329885&ias_chanId=1&ias_placementId=20333851613&bi...
https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}

17 B
464 B

6ms
6ms

Script
application/javascript

2600:9000:223f:3c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}
Requested by: Host: 9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com
URL: https://9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Server: 2600:9000:223f:3c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 03:51:51 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 14872614
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: uWeN1xLe1VYnw6Q2mIXjBO8JUNYeQDZE_6e_JPdi9-1fO0iXMI1E3A==

Redirect headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:44 GMT
server: nginx
x-server-name: app17.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame F3B6 91 KB
23 KB 7ms
6ms Script
application/javascript 2600:9000:223f:3c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com
URL: https://9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:3c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 24939148
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 7Mnr1vhMu8-oJ601maEGWM-75GK763wkZtjuRRxBcji8XOudnV39Og==

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F432 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 172691
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 05 Jul 2023 07:10:33 GMT
expires: Thu, 04 Jul 2024 07:10:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 54F5 95 KB
33 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yaya0506.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 07:57:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Jul 2024 07:57:35 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame AF55 43 B
215 B 304ms
94ms Image
image/gif 2600:1f18:1aca:4282:2d30:88da:dd2d:1d93
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=ad2a4dd1-fe8e-f230-edff-ee681f7fb922&tv=%7Bc:hFadKe,pingTime:-3,time:157,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:134%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:158,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:134,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B36~0%5D,as:%5B36~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tJj0GH7+111%7C12%7C13%7C141%7C142%7C1431%7C1432%7C151%7C152%7C15311%7C161%7C162%7C1631*.1350098-69352127%7C16311%7C163121%7C16313%7C17,idMap:1631*,rmeas:1,rend:0,renddet:na,siq:135%7D&br=c
Requested by: Host: 9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com
URL: https://9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:2d30:88da:dd2d:1d93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:44 GMT
server: nginx
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame AF55 43 B
216 B 301ms
93ms Image
image/gif 2600:1f18:1aca:4282:2d30:88da:dd2d:1d93
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=ad2a4dd1-fe8e-f230-edff-ee681f7fb922&tv=%7Bc:hFadKg,pingTime:-6,time:159,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:159,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:134,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B37~0%5D,as:%5B37~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tJj0GH7+111%7C12%7C13%7C141%7C142%7C1431%7C1432%7C151%7C152%7C15311%7C161%7C162%7C1631*.1350098-69352127%7C16311%7C163121%7C16313%7C17,idMap:1631*,rmeas:1,rend:0,renddet:na,siq:135%7D&tpiLookup=ao:www.babiesjh.com*%2Cwww.babiesjh.com*%2C9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com*&br=c
Requested by: Host: 9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com
URL: https://9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:2d30:88da:dd2d:1d93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:44 GMT
server: nginx
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame AF55 43 B
215 B 283ms
94ms Image
image/gif 2600:1f18:1aca:4282:2d30:88da:dd2d:1d93
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=ad2a4dd1-fe8e-f230-edff-ee681f7fb922&tv=%7Bc:hFadKA,pingTime:-2,time:179,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:389,beZ:391,mfA:508,cmA:509,inA:510,inZ:513,prA:513,prZ:519,si:524,poA:525,poZ:538,cmZ:538,mfZ:538,loA:548,loZ:550,ltA:569,ltZ:569,mdA:391,mdZ:430%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:134%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:180,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:134,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B58~0%5D,as:%5B58~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tJj0GH7+111%7C12%7C13%7C141%7C142%7C1431%7C1432%7C151%7C152%7C15311%7C161%7C162%7C1631*.1350098-69352127%7C16311%7C163121%7C16313%7C17,idMap:1631*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:na,siq:135,sinceFw:43,readyFired:false%7D&br=c
Requested by: Host: 9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com
URL: https://9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:2d30:88da:dd2d:1d93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:44 GMT
server: nginx
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 main.19.8.425.js Show response
static.adsafeprotected.com/ Frame 75E5 203 KB
63 KB 7ms
6ms Script
application/javascript 2600:9000:223f:3c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.425.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1350098/69352127/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1013337800&ias_pubId=pub-8798765870329885&ias_chanId=1&ias_placementId=20333851613&bidurl=https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gSwuJbTNLFtrEj9Wq1MUUv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:3c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4d24a3646c524336d1a00d5102a4fab0629caced791ff7f05a89d12253e147d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 21:04:08 GMT
x-amz-version-id: vTMh3VsUfsPfd30Q2lhQhLoWQZlv7Ed2
content-encoding: gzip
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 122677
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 05 Jul 2023 19:42:13 GMT
server: AmazonS3
etag: W/"8325ccb86878f05b0052313c53a93437"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: eEUWCp5p6_Ulc7WlO_aHHn2X0bIz9UpjKDCso5qSKknHe1g5iAL8qA==

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C1A2 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BXsPq-7mnZOCVJ-in9u8Pqp27-AYAAAAAOAHgBAI&bg=!HB-lH0vNAAb90kgr3dI7ADkAdvg8WgY7YIM7ui6tz39UYq_A_xoFUmx1zYq3JoK-kcsouSuVySOZQGRzOOQdwM7J0rvuEuDACZYCAAAAqFIAAAAFaAEHmQNflqmXO3TKOjK2w1ypfPCVoF52-ur3S8NgWVLjfH6QnG--r6YkgTseuXVxPs5qOmCEWWA66CNFvv--FRMuZlYdk-WHOhlG_flvYhCFc56iEfYYzu6nKISdG1kPGql7xFZMibjxIU5nExAXlV8hb1NgCUzN5ch2ASjmLAA4wHfdYGRJpUxFHh3w4rkBIi420Q3y6gEx4Nkxlrlt38xamu3VopnLRQ_KU_aQEbvHBOrUupvCpglkke5yqR94yOcZdfSDYY69tkUOzSNgrxHkdnz3yPRIHVaLTfHv0TnCfHmY9ZDzeCpJ4fbP0sQutXCG0wfv5oDROiZz-3BcVGi8JK5xeVYNv6VHZ_j3H1scfr7Vfgp35QLWqokX64Im-C2sY2wUOcjCgy0atswFZwyc5ShJVwgb_059n43LxE0hzjaq9pwuyKgtOw2tMtKzC2yLn-vvIIkJXzXV7OU_u9HoOL_4fIHFEA0kcjSMHi7Ap6x4i6Y8XUyNG365t2LkXgrBH1JKumAnotmXobeqS-a59aaihpMkqUoqVDxHchu0CBVJWawsPqUUnSY_P-VPlplLk3-7GWbiWTQ2EJdMgRWLo1ObAi7VbvCNVZrWWvlQ96Q99qUpPJ1r2uGr79FH0wXtPU-ocoDTZhEfJda2sukSHz332zuIIGLjurEqwhzMZKvymj9A9oMtRqHZ77Dr9UoBMDeOdUTIyKp8bUDxiIdeYddaIZbt6IecE2scOxuKv3WQmrFIUPBNqoA8CKNkDRVWkS2r65l2jhJWD8S6Kio24CbjTKfQVsO5FnCvYMFAvi5vt1M34J5VmL14YwM4z2rQbVOdxbH8bJ6kwaVFUuvr3r5QEn5tWhIGjKXrWC4BI3ySvfRDJjlpLcMyzeaPTp_9dFuQ3WEo-4hphWVsCSRcUUm53rZ-AgUsyUiGwqGpRPzS-V9cfFSz1JtFNe1whRyZFJQpOBxEvzzKVjkGTcwQQxck75klpYTGGIQXl4VW7QOqATrPPtJCvGMWAmdhvbKqNR2XyOsB7JfL3KQCouDFt15ATMC7CjNzmxgG0js5kKSjHZOvJtnwPS-wthjM7jkzGUavCA1Obb8Oh3UVg33KHl8I92aC5vQhfVD3AVI-l7K1B20Ab7L4JwBAa-8anYRp6wE

Requested by

Host: 9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com
URL: https://9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 393B 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 172691
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 05 Jul 2023 07:10:33 GMT
expires: Thu, 04 Jul 2024 07:10:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/16400272318598704360/MediumRectangle_VerticalGastroHotel_300_250/ Frame 7D11 96 KB
21 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16400272318598704360/MediumRectangle_VerticalGastroHotel_300_250/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b23d1943800e5bc093e49196170e67ac9fb39a3e8012275c8bb051ff9fbdc976

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 153618
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 21520
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 05 Jul 2023 12:28:26 GMT
expires: Thu, 04 Jul 2024 12:28:26 GMT
last-modified: Wed, 05 Jul 2023 12:25:19 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 75E5 0
0 64ms
64ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvnhJNW86EEECBvnVOps_pZdJlSygbaW0gZAfb7Qbb985MSCnb4Cft9ivyxMYHI_2kkxMleJRSjZGYl5AVVSqzJCGpISzuIFbtHUxWseuLveAtmvxPMZgexaDXy9YpFq7J2JNiORoLXnUichak-9B75y_LHBBxM6-H4MfUTO_HUeRVG40Q8vze7r_k3jYBPsU9AnW6yiGUOXE3vKIfF8FvvRCcUXqOoh8mMcyTaTcGMWDdMH6yUZP3NYcZlNU6N0fZD4PQHT8oiRKwTwEbhgq9-0Zrq9dlXjX1518rSXDxBHV3cdJLjPqov-_d3C2fsMzHKULC7vNf3juLhKxZa3ZuQoKEjcsjFzEf09LzzukDIRg7z-sAFFEKpW25K_eDFG9LRaIV9loGmZlOD3opfD82_XJGQUosQ4VcTIUqTRRteOzGvBmbkO13Lf7elkStTv8jwXo_EmJKenm_G96PgxcVCSaCJWOwjX0Xy1Oousno4W2fcC6QdeipQLc1tgOfSkqDvLHPkNP5ncxLhXRAF1agf5vywx4m-ArP_XqPP_xVcXJWIsHS49p1wbgblfYX621pGVTZEwMMwAajLfavmZvSUuEb4vgP1wbAIcGwNEwANFUpO3lVV7xpDiVySEUN2Cw2EYnteAVJv_RVp1AUwbnK5hqUbE2-f_KtV45xr7KkIfWwBkf1B5N7GBSCq08nFGdkv8XNphusSZ7lPPZiMnvbUKxMop0jXQrsGnfjuMrBzu2adO5bivLt61lmNeDzLix7_y-zWrmwV4hFlJQnLTn7HEO2ol11Y3QXGHf91073c0fuSeV-Pbg9NHoHWo7FWJJfT9vdz3kx30VtOr8v4FW4Vd9qhsiija00LIiKNCKPg80PPJtZbtTWfwqVbdRpGZZS19TY1ZLCFtG9RbqQ7iM7ar8c52IQ7BiYz5YRfYnb6ANrxV1YF9KvzhQUSI7AUPAnF_xZo6fvKn_XH1J2VL2Mrk66qSBC9WX3iN_MPm74Rb6ysXoXzo_AL9YfEObzIHsFaEV7ay3V_zh8CFb0VbIejkUj9nT2XZPx9QaYtAmW_OECabvROQ3quJuMNIy1-11rNJzYwvzZ7hfVHGIhP9wxrYEsiT89AJ499IrhI4GPHWMe5RGLY75zLMp5AyPHW3tSN6TaHpapIu7XngUIY21O6YX6W_m31ea3KtHjvphm2PHsbxg3L1dCaBTBoi20Bsqm5iOP805Tndz-SfPSWG8w20LkJcCSFJx88qDCXA6mE4ME-NHTSrj05rw&sai=AMfl-YTNwo8XjgONkJu-NI8H40PZccMpCdCqa09C-alFPu86shfDd2bl2roPRoetB7OnV9wHQcX4kXdlEI0Tn5KZdipmNgHA9vROgXLHTqHFIsRYXkXDJF3QRzNR6C_hh14VZ50Zr7kdL4QMIIHVllHXplnnPLou2JHDey9v4WqwBBVga_Cma7I4haFRxtwq5SbPRePOlzq-lUdLNO4ehCeTirTuyKMKzKBb5qdCI0-M4J7ulQCrVjvvoX3FvDDKXHXP0GoaI4jYc9EeayyWgtfkgsEQEvBRSXWQ&sig=Cg0ArKJSzNlRTEoHjoeqEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=114&cbvp=1&cstd=113&cisv=r20230705.26154&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.jiastar11.com
URL: https://www.jiastar11.com/d/oxal0f?fbclid=IwAR16jk1amm3uglaJHjv4sL6NdQKtRe8MVlBxo25ll2uZPzkVPAfzpTYGVUQ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 07 Jul 2023 07:08:44 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 07 Jul 2023 07:08:44 GMT

GET
H2 200 93656
tags.bluekai.com/site/ Frame 75E5 62 B
454 B 161ms
160ms Image
image/gif 23.192.153.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/93656?limit=0&phint=event%3Dimp&phint=aid%3D6531095&phint=cid%3D29364893&phint=crid%3D194690858&phint=pid%3D359274924
Requested by: Host: 5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com
URL: https://5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.153.172 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-153-172.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:44 GMT
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
cache-control: max-age=0, no-cache, no-store
content-length: 62
bk-server: f030
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/14408604554560116435/ Frame 96F1 3 KB
1 KB 8ms
7ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14408604554560116435/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14408604554560116435/1676550659977.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f88ad1b185e443ce4a39c76c65fa4b6f199c1521398535cc5452b19304d5f17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14408604554560116435/1676550659977.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 05:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6249
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1359
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 16:05:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 Jul 2024 05:24:35 GMT

GET
H3 200 gemini_2getherclick_ifr.js Show response
js.akusehat.info/track/js/ Frame 667D 6 KB
3 KB 494ms
494ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.akusehat.info/track/js/gemini_2getherclick_ifr.js?size=336280&cssHost=//js.akusehat.info/track/css/&cssUrl=//js.akusehat.info/track/css/336280_4.css&aid=0&apiKey=23J6S4YK6MVCTD7HCBM8&sectionCode=d0f1f448-4828-4ed1-934d-614e40ebf651
Requested by: Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caa352024d28f4ba75cc21bf8858e4ed2387ffa1b3752a2c2b11e69cbe4151ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yaya0506.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:44 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 03 Feb 2020 08:38:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cs1W%2FgdzhTKyAgY5jMj%2FhKrLFoaFyL%2F%2BCGMsO6UGMFX%2BuBZ3aErmt1wWmS3O1lg2fjg9mssm1o46b2sXuvwCggL%2BoDqOfMeijv2uIw7X3hCV5WsNGlK3EXNm55qYoPSI2GqzG7ITQgfS%2B%2BlPr4d5"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=259200
cf-ray: 7e2e4207acf76958-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 10 Jul 2023 07:08:44 GMT

GET
H2 200 sync.js Show response
sync.logly.co.jp/sync/ Frame 89DD 0
268 B 246ms
246ms Script
text/plain 54.238.42.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.js
Requested by: Host: sync.logly.co.jp
URL: https://sync.logly.co.jp/sync/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.238.42.234 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-42-234.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.logly.co.jp/sync/sync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 07 Jul 2023 07:08:44 GMT
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 7D11 32 KB
11 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16400272318598704360/MediumRectangle_VerticalGastroHotel_300_250/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16400272318598704360/MediumRectangle_VerticalGastroHotel_300_250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 04:31:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 08 Jul 2023 04:31:52 GMT

GET
H3 200 JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js Show response
pagead2.googlesyndication.com/bg/ Frame F432 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 19:20:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14572
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Jul 2024 19:20:32 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6D67 0
0 43ms
43ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306280101&jk=4299962982623993&bg=!cHOlcyfNAAb90kgr3dI7ADkAdvg8WuiwgTHoB02R5S9-RSyOl-Y-vo7Wpyn7KSv0hUH5La9rn_xwlVVz9xwEf2bOeI3qpO7KrLYCAAAA0lIAAAAEaAEHmQLFHEWRVIb3TyzbMezE6Ten2KLgx9vPivkW5B7xcJzzuYhGOhsMLITw8Ic2HLo8u7lnnuxKD7ER_Cd27x1WBPiOh4dqifuM02owFAuQ_Vo7sLyiEzbiaqBB8JcuUDL9cNP86MMtD7q4tMy4Q4wTxBHVAlsJUCCW5tvvM2nl-KJIOr_9kFdoILuKEiYTs_0ovtFr37DQ1IX_jJS2et4y9IzJyRDr1la5mfH9N2b8WRccqnUgRYYNaCSjW4in194BgfaDtZD3NypnBTUSVUdePrUE2lgAujh301eYT1nP5OJPCw7mSbIyytN5YvKJO1mAb_SKLJ0yCYSXV3xM3oADKbxnM5DA_8W43MbvhEHw2l6bA3Oy0Dluk51UIdcEl9CxRPPCdns41THR5uXO7jRbyn00mau2EdN1Nmp5C4JKWMxPb1TMApXPmOf2nCIEu5FK8zyaIYi2fVMaV60p3yd9WODlkwHYJRZv6sc5gJPHVR86gGC5EiRVP1xv1ZiaHrqoJ8UfUX8-Ja1T1UHmk55sIwMCzAj5_4vjy4tUzTmB95ATkGq6WKqnt_vFaqo78JLPRT0seMReGtlFtyKMMTh39lH5ccp5y14HOzpm5ElMDmSyORx48naSX3xetG98Cn03Wp73G0u-v1TVbfP_9gFZUiMYbY4ORHtkin2vAwO2UeI2OVCKJs_8fMRbmyQOvr6o0fjUvNGyDbOsz7O25gUW0vnVRSPDVBbOKEHIlt0DADTEcZynXOaj1VKPHfRV2Kvn1BlsRfwkrciyv0UlsM_glc-GAO0JnYiDleJjnwXVwl6fIH33ktterwz-rjOhfrUIcRW0umgiPn82Ux8nLjqUTxXEe8Xsp5V1PDcCg-z3vuuwKqLBS3ggnyNFCdCtAyfWyN-PJRL5tyH8QULajChUHgsZGm-58ThKQ_WT1xvj4E_gRUnE2q_e0g
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9534 0
0 55ms
55ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsslFVMeAu2l8DwKMWrQ42h66el_pYrQnff7Nn7e3m6022kbm9FAPAZZKIkhk2_PwO7bP6om3nQYcPXwhRIA7_uf9ukZ1I2SjYR7hErwJMGhmeFR58ftBIjNkBPU7vRXj84vDXTMuqz3utQ2KwcAkTy3tCkouSCdsNrGB6jIy4uUzRGKvg4ttPbyqm4b-qIkAB8Bwnbq323zXXqctHoXhjo-rJQCfqV27FvqUfn6qTPaKUheU63Nm8WCZnVZvb6BpkNPKU0hjUygQ7UMIFU4SR7fWI3wpUq2SMwvQKLgzI-5pJ_8He1Jyb4zqggGHMTrQ4ihAQQ2q1EM6JeHQG4G3WSWqNamn2t75t_Um5ROs-Q0BOn-aXdyzy0fNAf6cxLEQENWwmxNjzqXbXHeeTOZZNH-uKmJW5QMX2p9EN94WYmvZmFp0DCJKjDPcN8N6Sgd97TqhT5ExOG3Tg-C9k-4wPSAsW8yIfkoktxLNYrRRTKqH5X79tHl2uhYoM8yU4veBBq2izKBDIx-2qNDD9JccGwd93Gz3j3QCn1kbRiVVdA0V53gaJNNzIn8K9-T7ggG_YSSbP50I04qzIW40DZWgAztvDtJ1DzWkiAEHNjC9XzwMtsaBNJ8h5yHEMTy1joPp5XGJS4wWcyMMiNH5pz1L9SwaaomJHonpatbUDrQGL7eYe3yzT57DRtNGAYWrrrpr8fRWC60D3oUaN0lMYSOHiZA5z_8iLvm8DgS-YlTuQTXZtyun3C3YZMHm7QgDSnkP_zwDnnTy732gCTC6qUCTbxG6wtbY9kxkFboFV9G1dvgMFNsHuHlS2tEWdDwFO9Jdq6SlXulPSR5RmraLpYIjqdHMOdDWTaCERulEPTWwx8JSi_BcUPNhQQEk8_LUO18zRoXhJ9JCSpOL4hk1HTLjC3B-zkXd82Z2LwOCuu6agqtS7UWAIeg2zDKOM9aDLjnt5F4kzcgMFjookwkj-uWMj5PyfDVtH_ZRswerTMglj2FMmbUqplG-frjIhP0FIRgixHpOnpve_q3DtIb4NFkfXEcPtHZzndRVjx3Meuz-PSKBUf6NYrld7q3fMQIpzSmUt89CtHEgMcmguHkQlyQ2iFNerxz5HGfq9WmAZ8dozU-yGZQJH2o8MAoWKPKI4lEYMr4r-dxhrtnJ5csrohvkJdUH-EN7h2soMfOYgPqBk01_jFyKkgiN4YiqU5EPYyZe3AgpU-cpK1seSWgmcT7dCbTR6nwqCGNo9hKHIETmW2L94QwpzKua2vkkjYbnlY2kUZxdh_wsyuzB0Tj04yRGnRyCjftfuIVpEt8sSY&sai=AMfl-YQe4m2ZVIuvFnghgwhpUVwzFts4rlfhS6LIV6jtCfQrCFxDZcqipc_n8CyIRYI36EJ3LnM_XJEV74fLxFImjv9H5E40G7eHrZ67Cju0zb1XwiFYQM0tKUXtQ2Di8-0memSptsV7gooODaKhTsIKuDPS9KXyuc4VsfiRBRtPxdML2vx2kQrto7EOv4LbhZtI7iLq5_behpU7vTJ66Ojq29az_wIbiGgarHArmucLoxXsB87A4xaiMTBiL3wALU30Tqg6sFQ8oetK3ZEB76E1-5xCEVuvDEwEnf8z&sig=Cg0ArKJSzAH0c42fBe8zEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=193&vt=11&dtpt=158&dett=3&cstd=27&cisv=r20230705.60596&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.jiastar11.com
URL: https://www.jiastar11.com/d/oxal0f?fbclid=IwAR16jk1amm3uglaJHjv4sL6NdQKtRe8MVlBxo25ll2uZPzkVPAfzpTYGVUQ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 07 Jul 2023 07:08:44 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 75E5
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1350098/69352127/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1013337800&ias_pubId=pub-8798765870329885&ias_chanId=1&ias_placementId=20333851613&bi...
https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}

17 B
464 B

7ms
6ms

Script
application/javascript

2600:9000:223f:3c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}
Requested by: Host: 5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com
URL: https://5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Server: 2600:9000:223f:3c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 03:51:51 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 14872614
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: znha8KuSmDhTp6eltAgZjWsgyh6wBQuu4t7XiX_xa2eqH9FcCJUPYQ==

Redirect headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:44 GMT
server: nginx
x-server-name: app20.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 2226 91 KB
23 KB 6ms
6ms Script
application/javascript 2600:9000:223f:3c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com
URL: https://5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:3c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 24939148
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: tVUJLI7v5lmhqLpKHcShco0_0GHPSMQSLRPl491RP7zn6wTJ7OfkDw==

GET
H3 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ Frame 96F1 13 KB
5 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14408604554560116435/1676550659977.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 18:49:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 476377
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 18:49:07 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 96F1 8 KB
6 KB 49ms
49ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e58c75889e4d4561b247e641e81c38e337ac33b7bcf120b8dd3800e726ff3917

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5812
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 75E5 43 B
215 B 146ms
93ms Image
image/gif 2600:1f18:1aca:4282:2d30:88da:dd2d:1d93
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=9ca935c2-b8b2-09a7-2d08-c17aca844532&tv=%7Bc:hFadMN,pingTime:-3,time:136,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:113%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:136,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:113,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B32~0%5D,as:%5B32~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tJj0GK1+111%7C121%7C13%7C141%7C1421%7C1422%7C1423%7C151%7C152%7C1531*.1350098-69352127%7C15311%7C15312%7C15313%7C161%7C162%7C16311%7C16312%7C16313%7C16314%7C17,idMap:1531*,rmeas:1,rend:0,renddet:na,siq:114%7D&br=c
Requested by: Host: 5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com
URL: https://5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:2d30:88da:dd2d:1d93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:44 GMT
server: nginx
x-server-name: dt11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 75E5 43 B
215 B 146ms
95ms Image
image/gif 2600:1f18:1aca:4282:2d30:88da:dd2d:1d93
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=9ca935c2-b8b2-09a7-2d08-c17aca844532&tv=%7Bc:hFadMN,pingTime:-6,time:136,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:137,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:113,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B33~0%5D,as:%5B33~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tJj0GK1+111%7C121%7C13%7C141%7C1421%7C1422%7C1423%7C151%7C152%7C1531*.1350098-69352127%7C15311%7C15312%7C15313%7C161%7C162%7C16311%7C16312%7C16313%7C16314%7C17,idMap:1531*,rmeas:1,rend:0,renddet:na,siq:114%7D&tpiLookup=ao:www.babiesjh.com*%2Cwww.babiesjh.com*%2C5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com*&br=c
Requested by: Host: 5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com
URL: https://5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:2d30:88da:dd2d:1d93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:44 GMT
server: nginx
x-server-name: dt09.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8C06 0
0 45ms
44ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306280101&jk=2850778209491309&bg=!e3ileCzNAAb90kgr3dI7ADkAdvg8WmW1ECeDpixp2fI5OPhxvK2bK9scNIFC6NC1pwHSKyQzrLbHVMl-pIj6XisjidsOJxMAmZoCAAAA01IAAAAFaAEHCgDGGhI9Q2ai3dkNflu-TiC--oRV1-V8I4ZtNMhsUQcbBZou3ySib1v5dZcOpH2EHIn8-e1tdViWy_T4wInBkd5TlRqKqTgiNtQck_eJ8HMDzjJyRC5Rn4uNJUpikAzxsY-bkU9CTeDMYRv0xJyK9PCKCdHCZmw0fLzD-CFRqeU_3XJjZHBh8dIh-6P61AcXmg3LWLLPycATBQ5L3-vI7ilYzReEGGDPG82w2QxOCAQGqQJTEPanCdPEAWj3mz1L3o1wBQiQvHvimQK8gSUM3ZK1Acby6d_KSCYHkoFfMA-ox3_PaSh8apKnAETNmhR8lJabcKJxxlg8AG4DQ8YESR__vEyQNqFMTypfQ3CJWYAYdYCWuojuBhYPkJYyQnWtUiXgkglHOB5d--uQqb64x2sMp-G6Cpxw-IFscpUNlrZuCa7EZl7enl03dcwqpbEubbjEU85JRCKG1zH21JnngMVuXZyp9KyIbuPGgFdb1405V0IkgoCJaejxCFdYR3lUZcbtLyTY9wn9q2t7d3BRBSk5Eoakhv-lZ3BNeu6ieIkp5KaCAPKXKBKQBDzETee9kHYFKm5LM1zZO8AvZ6USKlqSHVKtIAEbGv4sNXY4Kpqf2LELIaMAgX22AiEBIaqjRPJtxTCdPMmt3vc2Rx8FRCG_pAxp96KvFh0VNwLFuKRUuJP09mirbzf0-kY_3ZxzV-bqEwR21v2NVh999mGI8XlK5RR8BTZo7on4LSH29u2Xff8ZXtrQih7cG4duivgIWczsgPA9CmI9JXlnxdKHudjtT5ysYkS8Q2OYgSAHHpSxKkGTxugwcHhUzaUYbNd9ZnVxpCs6onapeatu7GxB50QGvKkTHq8q9BtTGyGgpwcIklxWaaOfHjUH_ed8PMbaoEzIP2NlYC_jQBz97dxQ4jqv9hsX1u_HH7hy2HasEbNzd-qZMJR7qEscBeelKkVu3quOP_By35W0cmbbDyyCTEjXXMnibRu9L0q-PM7gDLTMphSHaXlORNrgd1kD1oRZovUM54nCFdPoYJ7Bl84gchZF4k2Zs66EQtWotjW09ylDJbic_mpK4T1A8bQUGNE2nqGFOBo2kKUTKlJBShJZFfUPR8OlU3l8Fh4HPTn6zD9zqaV9admdT3znOF1fDh7R1O83ZAPOBo59ThWVvBAWSVObovVk1b4BPAi7c6xwJeTsiefdbrnMtw
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js Show response
pagead2.googlesyndication.com/bg/ Frame 393B 37 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 19:20:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14572
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Jul 2024 19:20:32 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 75E5 43 B
215 B 121ms
94ms Image
image/gif 2600:1f18:1aca:4282:2d30:88da:dd2d:1d93
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=9ca935c2-b8b2-09a7-2d08-c17aca844532&tv=%7Bc:hFadNc,pingTime:-2,time:161,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:339,beZ:341,mfA:442,cmA:443,inA:443,inZ:444,prA:444,prZ:450,si:453,poA:453,poZ:462,cmZ:462,mfZ:462,loA:476,loZ:477,ltA:500,ltZ:500,mdA:341,mdZ:350%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:113%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:161,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:113,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B57~0%5D,as:%5B57~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tJj0GH7+111%7C121%7C13%7C141%7C1421%7C1422%7C1423%7C151%7C152%7C1531*.1350098-69352127%7C15311%7C15312%7C15313%7C161%7C162%7C1631.1350098-69352127%7C16311%7C16312%7C16313%7C16314%7C17,idMap:1531*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,siq:114,sinceFw:47,readyFired:false%7D&br=c
Requested by: Host: 5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com
URL: https://5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:2d30:88da:dd2d:1d93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:44 GMT
server: nginx
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 36E2 0
0 45ms
44ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306280101&jk=3109388854853107&bg=!oKOlo_fNAAb90kgr3dI7ADkAdvg8WjSGgVKIpJKl68kq8QSWWGy0z7UpjlW9ZP93_9LLkbRdVMeZ4R6tP4U78UqhmaALdHkQ-4ECAAAAtlIAAAAEaAEHmQLBK6xnUrQHtbX6zNREmG1NGGqv7EMkMomgYR5KQUXq985dUgphvYZ4fhtV4dWR6_RZdwIuEMQq5Riv89wCR2v_EdU7qtNpcUcUHbYbS7trN3oBtoj7_hc0N4vAwejHtAC31dH08vgPUUP2aC5YgFa4izKg1D6kJj98bdI6FUrPBr1tK9O81j4Z0hTZw-VG_wiUb8u1--XfM0y-muhoZBXLM-dFw_lZxlEYedDes__iz0-ErGCIW01f3ClyKMT629i9h-iv2WZvk92LeIvm_ccqRgHs8gPQjQUrPtYXBPc42Y_iIpe2TSpFEBQ-yqfJhHgQX9_Y-w1NtD600qn9GK9y0sel-qYQGJ7ZfWWSUxCGo_kctvoUgOjbD267U-XS3Z8DTvmqUPppAEpTAU2Q885uS3ixCDplZEfOHKjoPjWmvegXD6SrQ8N1FbuHHC46mAWFkrxM_FXRAGqq5h5PvvNap_hnZxKDJfRY4-8D_8g50zP8FQ_XIngNGbGwX7Fij2L2PTr9iWxN6dmzSbteeTKKb6AZwZurQy2NLq_5VhCH1jRGtVAxsI8Sccw1avD_vOYEfasPSmoAnzBYHFhDzWdWvDPfgGOVSrUY-cZYDOvL2DDid4rOGS3hAJcvG9w4Mxehj8Fu-trevLKjJJeKm0AEjOQGCNm2atXPT7VdkqL4wyL01MJThAiSAlIt5A7qjVD_spg3--aTvlpBDd3OkqIY-2DH5QFK3MUqlW-0a6dn1vxdKc0DZ5C9q-OttHGzvTKs9k2bzuVHljhbZOxxz5iJctqJTo1yBbxr8CSWcodmMrxdYpPf1o9LS6w6z-tTZUYlTnG_huE205uMvP1cNEKaaVQ-52UXycS_odrizOHMZSJ9KWk3hrZpxDm-IMUVPfcML03C6P3T7WtTZ4Zi_4byahUpH0grcrbeAynUmVleUbmx
Requested by: Host: www.babiesjh.com
URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.babiesjh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 75E5 0
0 55ms
55ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvnhJNW86EEECBvnVOps_pZdJlSygbaW0gZAfb7Qbb985MSCnb4Cft9ivyxMYHI_2kkxMleJRSjZGYl5AVVSqzJCGpISzuIFbtHUxWseuLveAtmvxPMZgexaDXy9YpFq7J2JNiORoLXnUichak-9B75y_LHBBxM6-H4MfUTO_HUeRVG40Q8vze7r_k3jYBPsU9AnW6yiGUOXE3vKIfF8FvvRCcUXqOoh8mMcyTaTcGMWDdMH6yUZP3NYcZlNU6N0fZD4PQHT8oiRKwTwEbhgq9-0Zrq9dlXjX1518rSXDxBHV3cdJLjPqov-_d3C2fsMzHKULC7vNf3juLhKxZa3ZuQoKEjcsjFzEf09LzzukDIRg7z-sAFFEKpW25K_eDFG9LRaIV9loGmZlOD3opfD82_XJGQUosQ4VcTIUqTRRteOzGvBmbkO13Lf7elkStTv8jwXo_EmJKenm_G96PgxcVCSaCJWOwjX0Xy1Oousno4W2fcC6QdeipQLc1tgOfSkqDvLHPkNP5ncxLhXRAF1agf5vywx4m-ArP_XqPP_xVcXJWIsHS49p1wbgblfYX621pGVTZEwMMwAajLfavmZvSUuEb4vgP1wbAIcGwNEwANFUpO3lVV7xpDiVySEUN2Cw2EYnteAVJv_RVp1AUwbnK5hqUbE2-f_KtV45xr7KkIfWwBkf1B5N7GBSCq08nFGdkv8XNphusSZ7lPPZiMnvbUKxMop0jXQrsGnfjuMrBzu2adO5bivLt61lmNeDzLix7_y-zWrmwV4hFlJQnLTn7HEO2ol11Y3QXGHf91073c0fuSeV-Pbg9NHoHWo7FWJJfT9vdz3kx30VtOr8v4FW4Vd9qhsiija00LIiKNCKPg80PPJtZbtTWfwqVbdRpGZZS19TY1ZLCFtG9RbqQ7iM7ar8c52IQ7BiYz5YRfYnb6ANrxV1YF9KvzhQUSI7AUPAnF_xZo6fvKn_XH1J2VL2Mrk66qSBC9WX3iN_MPm74Rb6ysXoXzo_AL9YfEObzIHsFaEV7ay3V_zh8CFb0VbIejkUj9nT2XZPx9QaYtAmW_OECabvROQ3quJuMNIy1-11rNJzYwvzZ7hfVHGIhP9wxrYEsiT89AJ499IrhI4GPHWMe5RGLY75zLMp5AyPHW3tSN6TaHpapIu7XngUIY21O6YX6W_m31ea3KtHjvphm2PHsbxg3L1dCaBTBoi20Bsqm5iOP805Tndz-SfPSWG8w20LkJcCSFJx88qDCXA6mE4ME-NHTSrj05rw&sai=AMfl-YTNwo8XjgONkJu-NI8H40PZccMpCdCqa09C-alFPu86shfDd2bl2roPRoetB7OnV9wHQcX4kXdlEI0Tn5KZdipmNgHA9vROgXLHTqHFIsRYXkXDJF3QRzNR6C_hh14VZ50Zr7kdL4QMIIHVllHXplnnPLou2JHDey9v4WqwBBVga_Cma7I4haFRxtwq5SbPRePOlzq-lUdLNO4ehCeTirTuyKMKzKBb5qdCI0-M4J7ulQCrVjvvoX3FvDDKXHXP0GoaI4jYc9EeayyWgtfkgsEQEvBRSXWQ&sig=Cg0ArKJSzNlRTEoHjoeqEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=255&vt=11&dtpt=141&dett=3&cstd=113&cisv=r20230705.26154&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.jiastar11.com
URL: https://www.jiastar11.com/d/oxal0f?fbclid=IwAR16jk1amm3uglaJHjv4sL6NdQKtRe8MVlBxo25ll2uZPzkVPAfzpTYGVUQ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 07 Jul 2023 07:08:44 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 96F1 17 KB
6 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 07 Jul 2023 07:08:44 GMT

GET
H3 200 congstarfont.woff2
s0.2mdn.net/creatives/assets/4234010/ Frame 96F1 98 KB
98 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4234010/congstarfont.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14408604554560116435/1676550659977.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/14408604554560116435/1676550659977.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 06:56:38 GMT
x-content-type-options: nosniff
age: 726
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100772
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 09:13:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Jul 2023 07:11:38 GMT

GET
H3 200 86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame 96F1 57 KB
57 KB 11ms
10ms Font
font/woff 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14408604554560116435/1676550659977.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/14408604554560116435/1676550659977.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:05:24 GMT
x-content-type-options: nosniff
age: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58447
x-xss-protection: 0
last-modified: Wed, 15 Feb 2017 10:23:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Jul 2023 07:20:24 GMT

GET
H3 200 JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js Show response
pagead2.googlesyndication.com/bg/ Frame 9737 37 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 19:20:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14572
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Jul 2024 19:20:32 GMT

GET
H3 200 03032023-031221400-672_560_homespot-router-weiss-wlane42aa675-71b9-4dcb-82a4-02763006e23c.png
s0.2mdn.net/4528404/ Frame 96F1 130 KB
130 KB 8ms
8ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031221400-672_560_homespot-router-weiss-wlane42aa675-71b9-4dcb-82a4-02763006e23c.png

Requested by

Host: f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com
URL: https://f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4113ea7addb0efdabb3d7095496fd8a25a983169b80e5e0b651b8852d07c794c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/14408604554560116435/index.html?e=69&leftOffset=0&topOffset=0&c=kLFlwtZkJE&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 09:18:13 GMT
x-content-type-options: nosniff
age: 78631
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133280
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:12:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Jul 2023 09:18:13 GMT

GET
H3 200 03032023-031221400-672_560_homespot-router-weiss-wlane42aa675-71b9-4dcb-82a4-02763006e23c.png
s0.2mdn.net/4528404/ Frame 96F1 130 KB
130 KB 7ms
6ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031221400-672_560_homespot-router-weiss-wlane42aa675-71b9-4dcb-82a4-02763006e23c.png

Requested by

Host: f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com
URL: https://f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4113ea7addb0efdabb3d7095496fd8a25a983169b80e5e0b651b8852d07c794c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14408604554560116435/index.html?e=69&leftOffset=0&topOffset=0&c=kLFlwtZkJE&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 09:18:13 GMT
x-content-type-options: nosniff
age: 78631
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133280
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:12:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Jul 2023 09:18:13 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame AF55 43 B
215 B 94ms
94ms Image
image/gif 2600:1f18:1aca:4282:2d30:88da:dd2d:1d93
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=ad2a4dd1-fe8e-f230-edff-ee681f7fb922&tv=%7Bc:hFadQh,pingTime:-10,time:532,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xOTggU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1688713724412%7C%7Cb3a4e15644f55b6e7fd3767336b1ed79%7C%7Cdc0a08e416cd7f8471c71ad711523ca3%7C%7Ccfa27c6458c88055e42513251b856e44%7C%7C5076b0cbd8a5948a8945d54340bcc6ec%7C%7C5061afe0679ec9f08b2eaac88f600306%7C%7C7b6ed5db9d5f716a7cf2a70746853bcd%7C%7C4a43b35200dd1f4fce3979347f563ffb%7C%7C1663701684%7D
Requested by: Host: 9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com
URL: https://9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:2d30:88da:dd2d:1d93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:44 GMT
server: nginx
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 75E5 43 B
215 B 93ms
93ms Image
image/gif 2600:1f18:1aca:4282:2d30:88da:dd2d:1d93
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=9ca935c2-b8b2-09a7-2d08-c17aca844532&tv=%7Bc:hFadQA,time:371,type:e,im:%7Bpci:%7Btdr:56%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:371,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:113,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B267~0%5D,as:%5B267~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:177,fm:tJj0GH7+111%7C121%7C13%7C141%7C1421%7C1422%7C1423%7C151%7C152%7C1531*.1350098-69352127%7C15311%7C15312%7C15313%7C161%7C162%7C1631.1350098-69352127%7C16311%7C16312%7C16313%7C16314%7C17,idMap:1531*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:114,sis:230%7D&br=c
Requested by: Host: 5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com
URL: https://5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:2d30:88da:dd2d:1d93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:44 GMT
server: nginx
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F432 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bp8BB-7mnZPPmNJ7P7_UPmpC9oAgAAAAAOAHgBAI&bg=!ExClEETNAAb90kgr3dI7ADkAdvg8Wib_b5LJozNmx-QRZogRAVZnkhBL_YXUHUPODQ9aM9CopIakbgkRwgZITHk5NxV3out6HQgCAAAA2VIAAAAFaAEHmQMhSK7xzzq2pOWd77rdMnHZT4esWx2_yla-o78Hra8-d3sXe6r3aP6SYVoeO4vKwwaNFghMKR7gXiSCS4yf4k97OG1nVnfPk0vtx8a5USiWJxWJiZdien5H5jPUKFD7od2jshCAaXFHTiK0pl_nl11goaI2KepoMIu3lgOQLbwJHmVkvslyHdfW9KM1ukA3LkgUnRh_KyEiNEmKM9w2m6l2lB_aYEtJq9UnhjbGrvoh_uMFm1t3pQ-OPHxkE2bYw_uUQ-8WkqHVSsJLf_17WzR1wim4l4D_wl7vRV82GUEtno3LcXvqY0552me3m1JGMRiTE_s1UoX9cZXdp2iOf1I3WsAT3Le2GupKUtFibnqDfAo00JwB55HDmmJBN4H-jIfCW7IkltMgT5huJGlE6IjXy0J0T8-HF1HGDQ98C_t_vxLM1XspfRPjM8jGCS5fxvGOz4K5EUKH1_jw7H4C6Iso-oPn8MPbdgVUX9VODAIqzFMKvQSGYXvxMDidwd5kSrgDVdqIrFMiyEQ4nRDtyFvF91ilxCBJ6BZD1SEFk-ibeAhTx99RkAVI9yItsR7aXLGAp0LmDouku6mmbDHjoBkcbTdriIPvhQvIMoG2dT2dFIIYSpVuMAGjFjy3Oz6ail2ketVg_w4UAbt4z6BR6KT1Fbu1oKFJ2nx29D_2jJz5_VYMUVoyYSUWOBuMwU-IjxGW7j0EPnJofkv0gdjWHujJUm-45PQquXchfCUNvphcHPGdbYsF4xA-9rmzSGM1iensbsvx0myggYIlQ_MRPTdpI8STuKxRmRrD7Lp80j52rg5G6q5UE0VjjfckxrdUXETTLngAVQPA842HmewXfYULPse489tdfJ0AX-mNUXebuWtKU03JX8PUSJ2FX53Vqfoi0ukO4oNkZDEmX91ctZZD2zre8kZWV3dCxWfGwlspkHlwGQUTBtwNJi3orOs3k5Vy4P8jUYvV1SFPzHQNB2xb58XRGfQtGksSzb-GVPi5kgg6dqKtV2yQQG7zlHNivrgGcvlDdZ2tyCwppRqrtPbS4_ELP0Dlnb4whdWRka5H1K_b

Requested by

Host: f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com
URL: https://f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 393B 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BSYdi-7mnZKL0NsyU9u8Plv-4qAsAAAAAOAHgBAI&bg=!XF-lXwvNAAb90kgr3dI7ADkAdvg8WrQ0IKb8nqdcfDHTfgujKhO1JUZQpHP2mzNqgI8uQsJgTQr4KSNoqUbkcZtPtKuab7vv7x4CAAAA31IAAAAGaAEHCgASo-OZwmZ6-OCX9VhBAYuYROyZmQNP4QmYTKdtxHHu8JS6vim2dHCzi4MAbWYqCQUI7kEUY2Qc0ATxTq8ZE-lAwRi-MHxFwDz-2nr3L8PN2YyzNr7yS0vh0lvezY_R7jb1ayadWlyTyPpuQF83SvSz_2Pk2JgtiMxiYdzozNSf4WwtOZtGsPU4F2zrtTKr5vYMon7U2u2nPNZWt68brZcAmnjoT9gZhbN-0VwdzeLzo7u44Z__MkJ782bLqVqi6dfZaQ3SIcFEawb_0W6sL0t-yv3w37csbbqTA0ryh-kPDg7TyK6ha3vXCeQfEGARuAX64lkf5uDuzz1LEReR5dwKX9XdCVTGQAIWi-iK7iYIg-vC-KcSOkyG5WqsgYczF6ubguafaf0jIJdmYsjaRutt_oDiZoXZrwKW0MErWOb6wq-6S4mvA7o7Xcpv7n7_IN5CijJ1-3S-z9MN2blL_4wBpNFmkK0a3tjjEgDQ-rL642P163uhSSGwz879UFBJfulnGp9Fku28Jk15NMlcGZYCh_5cRXqiI1DAo9899dTYMvwSLUaAAD0E9sFDxmkNRBNuI9KrIMHVe68sGm_etpwmaIHjoZqvhOil24DLaoKSruEV9li-KR1rDwQwlK0Satwl2Vo5z1eSGCW9c80WPsm272jCZXPzQLVKrcwE7FCHPM17U2JGnUhqZHPZK_FDxnOVcJEfgZ6qloESjVNPV3MTL9tqGNgYneKcIDV4Jy_vdU7EIi7Jf92bD25-GkPGzSyVAL1Hiu2PQTTUcxUkObUUXd6zs_8hCAooyvTsVhVYKePvVZgyiu-e4Qgrymm_5XhRJcdZMoKfZPWldFo0BJZI46GOq1C7fabOqVHnfhlNpzkQqK0SfVRAODV0d63beTWLBUWgdtGTnac3avRtRI5_r_xR1_Dvhbyk_bSwT-QO5iBHE6pGTxU-50xuCtwVrkOrI81HtdB8pZ2gZb6R6YwM4UselOF51_KHzFgE2QdRo-yDxFNEgYzQdjLREWqbwaTabVa1d6mVrhFPWQx2HGxd_JDvUKefWMskduGSv-A5zpWVCVD8ofU93hD5o_w83n0JdICAMybLpf9G2SReEMtKz3uo6V3EUmBdpUQrJufVpaAOKWJcHJLp2iEG7BcrMmBR0j1PPQ

Requested by

Host: 5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com
URL: https://5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 75E5 43 B
215 B 94ms
93ms Image
image/gif 2600:1f18:1aca:4282:2d30:88da:dd2d:1d93
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=9ca935c2-b8b2-09a7-2d08-c17aca844532&tv=%7Bc:hFadRU,pingTime:-10,time:453,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xOTggU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1688713724513%7C%7Cb81d84b75df0f17dead9c3808fc2f74b%7C%7Cdc0a08e416cd7f8471c71ad711523ca3%7C%7Ce5878aeec6765e3749c8be16f44cfb82%7C%7C4a1ce5ea0205d21316cae007ef1e5dd3%7C%7Cd923ec7f76754f4cdcda81fa92397678%7C%7C33b6893a2f0c37db638a109ba1038356%7C%7C72325c29f23de9b6bf21b186b5b90215%7C%7C1663701684%7D
Requested by: Host: 5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com
URL: https://5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:2d30:88da:dd2d:1d93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 07:08:44 GMT
server: nginx
x-server-name: dt17.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 336280_4.css
js.akusehat.info/track/css/ Frame 667D 3 KB
2 KB 14ms
14ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.akusehat.info/track/css/336280_4.css
Requested by: Host: js.akusehat.info
URL: https://js.akusehat.info/track/js/gemini_2getherclick_ifr.js?size=336280&cssHost=//js.akusehat.info/track/css/&cssUrl=//js.akusehat.info/track/css/336280_4.css&aid=0&apiKey=23J6S4YK6MVCTD7HCBM8&sectionCode=d0f1f448-4828-4ed1-934d-614e40ebf651
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c11c1d9edeb45bc33a3a17f4cac705fbd3973ea9ea9aa1d5b1241036e81145b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yaya0506.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:08:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 25 May 2022 08:13:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 221393
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FMIs%2BRCKcHUznBi%2FGlrGokrB34GXQLloYUtxjlohK1Lv0UMwRdZ1%2FczyXA2taBVXZxUHBV3LiOVSqgjeNlHpIG8VhmcwoQYVlDYjGaoNXG8Yg9Kstl6VmjQOi5mJ1YDmm7%2BZ6oOfxsCHp4EjetEl"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=259200
cf-ray: 7e2e420ac8e56958-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 07 Jul 2023 17:38:50 GMT

GET
H2 200 yap.js Show response
s.yimg.com/av/yap/ga/ Frame 667D 69 KB
21 KB 20ms
19ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/av/yap/ga/yap.js

Requested by

Host: www.jiastar11.com
URL: https://www.jiastar11.com/d/oxal0f?fbclid=IwAR16jk1amm3uglaJHjv4sL6NdQKtRe8MVlBxo25ll2uZPzkVPAfzpTYGVUQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

56cf6c2adb75e276955f3bf951793f0c794ceb51d67d5d2c64b8ec01b996ecc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yaya0506.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 06:11:37 GMT
content-encoding: gzip
x-amz-meta-created-date: Thu, 14 Jun 2018 21:01:51 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: PX4Y33ZH8YWD5M9V
age: 3428
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1529010111289407
x-amz-id-2: f0uMwSrFELnFgQa2z32T7bgv07ijbxZ5heIR6G+kHSwDTm5YpcMIk9dxjFoHE620wEki8bRR9tc=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 22 Jun 2018 20:24:03 GMT
server: ATS
etag: "dc33089f908605f46038b49337653924-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding,Origin
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,stale-while-revalidate=30,max-age=3600
accept-ranges: bytes
x-amz-meta-mbst-etag: "YM:1:f804d14e-b940-4c8c-9951-826241a860ad00056ea0688a983f"
x-amz-meta-x-ysws-access: public
expires: Fri, 22 Jun 2018 21:24:02 GMT

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 667D 256 B
306 B 58ms
58ms Script
application/javascript 87.248.100.137
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_us&agentVersion=205&adTrackingEnabled=true&adUnitCode=d0f1f448-4828-4ed1-934d-614e40ebf651&apiKey=23J6S4YK6MVCTD7HCBM8&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fyaya0506.com&caps=16&cb=JSONPCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/av/yap/ga/yap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.137 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o2.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

6a3eeed12943e0b360fffcc3777e1815599e6ea2f973c84f521748c34ad52021

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yaya0506.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Fri, 07 Jul 2023 07:08:44 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 14
x-xss-protection: 1; mode=block
x-request-id: 62fbaa11-2d19-4e58-9b93-db096b1d2625

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js

Domain: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.babiesjh.com/	1970-01-20 13:05:35	Name: xxxsskguid2673 Value: 6600b1bc-e8d8-44bd-ed12-0622c5eec35e
www.babiesjh.com/	1970-01-20 13:05:35	Name: lastlocation2673 Value: https%3A//www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09
.dable.io/	1970-01-20 13:23:31	Name: _gg_ck_match Value: 1
.dable.io/	1970-01-20 13:23:31	Name: _nas_ck_match Value: 1
.dable.io/	1970-01-20 13:23:31	Name: _nh_ck_match Value: 1
.dable.io/	1970-01-20 13:23:31	Name: _gn_ck_match Value: 1
.dable.io/	1970-01-20 13:23:31	Name: _kko_ck_match Value: 1
.www.babiesjh.com/	1970-01-20 22:41:13	Name: dable_uid Value: undefined
.www.babiesjh.com/	1970-01-20 13:48:25	Name: _im_vid Value: 01H4QJWZ018D6F6VMKD4MNNQXD
.babiesjh.com/	1970-01-20 13:06:40	Name: _gid Value: GA1.2.575774841.1688713723
.babiesjh.com/	1970-01-20 13:05:13	Name: _gat_gtag_UA_87942765_23 Value: 1
.babiesjh.com/	1970-01-20 22:41:13	Name: _ga_VCEDQQD6JV Value: GS1.1.1688713722.1.0.1688713722.0.0.0
.babiesjh.com/	1970-01-20 22:41:13	Name: _ga Value: GA1.1.116886738.1688713723
.doubleclick.net/	1970-01-20 22:26:49	Name: IDE Value: AHWqTUkjHDQrAg_T0hUddPoBLX_K6FhDjDW3tZ4utQMKiPRc9YCfTahkoAC6Q7uU
.adnxs.com/	1970-01-20 15:14:49	Name: uuid2 Value: 8167470920765164348
.casalemedia.com/	1970-01-20 21:50:49	Name: CMID Value: ZKe5.-Mn9lOEHmA8ebaBIQAA
.casalemedia.com/	1970-01-20 15:14:49	Name: CMPS Value: 5172
.casalemedia.com/	1970-01-20 15:14:49	Name: CMPRO Value: 5172
.babiesjh.com/	1970-01-20 22:26:49	Name: __gads Value: ID=7699c2eb17e66423:T=1688713723:RT=1688713723:S=ALNI_MYyZljaS05hUfEkawAwhUFJZmcgHg
.babiesjh.com/	1970-01-20 22:26:49	Name: __gpi Value: UID=00000c3873c0f3f3:T=1688713723:RT=1688713723:S=ALNI_MZc-WHXC5z1A-NCi3ddaORGKbDq3Q
.adnxs.com/	1970-01-20 15:14:49	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In?v?/'7!]tbPl1M>e)ZlrFUfJ+tGXxom8yMb6:9r2`>27)4KxSbpCZ'1cYvqLJt=U`V3If)y3KL9D3I?-!4e*%3
.doubleclick.net/	1970-01-20 17:24:25	Name: APC Value: Aa3gxNoQOd2ybtzefOUo5BHRjW1SP05W3xdjs9zTrGlda1wJtWzSDA
.bluekai.com/	1970-01-20 17:24:25	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 17:24:25	Name: bku Value: ts6O9wr8otuS/fRt

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://www.babiesjh.com/gmifr_lei.html(Line 10) Message: The key "target-densitydpi" is not supported.
rendering	warning	URL: https://www.babiesjh.com/gmifr_lei.html(Line 10) Message: The key "target-densitydpi" is not supported.
rendering	warning	URL: https://health-am.com/gmifr_lei.html(Line 10) Message: The key "target-densitydpi" is not supported.
security	warning	URL: https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09 Message: Mixed Content: The page at 'https://www.babiesjh.com/doc_YWN3cmw2QU5zVHFRdnJUVVNNNEtnZz09' was loaded over HTTPS, but requested an insecure element 'http://pic.logkb.com/ad0113/2023-07-06/B71D586DD112w788h470.Jpeg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
rendering	warning	URL: https://yaya0506.com/gmifr_lei.html(Line 10) Message: The key "target-densitydpi" is not supported.
rendering	warning	URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js Message: The key "target-densitydpi" is not supported.
rendering	warning	URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js Message: The key "target-densitydpi" is not supported.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5133e8ca385390560f7cd6fec5b5080b.safeframe.googlesyndication.com
9ba6c5b43821f284ff1e17e652d777db.safeframe.googlesyndication.com
ad.sitemaji.com
ads.yap.yahoo.com
adservice.google.com
ajax.googleapis.com
api.dable.io
audiencedata.im-apps.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
count.babiesjh.com
count.xxxssk.com
dmp.im-apps.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
f73b19bba3e1ac07e4b728384a47d143.safeframe.googlesyndication.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
health-am.com
ib.adnxs.com
js.akusehat.info
l.logly.co.jp
nt.compass-fit.jp
pagead2.googlesyndication.com
pic.logkb.com
popup.babiesjh.com
region1.google-analytics.com
s.yimg.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.dable.io
static.intentarget.com
static.rifusy.com
store.babiesjh.com
sync.logly.co.jp
sync.teads.tv
tags.bluekai.com
tpc.googlesyndication.com
twstat.babiesjh.com
twtpstat.zhentoo.com
us-u.openx.net
www.babiesjh.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.jiastar11.com
www.scupio.net
yaya0506.com
static.intentarget.com
www.googletagservices.com
108.138.7.39
119.28.134.92
119.28.16.172
142.250.185.226
142.250.186.66
185.80.39.216
2.16.97.41
2001:4860:4802:34::36
23.192.153.172
2600:1901:0:e207::
2600:1f18:1aca:4282:2d30:88da:dd2d:1d93
2600:9000:223f:3c00:8:48e:53c0:93a1
2606:4700:3030::6815:5f9d
2606:4700:3030::ac43:ccc3
2606:4700:3031::ac43:91b8
2606:4700:3033::6815:2275
2606:4700:3033::ac43:d64e
2606:4700:3034::ac43:d9d7
2606:4700:3036::ac43:a75c
2606:4700::6811:190e
2606:4700:e0::ac40:6725
2a00:1288:80:807::1
2a00:1450:4001:806::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2006
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2002
2a00:1450:4001:831::2004
2a02:26f0:3100::1725:e270
2a06:98c1:3120::3
2a06:98c1:3121::3
3.115.196.58
3.38.54.12
35.186.215.140
35.244.159.8
37.252.171.85
54.238.42.234
63.35.89.158
87.248.100.137
92.122.25.231
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
01dd3d918cf7a4c7b66a6f87c178d62f0c61042cb64216fc48b30b3913e0e700
04782f0dbcd21c94eb5f3d4e9775efcdddab8098ccf97cc1f14ba68c46f6beb1
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
096e753cd5d1a594617f3887409a5a88948000d95bbf7b39e8fd777b5df72255
0ac8e488353ad6b93011388d8b46d58ddb80c05d70f747f5352712602aad1187
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dbd4e4fd5ed44142a5f750462ffd86db00aaa51ba5990381c4740d21b4478f7
0e8b00b16e498a7723688bcfbcf7c91ddaaaaf3004afb60600602d4d25a5b404
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5
13f9a278e137801f65c934358ad0cd4674c8eddbb4b901ca7dd66aaec9163cd1
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1a57db2d20d256da701a75ba8d9ab28c27e9b98a25bd39f7f683efde70e2328b
1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26bc4fcd09556030f5b0e1f3a6cdc9fe08c17663ceb6f261772aa675d8e6a7d4
26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65
27f7c8ffc293a47a6c47cdd32cd7c77ae10bba0e9743a91c8ed2af3acf3a3753
28b32413b9dc867b4ca3d3a09d712556bc73b4ef96cd1831332df71212161463
2b9762ec4c79880a8ee79ba7b32037fa67f4f4afa4540852b70ea98295464764
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
323fb2eeb46fd2a0235f1406fff8ab5979f78717a4957cd507496242e9942a18
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
331c8fa96921e7ba3efa9d805a0a607155cf726cb89c494d2ab7bbcc00bc0929
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
351552ec814613637605cb1f76449f4b5c74319b8094d8a4a7a904a0adb88fad
3ed601de85eb9a34a7063ae949e45949915754e0c14dfb337d422e602affb13b
4113ea7addb0efdabb3d7095496fd8a25a983169b80e5e0b651b8852d07c794c
43a5f12b9832fbe2071a0a9609c3bf1ce1296251a11c503d212e64ec43fe47dc
46872ae309c3c11932c22711cce9cd628932c2ec10ead9b5ba13704c0001d39c
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec
48c56e5047fc51ccfd3410a13047507a3a8af2a66c1b8f09e2aa22192cad7a6c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d24a3646c524336d1a00d5102a4fab0629caced791ff7f05a89d12253e147d3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50d7a16a23b4043d2eda3df0d29a35a74411076174e6b5c0df75bae6832ff92f
53ab786b1f3e1fbc8f3a46f2c17bbf0687bf5bc9485b0af444ed242ffa4391a9
54fdfac049fcabd73da1e1545f5cdaf17bb5d821f6c404e578c375618ec44708
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56cf6c2adb75e276955f3bf951793f0c794ceb51d67d5d2c64b8ec01b996ecc4
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
5aec11adaa3d4f79f1459c6e7c35eac3bf267dbfd2eb3fdb1557409acee1dd5a
5b2d07f444380914a71b578ca63ac48f88bacbd0af29333166862fad6a62f255
5b84f1090fcbb288d38b5ef17a69450a2aa986530ee8d4dda8f7bfb1e3a77da0
5c69b463a28dcb38e0d21884138e0c7809fb4d9adfe0abeab44c8bda77493571
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
5f04a67133e8d41a751e2030f0c3492cd7438868d74e850b94007eb12805e6d7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965
6a3eeed12943e0b360fffcc3777e1815599e6ea2f973c84f521748c34ad52021
6ae431e5af4a1e78f8655086b97029d0bea2f107751ddc19a406a9982e3ee972
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6be15c254dbcfecc64732b56ceb430ce33df14ad3074ec9149f853d392c59af3
6e678a5ff4ee5eb876d00267dd70b450d0d6b53e0fb44818804136c24c425c01
6f88ad1b185e443ce4a39c76c65fa4b6f199c1521398535cc5452b19304d5f17
71ebdaf6142d01d2c5a1398783ef56f76f6962b73223344d4b24f7cc341d4914
77fd60767b6e49f9b53f9b57232465d37704b8bc71d4e95b418aa8f209fed824
7c100a5dc753c4ddc44f40728ff8b81e57fe8c32b61ba88a2d94497b75ee1a5e
7eb19b71e68250796593a940b475ce0295d837b3ca5f57bbc949029f4254fe43
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
85f22cedc5b2b7c260e87dd48853197b5e2e9fb70f4a9a8e082457f1412b03ab
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
894d168f5801f5e9b2a17ca08323f46133ee320b4b5137599b845e94de4da315
8ab758e32437cf86d59e683d808940365c56bf6893f391a96d19e731b21bf154
8d94248c9764a4ecdc98e5b03dafdd4c09aacdc61194d734b81c7f1276c4eeeb
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8
98d10792834c3ae27094cd7d1cfe52b52effbe4779b553997259e3d0ac3e773c
9af7fd8d18e80b0ac79b602081f75c658a17a7b4599674bf3822bacc9eec5f79
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a8b5ba0b9b88b49357cd58b131b075ac8c08e23b364eaca856323ce81ca58cb5
a8c4bc68282ebe0bc7f7a5844c4c28f9775c4a62eb20b9770c7ba7948a705c17
a8cba822b9b0aa7010f007e77604100a5e7b0590a37defdecf92e776f24ea0e0
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
afb53fd4ebdbf9a8c0004c833859b00787d43663b922b969b19fe9eeb74ebe78
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ede5f6c20a18e0e28467f98d21dc394f6dce158cdf898610ca109867eba989
b23d1943800e5bc093e49196170e67ac9fb39a3e8012275c8bb051ff9fbdc976
b3abdc43e7ba186c9e18630dbbb447cc79532d799a95840ab7f85586ee681e3c
b3ba01c2016e2915de2e6fcf6e0abfa4366b51c915d88529d972624aca26c82b
b5921a88d975cd06e472d39db8123d6cdf35edb9a96a6f72c124f0478d78273c
b646710728af404cec45eff0aac8982f6515e35822ce4ee6369e6d5d9d728f1f
b8362bf9d3ffe89b915643ae086a9f0e652e7c411e6717f4d751b4cfa81c3b0c
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
bc541db2812eba233c57d8206cc94a66f11d4d9e414844388f05f2982b3741d6
bc8ff5fc4b2d224607e923e1731b32c687d5f9e1f43b0368d57a1713ebc92805
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bf56b14d330ae25ccd631572b03088cf4982d39bea9aaf39df953c1777d94ee6
bfc29c17292ecabcf6ac3123497ef8e0684c078f1b2a58cdd65da41fc29b28fd
c11c1d9edeb45bc33a3a17f4cac705fbd3973ea9ea9aa1d5b1241036e81145b9
c2b0c7f2940d420a60c745f07bfa3962c9e7d825653c7bc95aa3d9a52c6b0ea2
c53448776622c5e7d7690c1d6086b02b9084efccfb1f7249fa08f431fb104bd1
c54c70091292885af91266fad912075f87eeb7e18dfbe1cfc1ae7a8e33cf0ed0
c950bdb3171907dd6adc02a07023992f892095f78f251750ebbb01ff386282ac
caa352024d28f4ba75cc21bf8858e4ed2387ffa1b3752a2c2b11e69cbe4151ca
cff8001763a4cb0cb81352e07fb9927790673baaeda29140c072f30c5933cf10
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d439888e68e559433a32139301c60c4152bc55111ecccf9340d909d7edc0db17
d7b54783306384fbc89a7a0beb39ba78ef5eea3d71bd5bbce802ad9d59c6a240
d8057577d026ce7e164c1b0e2df3b29b0da2e10eff5c205b2e9dd1c4a3fd9c1f
db33d1de8b67ce35297935c9be95aee450afdb3edf20d5768773e947577bc918
dc6738ffbc1a0c4898d481bb4c4cd4c088886a879f822f1ada249204e9dcd48a
dd0201e74a6d8f390f249e33c52e77106cc98dc4cfe7ebfef8cc090848795e66
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e18047dd3d47f6dd8e97fd994bca884945f749c936147825e60e70241a8c4b5e
e29b33da8a331a123568508fbc72399ef6373f95fdd431244258bdb35e993efb
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58c75889e4d4561b247e641e81c38e337ac33b7bcf120b8dd3800e726ff3917
e93636d3ef399dc7d33a87e01495e525303cdcb7f443dbfa77f05e4c80825407
ec5bd3cd257e9fa2482b79462c6cb48266dbf1a3d80c4d123187e7a89d57e6e3
ee966eeb12de776fd944e061de1be8eb1922b118c2c1907b4bcd813c5f289ad8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1dae407d996ce9f8b25d5fbd18932e8a9282af677882efa24646e4bb715c502
f457ccef28dc61f8af848120963ff145be0078911a0d99097148eb87df1ff212
f721f1386a20adccb1de69d549e8d4462f5ce68f592213d3c2a56b9e92e70794
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

www.babiesjh.com Open in urlscan Pro 2606:4700:3030::ac43:ccc3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

225 Requests

91 %HTTPS

62 %IPv6

33 Domains

51 Subdomains

46 IPs

8 Countries

3225 kBTransfer

6929 kBSize

24 Cookies

0 Outgoing links

Page URL History

Redirected requests

225 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.babiesjh.com Open in urlscan Pro
2606:4700:3030::ac43:ccc3 Public Scan

Screenshot
Live screenshot

Full Image

225
Requests

91 %
HTTPS

62 %
IPv6

33
Domains

51
Subdomains

46
IPs

8
Countries

3225 kB
Transfer

6929 kB
Size

24
Cookies

225 HTTP transactions
4 data transactions