a2zapk.io Open in urlscan Pro
2606:4700:20::681a:79a Public Scan

Go To Rescan
Add Verdict Report

URL:
https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
Submission: On August 24 via manual (August 24th 2023, 4:44:31 am UTC) from BR — Scanned from DE

Summary HTTP 280 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 30 IPs in 3 countries across 18 domains to perform 280 HTTP transactions. The main IP is 2606:4700:20::681a:79a, located in United States and belongs to CLOUDFLARENET, US. The main domain is a2zapk.io.
TLS certificate: Issued by GTS CA 1P5 on August 4th 2023. Valid for: 3 months.

This is the only time a2zapk.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 35	2606:4700:20:... 2606:4700:20::681a:79a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:830::2016	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	199.232.192.134 199.232.192.134	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	204.79.197.203 204.79.197.203	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
65	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
32	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
21 28	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
14 28	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
11 18	37.252.171.21 37.252.171.21	29990 (ASN-APPNEX) (ASN-APPNEX)
14	2a00:1450:400... 2a00:1450:4001:80b::2006	15169 (GOOGLE) (GOOGLE)
6	138.201.135.164 138.201.135.164	24940 (HETZNER-AS) (HETZNER-AS)
1 5	46.4.10.47 46.4.10.47	24940 (HETZNER-AS) (HETZNER-AS)
1 4	176.9.26.250 176.9.26.250	24940 (HETZNER-AS) (HETZNER-AS)
1 5	138.201.63.117 138.201.63.117	24940 (HETZNER-AS) (HETZNER-AS)
1 4	138.201.84.252 138.201.84.252	24940 (HETZNER-AS) (HETZNER-AS)
1 5	138.201.63.150 138.201.63.150	24940 (HETZNER-AS) (HETZNER-AS)
1 4	138.201.64.38 138.201.64.38	24940 (HETZNER-AS) (HETZNER-AS)
6	85.114.131.235 85.114.131.235	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
280	30

35 2606:4700:20::681a:79a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a2zapk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:830::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play-lh.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.192.134 (United States)

ASN54113 (FASTLY, US)

a2zapk.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.79.197.203 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0003.a-msedge.net

srtb.msn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

65 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 142.250.186.98 (United States) 21 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 185.80.39.216 (Canada) 14 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 37.252.171.21 (Frankfurt am Main, Germany) 11 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 138.201.135.164 (St. Ingbert, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.135.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 46.4.10.47 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.47.10.4.46.clients.your-server.de

hal90002.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 176.9.26.250 (Berlin, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.250.26.9.176.clients.your-server.de

hal900014.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.201.63.117 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.117.63.201.138.clients.your-server.de

hal90003.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.84.252 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.252.84.201.138.clients.your-server.de

hal900024.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.201.63.150 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.150.63.201.138.clients.your-server.de

hal90008.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.64.38 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.38.64.201.138.clients.your-server.de

hal900011.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 85.114.131.235 (Weil am Rhein, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: srv21039.dus4.fastwebserver.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
105	googlesyndication.com 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 tpc.googlesyndication.com — Cisco Umbrella Rank: 155	609 KB
47	doubleclick.net 21 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 210 cm.g.doubleclick.net — Cisco Umbrella Rank: 242	333 KB
35	a2zapk.io 1 redirects a2zapk.io	97 KB
33	redintelligence.net 6 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 44744 hal90002.redintelligence.net — Cisco Umbrella Rank: 377934 hal900014.redintelligence.net — Cisco Umbrella Rank: 282461 hal90003.redintelligence.net — Cisco Umbrella Rank: 304452 hal900024.redintelligence.net — Cisco Umbrella Rank: 280798 hal90008.redintelligence.net — Cisco Umbrella Rank: 328821 hal900011.redintelligence.net — Cisco Umbrella Rank: 291919	62 KB
28	casalemedia.com 14 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 594	20 KB
28	googleusercontent.com play-lh.googleusercontent.com — Cisco Umbrella Rank: 440	194 KB
18	adnxs.com 11 redirects ib.adnxs.com — Cisco Umbrella Rank: 245	14 KB
14	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 328	291 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 222	396 KB
6	contentspread.net cdn.contentspread.net — Cisco Umbrella Rank: 90311	283 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 45 ajax.googleapis.com — Cisco Umbrella Rank: 366	65 KB
2	disqus.com a2zapk.disqus.com	2 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	28 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	msn.com srtb.msn.com — Cisco Umbrella Rank: 664
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2412	250 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1024	7 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	87 KB
280	18

	Domain	Requested by
65	pagead2.googlesyndication.com	securepubads.g.doubleclick.net a2zapk.io 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
35	a2zapk.io	1 redirects a2zapk.io cdnjs.cloudflare.com static.cloudflareinsights.com
32	tpc.googlesyndication.com	securepubads.g.doubleclick.net a2zapk.io 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
28	dsum-sec.casalemedia.com	14 redirects googleads.g.doubleclick.net
28	cm.g.doubleclick.net	21 redirects googleads.g.doubleclick.net
28	play-lh.googleusercontent.com	a2zapk.io
18	ib.adnxs.com	11 redirects googleads.g.doubleclick.net
15	googleads.g.doubleclick.net	a2zapk.io 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com pagead2.googlesyndication.com
14	s0.2mdn.net	a2zapk.io s0.2mdn.net
8	25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
7	www.googletagservices.com	a2zapk.io 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
6	cdn.contentspread.net	hal900024.redintelligence.net hal900014.redintelligence.net hal90003.redintelligence.net hal90002.redintelligence.net hal900011.redintelligence.net hal90008.redintelligence.net
6	hal9000.redintelligence.net	25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
5	hal90008.redintelligence.net	1 redirects 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com hal90008.redintelligence.net
5	hal90003.redintelligence.net	1 redirects 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com hal90003.redintelligence.net
5	hal90002.redintelligence.net	1 redirects 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com hal90002.redintelligence.net
4	hal900011.redintelligence.net	1 redirects 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com hal900011.redintelligence.net
4	hal900024.redintelligence.net	1 redirects 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com hal900024.redintelligence.net
4	hal900014.redintelligence.net	1 redirects 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com hal900014.redintelligence.net
4	securepubads.g.doubleclick.net	a2zapk.io securepubads.g.doubleclick.net
2	ajax.googleapis.com	hal90002.redintelligence.net hal90008.redintelligence.net
2	a2zapk.disqus.com	a2zapk.io a2zapk.disqus.com
2	cdnjs.cloudflare.com	a2zapk.io
1	www.google.com	tpc.googlesyndication.com
1	fonts.googleapis.com	25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
1	srtb.msn.com	a2zapk.io
1	region1.google-analytics.com	www.googletagmanager.com
1	static.cloudflareinsights.com	a2zapk.io
1	www.googletagmanager.com	a2zapk.io
280	29

This site contains links to these domains. Also see Links.

Domain
unlockapk.com
t.me
plus.google.com
www.youtube.com
telegram.me
www.facebook.com
twitter.com
www.digg.com
www.linkedin.com
reddit.com
www.stumbleupon.com
www.tumblr.com

Subject Issuer	Validity	Valid
a2zapk.io GTS CA 1P5	`2023-08-04` - `2023-11-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.disqus.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-13` - `2024-04-20`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.msn.com Microsoft RSA TLS CA 01	`2022-09-08` - `2023-09-08`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
redintelligence.net R3	`2023-08-11` - `2023-11-09`	3 months	crt.sh
contentspread.net R3	`2023-08-24` - `2023-11-22`	3 months	crt.sh

This page contains 35 frames:

Primary Page: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
Frame ID: A4DCD108407A763A92575DBB0168410A
Requests: 76 HTTP requests in this frame

Frame: https://a2zapk.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
Frame ID: 52AE677C8FA667129B484A8A6B3DCA3F
Requests: 2 HTTP requests in this frame

Frame: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 34750AE99395026F4EB50DEEA88F7304
Requests: 1 HTTP requests in this frame

Frame: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 17F908ECDE82086B9218A1FDDFF67893
Requests: 3 HTTP requests in this frame

Frame: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 66B5EE757CED10757EFEA73CB3EEC358
Requests: 15 HTTP requests in this frame

Frame: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2C52B2044ECC414E71FC5CA255DA1BFD
Requests: 16 HTTP requests in this frame

Frame: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C2D7509DFE1477B4DF6FEE41EE169352
Requests: 16 HTTP requests in this frame

Frame: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E3EAF31CCD174C25A90EE7598E8D587B
Requests: 15 HTTP requests in this frame

Frame: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9CBD67D712CCA09B437AC137DE87F11A
Requests: 1 HTTP requests in this frame

Frame: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F4686214BF83AEE2C319A0CD23CE2FC7
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwtPDmAEwAQ&v=APEucNUDM0Ej39mpgTR1HIFMrBMxSq_NBqmxbrFPhezLjshsorseB1HBmJUvgJON0y2hjs7OlewCPFIa2FCzdF7K_IkKrtfkhzJfnV0oqWeKFk7acE2-4o2ARH_LkUl3CfPM2lK3VwSywpFYUxKlSpKTUQsadGk600Jjf_fn7DesqzxAQexzkOs
Frame ID: 5EE8CAFCCD2520C98F34C14ACF5F47E8
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 5745653083E36855CB3B95B405FAF2D8
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj3oLvGATAB&v=APEucNW8BJfHkrxn98ZrpMcV7ajbqW-dBkX-JBSaddYAoc8U3O0Wm94b4nDTDjZyG89Y5OACNLiPcJJSsm1HN5tmPFV9Mw7gKC4mEYTs931kgFtk-MqQO4UbpaAJ1wnWPycWStN974tmd07I1zkIafXnhtBSD2TXcoTKptpaGcKf4VQfscCtlXQ
Frame ID: 340DF409034601FCDA297C7F3287A04D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNVmSBMFrOatpqov2JAKfSRufuwesxSLgHzzNXBkF3x0ar_0zFiBYi4OTUZuol71aBHx1XgL78uja6KZDpE8gI7bSavZd8IY7mlaWhCUxiV_oBeyg2tqlcJCUMfkdiadZCKb0chyaOMtRbZEZhS0rMwU_r2aAeSRO9rb97iyYt4Vx8ifCn4
Frame ID: 8FE9A857A4C86FDE87862883214DC277
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNVVk1uPZB_28LuhhqJ42r8EmPVQzsUagGo0HG-coxMM6DyaoYItBqvFORZIu1AT0HNntzDEGcPxKxpB43E2pBdq_uV_UlCwgUiwY-ydr0Dq35L96AJXctxaxVV0ihR9iq5Jaa-f-PDuGRhUeCwtCmq5QLSuOnIkNySKwZmE1Yj9csAa4Hw
Frame ID: A58D8C1A183B6B680FD040B8351FDD9C
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNU4fJ4DBUBNM9fTj3L0TF3iUZ00fJtAd3oMN8Lp5eCrjIleOXl7YSNQOOBUqW8c5nJMIPWiVNEmTQfR_06_bDTofwqciXyMW5JziPmiK9Z2r6AHm6FxKh2gvVyTTLQFy8mRyO-FzP0qKUbPoyFaIu8t_0J47440PS2X2XfjAdZmZxc0fOU
Frame ID: 678C93E8F490299B66637284C7E74238
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjW7bvGATAB&v=APEucNXLSjmcmYqLq8g1YPOFAAFPC4P51d1kEUhCjLnTDkl8OCDRFRM2SdKGDaBNCnWS2MOLX0lEhR0QAuqcNL-LvjzSTme97N__X-u230FEtDrplcWw6uoKOE3kBdNuBcekqYjYO6uyAuc4JQ0yJUUPEDklEV3YPUvucTsfVQsC0bihduVCjPk
Frame ID: 0FD48915ED563E0C1C9711AE6357A7C2
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 25DE924D741E3F21BE4D8C14871C0DE9
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiKo7vGATAB&v=APEucNXc2nTouq3fafkIxJFlNx2c4NNEe-pGg17EeU5PflK71HS4dXLqDtBA85UPDAhxq6R78tQwSDphI3pRCPcuBes9NbXAvBq5zS0cJaTMGKCEsKkJftjgp5X8GdNzbJLkwpKzPf_w3jyHOUdR7UEVYzKTcK8uSAnNNdCox2At3T7DUccT14A
Frame ID: DD12B77E0B1418D59E2507A0A05B6B7E
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9C2C8F3840D0B9EFFDE797A8FD181AFB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A45C4E886FA7B93F43555F68DF217AE1
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 81CA53521737870F3BAD73525CEAEE97
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4254B4A94F601FA36AD77F910F851697
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FD4E60DD27F564CF376FBF6B35F27E2D
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4AC011D58CBB0BAFD6A2004C6C3D78F5
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3FEDAB440C0487D72C9F838AAE3A5C01
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2DB7CB954083056612888A7401156693
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8D4BDC346A9A79F226D70FBD9F2302AA
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250
Frame ID: 0EBA9A3A31FF441B6BB44408BC0CF297
Requests: 13 HTTP requests in this frame

Frame: https://hal900024.redintelligence.net/request_content.php?s=83798300012773404444554012426024&a=dd10c29e
Frame ID: 2D12F799DB4086710863D25F03C05343
Requests: 4 HTTP requests in this frame

Frame: https://hal900014.redintelligence.net/request_content.php?s=13456000010928104445008012426014&a=510301e7
Frame ID: 939B383A301FD55CDAB25F0B8E1C89D8
Requests: 4 HTTP requests in this frame

Frame: https://hal90003.redintelligence.net/request_content.php?s=57295000009940204445006012426003&a=1f56cc1d
Frame ID: AB9F3B325F0C593575BB80677BBC9EC7
Requests: 5 HTTP requests in this frame

Frame: https://hal90002.redintelligence.net/request_content.php?s=54264800010084604444550012426002&a=3066094a
Frame ID: E1695B9A9B95476109EBE01D627BBACB
Requests: 6 HTTP requests in this frame

Frame: https://hal900011.redintelligence.net/request_content.php?s=52310800013233704444982012426011&a=6fef2659
Frame ID: 535719F30BBC0A16CD8D76B24368E5EB
Requests: 4 HTTP requests in this frame

Frame: https://hal90008.redintelligence.net/request_content.php?s=79706200010569904444554012426008&a=c140bb15
Frame ID: 2344892FBD9061905E8E5BF9BEE6B8AD
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CAIXA Tem 1.52.1 APK for Android

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

280
Requests

88 %
HTTPS

55 %
IPv6

18
Domains

29
Subdomains

30
IPs

3
Countries

2452 kB
Transfer

5874 kB
Size

13
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://unlockapk.com/tool/
Title: AdFree Tool(Remove Ads Online)

Search URL Search Domain Scan URL

URL: https://t.me/joinchat/AAAAAESkO8aXp9DwuS7O7Q

Search URL Search Domain Scan URL

URL: https://plus.google.com/u/0/103172325778829268165

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCIPgMksz38ODT5OU4a8py_w/

Search URL Search Domain Scan URL

URL: https://telegram.me/a2zapkofficial

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Search URL Search Domain Scan URL

URL: https://www.digg.com/submit?url=https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Search URL Search Domain Scan URL

URL: https://reddit.com/submit?url=https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Search URL Search Domain Scan URL

URL: https://www.stumbleupon.com/submit?url=https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Search URL Search Domain Scan URL

URL: https://www.tumblr.com/share/link?url=https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://a2zapk.io/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://a2zapk.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

Request Chain 137

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBIoDrDuBAcL4d_vmBP5t58&google_cver=1

Request Chain 138

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZObgJ.vsJFLqxNOtcmrG0QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFYGF0f6xSE2dUJLmwXV3Bs&google_cver=1&google_hm=2

Request Chain 139

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEC7KYZmHhOZrbXlv7ASb3Tk&google_cver=1

Request Chain 140

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE0MDcyMDkxMjUzNDQ2OTI0MQ%3D%3D

Request Chain 141

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIx1oqiC2ETclrED4Bjh658&google_cver=1

Request Chain 142

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZObgJ5m7QuqjTjt7HE8XHAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFYGF0f6xSE2dUJLmwXV3Bs&google_cver=1

Request Chain 143

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFNybJtJO7iiqV-e6MrPKZQ&google_cver=1

Request Chain 144

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE0MDcyMDkxMjUzNDQ2OTI0MQ%3D%3D

Request Chain 145

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIx1oqiC2ETclrED4Bjh658&google_cver=1

Request Chain 146

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZObgJ5m7QuqjTjt7HE8XHAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFYGF0f6xSE2dUJLmwXV3Bs&google_cver=1

Request Chain 147

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFNybJtJO7iiqV-e6MrPKZQ&google_cver=1

Request Chain 148

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE0MDcyMDkxMjUzNDQ2OTI0MQ%3D%3D

Request Chain 149

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOvXVW9zqdnZ9tkqAzXASyc&google_cver=1

Request Chain 150

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZObgJ.vsJFLqxNOtcmrG0gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFYGF0f6xSE2dUJLmwXV3Bs&google_cver=1&google_hm=2

Request Chain 151

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPZ9AvoTe0bZF9DdR0BzOKU&google_cver=1

Request Chain 152

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE0MDcyMDkxMjUzNDQ2OTI0MQ%3D%3D

Request Chain 153

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFYGF0f6xSE2dUJLmwXV3Bs&google_cver=1

Request Chain 154

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZObgJ.vsJFLqxNOtcmrG0gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFYGF0f6xSE2dUJLmwXV3Bs&google_cver=1&google_hm=2

Request Chain 155

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENfgSWD62DKyMk4ctVgEMQE&google_cver=1

Request Chain 156

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY1MTYyODQ4NDA4NTUzMDA4MA%3D%3D

Request Chain 157

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFYGF0f6xSE2dUJLmwXV3Bs&google_cver=1

Request Chain 158

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZObgJ5m7QuqjTjt7HE8XHQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFYGF0f6xSE2dUJLmwXV3Bs&google_cver=1

Request Chain 159

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENfgSWD62DKyMk4ctVgEMQE&google_cver=1

Request Chain 160

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE0MDcyMDkxMjUzNDQ2OTI0MQ%3D%3D

Request Chain 161

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFYGF0f6xSE2dUJLmwXV3Bs&google_cver=1

Request Chain 162

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZObgJ5m7QuqjTjt7HE8XHQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFYGF0f6xSE2dUJLmwXV3Bs&google_cver=1

Request Chain 163

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENfgSWD62DKyMk4ctVgEMQE&google_cver=1

Request Chain 164

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE0MDcyMDkxMjUzNDQ2OTI0MQ%3D%3D

Request Chain 216

https://hal90002.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=3778cd41e8&subid=&uid=1d3544385dba1d57&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCl3bOJuDmZIbROOuF1PIP-8a66AOm5b2gaYWVnKfJD_AuEAEg3rionQFglfrwgYwHyAEJqQJHMi6NJTmyPqgDAcgDmwSqBOgBT9BWATRFzZRNqSfM6U-eln3mJNEIplB8ZxtWv6dNMing5giY6jTg2bZald1qPJ-4n9mKmj3KYox5imymIxgr-4GbLAJnzZQWycRV3GJ4OwucsU8BqFZ5irOoDE7IeqRlMKeS7a3sKCVhRQaR5qiidlIjudfkicDVAsRRP5n6pRc8F9i_yq5cOeEE-1EbJAko245Kp1lr_rjPjgTk5KrA2ZtnpPtRp8F484zYGE2qkcdswfl2RE0X0KoXmHHISh5y_dgDVGf46MH-NKnEN6VYsJlP5bTUwLbbHVVoeAxdDTGrH_g33bSiT8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIhvynjr70gAMV6wJVCB17ow49EAEYASAAEgK-yPD_BwE%26num%3D1%26cid%3DCAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ%26sig%3DAOD64_2IUwumYsxoyoe-_MUpkdJbpv0w2Q%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-BrJ6QBO5rYs_OSjNdfhsXevpRnFY4t_G32gUAZvyBvVQzdziltpNA9y1jaR-9Pz8FlX0lTNOPSP2-c800zxQ99KxNrpW0ph7s5DlPSW_N6_aivPX14II-YtJ-MZszpDEkBDyx9DFLzJArmAGBDJH8OZ75bTp4RCvxaV3tUWA4pkwMnkhc%26cry%3D1%26dbm_d%3DAKAmf-CXyxIhL52r-1g6cwrLcEhY9hEwZ48GmVDdzfzsNlkgcdZkg3H1o7WVAuHM6-OWk2vTfheBtv-ornrcLCAjNEE3vwO-fuKSJWeflxyC8DNO5WT37RkxQXQ93br5V-5RUHByn_MJyov0vzL1ytNLRgJ5v8b1Kc9MBilN0efcoaZRw1sFLyk3uklD9fCQNVCZLTWigaLMiXl1r3rCKBTg9dWY5AZbjKJAF48-pbiCpPr_Xwl54PxkM8vcPAHkYCnPVpp0DYC9Eng9xSCdkuHo1S3mFtITTskioaCrGS7JxercVfguD4_LKFO2sF8RvMDJ6W63bnzsasiKhVkJ15lcSBGGH2uOn-PGMZvo26KMGsR_7gd3M5_wcxww4uNz55DG6limLpkEHz3M7YOnkjMngU2kUOmdZPekE6Yoq141joQCHqCe6__qAzVfXo5Y-96n2CuhLCwuIz22I1yS2BDDVpky53QiQu6W8DA2qZDudojnDJlTdZ7uAANIGYbNsvILFmz5-Pl9eXc4vvRopjLE-8JCixdLzJTmCARK61KUUmhQBeyWwGAFZZ6VFnqQYKDMa2kXL0vnUde1Aut7jkG6XWF9shQI7CptYX1zRkcx1fBr305tK2wxPKhgQ0EpH3si1rYA8Rwd%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=6338325203991&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90002.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=3778cd41e8&subid=&uid=1d3544385dba1d57&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCl3bOJuDmZIbROOuF1PIP-8a66AOm5b2gaYWVnKfJD_AuEAEg3rionQFglfrwgYwHyAEJqQJHMi6NJTmyPqgDAcgDmwSqBOgBT9BWATRFzZRNqSfM6U-eln3mJNEIplB8ZxtWv6dNMing5giY6jTg2bZald1qPJ-4n9mKmj3KYox5imymIxgr-4GbLAJnzZQWycRV3GJ4OwucsU8BqFZ5irOoDE7IeqRlMKeS7a3sKCVhRQaR5qiidlIjudfkicDVAsRRP5n6pRc8F9i_yq5cOeEE-1EbJAko245Kp1lr_rjPjgTk5KrA2ZtnpPtRp8F484zYGE2qkcdswfl2RE0X0KoXmHHISh5y_dgDVGf46MH-NKnEN6VYsJlP5bTUwLbbHVVoeAxdDTGrH_g33bSiT8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIhvynjr70gAMV6wJVCB17ow49EAEYASAAEgK-yPD_BwE%26num%3D1%26cid%3DCAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ%26sig%3DAOD64_2IUwumYsxoyoe-_MUpkdJbpv0w2Q%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-BrJ6QBO5rYs_OSjNdfhsXevpRnFY4t_G32gUAZvyBvVQzdziltpNA9y1jaR-9Pz8FlX0lTNOPSP2-c800zxQ99KxNrpW0ph7s5DlPSW_N6_aivPX14II-YtJ-MZszpDEkBDyx9DFLzJArmAGBDJH8OZ75bTp4RCvxaV3tUWA4pkwMnkhc%26cry%3D1%26dbm_d%3DAKAmf-CXyxIhL52r-1g6cwrLcEhY9hEwZ48GmVDdzfzsNlkgcdZkg3H1o7WVAuHM6-OWk2vTfheBtv-ornrcLCAjNEE3vwO-fuKSJWeflxyC8DNO5WT37RkxQXQ93br5V-5RUHByn_MJyov0vzL1ytNLRgJ5v8b1Kc9MBilN0efcoaZRw1sFLyk3uklD9fCQNVCZLTWigaLMiXl1r3rCKBTg9dWY5AZbjKJAF48-pbiCpPr_Xwl54PxkM8vcPAHkYCnPVpp0DYC9Eng9xSCdkuHo1S3mFtITTskioaCrGS7JxercVfguD4_LKFO2sF8RvMDJ6W63bnzsasiKhVkJ15lcSBGGH2uOn-PGMZvo26KMGsR_7gd3M5_wcxww4uNz55DG6limLpkEHz3M7YOnkjMngU2kUOmdZPekE6Yoq141joQCHqCe6__qAzVfXo5Y-96n2CuhLCwuIz22I1yS2BDDVpky53QiQu6W8DA2qZDudojnDJlTdZ7uAANIGYbNsvILFmz5-Pl9eXc4vvRopjLE-8JCixdLzJTmCARK61KUUmhQBeyWwGAFZZ6VFnqQYKDMa2kXL0vnUde1Aut7jkG6XWF9shQI7CptYX1zRkcx1fBr305tK2wxPKhgQ0EpH3si1rYA8Rwd%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=6338325203991&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 217

https://hal900014.redintelligence.net/request.php?zone=e95xao572jml&nw=20&renderingType=javascript&namespace=7bcf07f7b2&subid=&uid=9601ad6d453603df&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x480&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCA3t-JuDmZIXROOuF1PIP-8a66AOm5b2gaeWYnKfJD_AuEAEg3rionQFglfrwgYwHyAEJqQJHMi6NJTmyPqgDAcgDmwSqBOkBT9AMWz38UGdK7RgG81Gt7P0SavKn3vI60IY7BXI9CQrCwl3dixQHzRYPuGYo7W5-TD2kBkv1NOMQDPRThkhDpv3rP_DzexTPqiBwvzI1xCOdS9vXZpDmjeTe-d-KoMxWN39sbewFTlqQTqpogkwjyZc5k1Q9GBxl3OiDU0EYCde4_z4jalW9cOoFYEl-L3q9A5YqaWL-npIcvwGaFvomlqddUu0cXZJZjXUGc90gHDCvy6ywA9DLMvGe3dXKKySQqGNgfX0LEYTOvKLnB5q77KRHXopSUOlrCjCMmrpTYgsBZF3DRK9MAqTABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIhfynjr70gAMV6wJVCB17ow49EAEYASAAEgLPIPD_BwE%26num%3D1%26cid%3DCAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ%26sig%3DAOD64_3IuFcm0-UEpkQ-bsl6Ky22WUXhwQ%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-AuOrm3-unHg5wopPwo-riEFjG6-yGdeRVEbqvoi_ZodELC2xYsy8jKTjbwC8fSTEk9tDv5cPIb6o0F8A0HZ-8r8tSNvEulOJMrW0Rl0ayr7z5sPNEU_J9MDTf1IMgi5cUlFjjrbqrgb1dgxefCZxr0tUuHFeVai9_S2grrXpOAcTbE53c%26cry%3D1%26dbm_d%3DAKAmf-DzJppIK3B-63_NgHwrWMhCPxfu4mh-5Hz0w6Somj0WOxI0s4xEY7dc4yuaAhRoaYZWivEYVIk4Rm4gTCFV-jkpXKIMH-lluzi1E3BxWSTNa6KMDCegYZZh3eUHIgOLpkltgwQhBVawqpY0ecquLTnzVH28os8E-cc_tx8tJIAgaGGhKcALJl3NZKcQGtMYKdg878HWqD4Urv3P-SzDm_zx7cIdXvN7ncDx333Quc9SIr8NesXPQNRYs8nVatsrjBHmLwk0kaDkuVF9rBIzoWb_3bCqNJdzQbanAZ4LGuRBqF92Euptp7fFZ_0zcNHXKmWHbAH3KC0z_O-d0Hz7giChw2EVBptCUO5z1gqcVMGZDzULkxsL83SlMjzBWG-R-DIJVwLFpaBsXiH-rEUgrn-qLedzFtD30vYqXmgc3LAgrtwvBnquddV9sZo_UmpPKTP6c1OcNHyZPwhaIPxoNW1p7n1K9h7CYo4qS0BY3w6ubebyrfD69bB71w-jLUKPnu0s8uz5HHfroaJRtLpdJVefR5Vt6Pvx_ZF3FVJWP6F_N9IcyRH6gAuKJBUWTbvaZXH0MR9GMooyifzO7fD1cJebbE0tnEXPgaJhOoRlqhZYplLGnqrjPO0xMClxXP2AgOQRSK25%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=932243168276&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900014.redintelligence.net/request.php?zone=e95xao572jml&nw=20&renderingType=javascript&namespace=7bcf07f7b2&subid=&uid=9601ad6d453603df&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x480&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCA3t-JuDmZIXROOuF1PIP-8a66AOm5b2gaeWYnKfJD_AuEAEg3rionQFglfrwgYwHyAEJqQJHMi6NJTmyPqgDAcgDmwSqBOkBT9AMWz38UGdK7RgG81Gt7P0SavKn3vI60IY7BXI9CQrCwl3dixQHzRYPuGYo7W5-TD2kBkv1NOMQDPRThkhDpv3rP_DzexTPqiBwvzI1xCOdS9vXZpDmjeTe-d-KoMxWN39sbewFTlqQTqpogkwjyZc5k1Q9GBxl3OiDU0EYCde4_z4jalW9cOoFYEl-L3q9A5YqaWL-npIcvwGaFvomlqddUu0cXZJZjXUGc90gHDCvy6ywA9DLMvGe3dXKKySQqGNgfX0LEYTOvKLnB5q77KRHXopSUOlrCjCMmrpTYgsBZF3DRK9MAqTABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIhfynjr70gAMV6wJVCB17ow49EAEYASAAEgLPIPD_BwE%26num%3D1%26cid%3DCAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ%26sig%3DAOD64_3IuFcm0-UEpkQ-bsl6Ky22WUXhwQ%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-AuOrm3-unHg5wopPwo-riEFjG6-yGdeRVEbqvoi_ZodELC2xYsy8jKTjbwC8fSTEk9tDv5cPIb6o0F8A0HZ-8r8tSNvEulOJMrW0Rl0ayr7z5sPNEU_J9MDTf1IMgi5cUlFjjrbqrgb1dgxefCZxr0tUuHFeVai9_S2grrXpOAcTbE53c%26cry%3D1%26dbm_d%3DAKAmf-DzJppIK3B-63_NgHwrWMhCPxfu4mh-5Hz0w6Somj0WOxI0s4xEY7dc4yuaAhRoaYZWivEYVIk4Rm4gTCFV-jkpXKIMH-lluzi1E3BxWSTNa6KMDCegYZZh3eUHIgOLpkltgwQhBVawqpY0ecquLTnzVH28os8E-cc_tx8tJIAgaGGhKcALJl3NZKcQGtMYKdg878HWqD4Urv3P-SzDm_zx7cIdXvN7ncDx333Quc9SIr8NesXPQNRYs8nVatsrjBHmLwk0kaDkuVF9rBIzoWb_3bCqNJdzQbanAZ4LGuRBqF92Euptp7fFZ_0zcNHXKmWHbAH3KC0z_O-d0Hz7giChw2EVBptCUO5z1gqcVMGZDzULkxsL83SlMjzBWG-R-DIJVwLFpaBsXiH-rEUgrn-qLedzFtD30vYqXmgc3LAgrtwvBnquddV9sZo_UmpPKTP6c1OcNHyZPwhaIPxoNW1p7n1K9h7CYo4qS0BY3w6ubebyrfD69bB71w-jLUKPnu0s8uz5HHfroaJRtLpdJVefR5Vt6Pvx_ZF3FVJWP6F_N9IcyRH6gAuKJBUWTbvaZXH0MR9GMooyifzO7fD1cJebbE0tnEXPgaJhOoRlqhZYplLGnqrjPO0xMClxXP2AgOQRSK25%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=932243168276&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 218

https://hal90003.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=3436433acd&subid=&uid=892e3031b564fe0f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGuhPJuDmZInROOuF1PIP-8a66AOm5b2gadWanKfJD_AuEAEg3rionQFglfrwgYwHyAEJqQJHMi6NJTmyPqgDAcgDmwSqBOoBT9AX5C525K5oRSsKadt6UbXCaaPkDZWMDLMj16BYLjJpgCsgsrEu0PRy-JJM9vQxtB8V7vCItojRESemZevlAWrk_hb6CTXInYHhsQ1wV2lWUEsH3MdpHNkBTlG4jBKeMOeWwY5yVNUqZlXgf7Whs2c7CiGvYr-S8Zd0qyH6eHtOXl2VVNppYCNQs3asZmmkY8LMUcnT87MIIWuTCwIrlVWml5reVZrRHeMpz8XLn3yGEsM4GD7pevQGXo48UZzw9O-5gP7GENrzA3gqY7GLzQKjdnqpCJRWq5dnHEB2zKyjM8YvGRtV4rJJwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIifynjr70gAMV6wJVCB17ow49EAEYASAAEgJ-O_D_BwE%26num%3D1%26cid%3DCAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ%26sig%3DAOD64_0onhK0ZyA-mPkLzkrJXMmsc1-aBQ%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-BsIEpD5V5Cvhk2CshNCw_NnBOmAGJXS5-WPSY0kcM4FOEh_KufbGh-SUlO5LlUH6L_pN6gR6LY-NU0u-Knt4Tdlp81ARvBMMbh8Drq4tOB_YAc3oMXD5_nNAWAIJCiyPQ4MpZgwy-j90AyeWq_0qytf_JhSZUYczZsfFMWZuLhIiJg9mw%26cry%3D1%26dbm_d%3DAKAmf-AZVxXepMyt_S9amX1ckPOLDPmJ1tlMVNosTl1HBskrk7Uny5haK_geY-u5IXe5d_GQ7B37Xu2hfFAd04xxDHngt7hBacahpRdXRRzS0pvcWJVch--9ZILou7n4Itm0UrSKEJStmrVIkn3KzSZrx5y-bN2FAxbEZLGHA_4Z9m17PxFVVTOj7-HBAo2gVdqWw2qI3j8vxNd-vbYDlCFMOIe3_zn_pYbLVJMrn97fWY5N-xkvghRC97sSWUUZkRlIjArJISmU7EoePNTqy0jyfoc9abqJ2OFc-oPtyqxuOtgXW-3qGrhnaXfbXUHFeOaLpYtdTAS-V34rqFI7vTXsGlO7hkQTaDuGlxuYW13gCamR1jnZnafFatVtncXjnPE7cW1LD7ZH5lSi4L7iSZa3YhvbamnN4kD7w3t8w6FOvmmer1CZFM4SpOMKPjiBGNSypmI5BkTlealp9J_24iAqGUvNPMAfAJSMpmbLEIVFYbhuC3o4qU9Dnnba-6rrwm0deP9klC1Tb-cgB5-6tmlMa73yRAhpo8zZ2qBuy6Tboj8n7fWZqev73E262lEkeN2HqO0D9UbSAUwJWePXjGQKV0mDXfroGz7GSAniE0Ezivla7hxCBc9onznimVgmDOidMARN8wz3%26adurl%3D&documentReferer=https%3A%2F%2F25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fa2zapk.io&random=3741719297840&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90003.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=3436433acd&subid=&uid=892e3031b564fe0f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGuhPJuDmZInROOuF1PIP-8a66AOm5b2gadWanKfJD_AuEAEg3rionQFglfrwgYwHyAEJqQJHMi6NJTmyPqgDAcgDmwSqBOoBT9AX5C525K5oRSsKadt6UbXCaaPkDZWMDLMj16BYLjJpgCsgsrEu0PRy-JJM9vQxtB8V7vCItojRESemZevlAWrk_hb6CTXInYHhsQ1wV2lWUEsH3MdpHNkBTlG4jBKeMOeWwY5yVNUqZlXgf7Whs2c7CiGvYr-S8Zd0qyH6eHtOXl2VVNppYCNQs3asZmmkY8LMUcnT87MIIWuTCwIrlVWml5reVZrRHeMpz8XLn3yGEsM4GD7pevQGXo48UZzw9O-5gP7GENrzA3gqY7GLzQKjdnqpCJRWq5dnHEB2zKyjM8YvGRtV4rJJwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIifynjr70gAMV6wJVCB17ow49EAEYASAAEgJ-O_D_BwE%26num%3D1%26cid%3DCAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ%26sig%3DAOD64_0onhK0ZyA-mPkLzkrJXMmsc1-aBQ%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-BsIEpD5V5Cvhk2CshNCw_NnBOmAGJXS5-WPSY0kcM4FOEh_KufbGh-SUlO5LlUH6L_pN6gR6LY-NU0u-Knt4Tdlp81ARvBMMbh8Drq4tOB_YAc3oMXD5_nNAWAIJCiyPQ4MpZgwy-j90AyeWq_0qytf_JhSZUYczZsfFMWZuLhIiJg9mw%26cry%3D1%26dbm_d%3DAKAmf-AZVxXepMyt_S9amX1ckPOLDPmJ1tlMVNosTl1HBskrk7Uny5haK_geY-u5IXe5d_GQ7B37Xu2hfFAd04xxDHngt7hBacahpRdXRRzS0pvcWJVch--9ZILou7n4Itm0UrSKEJStmrVIkn3KzSZrx5y-bN2FAxbEZLGHA_4Z9m17PxFVVTOj7-HBAo2gVdqWw2qI3j8vxNd-vbYDlCFMOIe3_zn_pYbLVJMrn97fWY5N-xkvghRC97sSWUUZkRlIjArJISmU7EoePNTqy0jyfoc9abqJ2OFc-oPtyqxuOtgXW-3qGrhnaXfbXUHFeOaLpYtdTAS-V34rqFI7vTXsGlO7hkQTaDuGlxuYW13gCamR1jnZnafFatVtncXjnPE7cW1LD7ZH5lSi4L7iSZa3YhvbamnN4kD7w3t8w6FOvmmer1CZFM4SpOMKPjiBGNSypmI5BkTlealp9J_24iAqGUvNPMAfAJSMpmbLEIVFYbhuC3o4qU9Dnnba-6rrwm0deP9klC1Tb-cgB5-6tmlMa73yRAhpo8zZ2qBuy6Tboj8n7fWZqev73E262lEkeN2HqO0D9UbSAUwJWePXjGQKV0mDXfroGz7GSAniE0Ezivla7hxCBc9onznimVgmDOidMARN8wz3%26adurl%3D&documentReferer=https%3A%2F%2F25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fa2zapk.io&random=3741719297840&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 219

https://hal900024.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=836e58d5c7&subid=&uid=16e3ca3999e8b06d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCklL-JuDmZIjROOuF1PIP-8a66AOm5b2gaa2VnKfJD_AuEAEg3rionQFglfrwgYwHyAEJqQJHMi6NJTmyPqgDAcgDmwSqBOwBT9DsVCTvhBk1HOfJOTYWxG0kN5Af2WpCOMBIPuLXALW8HOIUvlFl2l53b8Pl1y4-K8sfAvKJHqYn8uXUAn_A9pmRgOYrjDAcO_fPkpKPxaP5nKljBD6_IthzbgSR_ysPIvJ9XD458eqg87_FD68Or9i7T4VkaMdCf-aOv9G-Si0stF9Mdhlwwwd6qSlJBp5RcW-Uf579BBkNls2h5goaEAxOTiWuSd8OUBE-TARYKdiikUr6lcOVtF4LJpIriI5QimIazw_-NPfacXQfRNqckc_9ZJwE69X5O7n0mDpeMHjNQT4tTGik81HzIyHABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIiPynjr70gAMV6wJVCB17ow49EAEYASAAEgIlEPD_BwE%26num%3D1%26cid%3DCAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ%26sig%3DAOD64_2GoEQszV9YHefSHB5YGPMJShMPDg%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-CQMCwG6S2ggyUC4ZclfyOvh1fzTeOljGZBIrikHnKKsXseOdghufTxo2kXvGPK8aS3b08w-nGHcKv3SqoE84gd1h_fvBC_QB-2K_C8l-VyFkvMWOfX1-e7fFBJdsznSG-3LoDbo7dNGkj9_RkYH2OFdUXCgYILCC8MTxgctgGrX_nfS-Q%26cry%3D1%26dbm_d%3DAKAmf-DvhpeiQRdSv8LFkJ-nYxljHMgoAFXbyJszX7qk996LnMAufdaHJ3DhL-71UG0H2B_KuXN91ZxdFdeI9VewSR4qGsr1mtMP_CMyvT_1Sny0hcqQOer2UQi5ENXBUiv9w4QiP8MNwvz286MS3cVPUynEmIgkiY4CtsheMaB4JELNbfpeojZrAWR1Mb4I8JMujym1MAmJfm0E76JfTsd2zJc71uUIhMD8SyybxRRNylMFl2nwj-J2nt2aIMoP0fyLNGkyCanWVmGsL7Zat0FdYGLXuGGj3uqiXbHdi5J9TV9tJ9A1DrnEkQKzhcuYDRep6PPfXcRaeeK87pXgznPK2ppjGS4utOME1EUj38Z6jH9jX0yUmazYTqBh-inW_Qn3uXb2HdPpXaV8sktyyL6ZjpasIxHQpRYWm0A7rzbr6JMxUpYXKRut1URuHX1XZDCWQrjruJy5c-qaGBpr0J-qFnvpBKEi1A2tZ5dIKliBdgCZ8sNhswNOF6WKmS00KwarliNpB1QFZ3KJJVpoz3x79s6kg0nHeNtuaf-gY6JQAgWUWawVYCzYOHeehlWf0j_UzCnyROCySnKLiD375I3SQFT0bYACz_HTEjZC2v5Hi3sQ2A1s99Pk_U8VlI-PdLpp7CoJFC9d%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=3202589641776&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900024.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=836e58d5c7&subid=&uid=16e3ca3999e8b06d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCklL-JuDmZIjROOuF1PIP-8a66AOm5b2gaa2VnKfJD_AuEAEg3rionQFglfrwgYwHyAEJqQJHMi6NJTmyPqgDAcgDmwSqBOwBT9DsVCTvhBk1HOfJOTYWxG0kN5Af2WpCOMBIPuLXALW8HOIUvlFl2l53b8Pl1y4-K8sfAvKJHqYn8uXUAn_A9pmRgOYrjDAcO_fPkpKPxaP5nKljBD6_IthzbgSR_ysPIvJ9XD458eqg87_FD68Or9i7T4VkaMdCf-aOv9G-Si0stF9Mdhlwwwd6qSlJBp5RcW-Uf579BBkNls2h5goaEAxOTiWuSd8OUBE-TARYKdiikUr6lcOVtF4LJpIriI5QimIazw_-NPfacXQfRNqckc_9ZJwE69X5O7n0mDpeMHjNQT4tTGik81HzIyHABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIiPynjr70gAMV6wJVCB17ow49EAEYASAAEgIlEPD_BwE%26num%3D1%26cid%3DCAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ%26sig%3DAOD64_2GoEQszV9YHefSHB5YGPMJShMPDg%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-CQMCwG6S2ggyUC4ZclfyOvh1fzTeOljGZBIrikHnKKsXseOdghufTxo2kXvGPK8aS3b08w-nGHcKv3SqoE84gd1h_fvBC_QB-2K_C8l-VyFkvMWOfX1-e7fFBJdsznSG-3LoDbo7dNGkj9_RkYH2OFdUXCgYILCC8MTxgctgGrX_nfS-Q%26cry%3D1%26dbm_d%3DAKAmf-DvhpeiQRdSv8LFkJ-nYxljHMgoAFXbyJszX7qk996LnMAufdaHJ3DhL-71UG0H2B_KuXN91ZxdFdeI9VewSR4qGsr1mtMP_CMyvT_1Sny0hcqQOer2UQi5ENXBUiv9w4QiP8MNwvz286MS3cVPUynEmIgkiY4CtsheMaB4JELNbfpeojZrAWR1Mb4I8JMujym1MAmJfm0E76JfTsd2zJc71uUIhMD8SyybxRRNylMFl2nwj-J2nt2aIMoP0fyLNGkyCanWVmGsL7Zat0FdYGLXuGGj3uqiXbHdi5J9TV9tJ9A1DrnEkQKzhcuYDRep6PPfXcRaeeK87pXgznPK2ppjGS4utOME1EUj38Z6jH9jX0yUmazYTqBh-inW_Qn3uXb2HdPpXaV8sktyyL6ZjpasIxHQpRYWm0A7rzbr6JMxUpYXKRut1URuHX1XZDCWQrjruJy5c-qaGBpr0J-qFnvpBKEi1A2tZ5dIKliBdgCZ8sNhswNOF6WKmS00KwarliNpB1QFZ3KJJVpoz3x79s6kg0nHeNtuaf-gY6JQAgWUWawVYCzYOHeehlWf0j_UzCnyROCySnKLiD375I3SQFT0bYACz_HTEjZC2v5Hi3sQ2A1s99Pk_U8VlI-PdLpp7CoJFC9d%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=3202589641776&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 220

https://hal90008.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=f7357571b7&subid=&uid=3966db5845a35f8a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCtk9wJuDmZIfROOuF1PIP-8a66AOm5b2gaa2VnKfJD_AuEAEg3rionQFglfrwgYwHyAEJqQJHMi6NJTmyPqgDAcgDmwSqBOwBT9BoAhE2FAhS4RqS-vcyqqVZUj7GetClgYmtKA71rEN_ldcChopwiokGy5E-zroJDAMKFvvd-Wsri4zLEgIr6mjDGTtG8lgArenqI31POpfb-lOqjBKvu2XgVOPOox-Vqv4zm6JSvqjBAmPuTauVy-_GhLu5xzlwwubOKu543bU6eQOmxrq7G_3VjMGUuKeu74eupDzo7rn-FvVaSdB9PHN0leu6OgvCuCmXotI_jgkiUgswtgSA0K4d5F1f7QGDnaZlSgue76NgVcC2F3a0Ko0NHXrFrhC1XUG2Zvva7kRapGKcz6MxYHw0sVbABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIh_ynjr70gAMV6wJVCB17ow49EAEYASAAEgIURPD_BwE%26num%3D1%26cid%3DCAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ%26sig%3DAOD64_0YefWzfo7pcLuXcCBpOyuTxPtqkQ%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-Bv3jK4aDx1l3hXTdXw_sTGAdeO1s7r1ijVtN9Ao9jFh8Bz1cslJJ-NsSDNjlGElgWe_0Aou5ie9o83536eiv7hAQktvDXfrqM34d4XaDFBzLaetpMFc5Q2TWL6Elep85o9p3cnXic7si3kTpw6SXQ9QVI_-0si47okBIDbTe-jBLch9iE%26cry%3D1%26dbm_d%3DAKAmf-BXOq80OBJiJltAjTBn0076_B_oP97rU7A_pR7cMj3kiBTO9Xhv2tab5EYcgCviAp8N2kBwnVa97PnqHgRiKBrWwrkjoKhtNgiAW4HLDSlJAMd2feftlldSGBjOUycjRhpOqifztUc3A8nzEKXNJd23YC1DnMB_2-WTWPT5TiNnMElto1zb-DDh3-5hH7VumttitZZYcPi3fvVECs0ARCNENzWhvHd0vDHCLJZ3a2VAkc00eOFCbs9iCaOYdSuxyvxcYcUlu2ANgtqcHlmmwuxAZVMAU9IQpf7E_SXAAjlQ49tuh7_-TI_mgfwoB6Et-Aa3e0FnpC7jsjRK02OQpc-onWS7OfsTYhDa04AbYmK_ffRGxnAGmkoTW0ZTS9C2JTGMZFZuTDn_IFZWG0ONU2j_SYFWpLUXwa4dBXf2EnPMcwVV1RUVQ9Hpw5OvBhdqt39DbQTToBAFd90Wf9j2icDvgKfNAXKLw_FR7zsxJJEJ9fiHUkkDiSyVSqQXqtqq6AfObZCLYzTQj_72pHnS3DAhnImbjHb0uN1Gvzxo0xrPEtiIDvADf8i6yXwD_jS3cACK68U_Wvd6z0DeifYddbHucr2AkJz6HNd3U9B3BFcF-5tY0kvtYYGbGlwjyyjajk8Q2_v0%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=5743102721442&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90008.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=f7357571b7&subid=&uid=3966db5845a35f8a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCtk9wJuDmZIfROOuF1PIP-8a66AOm5b2gaa2VnKfJD_AuEAEg3rionQFglfrwgYwHyAEJqQJHMi6NJTmyPqgDAcgDmwSqBOwBT9BoAhE2FAhS4RqS-vcyqqVZUj7GetClgYmtKA71rEN_ldcChopwiokGy5E-zroJDAMKFvvd-Wsri4zLEgIr6mjDGTtG8lgArenqI31POpfb-lOqjBKvu2XgVOPOox-Vqv4zm6JSvqjBAmPuTauVy-_GhLu5xzlwwubOKu543bU6eQOmxrq7G_3VjMGUuKeu74eupDzo7rn-FvVaSdB9PHN0leu6OgvCuCmXotI_jgkiUgswtgSA0K4d5F1f7QGDnaZlSgue76NgVcC2F3a0Ko0NHXrFrhC1XUG2Zvva7kRapGKcz6MxYHw0sVbABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIh_ynjr70gAMV6wJVCB17ow49EAEYASAAEgIURPD_BwE%26num%3D1%26cid%3DCAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ%26sig%3DAOD64_0YefWzfo7pcLuXcCBpOyuTxPtqkQ%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-Bv3jK4aDx1l3hXTdXw_sTGAdeO1s7r1ijVtN9Ao9jFh8Bz1cslJJ-NsSDNjlGElgWe_0Aou5ie9o83536eiv7hAQktvDXfrqM34d4XaDFBzLaetpMFc5Q2TWL6Elep85o9p3cnXic7si3kTpw6SXQ9QVI_-0si47okBIDbTe-jBLch9iE%26cry%3D1%26dbm_d%3DAKAmf-BXOq80OBJiJltAjTBn0076_B_oP97rU7A_pR7cMj3kiBTO9Xhv2tab5EYcgCviAp8N2kBwnVa97PnqHgRiKBrWwrkjoKhtNgiAW4HLDSlJAMd2feftlldSGBjOUycjRhpOqifztUc3A8nzEKXNJd23YC1DnMB_2-WTWPT5TiNnMElto1zb-DDh3-5hH7VumttitZZYcPi3fvVECs0ARCNENzWhvHd0vDHCLJZ3a2VAkc00eOFCbs9iCaOYdSuxyvxcYcUlu2ANgtqcHlmmwuxAZVMAU9IQpf7E_SXAAjlQ49tuh7_-TI_mgfwoB6Et-Aa3e0FnpC7jsjRK02OQpc-onWS7OfsTYhDa04AbYmK_ffRGxnAGmkoTW0ZTS9C2JTGMZFZuTDn_IFZWG0ONU2j_SYFWpLUXwa4dBXf2EnPMcwVV1RUVQ9Hpw5OvBhdqt39DbQTToBAFd90Wf9j2icDvgKfNAXKLw_FR7zsxJJEJ9fiHUkkDiSyVSqQXqtqq6AfObZCLYzTQj_72pHnS3DAhnImbjHb0uN1Gvzxo0xrPEtiIDvADf8i6yXwD_jS3cACK68U_Wvd6z0DeifYddbHucr2AkJz6HNd3U9B3BFcF-5tY0kvtYYGbGlwjyyjajk8Q2_v0%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=5743102721442&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 221

https://hal900011.redintelligence.net/request.php?zone=ar0wka2ffzvy&nw=20&renderingType=javascript&namespace=1d00bccd74&subid=&uid=69a6d0eb5cf1d2d0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCC1VsJuDmZIrROOuF1PIP-8a66AOm5b2gaf2QnKfJD_AuEAEg3rionQFglfrwgYwHyAEJqQJHMi6NJTmyPqgDAcgDmwSqBOgBT9B2nO2_5dMdnCPOjiUVw9ZcynAxagU8IknBLnujkLNQi6N-eo0Sx9kT5-DGb6hk3Mh5VHeBpE8FKvy1GKGRJQxHFEK7H7Cun9VaK1QHTeoFOaDrUcfOXPjq74PzQfnycF4bSBA2aC5Vx00T0GGVG9tYkN1n0gdxGCodri_-mgn0WD7usyAuMBicBWj7d80V3ZF8Lm6YPanKtRA3P-jMfi7THFZTuMfilNvBdRRmN9WZWL9m1JmKabV1TzfrTmORlApztXFIg96II1LUQHx1ZXXLwbwBJ1ivgC1gradPALDikF8ZvxWZPMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIivynjr70gAMV6wJVCB17ow49EAEYASAAEgJHz_D_BwE%26num%3D1%26cid%3DCAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ%26sig%3DAOD64_3xMVahYqPyvgs5jMJWmCfkzgGchw%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-AtqVXKXZHeVBQbXLyqJNI4dAj5gj93qhH9J8TiDnS24k9gqmYDUCpre7l7qNX3wSzcLSDqjutJJHcUl0VD-Gcegz0k-_JJ5_s-j5ydd33FtI3tCuayFA7G6kq_Nspfa8aH-o7iwQu4ViAhPzH5tsbpon5ODkyDNLHzND5hFtE8SuhvnKg%26cry%3D1%26dbm_d%3DAKAmf-AHmR_htSUtlRs-H0LVORwxlb4u3vHRgScFGA9yl3g-y3HLkOfZ914EuVNMeT0a-_bocICHk7slVqzPoHU0XNEgLLqFOQJUTQWURlnOnI_pSlOnQShzpgXypi-mjemgCglndsYXb_eo_zRdi1GomuMO0jB_bZ7_y0kGnaxabTIKBrRcKNMMbJ7s52X3ylSq_rhgUYveFeuZEcRITbY6OWmf_zMt-SkGIud73D4ysdEui_CI5exCdbgnIOGymla9_UuK6O5ee6WhCz0yVgMiYIaFnUcPrLMH592PBLS0sNVkPLKUzOSi7wqwGtCTHCw9jtDmTVsyKMzlScw2ECZNgfUgTaHRf3qpxkvfIUL98VlOkt82TliD2oLjnkPEt5RfpuIUCHq3iyl9zi02bkobl_Pstfhh_WgLfjf6nbgjSjNqRaEfa0U19RFXR0XboKD6vx9LYUfGjLVCdljW_gdth6Rk56R61T46i470W0KwgnNH2XVjLlZ3Ila3qKUwPMjZIOtfdxkfRvQLQY3JanBV6BJf2crJLyzPeG1nZV48mJXlssy1s1CBE0CBDLUihZESTjNpo5HdGSWgEkT_5X1sZXwaelN9E95bggiEnohzDl7xDwAmQGK3o-4yChRQ_n-2GiIyha3Q%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=1758311943501&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 HTTP 302
https://hal900011.redintelligence.net/request.php?zone=ar0wka2ffzvy&nw=20&renderingType=javascript&namespace=1d00bccd74&subid=&uid=69a6d0eb5cf1d2d0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCC1VsJuDmZIrROOuF1PIP-8a66AOm5b2gaf2QnKfJD_AuEAEg3rionQFglfrwgYwHyAEJqQJHMi6NJTmyPqgDAcgDmwSqBOgBT9B2nO2_5dMdnCPOjiUVw9ZcynAxagU8IknBLnujkLNQi6N-eo0Sx9kT5-DGb6hk3Mh5VHeBpE8FKvy1GKGRJQxHFEK7H7Cun9VaK1QHTeoFOaDrUcfOXPjq74PzQfnycF4bSBA2aC5Vx00T0GGVG9tYkN1n0gdxGCodri_-mgn0WD7usyAuMBicBWj7d80V3ZF8Lm6YPanKtRA3P-jMfi7THFZTuMfilNvBdRRmN9WZWL9m1JmKabV1TzfrTmORlApztXFIg96II1LUQHx1ZXXLwbwBJ1ivgC1gradPALDikF8ZvxWZPMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIivynjr70gAMV6wJVCB17ow49EAEYASAAEgJHz_D_BwE%26num%3D1%26cid%3DCAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ%26sig%3DAOD64_3xMVahYqPyvgs5jMJWmCfkzgGchw%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-AtqVXKXZHeVBQbXLyqJNI4dAj5gj93qhH9J8TiDnS24k9gqmYDUCpre7l7qNX3wSzcLSDqjutJJHcUl0VD-Gcegz0k-_JJ5_s-j5ydd33FtI3tCuayFA7G6kq_Nspfa8aH-o7iwQu4ViAhPzH5tsbpon5ODkyDNLHzND5hFtE8SuhvnKg%26cry%3D1%26dbm_d%3DAKAmf-AHmR_htSUtlRs-H0LVORwxlb4u3vHRgScFGA9yl3g-y3HLkOfZ914EuVNMeT0a-_bocICHk7slVqzPoHU0XNEgLLqFOQJUTQWURlnOnI_pSlOnQShzpgXypi-mjemgCglndsYXb_eo_zRdi1GomuMO0jB_bZ7_y0kGnaxabTIKBrRcKNMMbJ7s52X3ylSq_rhgUYveFeuZEcRITbY6OWmf_zMt-SkGIud73D4ysdEui_CI5exCdbgnIOGymla9_UuK6O5ee6WhCz0yVgMiYIaFnUcPrLMH592PBLS0sNVkPLKUzOSi7wqwGtCTHCw9jtDmTVsyKMzlScw2ECZNgfUgTaHRf3qpxkvfIUL98VlOkt82TliD2oLjnkPEt5RfpuIUCHq3iyl9zi02bkobl_Pstfhh_WgLfjf6nbgjSjNqRaEfa0U19RFXR0XboKD6vx9LYUfGjLVCdljW_gdth6Rk56R61T46i470W0KwgnNH2XVjLlZ3Ila3qKUwPMjZIOtfdxkfRvQLQY3JanBV6BJf2crJLyzPeG1nZV48mJXlssy1s1CBE0CBDLUihZESTjNpo5HdGSWgEkT_5X1sZXwaelN9E95bggiEnohzDl7xDwAmQGK3o-4yChRQ_n-2GiIyha3Q%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=1758311943501&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1

280 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html Show response
a2zapk.io/ 70 KB
18 KB 314ms
224ms Document
text/html 2606:4700:20::681a:79a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:79a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d1836debbebf9dee72c2dc1475c563218af65a31ffc0e420c6cb29c0b2468a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=16070400, must-revalidate
cf-cache-status: MISS
cf-ray: 7fb8f08a5eda9b28-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 24 Aug 2023 04:44:21 GMT
expires: Thu, 24 Aug 2023 08:44:21 GMT
last-modified: Thu, 24 Aug 2023 04:44:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LBHk9g2L3PDo1Le%2FPbXZCV1uAIJhSum0Rv2PATdxY4syBVxXxJYPMACmOg7ovIEpzayHHL6%2B5e1XQLK8fm748jv9VCwZ40KS6R54axWt%2F%2FMExIkSRXm1axDJR%2F14ohbJlHW6orr76w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-frame-options: ALLOWALL
x-xss-protection: 1; mode=block

GET
H2 200 mainstyle15.css
a2zapk.io/css/ 35 KB
7 KB 42ms
42ms Stylesheet
text/css 2606:4700:20::681a:79a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/css/mainstyle15.css

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:79a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

856b7627332054da5d97c14110a9d32817707ce60898c83d97004a7268858d60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:21 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 575604
cf-polished: origSize=36363
content-encoding: br
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Wed, 15 Apr 2020 09:10:20 GMT
server: cloudflare
etag: W/"8e0b-5a350af75d700"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mdkfEpysMGY3wjjaqDNhUj79d2h12sz%2BETjZyAF2ue7zd34U5qgX8UlUPooj0NIUuN0nhiw8lPxJ%2FZTD%2BCTqUqkUMtKHY2dQhUY4F8HIPTgY83s%2BVYTDE7u39j2KgvzvimoabzMLpA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2678400
cf-ray: 7fb8f08bc8729b28-FRA
expires: Fri, 16 Aug 2024 12:50:57 GMT

GET
H2 200 styleMenuIcon2020.css
a2zapk.io/css/StyleMenuIcon/ 2 KB
948 B 42ms
41ms Stylesheet
text/css 2606:4700:20::681a:79a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/css/StyleMenuIcon/styleMenuIcon2020.css

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:79a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03c3cdc21d2bff5ce75dcf0a2eff01acefe9a72463d18631dbd8e92adfb194a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:21 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 575867
cf-polished: origSize=1712
content-encoding: br
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Tue, 21 Jan 2020 01:25:14 GMT
server: cloudflare
etag: W/"6b0-59c9c479f3280"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YEzIGy0b%2BqX7lRLsKCqvotGP008ppy798bV76uo6Dcwnr%2FI2g2aRqWzSONlAxiDun04YIwVcqTGxyosisv5qIBhFmRG0ovhV69ief%2BThJ3rAz8En49yDVmf36PF5lxLzSCuii3IC4g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2678400
cf-ray: 7fb8f08bc8749b28-FRA
expires: Fri, 16 Aug 2024 12:46:34 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
87 KB 200ms
73ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SS5VJ1BTPE

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

58287b6da8d82e54e3bd83a37f810d490e3194604359d624b3155d32c23ead9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89003
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 24 Aug 2023 04:44:21 GMT

GET
H2 200 fb.png
a2zapk.io/images/SocialIcon/ 436 B
928 B 45ms
40ms Image
image/webp 2606:4700:20::681a:79a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/fb.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:79a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

272f2244814e649578b0ea90e4cc0ba8c97752f5ee3d6dbbb32082a1dce382fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:21 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 575867
cf-polished: origFmt=png, origSize=906
content-disposition: inline; filename="fb.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"38a-571c5d524ad80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=28%2BB1RXmX1fUImbtGrAaRlmk2AmAtkWGXLiQJE9XNRxDCG02%2Fyw%2B9A%2F2CL7cJnLhsJcN1Wu7t1JJDkiX3Bc9Zxo0XQ3kZuADddGTS0yd%2BbU%2BjNhqI4e6UTKJejzAjhhxOuYuR9H0bw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fb8f08c38f39b28-FRA
expires: Sat, 16 Sep 2023 12:46:34 GMT

GET
H2 200 telegram.jpg
a2zapk.io/images/SocialIcon/ 1 KB
2 KB 48ms
42ms Image
image/jpeg 2606:4700:20::681a:79a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/telegram.jpg

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:79a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0d0cfc322eef2504a71973cdccf2a6b0d2ed6cadf8c2ee812b0f57cfc91f49a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:21 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 575604
cf-polished: origSize=1875
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Fri, 06 Sep 2019 14:17:12 GMT
server: cloudflare
etag: W/"753-591e318216a00"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DQYFbQtAVbfpWYKVojTdBLRGdYMZ8Pz8BzSemA9HZ4LvOczWfs%2BFH3EH0cjH9EcffkZiiPPvFD2unRE%2BjAjpr1bz1XVXMob44%2FJ2N4phNZTgb1C5KeoYiFRdD22LsZmqwXlHHVnoBA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fb8f08c38f59b28-FRA
expires: Sat, 16 Sep 2023 12:50:57 GMT

GET
H2 200 goog.png
a2zapk.io/images/SocialIcon/ 986 B
1 KB 44ms
39ms Image
image/webp 2606:4700:20::681a:79a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/goog.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:79a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb41b019613aa88688529bdb45c6496a238f4496d51e9077e2b69ba01102006a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:21 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 575603
cf-polished: origFmt=png, origSize=2328
content-disposition: inline; filename="goog.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"918-571c5d524ad80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9fNEZU2yi6V5D%2FEcTxWfD306NQpzT9GbFytSLL7ze5xVZYN683uEg7WZjAgCW9TYVk4gpRQDbIoIut8eM5BIQHmvB6pvlOYysKmxdIXlrWUfAN8GnLirZqZcIPrQ2N0jwDH3U95D9A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fb8f08c38f99b28-FRA
expires: Sat, 16 Sep 2023 12:50:57 GMT

GET
H2 200 yout.png
a2zapk.io/images/SocialIcon/ 1 KB
2 KB 45ms
40ms Image
image/webp 2606:4700:20::681a:79a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/yout.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:79a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d331fb82724f45c59327c435134c753bc5a07be33b7c94b621d5401d2156fab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:21 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 575604
cf-polished: origFmt=png, origSize=2692
content-disposition: inline; filename="yout.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"a84-571c5d524ad80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EpoafQJ9c9PCS0Agiei4UfevDOhJSMDzDFFt4WZnhiHITzDlFp9rx5nypEDJF5RYMINrkaezjb1bh5N6g9dNpuoVUObmxHYfbCXAUDhFvH%2FYdWtvIjvnTNEohuG0%2FG5Tk%2F%2FqT5Kx6A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fb8f08c38fa9b28-FRA
expires: Sat, 16 Sep 2023 12:50:57 GMT

GET
H2 200 empty.png
a2zapk.io/images/ 68 B
577 B 51ms
46ms Image
image/png 2606:4700:20::681a:79a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/empty.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:79a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eba7a7a39459c37cc784afeb2ef1613d0b046b4e1988984fd2f801b568cb7a08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:21 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 575604
cf-polished: origSize=70, status=webp_bigger
content-length: 68
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Mon, 16 Mar 2020 03:51:06 GMT
server: cloudflare
etag: "46-5a0f0ba8dbe80"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0FUjulXiQVByb8jTePerbwxPxK1UazczKbH2xaJUgCbm2pV%2BdV%2FvIFYt85FNd7T87Mg8SmzqkjzooyNErVY9uxjxIrqnIOgABYdPAxnw%2FWwoqrgclRynFHfuZeOyIdnC060jkxaZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 7fb8f08c38fb9b28-FRA
expires: Sat, 16 Sep 2023 12:50:57 GMT

GET
H2 200 Loading.gif
a2zapk.io/images/ 13 KB
13 KB 48ms
43ms Image
image/gif 2606:4700:20::681a:79a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/Loading.gif

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:79a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9f24416dc04e9b661270520183a4080ef0bc4862be4043278716f6debe2d0ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:21 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 576039
cf-polished: origSize=13999, status=webp_bigger
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"36af-571c5d524ad80"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/gif
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3OLldTOdavOivSbKB0l%2B9K9I5H%2FaozbitLZ3vYLvC85gaG8vM695DhxLiQULsGLUnYOU2VGUAYtmdDoFIf%2BsK48t8yuc5rHSqez92P2ZwWmExkuek3pLD1FntHVqi5S5bha398Rvhw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fb8f08c38fc9b28-FRA
expires: Sat, 16 Sep 2023 12:43:41 GMT

GET
H2 200 laeKBCF2fUwtRr-6YSvnzWxKVpHek9-tNg5hQ4wUVaUEKc9I7sTH2Ekco80_J1UUsQ=w70
play-lh.googleusercontent.com/ 7 KB
7 KB 364ms
214ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/laeKBCF2fUwtRr-6YSvnzWxKVpHek9-tNg5hQ4wUVaUEKc9I7sTH2Ekco80_J1UUsQ=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2987f8ce761dbdafa880a50e06360cb287d2db365d490eb5ef0ddfdf9d8cab45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:22 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6673
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 25 Aug 2023 04:44:22 GMT

GET
H2 200 ajax-loader.gif
a2zapk.io/images/ 634 B
1 KB 46ms
41ms Image
image/gif 2606:4700:20::681a:79a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/ajax-loader.gif

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:79a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffe96b98423bb7a4e0ca465361afca090f1896831face3abdbd51365e6675c1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:21 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 576044
cf-polished: origSize=673, status=webp_bigger
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"2a1-571c5d524ad80"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/gif
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=329GuapUBbZ6X3ih%2FajfG5IYJif55huNR6pAcUHxzvPL9Lc4C%2FI5DAeBG38a2KZZmwUeXpOjNHmstWfOjDEFDm9Ea75LP1bgjRwWyow7hw%2FDbu3OmNIrrw6Tx%2FcQmPiyBS0gwHrVUg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fb8f08c38fd9b28-FRA
expires: Sat, 16 Sep 2023 12:43:37 GMT

GET
H2 200 off.png
a2zapk.io/images/ 2 KB
2 KB 74ms
69ms Image
image/webp 2606:4700:20::681a:79a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/off.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:79a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fd93de5dab28bfc6583e39bdaac6a7a4b610e0c5c9560984a4ec04f84099f99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:21 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 575604
cf-polished: origFmt=png, origSize=2671
content-disposition: inline; filename="off.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Wed, 21 Nov 2018 11:23:42 GMT
server: cloudflare
etag: W/"a6f-57b2afb820b80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p8lqYa33i1jvTntVmq%2Fc4VDuNIfKTrmXrK%2BTGv%2BCTtUYtqHADB4rSWs7obz8pYF9l3crk%2FnuTi3P9TYTQl1bbUueZ4UCeB8abVsc%2FtGaJfu5TNbghjvnnnJIe2p7mNCqYSzmzuE5mw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fb8f08c69259b28-FRA
expires: Sat, 16 Sep 2023 12:50:57 GMT

GET
H2 200 fd3cf7dfeb25dbee1baa6483c36bf27f.png
a2zapk.io/images/ 9 KB
10 KB 135ms
131ms Image
image/png 2606:4700:20::681a:79a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/fd3cf7dfeb25dbee1baa6483c36bf27f.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:79a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07ae83422c3f5f751119b6f1bbf94555eb9757f0e2392dcf90b963c3dbaf3fd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:21 GMT
strict-transport-security: max-age=31536000
cf-cache-status: MISS
last-modified: Fri, 07 May 2021 08:36:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"248f-5c1b95142dc00"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nJZk8gSZu1lz9YBriUnrrii1MMaI%2FQrVY65PcxuzU2AjECKOaw7789o1cT6vVM1OrEt1v%2F4N8HENB5azstJ2AlNWUNNNEEGkGDUSLZE7zQo%2F%2By333uJZgZPSMFjWg2Wnw58VnMp4fg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fb8f08c69269b28-FRA
x-xss-protection: 1; mode=block
expires: Sat, 23 Sep 2023 04:44:21 GMT

GET
H2 200 facebook.png
a2zapk.io/images/SocialIcon/ 514 B
900 B 72ms
68ms Image
image/webp 2606:4700:20::681a:79a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/facebook.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:79a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bae9fc3e57c860103d1e03360ba3246e3b6c5bcaa6f3183ce8066cc69843a5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:21 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 575588
cf-polished: origFmt=png, origSize=603
content-disposition: inline; filename="facebook.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"25b-571c5d524ad80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NzajE7Q3tA84XqZmeeUU%2BruWzDImwhsLhNgC9XcpO1PnjZWx%2Frg26ea05MH89%2BFNY7%2BinPBjT9gAuqewYQCGEuob8YjiQzA66Jjua3uOWc0KQx0pIZjshn4njn5j%2B4f%2B5%2FuqPd3SLA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fb8f08c69279b28-FRA
expires: Sat, 16 Sep 2023 12:51:13 GMT

GET
H2 200 twitter.png
a2zapk.io/images/SocialIcon/ 654 B
1 KB 69ms
65ms Image
image/webp 2606:4700:20::681a:79a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/twitter.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:79a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7560081f09d7c7cc914628f0d6f9bd2f91a1c33ccd0403e130c441c607d06f33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:21 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 575588
cf-polished: origFmt=png, origSize=710
content-disposition: inline; filename="twitter.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"2c6-571c5d524ad80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bky0oBOafujR6Buyp%2BvaOvsh6BEbcvJOHPbVVEWcVKJR3T%2FXJWrlSuFi6aRZorJW5UClqBtJzaUsSGqXVOrspbdOz0xKr5sTzTzq%2F48aZyytZZ2AUxlNfg0PcjKN5QVS1QGY2DjeXA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fb8f08c69289b28-FRA
expires: Sat, 16 Sep 2023 12:51:13 GMT

GET
H2 200 google.png
a2zapk.io/images/SocialIcon/ 856 B
1 KB 80ms
76ms Image
image/webp 2606:4700:20::681a:79a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/google.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:79a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b257d5d9d3e857f54d63ff3c6139e086e5c8ca31ab501a7da4b21edd22bdf78a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:21 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 575588
cf-polished: origFmt=png, origSize=929
content-disposition: inline; filename="google.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"3a1-571c5d524ad80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kU2SHdMdfyuJhMPlU9TylP3MgFBqGK6Y3UE8MVGnv3kkvgOmnLbVehATLwx8rB6myri1oXnwM0ss2fUBDGpkjndjJIo6QwA2XuTiuW9qDYpWdxc2VyWm4FyULjN04UVnKadJ8M1wgg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fb8f08c69299b28-FRA
expires: Sat, 16 Sep 2023 12:51:13 GMT

GET
H2 200 diggit.png
a2zapk.io/images/SocialIcon/ 664 B
1010 B 70ms
66ms Image
image/webp 2606:4700:20::681a:79a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/diggit.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:79a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc1f5610c96200875fb98043688653e3edeb19c69d4037823918a573eca2c9ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:21 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 575588
cf-polished: origFmt=png, origSize=743
content-disposition: inline; filename="diggit.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"2e7-571c5d524ad80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=anRAgQOQa2ouuRIqa3RngaVjM0064tXGauLTfnU6kVjUAuvF6MpQ2Q%2BJFh5Zb4IP6cvE%2FZgOmPNipEFCmt1tBa7ZqUqO4%2Fcsn2wI3CHg30Ddc%2BcEcIJnnAGp3mHV0M%2FVyLej7KHs3g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fb8f08c692a9b28-FRA
expires: Sat, 16 Sep 2023 12:51:13 GMT

GET
H2 200 linkedin.png
a2zapk.io/images/SocialIcon/ 600 B
989 B 73ms
69ms Image
image/webp 2606:4700:20::681a:79a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/linkedin.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:79a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b582acaf161db1ef436343a487e95a35a5ee579d35893ad726dce7fa4b85b4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:21 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 575588
cf-polished: origFmt=png, origSize=676
content-disposition: inline; filename="linkedin.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"2a4-571c5d524ad80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pavjsc20lueae3UoUxtZDF8OgrLvbyNcs1DHzWejl1Ve5I7QeIpocIgoDU6LOcZMaiE6KZRaZQcA6vZ0w4IGc6R5TtW2rF6XtgxSKXe3Immc5JXfi1yawNJKFroUFkx5c234mvc%2BEg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fb8f08c692c9b28-FRA
expires: Sat, 16 Sep 2023 12:51:13 GMT

GET
H2 200 reddit.png
a2zapk.io/images/SocialIcon/ 1 KB
1 KB 70ms
67ms Image
image/webp 2606:4700:20::681a:79a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/reddit.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:79a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ae11b8d7458ea7d87d6889e190ad6b5701aaf6072f54df327f745c997c3a0d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:21 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 575867
cf-polished: origFmt=png, origSize=1109
content-disposition: inline; filename="reddit.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"455-571c5d524ad80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6I5v5ZWJHXRJ9h9JfrIOEYRrM3kariFqcHnD9vL6gmagC1nppTqf83SgxInyzbWor1ZR%2B1syYcJN8AY3oSMj6jERNePNW%2BGAc0h0vHRToHnGvGu%2B9zFdVGStMSk61m3opXQ0hpfn5g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fb8f08c692d9b28-FRA
expires: Sat, 16 Sep 2023 12:46:34 GMT

GET
H2 200 stumbleupon.png
a2zapk.io/images/SocialIcon/ 670 B
1 KB 77ms
74ms Image
image/webp 2606:4700:20::681a:79a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/stumbleupon.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:79a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40973a3e0be1b19f1d4a5c766421814dc51eaa807a8568e95619bebe2903473d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:21 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 575867
cf-polished: origFmt=png, origSize=759
content-disposition: inline; filename="stumbleupon.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"2f7-571c5d524ad80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QCmxlRUTLTGJMc6wdXwW07S%2BBuk7k8oKb%2BdYpyKbcMn5M16qH5LF%2BZGe8DQ7KQ7Rn8AFqGy7xTKmCQ1i6oeTKrx%2BaV7%2BlNNI7Ic8XIAmViBWpICbPqLnmhRJvW1Gk%2FauqraqXQrfZA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fb8f08c692e9b28-FRA
expires: Sat, 16 Sep 2023 12:46:34 GMT

GET
H2 200 tumblr.png
a2zapk.io/images/SocialIcon/ 568 B
950 B 80ms
77ms Image
image/webp 2606:4700:20::681a:79a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/tumblr.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:79a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa300a570cc50f33f0dbe6fa43169017bb99a2518e002f72b5a445ae07f7edc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:21 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 575867
cf-polished: origFmt=png, origSize=641
content-disposition: inline; filename="tumblr.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"281-571c5d524ad80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AC2bS9EE4Tspw7ma0E9iAPSjP%2F2ANqxC%2FVQZ2zt1Qi2DPpPir%2BFF%2B6AEAFYKRtjWIcZ4B1jzhn1gI5jAWdHlp%2B8hDIpcunnjTYrUOMDqHmzjQozIzueuuM6arYWe3lG6olfFUkvgVg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fb8f08c692f9b28-FRA
expires: Sat, 16 Sep 2023 12:46:34 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/ 82 KB
27 KB 61ms
23ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2460100
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 26657
last-modified: Thu, 22 Jun 2023 11:06:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942b1e-6821"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FBqf%2BUYBvuBJyM8I7aYS0FCvTecpl3WxYNUhHTGrcGc6avEZeT85Ha0%2BohF2mhl%2BzAO3ZghtWs3wSxaKB2euoxE2A7OFRBY7ODVpVclzjW%2B8vWF%2BPzuYcMnZCCCl0NoRjUrzoWcCauwH88IMh%2Bfoegw5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fb8f08c4f4b4534-TXL
expires: Tue, 13 Aug 2024 04:44:21 GMT

GET
H2 200 jquery.lazyload.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery_lazyload/1.9.7/ 3 KB
1 KB 62ms
24ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery_lazyload/1.9.7/jquery.lazyload.min.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80351098c2478918bb80008d7836499305bf6f4d4b2abf742b8823255bbb0d8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 11094908
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1120
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-d35"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I0UDGbP1BacXZl5d90KoFGDQ9%2FCTuCX9hNOdemvvo9tDopBhgQiGxZr%2BdkidUOM39xR8BBVxfcI5Q3f2pRQuesL5UYj%2FKJmTNMnKOq08TXBfWIr5YclmsMtaMy1eyjkU%2BtPEfSk8cZB%2BP8LJB3mVm07H"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fb8f08c4f4c4534-TXL
expires: Tue, 13 Aug 2024 04:44:21 GMT

GET
H2 200 main2019.js Show response
a2zapk.io/js/ 7 KB
2 KB 48ms
42ms Script
application/javascript 2606:4700:20::681a:79a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/js/main2019.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:79a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8555fd4d9b084d0196daff5bcd75bff3931dec40f27ba33b5ab400ac9d90ceb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:21 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 575604
cf-polished: origSize=7007
content-encoding: br
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 09 May 2019 10:35:22 GMT
server: cloudflare
etag: W/"1b5f-5887201d5ee80"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=boMuka6ncR92AVTH25MjN%2BJU%2FNVD7vvOs1XIzLWTlAO8NMdtZY7cwDObOg8nu7lQUL7eSKmMz8dtMS8p97w2a5sKTSfBsnviYSwlZQOIS3M5UtSCHajgw%2BBMGaCfqE6cuNLjuSfiFw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fb8f08c38ef9b28-FRA
expires: Fri, 16 Aug 2024 12:50:57 GMT

GET
H2 200 apk2019.js Show response
a2zapk.io/js/ 4 KB
2 KB 44ms
38ms Script
application/javascript 2606:4700:20::681a:79a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/js/apk2019.js?v=07-26-2023

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:79a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2925735552eb35109c7d23a42579810b5f46bad2bc1b602fd0a1aff0d215eda9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:21 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 575588
cf-polished: origSize=4702
content-encoding: br
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Tue, 04 Jul 2023 15:14:26 GMT
server: cloudflare
etag: W/"125e-5ffaabd256f06"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TyPMyXxqRmWsxVT3IPs3QT5T%2B04k2PnoaJy%2FfDXari%2BoY9wrqDbK4oCrLcHtGWYnQNBM1t31THhlVaQBtWAorggSNvClBHlxdIZ16JXT6ozamlYqHYKUiLKAhtPxfu3FOxSQWabFCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fb8f08c38f09b28-FRA
expires: Fri, 16 Aug 2024 12:51:12 GMT

GET
H2 200 notification.js Show response
a2zapk.io/js/ 9 KB
2 KB 60ms
54ms Script
application/javascript 2606:4700:20::681a:79a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/js/notification.js?v=06012019

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:79a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56b2ee5bf0628946267ddcaf4be02035e2f89ec2d050157614a6e99e0375e94d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:21 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 575604
cf-polished: origSize=13287
content-encoding: br
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 04 Jul 2019 01:48:42 GMT
server: cloudflare
etag: W/"33e7-58cd12d713280"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=As2oGMARwy5PG17P2%2Fteb6SOn%2F0XA9WJU%2F89MmfoC2oxgKnDfJttj%2FEM0e%2FfsKTLwh%2BuMaI1v2unpyISVgZZsz8ECrml0tU0ctArZ%2BgU5SwZ%2BXROjaBlQJkx9brl%2FQT9xFmEDF4jFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: public, max-age=16070400
cf-ray: 7fb8f08c38f29b28-FRA
expires: Fri, 16 Aug 2024 12:50:57 GMT

GET
H/1.1 200
OK count.js Show response
a2zapk.disqus.com/ 1 KB
2 KB 108ms
27ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.disqus.com/count.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 04:44:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=300; includeSubdomains
X-Amz-Cf-Pop: DFW3-C1
Age: 246
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 23 Aug 2023 17:44:20 GMT
Server: nginx
ETag: "64e64574-367"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: cDkgEb4NcA44qOEMAPuRa3LBKI1KgX-iSAXoUBbCkbbsw1X2tG8jfw==

GET
H2 200 v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 107ms
56ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by: Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer: https://a2zapk.io/
Origin: https://a2zapk.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:21 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 18:10:27 GMT
server: cloudflare
etag: W/"2023.7.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7fb8f08c7e38450a-TXL

GET
H2 200 adgpt.js Show response
a2zapk.io/ 21 KB
5 KB 169ms
166ms Script
application/javascript 2606:4700:20::681a:79a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/adgpt.js?v=1.40.3801132071490205

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:79a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b812ad17db30c294ce8d31ca938776f35834742ca016cecaf4c1756b825c9d59

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:21 GMT
content-security-policy: frame-ancestors 'self'
content-encoding: br
strict-transport-security: max-age=31536000
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JBLr5uC3%2B3acqAZroPXuuAVLFACY0nj%2FamZHPpCjjTKII3qHAW1Mzbd9AfNDgkUeGlTCDcb1t0O9QzjdM8e0ddh6mv9juUKUt7KEsOUkA2KAaLWDcd7HYHqREaFfjD%2FPy%2FkdVyZ8Aw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate, public
cf-ray: 7fb8f08c69309b28-FRA
expires: 0

GET
H2 200 star.svg
a2zapk.io/images/ 762 B
802 B 67ms
67ms Image
image/svg+xml 2606:4700:20::681a:79a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/star.svg

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/css/mainstyle15.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:79a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de16fd70e645265335ce7453f787726ee7c95d9d379d9759eea0a48d99d28913

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/css/mainstyle15.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:21 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 576077
x-xss-protection: 1; mode=block
last-modified: Thu, 23 Aug 2018 15:56:52 GMT
server: cloudflare
etag: W/"2fa-5741c4eb5d900"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Oy%2BQTtN3MBQ1es81AQZ3xJUUndz4mU%2B5fH39Gun3EcGHs6X0TAlwtMOF2xYm8%2BJVq2d8mP7OtbyXyL9nlzzEIdADPLple13bhSBGoGcSDENOYWy2CUnFOb%2BiT%2FL2uiJLRUqMAU05A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 7fb8f08c69319b28-FRA
expires: Fri, 16 Aug 2024 12:43:04 GMT

GET
H2 200 stars.svg
a2zapk.io/images/ 901 B
828 B 68ms
68ms Image
image/svg+xml 2606:4700:20::681a:79a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/stars.svg

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/css/mainstyle15.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:79a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc60e6f6e60e1cc56e2ebfc8d51811b55fc04a29e0a383dfceba765c2e870ba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/css/mainstyle15.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:21 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 576077
x-xss-protection: 1; mode=block
last-modified: Thu, 23 Aug 2018 15:56:52 GMT
server: cloudflare
etag: W/"385-5741c4eb5d900"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fOHAoR5tHkFhoMi9cfx5WyWOP2evbQUITLC0873vQ0tsmI%2Bxs%2F1l%2BFZf%2BlB0%2FxYNAOKeuTy6YZRUHME8oMmzwDmZ828KUfmiElqRA3MSwIHyMICgt8lVCNB5A3ARR%2BbKz5htCPoctw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 7fb8f08c69329b28-FRA
expires: Fri, 16 Aug 2024 12:43:04 GMT

GET
H2 200 icomoon.woff
a2zapk.io/css/StyleMenuIcon/ 6 KB
4 KB 64ms
64ms Font
application/font-woff 2606:4700:20::681a:79a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/css/StyleMenuIcon/icomoon.woff

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/css/StyleMenuIcon/styleMenuIcon2020.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:79a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6135796cbdc91d896457d04e673761aaf6e3b54f51b8dc2162c30a523a81b64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://a2zapk.io/css/StyleMenuIcon/styleMenuIcon2020.css
Origin: https://a2zapk.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:21 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 575604
x-xss-protection: 1; mode=block
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"19bc-571c5d524ad80"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0M%2B7s3%2BA3T3hzKstLZyL3Ialj7RSRTaXPwu3G5Mo5xZJAdgt2LmLaLZVLLrccGGgUoACRiUtMc%2F9qZ9KJrTx3IbqRUPbXO1tYNdKlIk5GptzRZiTLJe%2F97d%2FhH6WOgiY59kB5zBMdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=2678400
vary: Accept-Encoding
cf-ray: 7fb8f08c69339b28-FRA

GET
H2 200 br.gov.caixa.tem.html Show response
a2zapk.io/reviews/ 29 KB
8 KB 1090ms
1090ms XHR
text/html 2606:4700:20::681a:79a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/reviews/br.gov.caixa.tem.html

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:79a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6314a56f8073aea8790aedca4c3d0e076e08f2b77ead2dbef8bb59083ee47bf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html, */*; q=0.01
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:22 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 24 Aug 2023 04:44:22 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2wiOVv5XhVlti6EhzNZGqRhtp8iSdi05iYsgQ7Rt4PHTqWa3t8pzXaYoBlHT2iIP02%2BEluUyzj2uPDi5Krwf%2BuIFxAYwG79SQls4jLvPjBu0yepLHCyx55WAvg6a%2Bo0CQZq4OwHMbg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=16070400, must-revalidate
cf-ray: 7fb8f08c99679b28-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 count.php Show response
a2zapk.io/dl/ 2 B
511 B 156ms
156ms XHR
text/html 2606:4700:20::681a:79a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/dl/count.php?id=1162999

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:79a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:22 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN, DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pD7lvGBs9nawVo5%2BGk6wPBhLloYeaH2ib4nK9zZ0%2FFi%2FDvcvuL9n%2FLee5VE%2B7QKPLMk3DqFwE1LVt0vuCSLlVCe5iYqfd%2F6PFqqXr2Ph0dZqNXXhX6RCMeeo8UxNWybGbUF0%2FrkraQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 7fb8f08ce9b79b28-FRA
x-xss-protection: 1; mode=block
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 EJDtYUFdaIuZiONXKeInnNAbzQfa0D6BIHrc-HRG5ZuvJcQmZY2aK7bG8zx5GeQHA2Hn=w70
play-lh.googleusercontent.com/ 1 KB
1 KB 96ms
64ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/EJDtYUFdaIuZiONXKeInnNAbzQfa0D6BIHrc-HRG5ZuvJcQmZY2aK7bG8zx5GeQHA2Hn=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e37817763c084e0af5a14e4a4025b49862effe93608b0fd1644103beb518f68d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 01:32:16 GMT
x-content-type-options: nosniff
age: 11525
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1035
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 25 Aug 2023 01:32:16 GMT

GET
H2 200 WXKlKXLPQ7loQBjQJTIn2JZmrq4YPFCgOhqQDUBlSR2Yl__T4yb4CmqbyKvAZBh_CoU=w70
play-lh.googleusercontent.com/ 4 KB
4 KB 98ms
66ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/WXKlKXLPQ7loQBjQJTIn2JZmrq4YPFCgOhqQDUBlSR2Yl__T4yb4CmqbyKvAZBh_CoU=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

80ec0d21e5ec1ce39ae2a25821ca2369a0faad2633e3195e5d2108950bde0b24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:40:00 GMT
x-content-type-options: nosniff
age: 3861
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3803
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 25 Aug 2023 03:40:00 GMT

GET
H2 200 uY7YCS5M6ZlMcAFHMfR2vSLM3rb-_j304I-q54Pw7tHfONoTSxMkf6THzIm1KtbHTuk=w70
play-lh.googleusercontent.com/ 5 KB
5 KB 87ms
55ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/uY7YCS5M6ZlMcAFHMfR2vSLM3rb-_j304I-q54Pw7tHfONoTSxMkf6THzIm1KtbHTuk=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c784ecc6cb0492bd4f432b733f0b780026ae16b975dd82d7a951a9f3044d79fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:58:48 GMT
x-content-type-options: nosniff
age: 2733
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4918
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 25 Aug 2023 03:58:48 GMT

GET
H2 200 JdR28cdvmQla9dEW_G6c0ST_75eGtLHj0A3zPehz3aqD_Q__I1WPLWtm1lLANNL5AEXp=w70
play-lh.googleusercontent.com/ 5 KB
5 KB 91ms
59ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/JdR28cdvmQla9dEW_G6c0ST_75eGtLHj0A3zPehz3aqD_Q__I1WPLWtm1lLANNL5AEXp=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fb3a4c9440211608ff55f933356f04cdb0a629575902dc4fd80db26b25b45eb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:58:48 GMT
x-content-type-options: nosniff
age: 2733
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4682
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 25 Aug 2023 03:58:48 GMT

GET
H2 200 IcEWj9GdJhsnzYP0lsJEanmmMvvwYNKcKLan6OGZyghOTfdHKuuDKj_zx5T2qdbvUl0=w70
play-lh.googleusercontent.com/ 9 KB
9 KB 101ms
69ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/IcEWj9GdJhsnzYP0lsJEanmmMvvwYNKcKLan6OGZyghOTfdHKuuDKj_zx5T2qdbvUl0=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

afcb75952f910e74a87f9c7154e98bd1d3321452a2ff7ddf63eb22dd5f652c7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:58:48 GMT
x-content-type-options: nosniff
age: 2733
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8870
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 25 Aug 2023 03:58:48 GMT

GET
H2 200 0BRTWTI0PZ-V4XXEWgEQAZ9XvMquwbb_MsuCDsSWV_nBARHRVsCfkNrU28VnlCDSZyI=w70
play-lh.googleusercontent.com/ 4 KB
4 KB 88ms
86ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/0BRTWTI0PZ-V4XXEWgEQAZ9XvMquwbb_MsuCDsSWV_nBARHRVsCfkNrU28VnlCDSZyI=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f1f1d4deac832a38fe85263c83371ca3dd1852401a9aafc6201c3ce19fa19daf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:40:00 GMT
x-content-type-options: nosniff
age: 3861
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3633
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 25 Aug 2023 03:40:00 GMT

GET
H2 200 3b9eSR7q5p9htVhgRhfSaIM3fmPH57t0awCDzSWtKRKbZ435qUspwwLvqPuGVMWWNw=w70
play-lh.googleusercontent.com/ 5 KB
5 KB 92ms
90ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/3b9eSR7q5p9htVhgRhfSaIM3fmPH57t0awCDzSWtKRKbZ435qUspwwLvqPuGVMWWNw=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d21803ddac2c626338f5740a636fe951da54ff17a683b3333dcfeb8addc46edd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:58:48 GMT
x-content-type-options: nosniff
age: 2733
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5478
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 25 Aug 2023 03:58:48 GMT

GET
H2 200 RSu_Yble-5MgqnXbuqaYdj9r97Wv3yE0ICX2vDGAw2QCZPF4wZLA71Q1cEndjR1WpDM=w70
play-lh.googleusercontent.com/ 1 KB
1 KB 116ms
114ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/RSu_Yble-5MgqnXbuqaYdj9r97Wv3yE0ICX2vDGAw2QCZPF4wZLA71Q1cEndjR1WpDM=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1d8a10f707df99a7e5d84aeb947777a8daf1be07007780b0c0bf8d0d88707ae9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:58:48 GMT
x-content-type-options: nosniff
age: 2734
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1447
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 25 Aug 2023 03:58:48 GMT

GET
H2 200 scjTdynpiYyP1aLS8InNR0NLmCh1TyjaEqcFE6UbHDoOx7UGOG9wi2L-URI30UIPWg=w70
play-lh.googleusercontent.com/ 13 KB
13 KB 102ms
100ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/scjTdynpiYyP1aLS8InNR0NLmCh1TyjaEqcFE6UbHDoOx7UGOG9wi2L-URI30UIPWg=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

80752a6725c62468e79fec444b115bcbaca5c8d9c84b8328dd297193a89cb23b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:58:48 GMT
x-content-type-options: nosniff
age: 2734
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13213
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 25 Aug 2023 03:58:48 GMT

GET
H2 200 1YI3AZb3qJw020xpKMANKV6XdAzjvz1wAUJHPeljiNdTpvnaB5ziPDvRx1JBCuUHRg=w70
play-lh.googleusercontent.com/ 11 KB
11 KB 149ms
147ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/1YI3AZb3qJw020xpKMANKV6XdAzjvz1wAUJHPeljiNdTpvnaB5ziPDvRx1JBCuUHRg=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fff7144fa7e0efc47824ffc51e4c5dbaffaacfd04b89193aaebdb226ca1e3494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:58:48 GMT
x-content-type-options: nosniff
age: 2734
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10998
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 25 Aug 2023 03:58:48 GMT

GET
H2 200 GwYfabKJSuh3ZZic55C9LLvPrud93lyQaVRTrurCxTb68w03I9YRmVcwa_X7K8xc3w=w70
play-lh.googleusercontent.com/ 11 KB
11 KB 119ms
118ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/GwYfabKJSuh3ZZic55C9LLvPrud93lyQaVRTrurCxTb68w03I9YRmVcwa_X7K8xc3w=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a231c8c9b85655bd11127d15c1fe0692cf75405dfb436a2614a581caf175453b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:58:48 GMT
x-content-type-options: nosniff
age: 2734
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10897
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 25 Aug 2023 03:58:48 GMT

GET
H2 200 V2TReRRiYZv3nV3qDfljz54gs4oYEBRh8z2QWyrACRSHiMYpAnsFne6AaNVEFQJ9ROw_=w70
play-lh.googleusercontent.com/ 9 KB
9 KB 169ms
167ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/V2TReRRiYZv3nV3qDfljz54gs4oYEBRh8z2QWyrACRSHiMYpAnsFne6AaNVEFQJ9ROw_=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

41a16c82f1a1901a55bbdfd4129b05e975196942d38831be77207b5ed82e57ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:40:00 GMT
x-content-type-options: nosniff
age: 3862
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9362
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 25 Aug 2023 03:40:00 GMT

GET
H2 200 TFb-k4sKePYriyNidES5UD1HDZrVGw7oGtvX1xqGqC8gSijIvpbbPS2qy1jvxZ4wbg=w70
play-lh.googleusercontent.com/ 3 KB
3 KB 97ms
95ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/TFb-k4sKePYriyNidES5UD1HDZrVGw7oGtvX1xqGqC8gSijIvpbbPS2qy1jvxZ4wbg=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00067a13f6ac6be3ee460d799be2e268e0973d1f49e6a2737868e3231fb2698a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:58:48 GMT
x-content-type-options: nosniff
age: 2734
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3369
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 25 Aug 2023 03:58:48 GMT

GET
H2 200 HBi_9CAOrQD2fAPf3alES3VEvx7P240-QrpIYcY1-ide-25vfpDSaBrJLD_K5vNKDWec=w70
play-lh.googleusercontent.com/ 6 KB
6 KB 180ms
178ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/HBi_9CAOrQD2fAPf3alES3VEvx7P240-QrpIYcY1-ide-25vfpDSaBrJLD_K5vNKDWec=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

03ed6e30bee0904aa1c18913cf4ea46865b9f13c339ef3f0ec6a76feff369c39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:58:48 GMT
x-content-type-options: nosniff
age: 2734
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5759
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 25 Aug 2023 03:58:48 GMT

GET
H2 200 AGUNGOb0JJF0nB4eVJbao8NlZh-W3D-dM0nu8BLuDIL3CUrMtwuCqFUIC7zMACjtiY8=w70
play-lh.googleusercontent.com/ 8 KB
8 KB 131ms
129ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/AGUNGOb0JJF0nB4eVJbao8NlZh-W3D-dM0nu8BLuDIL3CUrMtwuCqFUIC7zMACjtiY8=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c438c413fbad7c509b936b0866b354ca6efc56e64bac35fa2127ea1339210a4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:58:48 GMT
x-content-type-options: nosniff
age: 2734
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7922
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 25 Aug 2023 03:58:48 GMT

GET
H2 200 uA2SPkUUN4feau4S-JtJrxjTfjQ7s5_9vTA2dj1ECSPQy_GrQXGzSp_PH0eTibmymsM=w70
play-lh.googleusercontent.com/ 9 KB
9 KB 162ms
160ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/uA2SPkUUN4feau4S-JtJrxjTfjQ7s5_9vTA2dj1ECSPQy_GrQXGzSp_PH0eTibmymsM=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a41620a90c460d71993a408748ecc6be5bd243708f42d7289fbb45a2860dc153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:58:48 GMT
x-content-type-options: nosniff
age: 2734
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9206
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 25 Aug 2023 03:58:48 GMT

GET
H2 200 oWttohYyh3AtI6jYeQNQReUzhz-babbXTHf9DDosjH-BnUC1eGgh16yxJoDrJm9xxr49=w70
play-lh.googleusercontent.com/ 3 KB
3 KB 183ms
181ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/oWttohYyh3AtI6jYeQNQReUzhz-babbXTHf9DDosjH-BnUC1eGgh16yxJoDrJm9xxr49=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d14655909420f9ebf6ead0163a23930907885e2d7392b00d5897a7b85799c89a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 01:32:17 GMT
x-content-type-options: nosniff
age: 11525
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3300
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 25 Aug 2023 01:32:17 GMT

GET
H2 200 UCP0gollt1iWlc5IUoShRKA6PdoGIfojv1RNv0FKPVMxklg23mZmr3Z6YAFK4u_bizU=w70
play-lh.googleusercontent.com/ 2 KB
2 KB 176ms
175ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/UCP0gollt1iWlc5IUoShRKA6PdoGIfojv1RNv0FKPVMxklg23mZmr3Z6YAFK4u_bizU=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

10651dca9e2ceeb75be4fbb13d1af7f947432eb0176711dc9e91ae4a00914cd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:40:00 GMT
x-content-type-options: nosniff
age: 3862
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1926
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 25 Aug 2023 03:40:00 GMT

GET
H2 200 Z_NsZAKK3vicIw-iVOEGZmcDIA-7lGNEsGCoQwPjeCY9MALr9oPfWvJ3OvBEqoUIf0G6=w70
play-lh.googleusercontent.com/ 1 KB
1 KB 178ms
176ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/Z_NsZAKK3vicIw-iVOEGZmcDIA-7lGNEsGCoQwPjeCY9MALr9oPfWvJ3OvBEqoUIf0G6=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

acad84adbf567da758e140fc6d02e4a74bbbb8696864fb130996929486ca28bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 01:32:17 GMT
x-content-type-options: nosniff
age: 11525
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1300
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 25 Aug 2023 01:32:17 GMT

GET
H2 200 H_NW9AHAstvavC4btbdThXbWho0-RltR6Y9voF6fBwdS6rPEMgL9aabKtwAjwh0pNQ=w70
play-lh.googleusercontent.com/ 2 KB
2 KB 176ms
174ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/H_NW9AHAstvavC4btbdThXbWho0-RltR6Y9voF6fBwdS6rPEMgL9aabKtwAjwh0pNQ=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

05d161ff3a5d195fc70366fa828ac91eec94ed9533a1d65b76af45b8590a4a8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:58:48 GMT
x-content-type-options: nosniff
age: 2734
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1968
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 25 Aug 2023 03:58:48 GMT

GET
H2 200 OfoqvtjnJN1BMezCZHJVVedsHrosIH_YoCUj28Sdhl3ch9tVFFGQgwnXByOR8t_6V58=w70
play-lh.googleusercontent.com/ 7 KB
7 KB 143ms
142ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/OfoqvtjnJN1BMezCZHJVVedsHrosIH_YoCUj28Sdhl3ch9tVFFGQgwnXByOR8t_6V58=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f96b7006a671e0b70afc37bdd2b8a582f3c16e6ee7e0d2ea6503d6a0325aa156

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 01:32:17 GMT
x-content-type-options: nosniff
age: 11525
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6986
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 25 Aug 2023 01:32:17 GMT

GET
H2 200 hSyebBlYwtE2aMjzSIHasUO9cQv9HgNAw9owy6ADO0szOKYO3rDk60r7jcyXu82Fbq1M=w70
play-lh.googleusercontent.com/ 3 KB
3 KB 159ms
157ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/hSyebBlYwtE2aMjzSIHasUO9cQv9HgNAw9owy6ADO0szOKYO3rDk60r7jcyXu82Fbq1M=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3bc29f8a45ea096b6c42fd03a805e35ffe853afe14f0ded374b7857fb21e4397

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:58:48 GMT
x-content-type-options: nosniff
age: 2734
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3044
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 25 Aug 2023 03:58:48 GMT

GET
H2 200 gTd127I81O2i2Q6kfCJoN-M0OSWmgsdjB47orUFpLwANW7VZLJYrOxMVt-OpilDXszg=w70
play-lh.googleusercontent.com/ 3 KB
4 KB 157ms
155ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/gTd127I81O2i2Q6kfCJoN-M0OSWmgsdjB47orUFpLwANW7VZLJYrOxMVt-OpilDXszg=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8e416d4bfc379a213a83613d8c12e30871025e1a735cd06f7daa53519b2c7110

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:58:48 GMT
x-content-type-options: nosniff
age: 2734
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3529
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 25 Aug 2023 03:58:48 GMT

GET
H2 200 eB1ddJSuLAN2AIWZ2X1gQ6krzb7VwZ2xhYGOMrOyFe5TSejW364kh82ArhfDBXPW-tg=h300
play-lh.googleusercontent.com/ 27 KB
27 KB 388ms
386ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/eB1ddJSuLAN2AIWZ2X1gQ6krzb7VwZ2xhYGOMrOyFe5TSejW364kh82ArhfDBXPW-tg=h300

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b2c6e114d26c42d9a678f0a81a15c8c876fde4b711e852ce7e9735f90bdef370

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:22 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28014
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 25 Aug 2023 04:44:22 GMT

GET
H2

200

invisible.js Show response
a2zapk.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/ Frame 52AE
Redirect Chain

https://a2zapk.io/cdn-cgi/challenge-platform/scripts/invisible.js
https://a2zapk.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

7 KB
4 KB

35ms
35ms

Script
application/javascript

2606:4700:20::681a:79a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Server

2606:4700:20::681a:79a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7bd904fcd102260a24dd805ae0c7828b99941110291332cf9f5e3994ef27799

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:21 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wUSal%2FaqNzDYUXmm7ieeJxAv9PLKcxi%2Fc%2BO9%2Ft4JJ%2ByK0Fd1b4NtgWYFid8gack31HbUvuVWljv8ymF%2FLQtmxfgqQuxZotuBH7cuaresIS6fsJcFU9T%2BH3CZtePiEKHmcqBgH3sdRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7fb8f08d3a059b28-FRA

Redirect headers

date: Thu, 24 Aug 2023 04:44:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=elV4CZhko0sNwFw3HkPddnVSOvR4bsFFP6lZ4ThbCEYCpkiuwIDSDMhtlCFsa4AVL5egvOFOySfdiO%2BhAPfhq1AMTq78JNKiQz%2BraFFuby8X15lGzJCwwE7xsm0cJJ6w3DIP2QVuNg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
cache-control: max-age=300, public
cf-ray: 7fb8f08d09cd9b28-FRA

GET
H/1.1 200
OK count-data.js Show response
a2zapk.disqus.com/ 213 B
794 B 133ms
133ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.disqus.com/count-data.js?2=https%3A%2F%2Fa2zapk.io%2F1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Requested by

Host: a2zapk.disqus.com
URL: https://a2zapk.disqus.com/count.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

ffe0a5b83049b3395df4e98eeac04e5fce824815bc4ba32faf3c7e6b5690a420

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 04:44:22 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 213
X-XSS-Protection: 1; mode=block

GET
H2 200 favicon.ico
googleads.g.doubleclick.net/ 1 KB
1 KB 174ms
56ms Image
image/x-icon 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/favicon.ico

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

996993bfeb7cd9c381255c28e21b63f2c391ef090fe0266f016991eb8e3efdd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:01:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 427362
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 884
x-xss-protection: 0
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/x-icon
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 18 Aug 2024 06:01:40 GMT

POST
H2 200 7fb8f08a5eda9b28 Show response
a2zapk.io/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 52AE 0
458 B 51ms
50ms XHR
text/plain 2606:4700:20::681a:79a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a2zapk.io/cdn-cgi/challenge-platform/h/g/cv/result/7fb8f08a5eda9b28
Requested by: Host: a2zapk.io
URL: https://a2zapk.io/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:79a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 24 Aug 2023 04:44:22 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7fb8f08e4b009b28-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ccE99XeVxNvB1JnfPJRlB%2FCZJRsC0Me%2FepeKb6OAn3lBu6GvXxuHZvbiprA2QKGdfmLd8%2Bz%2BUcOR8Ow3QX6Z1fkwVNYB7UP7U%2FOKaWozapH%2FbDRryZT7GtpfaByFA%2FYhTeRWYChSNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 98ms
34ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-SS5VJ1BTPE&gtm=45je38l0&_p=84735703&cid=1489411320.1692852262&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692852262&sct=1&seg=0&dl=https%3A%2F%2Fa2zapk.io%2F1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html&dt=CAIXA%20Tem%201.52.1%20APK%20for%20Android&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SS5VJ1BTPE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://a2zapk.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H2 404 auction
srtb.msn.com/ 0
0 147ms
56ms Fetch 204.79.197.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://srtb.msn.com/auction
Requested by: Host: a2zapk.io
URL: https://a2zapk.io/adgpt.js?v=1.40.3801132071490205
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0003.a-msedge.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:21 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 756AAFA8E4454D7087535184A0D4858A Ref B: FRAEDGE1514 Ref C: 2023-08-24T04:44:22Z
content-length: 0
x-cache: CONFIG_NOCACHE

GET
H2 200 laeKBCF2fUwtRr-6YSvnzWxKVpHek9-tNg5hQ4wUVaUEKc9I7sTH2Ekco80_J1UUsQ=w70
play-lh.googleusercontent.com/ 7 KB
7 KB 55ms
54ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/laeKBCF2fUwtRr-6YSvnzWxKVpHek9-tNg5hQ4wUVaUEKc9I7sTH2Ekco80_J1UUsQ=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2987f8ce761dbdafa880a50e06360cb287d2db365d490eb5ef0ddfdf9d8cab45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:22 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6673
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 25 Aug 2023 04:44:22 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
29 KB 292ms
175ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/adgpt.js?v=1.40.3801132071490205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16f0c014f312327af786fc926fb23ab23e405bf8ecfb3f2b8035a6a0d09448a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28932
x-xss-protection: 0
server: cafe
etag: 99 / 19593 / m202308170101 / config-hash: 7318857149872976337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 24 Aug 2023 04:44:22 GMT

POST
H2 200 logip.php Show response
a2zapk.io/dl/ 0
381 B 105ms
105ms XHR
text/html 2606:4700:20::681a:79a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/dl/logip.php

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/adgpt.js?v=1.40.3801132071490205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:79a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 24 Aug 2023 04:44:22 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-xss-protection: 1; mode=block
pragma: no-cache, no-cache
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2FQimiijaevjeQcZvbWu9hg0QSZHeDRQxjGBmk5I5hS3Z23z3j5qqH0PF7OHQDoymYGpNZslAJdSTpWGcErku3St1fnwPbSmIdvcWPLE16fvVaDSCZELQu14zefV%2FT0sSC5GU9EOpA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
cf-ray: 7fb8f08f8c599b28-FRA
access-control-allow-headers: Content-Type, Authorization
expires: 0, Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 eB1ddJSuLAN2AIWZ2X1gQ6krzb7VwZ2xhYGOMrOyFe5TSejW364kh82ArhfDBXPW-tg=h300
play-lh.googleusercontent.com/ 27 KB
27 KB 57ms
57ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/eB1ddJSuLAN2AIWZ2X1gQ6krzb7VwZ2xhYGOMrOyFe5TSejW364kh82ArhfDBXPW-tg=h300

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b2c6e114d26c42d9a678f0a81a15c8c876fde4b711e852ce7e9735f90bdef370

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:22 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28014
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 25 Aug 2023 04:44:22 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/ 402 KB
127 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0b6cf04cd484a5a817d7e64121674b837a42c361df9231f899270acbf49dfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:09:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2105
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129577
x-xss-protection: 0
server: cafe
etag: 2336233631454045957
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 23 Aug 2024 04:09:17 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 193 KB
48 KB 505ms
505ms XHR
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1334174101539628&correlator=457086450527461&eid=31076475&output=ldjh&gdfp_req=1&vrg=202308170101&ptt=17&impl=fifs&iu_parts=22959879228%2Cinterstitial-a2z%2Cdesktop1-728%2Cmobileresp3-300%2Cmobileresp2-300%2Cstickyfooter&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F5&prev_iu_szs=1x1%2C300x250%7C320x480%7C336x280%2C728x90%2C300x100%7C250x250%7C300x250%2C250x250%7C300x50%7C200x200%7C300x250%2C1x1%2C320x100%7C120x60%7C300x100%7C728x90%7C300x75&ifi=1&sfv=1-0-40&ists=66&fas=8%2C0%2C0%2C0%2C0%2C1%2C0&sc=1&cookie_enabled=1&abxe=1&dt=1692852262856&lmt=1692845061&adxs=-9%2C650%2C436%2C278%2C258%2C-9%2C-12245933&adys=-9%2C2703%2C75%2C539%2C2171%2C-9%2C-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C1%7C0%7C0%7C2%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&bz=1&url=https%3A%2F%2Fa2zapk.io%2F1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html&vis=1&psz=0x-1%7C1600x250%7C1600x90%7C728x1249%7C728x2045%7C0x-1%7C0x-1&msz=0x-1%7C1600x250%7C1600x90%7C688x100%7C728x50%7C0x-1%7C0x-1&fws=2%2C0%2C0%2C0%2C0%2C2%2C640&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=1489411320.1692852262&ga_sid=1692852263&ga_hid=84735703&ga_fc=true&dlt=1692852261711&idt=1120&adks=2135858098%2C2142338867%2C299942153%2C2763825005%2C2766013119%2C1309157062%2C3626215300&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

914c92ff6b49efddbfa604d70390190ef886425a1d5d064ae07a01b3b1202698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:23 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49444
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://a2zapk.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3475 6 KB
3 KB 234ms
64ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a2zapk.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 04:44:23 GMT
expires: Fri, 23 Aug 2024 04:44:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/ 37 KB
13 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85546fc1dc5bd86a9db3f5d39e5cbc0dd92106c5e67c147d78eddf19b3f13a2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 01:40:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11062
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13156
x-xss-protection: 0
server: cafe
etag: 1643040129009188309
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 23 Aug 2024 01:40:00 GMT

GET
H3 200 AAcHTteNWvda5NIkMe_ZvVfKdabf5_TORLYnjsM_lt8Sy9ZhWQ8=w48
play-lh.googleusercontent.com/a/ 422 B
442 B 72ms
72ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/a/AAcHTteNWvda5NIkMe_ZvVfKdabf5_TORLYnjsM_lt8Sy9ZhWQ8=w48

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

27686f826ed1dfe39698b13eba4ac46241a32852e3fac100dd519dde58425fd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:22 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 422
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 likeit.png
a2zapk.io/images/ 192 B
667 B 42ms
42ms Image
image/webp 2606:4700:20::681a:79a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/likeit.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:79a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26ef1399edc15fddc1cf7e2fedcd2f5be0103c4c23e1c81c72d332407cefe1cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:22 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 576057
cf-polished: origFmt=png, origSize=268
content-disposition: inline; filename="likeit.webp"
content-length: 192
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Fri, 30 Nov 2018 09:44:02 GMT
server: cloudflare
etag: "10c-57bdea3a4dc80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2R7SiXG2lKrBkIkv3Tb16AXHl%2F2fEgZAwHNwG40%2F3bh4DjhR%2FBE8eTtm11e6LxQ0%2Bb%2F%2FdBnfupNZplb04pbCT%2FlSjny332iE%2FSlIdpXDe828VKxdmQdqzme5cC5Sp1S2cOKMQQSEGA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 7fb8f0936f7b9b28-FRA
expires: Sat, 16 Sep 2023 12:43:25 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 242ms
113ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308170101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62f580a4e0b6f4eb257c1f1c4d8b34dc69b9f28984882346b089149a1eda7746

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11718
x-xss-protection: 0

POST
H2 204 rum Show response
a2zapk.io/cdn-cgi/ 0
164 B 59ms
58ms XHR
text/plain 2606:4700:20::681a:79a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:79a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
content-type: application/json

Response headers

date: Thu, 24 Aug 2023 04:44:23 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://a2zapk.io
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7fb8f09498889b28-FRA

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 203ms
65ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 24 Aug 2023 04:44:23 GMT

GET
H2 200 container.html Show response
25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 17F9 6 KB
3 KB 58ms
57ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a2zapk.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 04:44:23 GMT
expires: Fri, 23 Aug 2024 04:44:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 66B5 6 KB
3 KB 57ms
57ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a2zapk.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 04:44:23 GMT
expires: Fri, 23 Aug 2024 04:44:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2C52 6 KB
3 KB 57ms
57ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a2zapk.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 04:44:23 GMT
expires: Fri, 23 Aug 2024 04:44:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C2D7 6 KB
3 KB 72ms
71ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a2zapk.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 04:44:23 GMT
expires: Fri, 23 Aug 2024 04:44:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E3EA 6 KB
3 KB 65ms
65ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a2zapk.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 04:44:23 GMT
expires: Fri, 23 Aug 2024 04:44:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9CBD 6 KB
3 KB 57ms
56ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a2zapk.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 04:44:23 GMT
expires: Fri, 23 Aug 2024 04:44:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F468 6 KB
3 KB 57ms
57ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a2zapk.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 04:44:23 GMT
expires: Fri, 23 Aug 2024 04:44:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 17F9 4 KB
1 KB 210ms
68ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 24 Aug 2023 04:44:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 04:13:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Aug 2023 04:44:23 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5EE8 624 B
711 B 97ms
96ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwtPDmAEwAQ&v=APEucNUDM0Ej39mpgTR1HIFMrBMxSq_NBqmxbrFPhezLjshsorseB1HBmJUvgJON0y2hjs7OlewCPFIa2FCzdF7K_IkKrtfkhzJfnV0oqWeKFk7acE2-4o2ARH_LkUl3CfPM2lK3VwSywpFYUxKlSpKTUQsadGk600Jjf_fn7DesqzxAQexzkOs

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 04:44:23 GMT
expires: Thu, 24 Aug 2023 04:44:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5745 86 KB
29 KB 305ms
188ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 24 Aug 2023 04:44:23 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame 5745 3 KB
1 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/window_focus_fy2021.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:08:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52576
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:08:07 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame 5745 20 KB
8 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:08:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52563
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:08:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5745 181 KB
57 KB 212ms
73ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57781
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692618714633496"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Aug 2023 04:44:23 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5745 42 B
63 B 213ms
98ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B8nIPABSIoiECwRu9XBM3_812BxzgqZPYRcokxmLzqK9uZk2Mk5rztbBqzr7WqhKT8fpS1BNM4sq3IA3xPBVd6D-jXPvekgx7UW5iNAvuzj7vLATA

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5745 0
20 B 214ms
99ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11856948659799253831&x=1&ct=76

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/elements/html/ Frame 17F9 20 KB
8 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:17:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52022
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8570
x-xss-protection: 0
server: cafe
etag: 11167480076894372452
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:17:21 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 340D 624 B
506 B 98ms
96ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj3oLvGATAB&v=APEucNW8BJfHkrxn98ZrpMcV7ajbqW-dBkX-JBSaddYAoc8U3O0Wm94b4nDTDjZyG89Y5OACNLiPcJJSsm1HN5tmPFV9Mw7gKC4mEYTs931kgFtk-MqQO4UbpaAJ1wnWPycWStN974tmd07I1zkIafXnhtBSD2TXcoTKptpaGcKf4VQfscCtlXQ

Requested by

Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 04:44:23 GMT
expires: Thu, 24 Aug 2023 04:44:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 66B5 86 KB
29 KB 384ms
281ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 24 Aug 2023 04:44:23 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 66B5 42 B
63 B 202ms
100ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DqxKLTbccZpoB8gMSBs7MzEfC3XPWE9fA9EwJdUmuNKjmR_mi57_7fqMRM1pyU_yjXFyAgT97YeeO2fi3-pORLVL9N3DcUbOXebQLMruS6XBs0YMU

Requested by

Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 66B5 0
20 B 202ms
100ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15218381105736793648&x=1&ct=77

Requested by

Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame 66B5 3 KB
1 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/window_focus_fy2021.js

Requested by

Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:08:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52576
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:08:07 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame 66B5 20 KB
8 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:08:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52563
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:08:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 66B5 181 KB
57 KB 348ms
223ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57781
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692618714633496"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Aug 2023 04:44:23 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8FE9 624 B
504 B 100ms
98ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNVmSBMFrOatpqov2JAKfSRufuwesxSLgHzzNXBkF3x0ar_0zFiBYi4OTUZuol71aBHx1XgL78uja6KZDpE8gI7bSavZd8IY7mlaWhCUxiV_oBeyg2tqlcJCUMfkdiadZCKb0chyaOMtRbZEZhS0rMwU_r2aAeSRO9rb97iyYt4Vx8ifCn4

Requested by

Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 04:44:23 GMT
expires: Thu, 24 Aug 2023 04:44:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2C52 86 KB
29 KB 342ms
249ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 24 Aug 2023 04:44:23 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C52 42 B
63 B 186ms
94ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AoNJ2NCYcMq6N50Umv1ivRi8FnJ3_CwKtwywUSLYNlNZV3bJ4UrlCLuCCEcDRe0h6axBLllohCf4DUoYca4oqXgRfDt9pAANz_WoEw55w62dOE3W4

Requested by

Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C52 0
20 B 183ms
91ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=114898442525193117&x=1&ct=77

Requested by

Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame 2C52 3 KB
1 KB 89ms
88ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/window_focus_fy2021.js

Requested by

Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:08:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52576
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:08:07 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame 2C52 20 KB
8 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:08:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52563
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:08:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2C52 181 KB
57 KB 306ms
189ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57781
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692618714633496"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Aug 2023 04:44:23 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A58D 624 B
505 B 96ms
95ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNVVk1uPZB_28LuhhqJ42r8EmPVQzsUagGo0HG-coxMM6DyaoYItBqvFORZIu1AT0HNntzDEGcPxKxpB43E2pBdq_uV_UlCwgUiwY-ydr0Dq35L96AJXctxaxVV0ihR9iq5Jaa-f-PDuGRhUeCwtCmq5QLSuOnIkNySKwZmE1Yj9csAa4Hw

Requested by

Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 04:44:23 GMT
expires: Thu, 24 Aug 2023 04:44:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C2D7 86 KB
29 KB 357ms
285ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 24 Aug 2023 04:44:23 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C2D7 42 B
63 B 170ms
98ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ciopxwg-8fVcW2D0_sg9uaEuoF-u9WCMhlAi6GdzpQ6owVE7qvwRfx_wgMXzZUVcfufzw7p1j4pI5Q9In1pLCzEBCMj_xx1LBh9RXRxY6xcOP_X34

Requested by

Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C2D7 0
20 B 168ms
96ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5296299607446345207&x=1&ct=77

Requested by

Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame C2D7 3 KB
1 KB 87ms
86ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/window_focus_fy2021.js

Requested by

Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:08:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52576
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:08:07 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame C2D7 20 KB
8 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:08:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52563
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:08:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C2D7 181 KB
57 KB 351ms
256ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57781
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692618714633496"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Aug 2023 04:44:23 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 678C 624 B
506 B 99ms
96ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNU4fJ4DBUBNM9fTj3L0TF3iUZ00fJtAd3oMN8Lp5eCrjIleOXl7YSNQOOBUqW8c5nJMIPWiVNEmTQfR_06_bDTofwqciXyMW5JziPmiK9Z2r6AHm6FxKh2gvVyTTLQFy8mRyO-FzP0qKUbPoyFaIu8t_0J47440PS2X2XfjAdZmZxc0fOU

Requested by

Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 04:44:23 GMT
expires: Thu, 24 Aug 2023 04:44:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E3EA 86 KB
29 KB 332ms
263ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 24 Aug 2023 04:44:23 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E3EA 42 B
63 B 167ms
99ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AhSCN1WsjOiwtDoIi4jyE735789NFdmERFkRSABEpeYBJD-NY6RGPnJhMfLsaARdXvDqo3bM0b_33uJCrT74aP2F24R3DTzpI-HgP56V5yr204Nec

Requested by

Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E3EA 0
20 B 167ms
99ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=41534760017471456&x=1&ct=77

Requested by

Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame E3EA 3 KB
1 KB 86ms
84ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/window_focus_fy2021.js

Requested by

Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:08:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52576
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:08:07 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame E3EA 20 KB
8 KB 76ms
74ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:08:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52563
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:08:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E3EA 181 KB
57 KB 271ms
179ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57781
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692618714633496"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Aug 2023 04:44:23 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0FD4 624 B
506 B 103ms
101ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjW7bvGATAB&v=APEucNXLSjmcmYqLq8g1YPOFAAFPC4P51d1kEUhCjLnTDkl8OCDRFRM2SdKGDaBNCnWS2MOLX0lEhR0QAuqcNL-LvjzSTme97N__X-u230FEtDrplcWw6uoKOE3kBdNuBcekqYjYO6uyAuc4JQ0yJUUPEDklEV3YPUvucTsfVQsC0bihduVCjPk

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 04:44:23 GMT
expires: Thu, 24 Aug 2023 04:44:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 25DE 86 KB
29 KB 392ms
336ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 24 Aug 2023 04:44:23 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame 25DE 3 KB
1 KB 81ms
79ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/window_focus_fy2021.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:08:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52576
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:08:07 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame 25DE 20 KB
8 KB 74ms
72ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:08:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52563
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:08:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 25DE 181 KB
57 KB 279ms
200ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57781
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692618714633496"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Aug 2023 04:44:23 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 25DE 42 B
63 B 154ms
99ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CWM-bNnKHRq4_GAHHzvxQG_13O9HZOznHTyctxN2mCjTifGHX-zyUjylhXE_v5BMbazYJxs5bSehh1QSYdxVo9cEDncHjdBzFfyCrKDGwwv2Yub9o

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 25DE 0
20 B 145ms
91ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=951578651274808983&x=1&ct=77

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DD12 624 B
505 B 101ms
99ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiKo7vGATAB&v=APEucNXc2nTouq3fafkIxJFlNx2c4NNEe-pGg17EeU5PflK71HS4dXLqDtBA85UPDAhxq6R78tQwSDphI3pRCPcuBes9NbXAvBq5zS0cJaTMGKCEsKkJftjgp5X8GdNzbJLkwpKzPf_w3jyHOUdR7UEVYzKTcK8uSAnNNdCox2At3T7DUccT14A

Requested by

Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 04:44:23 GMT
expires: Thu, 24 Aug 2023 04:44:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame F468 86 KB
29 KB 348ms
297ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 24 Aug 2023 04:44:23 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F468 42 B
63 B 146ms
95ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AIQqI933qtB1EmW7l0Np_EzPpOdNDAwvxUhmsuFcdsGogdAvp2Qe1hF2x0WWXjicuA_LOjh0wXmIeKG90PtnlCpQJV26FqgHhTUAn7SvyOoA9H9ms

Requested by

Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F468 0
20 B 146ms
96ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14371588974816953992&x=1&ct=77

Requested by

Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame F468 3 KB
1 KB 85ms
84ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/window_focus_fy2021.js

Requested by

Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:08:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52576
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:08:07 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame F468 20 KB
8 KB 77ms
77ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:08:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52563
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:08:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F468 181 KB
57 KB 237ms
162ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57781
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692618714633496"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Aug 2023 04:44:23 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9C2C 13 KB
5 KB 70ms
65ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a2zapk.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2510
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 04:02:33 GMT
expires: Fri, 23 Aug 2024 04:02:33 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A45C 829 B
1 KB 206ms
69ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bd5fb0009cf07b385a1a689f9e2ecf92025d6b0ad9bc1aa545ce077657964bf2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-a23dvnwribjWLZhg3mIaGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://a2zapk.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 535
content-security-policy: script-src 'report-sample' 'nonce-a23dvnwribjWLZhg3mIaGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 04:44:23 GMT
expires: Thu, 24 Aug 2023 04:44:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5EE8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBIoDrDuBAcL4d_vmBP5t58&google_cver=1

43 B
766 B

41ms
35ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBIoDrDuBAcL4d_vmBP5t58&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwtPDmAEwAQ&v=APEucNUDM0Ej39mpgTR1HIFMrBMxSq_NBqmxbrFPhezLjshsorseB1HBmJUvgJON0y2hjs7OlewCPFIa2FCzdF7K_IkKrtfkhzJfnV0oqWeKFk7acE2-4o2ARH_LkUl3CfPM2lK3VwSywpFYUxKlSpKTUQsadGk600Jjf_fn7DesqzxAQexzkOs
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 04:44:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBIoDrDuBAcL4d_vmBP5t58&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5EE8
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZObgJ.vsJFLqxNOtcmrG0QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFYGF0f6xSE2dUJLmwXV3Bs&google_cver=1&google_hm=2

43 B
632 B

41ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFYGF0f6xSE2dUJLmwXV3Bs&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwtPDmAEwAQ&v=APEucNUDM0Ej39mpgTR1HIFMrBMxSq_NBqmxbrFPhezLjshsorseB1HBmJUvgJON0y2hjs7OlewCPFIa2FCzdF7K_IkKrtfkhzJfnV0oqWeKFk7acE2-4o2ARH_LkUl3CfPM2lK3VwSywpFYUxKlSpKTUQsadGk600Jjf_fn7DesqzxAQexzkOs
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 04:44:24 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFYGF0f6xSE2dUJLmwXV3Bs&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 5EE8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEC7KYZmHhOZrbXlv7ASb3Tk&google_cver=1

43 B
845 B

40ms
36ms

Image
image/gif

37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEC7KYZmHhOZrbXlv7ASb3Tk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwtPDmAEwAQ&v=APEucNUDM0Ej39mpgTR1HIFMrBMxSq_NBqmxbrFPhezLjshsorseB1HBmJUvgJON0y2hjs7OlewCPFIa2FCzdF7K_IkKrtfkhzJfnV0oqWeKFk7acE2-4o2ARH_LkUl3CfPM2lK3VwSywpFYUxKlSpKTUQsadGk600Jjf_fn7DesqzxAQexzkOs

Protocol

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
an-x-request-uuid: 418d0570-f95e-4cea-9b3d-aea24ddcb536
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 193.32.248.245; 193.32.248.245; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEC7KYZmHhOZrbXlv7ASb3Tk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5EE8
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE0MDcyMDkxMjUzNDQ2OTI0MQ%3D%3D

170 B
232 B

109ms
108ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE0MDcyMDkxMjUzNDQ2OTI0MQ%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
an-x-request-uuid: f67649e1-9703-4b68-af9a-38174589f47b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE0MDcyMDkxMjUzNDQ2OTI0MQ%3D%3D
x-proxy-origin: 193.32.248.245; 193.32.248.245; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 340D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIx1oqiC2ETclrED4Bjh658&google_cver=1

43 B
632 B

37ms
35ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIx1oqiC2ETclrED4Bjh658&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj3oLvGATAB&v=APEucNW8BJfHkrxn98ZrpMcV7ajbqW-dBkX-JBSaddYAoc8U3O0Wm94b4nDTDjZyG89Y5OACNLiPcJJSsm1HN5tmPFV9Mw7gKC4mEYTs931kgFtk-MqQO4UbpaAJ1wnWPycWStN974tmd07I1zkIafXnhtBSD2TXcoTKptpaGcKf4VQfscCtlXQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 04:44:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIx1oqiC2ETclrED4Bjh658&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 340D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZObgJ5m7QuqjTjt7HE8XHAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFYGF0f6xSE2dUJLmwXV3Bs&google_cver=1

43 B
766 B

40ms
39ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFYGF0f6xSE2dUJLmwXV3Bs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj3oLvGATAB&v=APEucNW8BJfHkrxn98ZrpMcV7ajbqW-dBkX-JBSaddYAoc8U3O0Wm94b4nDTDjZyG89Y5OACNLiPcJJSsm1HN5tmPFV9Mw7gKC4mEYTs931kgFtk-MqQO4UbpaAJ1wnWPycWStN974tmd07I1zkIafXnhtBSD2TXcoTKptpaGcKf4VQfscCtlXQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 04:44:24 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFYGF0f6xSE2dUJLmwXV3Bs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 340D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFNybJtJO7iiqV-e6MrPKZQ&google_cver=1

43 B
847 B

39ms
38ms

Image
image/gif

37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEFNybJtJO7iiqV-e6MrPKZQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj3oLvGATAB&v=APEucNW8BJfHkrxn98ZrpMcV7ajbqW-dBkX-JBSaddYAoc8U3O0Wm94b4nDTDjZyG89Y5OACNLiPcJJSsm1HN5tmPFV9Mw7gKC4mEYTs931kgFtk-MqQO4UbpaAJ1wnWPycWStN974tmd07I1zkIafXnhtBSD2TXcoTKptpaGcKf4VQfscCtlXQ

Protocol

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:24 GMT
an-x-request-uuid: 6f4baa52-7a07-40f6-9327-290c12a41aef
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 193.32.248.245; 193.32.248.245; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEFNybJtJO7iiqV-e6MrPKZQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 340D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE0MDcyMDkxMjUzNDQ2OTI0MQ%3D%3D

170 B
232 B

110ms
109ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE0MDcyMDkxMjUzNDQ2OTI0MQ%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
an-x-request-uuid: f39fe68d-0ecc-4a8d-9883-36852e2266f9
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE0MDcyMDkxMjUzNDQ2OTI0MQ%3D%3D
x-proxy-origin: 193.32.248.245; 193.32.248.245; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8FE9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIx1oqiC2ETclrED4Bjh658&google_cver=1

43 B
632 B

40ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIx1oqiC2ETclrED4Bjh658&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNVmSBMFrOatpqov2JAKfSRufuwesxSLgHzzNXBkF3x0ar_0zFiBYi4OTUZuol71aBHx1XgL78uja6KZDpE8gI7bSavZd8IY7mlaWhCUxiV_oBeyg2tqlcJCUMfkdiadZCKb0chyaOMtRbZEZhS0rMwU_r2aAeSRO9rb97iyYt4Vx8ifCn4
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 04:44:24 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIx1oqiC2ETclrED4Bjh658&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8FE9
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZObgJ5m7QuqjTjt7HE8XHAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFYGF0f6xSE2dUJLmwXV3Bs&google_cver=1

43 B
632 B

42ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFYGF0f6xSE2dUJLmwXV3Bs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNVmSBMFrOatpqov2JAKfSRufuwesxSLgHzzNXBkF3x0ar_0zFiBYi4OTUZuol71aBHx1XgL78uja6KZDpE8gI7bSavZd8IY7mlaWhCUxiV_oBeyg2tqlcJCUMfkdiadZCKb0chyaOMtRbZEZhS0rMwU_r2aAeSRO9rb97iyYt4Vx8ifCn4
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 04:44:24 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFYGF0f6xSE2dUJLmwXV3Bs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 8FE9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFNybJtJO7iiqV-e6MrPKZQ&google_cver=1

43 B
848 B

51ms
51ms

Image
image/gif

37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEFNybJtJO7iiqV-e6MrPKZQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNVmSBMFrOatpqov2JAKfSRufuwesxSLgHzzNXBkF3x0ar_0zFiBYi4OTUZuol71aBHx1XgL78uja6KZDpE8gI7bSavZd8IY7mlaWhCUxiV_oBeyg2tqlcJCUMfkdiadZCKb0chyaOMtRbZEZhS0rMwU_r2aAeSRO9rb97iyYt4Vx8ifCn4

Protocol

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:24 GMT
an-x-request-uuid: 681ddbf2-1ceb-4aa3-83e5-6c0e27cf9a4f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 193.32.248.245; 193.32.248.245; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEFNybJtJO7iiqV-e6MrPKZQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8FE9
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE0MDcyMDkxMjUzNDQ2OTI0MQ%3D%3D

170 B
232 B

110ms
110ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE0MDcyMDkxMjUzNDQ2OTI0MQ%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
an-x-request-uuid: 5dee30c8-8351-45a8-81d1-55eea5cc677d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE0MDcyMDkxMjUzNDQ2OTI0MQ%3D%3D
x-proxy-origin: 193.32.248.245; 193.32.248.245; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A58D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOvXVW9zqdnZ9tkqAzXASyc&google_cver=1

43 B
632 B

42ms
35ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOvXVW9zqdnZ9tkqAzXASyc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNVVk1uPZB_28LuhhqJ42r8EmPVQzsUagGo0HG-coxMM6DyaoYItBqvFORZIu1AT0HNntzDEGcPxKxpB43E2pBdq_uV_UlCwgUiwY-ydr0Dq35L96AJXctxaxVV0ihR9iq5Jaa-f-PDuGRhUeCwtCmq5QLSuOnIkNySKwZmE1Yj9csAa4Hw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 04:44:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOvXVW9zqdnZ9tkqAzXASyc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A58D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZObgJ.vsJFLqxNOtcmrG0gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFYGF0f6xSE2dUJLmwXV3Bs&google_cver=1&google_hm=2

43 B
632 B

110ms
32ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFYGF0f6xSE2dUJLmwXV3Bs&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNVVk1uPZB_28LuhhqJ42r8EmPVQzsUagGo0HG-coxMM6DyaoYItBqvFORZIu1AT0HNntzDEGcPxKxpB43E2pBdq_uV_UlCwgUiwY-ydr0Dq35L96AJXctxaxVV0ihR9iq5Jaa-f-PDuGRhUeCwtCmq5QLSuOnIkNySKwZmE1Yj9csAa4Hw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 04:44:24 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=495
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFYGF0f6xSE2dUJLmwXV3Bs&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame A58D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPZ9AvoTe0bZF9DdR0BzOKU&google_cver=1

43 B
846 B

43ms
40ms

Image
image/gif

37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPZ9AvoTe0bZF9DdR0BzOKU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNVVk1uPZB_28LuhhqJ42r8EmPVQzsUagGo0HG-coxMM6DyaoYItBqvFORZIu1AT0HNntzDEGcPxKxpB43E2pBdq_uV_UlCwgUiwY-ydr0Dq35L96AJXctxaxVV0ihR9iq5Jaa-f-PDuGRhUeCwtCmq5QLSuOnIkNySKwZmE1Yj9csAa4Hw

Protocol

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
an-x-request-uuid: 1272341f-91a0-4edb-a84a-2045f3eb7b0a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 193.32.248.245; 193.32.248.245; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPZ9AvoTe0bZF9DdR0BzOKU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A58D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE0MDcyMDkxMjUzNDQ2OTI0MQ%3D%3D

170 B
232 B

107ms
106ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE0MDcyMDkxMjUzNDQ2OTI0MQ%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
an-x-request-uuid: 8133b09d-540e-4934-ae9c-bb22eacd6b96
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE0MDcyMDkxMjUzNDQ2OTI0MQ%3D%3D
x-proxy-origin: 193.32.248.245; 193.32.248.245; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 678C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFYGF0f6xSE2dUJLmwXV3Bs&google_cver=1

43 B
632 B

37ms
35ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFYGF0f6xSE2dUJLmwXV3Bs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNU4fJ4DBUBNM9fTj3L0TF3iUZ00fJtAd3oMN8Lp5eCrjIleOXl7YSNQOOBUqW8c5nJMIPWiVNEmTQfR_06_bDTofwqciXyMW5JziPmiK9Z2r6AHm6FxKh2gvVyTTLQFy8mRyO-FzP0qKUbPoyFaIu8t_0J47440PS2X2XfjAdZmZxc0fOU
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 04:44:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFYGF0f6xSE2dUJLmwXV3Bs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 678C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZObgJ.vsJFLqxNOtcmrG0gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFYGF0f6xSE2dUJLmwXV3Bs&google_cver=1&google_hm=2

43 B
632 B

41ms
41ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFYGF0f6xSE2dUJLmwXV3Bs&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNU4fJ4DBUBNM9fTj3L0TF3iUZ00fJtAd3oMN8Lp5eCrjIleOXl7YSNQOOBUqW8c5nJMIPWiVNEmTQfR_06_bDTofwqciXyMW5JziPmiK9Z2r6AHm6FxKh2gvVyTTLQFy8mRyO-FzP0qKUbPoyFaIu8t_0J47440PS2X2XfjAdZmZxc0fOU
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 04:44:24 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFYGF0f6xSE2dUJLmwXV3Bs&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 678C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENfgSWD62DKyMk4ctVgEMQE&google_cver=1

43 B
846 B

39ms
37ms

Image
image/gif

37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENfgSWD62DKyMk4ctVgEMQE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNU4fJ4DBUBNM9fTj3L0TF3iUZ00fJtAd3oMN8Lp5eCrjIleOXl7YSNQOOBUqW8c5nJMIPWiVNEmTQfR_06_bDTofwqciXyMW5JziPmiK9Z2r6AHm6FxKh2gvVyTTLQFy8mRyO-FzP0qKUbPoyFaIu8t_0J47440PS2X2XfjAdZmZxc0fOU

Protocol

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:24 GMT
an-x-request-uuid: 57c91421-781f-4ffe-afe8-37d8436ae8fb
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 193.32.248.245; 193.32.248.245; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENfgSWD62DKyMk4ctVgEMQE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 678C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY1MTYyODQ4NDA4NTUzMDA4MA%3D%3D

170 B
232 B

124ms
124ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY1MTYyODQ4NDA4NTUzMDA4MA%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
an-x-request-uuid: 9e481623-f51c-47f2-8eb2-c3ef582540a8
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY1MTYyODQ4NDA4NTUzMDA4MA%3D%3D
x-proxy-origin: 193.32.248.245; 193.32.248.245; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0FD4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFYGF0f6xSE2dUJLmwXV3Bs&google_cver=1

43 B
632 B

38ms
35ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFYGF0f6xSE2dUJLmwXV3Bs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjW7bvGATAB&v=APEucNXLSjmcmYqLq8g1YPOFAAFPC4P51d1kEUhCjLnTDkl8OCDRFRM2SdKGDaBNCnWS2MOLX0lEhR0QAuqcNL-LvjzSTme97N__X-u230FEtDrplcWw6uoKOE3kBdNuBcekqYjYO6uyAuc4JQ0yJUUPEDklEV3YPUvucTsfVQsC0bihduVCjPk
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 04:44:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFYGF0f6xSE2dUJLmwXV3Bs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0FD4
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZObgJ5m7QuqjTjt7HE8XHQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFYGF0f6xSE2dUJLmwXV3Bs&google_cver=1

43 B
632 B

111ms
32ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFYGF0f6xSE2dUJLmwXV3Bs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjW7bvGATAB&v=APEucNXLSjmcmYqLq8g1YPOFAAFPC4P51d1kEUhCjLnTDkl8OCDRFRM2SdKGDaBNCnWS2MOLX0lEhR0QAuqcNL-LvjzSTme97N__X-u230FEtDrplcWw6uoKOE3kBdNuBcekqYjYO6uyAuc4JQ0yJUUPEDklEV3YPUvucTsfVQsC0bihduVCjPk
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 04:44:24 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFYGF0f6xSE2dUJLmwXV3Bs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 0FD4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENfgSWD62DKyMk4ctVgEMQE&google_cver=1

43 B
845 B

31ms
28ms

Image
image/gif

37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENfgSWD62DKyMk4ctVgEMQE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjW7bvGATAB&v=APEucNXLSjmcmYqLq8g1YPOFAAFPC4P51d1kEUhCjLnTDkl8OCDRFRM2SdKGDaBNCnWS2MOLX0lEhR0QAuqcNL-LvjzSTme97N__X-u230FEtDrplcWw6uoKOE3kBdNuBcekqYjYO6uyAuc4JQ0yJUUPEDklEV3YPUvucTsfVQsC0bihduVCjPk

Protocol

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
an-x-request-uuid: d8d2c016-1927-45d9-8f36-4ff12f4afa36
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 193.32.248.245; 193.32.248.245; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENfgSWD62DKyMk4ctVgEMQE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0FD4
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE0MDcyMDkxMjUzNDQ2OTI0MQ%3D%3D

170 B
243 B

105ms
104ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE0MDcyMDkxMjUzNDQ2OTI0MQ%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
an-x-request-uuid: 4742ba61-92b7-4653-94a4-8b742ff575ff
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE0MDcyMDkxMjUzNDQ2OTI0MQ%3D%3D
x-proxy-origin: 193.32.248.245; 193.32.248.245; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DD12
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFYGF0f6xSE2dUJLmwXV3Bs&google_cver=1

43 B
632 B

44ms
43ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFYGF0f6xSE2dUJLmwXV3Bs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiKo7vGATAB&v=APEucNXc2nTouq3fafkIxJFlNx2c4NNEe-pGg17EeU5PflK71HS4dXLqDtBA85UPDAhxq6R78tQwSDphI3pRCPcuBes9NbXAvBq5zS0cJaTMGKCEsKkJftjgp5X8GdNzbJLkwpKzPf_w3jyHOUdR7UEVYzKTcK8uSAnNNdCox2At3T7DUccT14A
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 04:44:24 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFYGF0f6xSE2dUJLmwXV3Bs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DD12
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZObgJ5m7QuqjTjt7HE8XHQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFYGF0f6xSE2dUJLmwXV3Bs&google_cver=1

43 B
632 B

68ms
34ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFYGF0f6xSE2dUJLmwXV3Bs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiKo7vGATAB&v=APEucNXc2nTouq3fafkIxJFlNx2c4NNEe-pGg17EeU5PflK71HS4dXLqDtBA85UPDAhxq6R78tQwSDphI3pRCPcuBes9NbXAvBq5zS0cJaTMGKCEsKkJftjgp5X8GdNzbJLkwpKzPf_w3jyHOUdR7UEVYzKTcK8uSAnNNdCox2At3T7DUccT14A
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 04:44:24 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFYGF0f6xSE2dUJLmwXV3Bs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame DD12
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENfgSWD62DKyMk4ctVgEMQE&google_cver=1

43 B
847 B

37ms
36ms

Image
image/gif

37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENfgSWD62DKyMk4ctVgEMQE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiKo7vGATAB&v=APEucNXc2nTouq3fafkIxJFlNx2c4NNEe-pGg17EeU5PflK71HS4dXLqDtBA85UPDAhxq6R78tQwSDphI3pRCPcuBes9NbXAvBq5zS0cJaTMGKCEsKkJftjgp5X8GdNzbJLkwpKzPf_w3jyHOUdR7UEVYzKTcK8uSAnNNdCox2At3T7DUccT14A

Protocol

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:24 GMT
an-x-request-uuid: 5055b086-b98b-4f4e-b27b-376bf9cb43d3
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 193.32.248.245; 193.32.248.245; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENfgSWD62DKyMk4ctVgEMQE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DD12
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE0MDcyMDkxMjUzNDQ2OTI0MQ%3D%3D

170 B
232 B

108ms
108ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE0MDcyMDkxMjUzNDQ2OTI0MQ%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
an-x-request-uuid: f8b7ac5b-d2a6-4a3c-910a-458c6495faba
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE0MDcyMDkxMjUzNDQ2OTI0MQ%3D%3D
x-proxy-origin: 193.32.248.245; 193.32.248.245; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js Show response
pagead2.googlesyndication.com/bg/ Frame 9C2C 37 KB
14 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:57:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74801
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14636
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Aug 2024 07:57:42 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A45C 0
0 189ms
187ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308170101&jk=1334174101539628&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5745 0
20 B 138ms
131ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9647013791957&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5745 0
20 B 138ms
130ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9647013791957&version=m202307240101&ct=76&x=1&cor=11856948659799253000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5745 96 KB
39 KB 98ms
98ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C86-ymDqKq8B7Zz2Y4GqQMVv0fX0z3tHdXVkaXwTRGLShz1Ik9NLxhanTlujNIRVWx-CYrAWaCia3TXP3ULuzV-Ah_9Q&cry=1&dbm_d=AKAmf-DooBaq02o6bNwz964U7SoufB3DylQoybrPuaanl05zdASU5-13A0DpjENfBuDOspZv7hpOSXNNB3233-qfXKDM_IXrhdbSiWrGU88F0WsywZNIVphk2QzZym6mGhj1ou7tX1VmgCbv1pJgpzb6DgDHpnuFxUSH2Ib2ekSCsBDq37_pKul2SdA3hBeQSKW7WivB4Bpil1zqNTlLsUZzVli8dZmJtu9rVu6jTG4QtEzuwx1HNFASOrnvdG8N1zwNykLIV4jiDgpeU9arP9CAk9gKXs1GXJkgNuzTzAcKY8QeOteRjcwjreeQ8feO5Jg2IkpoGdT76-kyEiapFru-IDJo1JqF1AmIEcdf1D4OIXsae-RNINmKQyrT5HSAk_Z6eUPO0AmQesPwtmDaiVIwJ1XPwhBRN2yF6CSu85S72PdrfmPJWkYhIQ6w2Fm0QAgFvgTUuTxhHCZdf3OBPbqCIBdNP7BDd9xmlQ38MzmcINqmD8Sn8nzio2hjPQEnOXJuBRfvkQVotBF4U0-N156-Ch2QRY7N_0RE0uwGKKlPDgUHYEZL7xj5FODnyfHaUNV8r3PUUklodP4OxxqOm9dOeZXKX-MsR4EtTT-AOY08DRDvSwEVCLs2YnliRJ_P9iZDH00w1SDrps9fB_GxoMlafrQ1rVabxyMM1vjtPO4WBTqRUIuNS63J8-VwS8L3zpuRkd2LBZqPQsU7-Q9CaHrbDxSuL1m2vyhE9IgVjDlL_as41_tZn_9zpcfreil-LuTFSGYG9ywIDhKGBNgXqvwUG4oSEFYxpctfY4NTn5ucb66eqLS9P7ZUJYuj65jPfP3e1D9D1NMktrkGty_h8L6kmEqMxNube9fvDP4wUrW5WExxk8HOkMnboX1NgN1EMBCNkNgwtSkTauyug4qlbP7CJsW77bt54bxKspQkKsQp8XTZCZtUafrV6iM-BtL4TqslYlhtS_W5_p3VU5YhdPwZ3hyq3YdvLv8ANg6lHdFXS_41m8AFun0NJNDsvpXqw01kV-DLXf0WAx3pmg_uzIiRYCm8T3yqeo3MxmCGBerPSEjMgKP1O2mxwY9hIKAZsoMs3ky-_gSSY8NFsj229XH5cowe_WoBsXBgIZBVBo_iL820k3MX1zuhrxuKOQ1ZDJJ1u6jwOZs_Nd2Y6YrGQ9jIXfpzDsJb1GnMzPme2u62L0DHqpRd6OG2Gzi3ZIa1HASPm2c3Ce-77V6pTUxxKvH1Mn-MkhIjc_myD4cmDpEu2f0v_DxmzhwcXxSlWZA8bpbL2ibzvfQnZueZvpcqdSfXrAGpDJR29z6G6D0kgIBPQVRH0TqtzIy4XSRIEWc9Jea1oycUop4esOsqW7GFA5rGad_KdeTEo--8JrHGXFIFVnOguY_51CAbL6eyzrguRkHP2XrXxFIrAyrlmnwu5IHZ6r6yK6FREQwN4weS6qIQ_rEbQPa_Uq3B5KBz5IYzTrhLhFruo4q6EfN1zl5LTF6xVnbI4syDdI2_fap6t6o6zCpmIXgKrHxXPY7wWdvts1yf0l2SAPSjy_xyAh5TvoIsZnC7_fZ_2knppV7_Lvzf2gKsuQ5MPfr-GHcTqcT2ZaIU7xNs-XpnzHvPfWAoe3FOM0lte8LDeYibwX9TP-qeoYfaAR8risevx5gU_4H2vMDhWuP9w7wOSHwuxUMm0BJ-k7VmTpB7e-bGviXLWSZ7D3ga-566yuF3m4GRt-ys32cF5eL_hXfbTx5gwRsi-ESFg8JbiEpXadOeI4KKfSXKOXVXoURlnCb8d9s6oOo6Ll1z5lUClqw8rocRtH8MEv1pU5Scctj0iBDGqzbyk4qR2DQRYd5p314QuDIiGGO3fVfK7Y-m-kXVEN_TG3hFLpXdSEbDRQx7jPxA-7QMxMgxT_4YRmZVySY6iwb1OcXNO6AjhE47xqNaM0YFVJmq7dTwVQXjDs-8rnBBJBGxa9hPC8DT2_7ZRrVqZwmXHAtrWYMG4nNrvbfO2EP-QyRulhJtJPzYwVzFTzq5FX5gKV7ps9pfk_TGhgrypD2ypfKEgvfUSIRJYPiK_D6rbI9OAOdgJVyZSPp7VK4OfBYubaqBAQbpdRBhPT9NqKmU7g_At2n9oZvzzinIMKdwa7wl6YC-jcfYV4sk2eF5sy9ZzTa2AUY2YLCt7K3XZpN4m7wlDEInN__dXiEibJhQNSlALsuoM9ILjLJ8kVGLUnCy-GIAKkejzR0NHDTPy8znac8HJ0-CnU2HHnm7N0jZlBCRcF_dDCd6I1O-jmE5e_RBV9jAYdk4B3bERLhfR4dLNW4R9Y5MhM2smK-SEdnKlvAyCcN6zIc90JYOhSc3kutZGyZqx8dOqSNQzg4p7Or7jCEqZugShmzmLVLkoqL1l0_gI2yFtdSE4R_g4SV16nhTQp6j2YAgaEMdq79FYVq2QQ_X30Q1bRSqx1t2udxGAJ2WQAQUYpJlaNCJillFfIyg7wqpxh4iF6EcceW0ON7ganSFjEs4QOyxKM_8QdZjhtz4da6E9xzHEgzA_fEinhOE-slQHP1nv4xRaJENSOdlWtuzI0O6Mi9RuBoVmnItohSDae_YZMystGOUXLXytwigjIAWvc95vYeGx9fp2fZXffaTK7tJ0v-9AmSZLK_Jm6POZrOG2blNd6Kf8V1bUqTczZdO_hmtNqEDJ6ym4SEW-GCN_NUgh3aZCaPJ5uwXqaJ_2SbQwf_T6JfT_vT3FcCQvvf6abBT1LZRXUvWbEU7pvMsLTDAbZZOgnblV1DkIQlXtpJ2exTB-07wYEffL6czaLYREhYQNKAfKADHMWjrdHUm_FKdzgPoUCl66JnFlEzsCpB7sIfuX_TMtSG5fiw0-F6ZXi-rnRqjsgiEi273M5_7pVDinNNcNPkXNPMfiNlD0SkObcH_uJwVPdBVKd4ZOSlBjIpkj5R59vpiZnaghk-t6OyS9Tztvq6kminyl2i0Ru-FYb7nChvbYDo0HvEtZErwxz7Es0mAsFbc0PUrVi1syP8tweIFEDVDWaicA-bRhe6VcQHiKIQNsAegYl2qMBHws0SOncPxL1WTBpzec9KfyhVjD8Yv8zt4l_4GSQMrM6GDqnodFj2zf1OgpdBeKd72D6BAsu2B3fo42qQHgS33KyXaaL0dzY-wexttMQy7h8N6QXiNYd4gqACisn80iI5gQ2XLZYNSQ456bi7uCyaC6uYBnfzunGD24X9YDwlB0KbMNKu26BOVVuLS0P8Yqgix98VhjmYavqIDXtzNtu6TnFIFp9ZC0ZRnyw6A-XWdLheyLFwPvnvYbgRh19MVowHRFqmJJZCsOq6oZLvEHulaLaGqeA4bIxZrUdncZNaaSphNOqqqpujkFYZlTTaUtARVkkgA4cUxR1V0IT48KQtgi_oDIReTh9MT-ZTz7X5I5rP44O2h-KKi2Llm6uuyhqe4sS6syP-3yf1MwPOdpw_HUX4xORHcLiV91I9IX7M2vSbrRq2EUl7VFbGKsUXK_WTPtpT8kCmOLDEI9Wkyr21RVzUGD8mHjLYqYnaav7FVz0nKK7IHy6D0MuW3FK3CtQJcoCayVQ5hSVVPNhH2FHSygVIfTqT9MAwMuaWeePqGvcl9iqYCS931Dw&cid=CAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=11856948659799253000&adk=2124396030&idt=343&cac=0&dtd=62

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

845f9d847395981696cd5f4711c77adbca30faae057d24cbdf4b89216fa47430

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39690
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C52 0
20 B 110ms
90ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8071095380831&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C52 0
20 B 109ms
90ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8071095380831&version=m202307240101&ct=77&x=1&cor=114898442525193120

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2C52 15 KB
11 KB 107ms
86ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AsO_VFS0hcq8SCmraezYk6bd2Awn8lryZy8KNKValCrOhgQxExJDVQ-8HQY_XdrZQft-bnhHhpwZxU0deaz2Tm_kMsEe9ebvbtZidabFVf-p0aLueT8LybsvlY6o2_44ZVzWqSeO_je1wipCD_vpoaaZ19scBU0TvJU2dd3lrDUIRKywc&cry=1&dbm_d=AKAmf-BxGV4CKv_79p1m26QrIBt1cniz6KGI4s29UcaeEH-p-NWckKqcmXFsoyD05NIfU2DX9VnYHGfp8jC-mhVdrXBKj-C3gd5NkCDtSdQnUAkIq0kKcfpnj3suqrM7eFbnv7VBZSk1W3JrJDO_4EAmL2Eq-QuR30UWU4RyB8FWNnBw0FcWuhsP3HVrekY0WlenklaW9NLFIMXM7pFa8vkINr316AeZxM9O-qb4hE02_RzftHdAqvXwieVVIEIRDbof6J7JWySY2T75rNfMCCI4d2__V2LUiA6Jw0_iWqjUa2EQVBKsRV83xPCsBf2RaAmhXiGtKCNDarEbEq8rFeXZqlN22elY2tdC2ogkjutG0DlBTLSL-3s5uPjTmL_T-ObzPHEANKk2nHVnD_U78Ur8oMZIR6CIwkANUZvrXpk2_GX3Itzycck832q4r8o9SsjqZVO2Hmk-gK9Xre2XS3FxBn0_sZ6r3ObPcNRKY2NtNnC7kJkiWuYj1ZZ4ZXH4BS9hMSwCxF3TcJKUh3Zd3F1jJ5ghqqxVF5Fsey9fMbR1Wv-YZsBxXUtuaCaGXg2-6YKkDH3F47NRFcMtjLm0xjcNy8s7VWm359aY3hdszl2hLjDt3JNdiXQrReKu1Rall-OolOsXa_HPlelkKN50uzhkBkBr06e0xOh7fJxp0r-Nx_87zfR4qERCt-HLa81bBjCgHOC_iICkdkWomtcZwXcqJAfIowb8gqhUnyhR6dPsmQu0jBwUO7bHddFITNUOWI3IkKhMbQSaQ5ChDKmG_ST1acv4CeoqXfBTQbF6XkvYMu0l38UFxHKYFMrKW0-va535fDtguihpOArfKCvcXoPaLOEJpz6vvdrrnbaeIEv2ks2QkAo-f4kBXhVy8jG8w6y9oYJkZ8dW1NCN1HRvU3KvefMHmy3tdIbHUy9Qpd7N6MQD_Q_SdF5x762QWMn4idNTEJlB7ZiO-TG-pjkHBnThn8gylMGXLOs_SPkU3lF-0y4mZOZCgxwDfBL627qLsWS3Z6JGQJs2HnhM-HBa_rPePoV3Mqs8YTY8CEpozgp4Q-kMOYZoqqAMwr8dve_aE6rocMTe5-EkUIQeXuCexyKYXNAiKVyQNZXCmFhyrZt0tVonM3oVYkfrBXtZrP7m8V-wPgHpltQGxlnYlf2nfMjUcmkG58-g3pvt99cADfFz45OmEmFLye_KKucCsDlKgAwyYuWoFjLSG5ze-Sujv3qxS1knroCZeOA0er1rNBtVH1pEoF0YVrkogRda6s_f62kqodjCOpJlbOuTFOYgec5Ot6Av86wqAX8u0vfk-G32DkgcefNTxfUWu6fsW8bXkHVq8hL85cEr4gmvsX8ulbRxPBfrJ3oqfbpxE7j4-hZzgUkWG-SOE8eWZhBaonY7xmj2jA_TH6wakrlpgLE2GxFLfTlsM3CymopW1R-w2nTliqDRyH0F1hstsSimFjJ7V7vHoQ6oFwfDurWjk6tLrD9Qvhgac1zMNBlJwxQNIFDYF9WvMGNDPiFYXNtVIJFFw4OGIti6hdERunK7uESeSxv8046LkOu_EZf2Us5s11HhyU9lkV_BwkkIsho6pFxj2uZ383yPpOQO1fRpbHysUD12o8uJt2Y7fKKKDkKpaQYaVQqp8GR__Mrh8XpBv5BMJE0EmYDfjfDGT7tDmsTeSeTTXls4d_7e04Tt8P_gTjkpfnpDLQl0UeaqDgIXXvKOgTd0XX202Rmcf7m8pPfsxUwN1cbR_SUthK8qrfyeaHbbSG-HcMFhDsMDem30kdQFuPzI0ohl4Vhqw_hwWL6FczGOKiJvlcIbD-CcwMW8W698YmZoe6S2GdEXW2nGxnEiTxuMCzVkA46k89H9TZe-dmTAQu5WjCDGmjL3n2jclQp7ncvlEBaJfGXW2XraQ8rz5F3uXYQ1rLuM3fjpPTkP_JBMUKerwp2swGiTklfbSJIvQ-u3vxg36JbUX-KVLJV5OU_KuwDK9qeqoYQPk2MT6vNJTrwVFBEqwOqb7viSqnR8GsC68oHm3hLy9PIEeBmOTMtzNKjknzms7uWgKe18rw0mUiaYlKjFBmbRGGY533JfFlLf2nm8c0yhbPHf2VSxq_WZ1eN2rzXrASmVUM7nyttrcUjbLfJUhvIl8ZwSjB6tc1S8IUVAWflWJ7wBpIRabGhxwL5ZThaMPd9XHxILF-LzaJCXeBaAtEQFh8ryLQtV4zI_HUQJ2kYjM2SkC2pc26VSou4BZCchE187zSjFE25DFAq70ISbsB-yyLvwfi3w6rGZuoSu7E09Tk6YrORcClvSEfCn0_7gHRTr4PeRgwEo2UFXF2SNiiWjBk8srebEJyUcCl8tiwxA1ii5XTaUQC0zwYknPrlHuH45ltm2z4du5mr0kxuGVQzg7UGndV73ri5bKyAOvvc4TFW9Yh0uGEIChybdAa4Z_x-bpkOYtg_0GQm8a2debP8O6CoIFkWWxM6zFI5K0Naqqrl43_P93zM54NA4BiFWuZEmwjWQpv4xeDOwetODZWXorf4yaJnJOrENujvqi23mwQuH0otZhiixhkisxaMxvfjNDC1Ttev9P6Px-QPD04ppNmRPkSJYzFxmkFAnVAur-XVanfYIXVT7tf05p5JI13MDZa_uwuktEj-TXmsJJ5EeoXkVUrm2YOFv8oE85iwdh34puBXJVo86g5ewNIDQtOu2lAKBp5a9EQwSglKfGAjhHElk9Gq8lktjMD3LpqZuikeSzpjoRoUbqlPjMYzbcTvyiaDkB9UJlm0lO6lVBxrO_sWmcjUkLAso5TNNtMumFMV3ZUSqn3E8x72l0Zvu1Id-KJB2l7nMg5txQ8n7hZFwBSLjxCmeUVUPwfnuQzOKgRpENjeHYKQSTdFk5Mdd2HuM_ykExjXbWmuZJ10wnKKdO2fLtpaGrKv9UYIJK1XJpVZiU8LxvFIVss9UURZD-iRZevRjCKGHf0vXz2Gt7LfXosBHeVij0d6EF65A5olBvWdVGDzPfMad_1cD55DsR9fC-5FyVUoHg5MXRhimTvMRNqzZceSg3ibK-vGXmqrkvYUyh4uKembe5aPgPh1YuwJ5njFsLWqsFU4K-Akr66yqAtmwLuKqwcWfGpFuf54kzVREfQ-8x_vaDk9SO9LuRvKUTlHM8Zj4FNqq-HIpTUVWG6h5K0ilsxEREQCREGS3kLJD0QcqTBrrs-OYzNDp9MyxatXjGKReiUTpuDO_DJwPUxtJmggFXDlqyT_VCsPU4W1RmmtNu_Zw_Nm7Ojypcpogl1ctMYHJiAUaBZBNQq2KhMYp8sPTAB4RA6D3vPDeS2ZUsynDA2j73HQDRiBk57GwcedmTVtowHaXIhXPKyZE_SpfZb2bnc5mFwR8qR7EXHZCWyxhiU31m8i1hNsSu0dnxYNhROYfTgyK8mk4p1nGXVSjLIFJklkzdKPoAePaO9oGuBnkdsixOjUXMlHgWNf8nYRvNBPE_GuvW0mpvnx_qS0lpVmgMh-vwlI4p2XLsI3_z5GYWnu9EPKe0A_j8HJDljuZ8vsDiszCVyCPjk-UVvSdzP7gOuIyrP_Mwqlzfcc9VYnRkCBiJUrX4L1dYXNcbxZsFB0_9bqV1ybRow5LNKQq4oYfjIwEXE-6hhGlCtGu95lQnJIwerovaNSD09TWWIGDFAmvt3_bc2yZXQI4cOm0wfQFXIntl3PoPJczDXRKV-PUbK0R8PZve7NGFSFWFCSyNscLKSUg9gN7AP1M692VUejvpDfVaL4IOV05htKB1wQQ6P5YWNGVkABg7s8nEFaASARm6SQWiDugtYEBlnVBGCtGuTnwNMQZMkRF-6XLWRWLzCn0uPLnC4MDkZyC3xI76UBj24ZpqR-NcTp13NuN4262z5wRL6FeW6GhrdqZDMBBBc3-qK2zbHJQ50I3gfnkjYvsVlk3jHMeoA&cid=CAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=114898442525193120&adk=1964084972&idt=414&cac=0&dtd=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2813af943a0ba19932b9df7db6dea24cc9beaec4a3a8bf69fb5c145c112dc972

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11745
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E3EA 0
20 B 102ms
90ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8598084017264&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E3EA 0
20 B 102ms
90ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8598084017264&version=m202307240101&ct=77&x=1&cor=41534760017471460

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E3EA 15 KB
12 KB 117ms
103ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C7ExpqhjN8PX9ZDgt1O2aOGZ4K6tWIFHarjC1JjOCJEvH0QLU6Dq7u6f5oT-ZgGltEDs8S700GIissvaNZJ7VoZxF_7CHsINYrYBZtKZxM1NsClziYkMHBNUdwfhGWC-okqy9MfJFkoWWDbk3hfV57NeyhbbNvuHl5GwpMnAwG8LyPnGc&cry=1&dbm_d=AKAmf-CahcDLCrIdCtLpx_TsGfO3r8D72RGm2Bvi-mL9T3C44hm7WLwmU_uS6TK3sZJpc_pYvWzgj3qzd69fJf-rd1gyFtKdLPhYQPtETzGwsLqiMxqiPMlm_u66VsUexJlteBEw3c7GT3DJ1MNbhcHyunIDd8usMOrd1p2CsviLsZHcfe2xsic-qHOdDT79mKG7ymBrXbNyb0NtCIh89WQR7FoobtQB37iEWkg8xgkIUyyV4ZCxS0A2udNxjrAUB_4X1zqRQCKYpSvemby_N6psCaa86RGxIxewiw8JHrJka6EufP-7T1QbcRzwLiSKkP9Dz8RA33b-81l5T_-g44YrWIAt6a9fD32Un2BCb0A1ZiQJeeSGiVmNQfMQuPpi-9N20tnpo_Ko7O_eAziCKHb7g3Lu_u6AOXiwHPERSPr2O0_l-jPFOBwuxBk7SAJ6ff9LzdusSpJfwDkichQV6undj95zT3vWvntmbSeN8NOLp_yrCARTS1hxICJwZoGR3UEVg2K5j0PszRt_XQ2S3M7flxT8oQv2jqX9QRKuYEc5QvI2XxSbPr9Zmq0ZHh7u1VfGZ306XmWnKS97Kni4JvveSt6KkSxuB9R5Huz-v5VGFjJOrIuW6OiTThWE5QK1jQ37wbUbUv0YUQ_E_5KYw6tg0m1kQfEpvx7zZE3wuqdoptRpA9wJoLcAt2yBWQ_Z_7WK6cYhRdrrkzzHgXr8vpMMmHsjZWJbfjdVEcWyc8SL_JQprzkje-HEp2QIwT1ACOifmMjPUbRKWVCgQQchHWFge5EH3dtUrnSXJNxdNLQDKFHVwNbipaAw9c8MatoqdjrGagLWA7vFR06A2QU_TqDp6zQ5TSsUXU0FWA8WQ1iSff6XkDiloPMRMNjMt_BOlinDLlpqU54FWWyAODuxQm_-eAC0ofN0o5Lh7x2l4iuSkbblaId7VnxKp0xQWQqeQHrvLJyFWwbM0dp-k8jrEY-MPq_azYnJnr1NJxj_ZHRSxt1PWtu-Ntez1W5J5HbgIW7DAAy1EPD85yOGT5YY3Jl_1EDLEHeHoMEVHpe1-KOXsaYxzIOVb9p--MYfkZwXvnfjLavsMVZ_Ilpx3geHdCVE48H_pThyieEf54VIRhaMQpeoBB3EDqHymFt3iJwJE8wKArWXZ9-anNhXTvAIGKNkRWcpJMTERuL-FglHOO_yTwFlNQbWltfjUCu4MXQiSYtCbYpVRVIrkjsU_jv_ucT_96UNyuaxUOH4XjbPOcaLrNTYB3hmBAGrs4Kq2dub1VCarSAsfIMaQyda6pfqHXoiiZDTQWzNxY9E7GLO77pVfSycS-LnPC6CcUNLbw-lLatPpniBFKS8wZqkqpoXCidhp_0Gvw4vNSyrQi17DJaPZkYS8856WZRVcfXb0ySLJnqo0HndwiiKLafHlK9WDTc4Vp_J2YIl1PaRsAjgJ-iER7v06NBrHChJOEYrpfNNCqMy0GhizHuslkmcuUEPM6XLDODYgnV0IQcD4OBJzKKm9_gWU4c_pcae6OitfrNUvhOmQRyiDlFALr9bRg1H9Z2iOOlaC_gYKYjUIXywILqMQpETPHqs0IgSXZnoveHZh7sll2bHcxlUSctwG878oMq0CxELxOerqOJWO-Qr7D_mG0Yhdv8P0iiCZczxvTOssnLiZah09Ww5ilN1oGN8xRL43jf5m2D99ztrwdJvvliK0v-K6K7X7_EeT-5xbFkIXv17GyshkLiihm48-cVi-0IKFgpk4anQiKtxhKcUSNaTllu95YZ03gyI_iaZ9RbseP7x8ggeIgalimxXqVyS75ZPip4X8ag__8t2S-oZiis9N7Yu5_YNx_Ei_GKHA3f3_ErkfExXa-ZLwebg0Voj0ft10iEuNeP_KIhTmYKAh7qF5spHaTqg2Kiz_4XX_EK3ahL1OgZ3MnK8mU91rtQd4xhRBl_SfH0TVDgRiL-zKvVCmCk6I1vaC5Ll5VkBIzx7uZV35Va9JTG5kRSjsAa-z_hkGy9wapPs2qzEztPoKW97Kfehgs4ha4F_WARBmQkPOfy5uDbb30t18elNH4DAyHGMwmljydl4jL47b4SjdhOqj8eSndp5tBFvIlGboLP-KynQMn7YuVpoYZGS1l7H4Pphp5rDbb_yHkjaU_TQokC_PRpTq3QmYZfmRF6RcPPLEpCANvzX1YqBj7ba2eJTQiQp9o_LZ583U3u11lTmJtuyDOtixfDJzhFOyJ4J_7eE_FWrmqbDioKajZhiCFHlM9u5keVZyoHJ6HEjyAXNtrqhOmehtywzPLkm5l0q7M6wP4UHkwtoLftSWhcbrfTicwAlHpq_MpBuAK-6lEtt7wf4KREvLwOi0Ban9dwzM2VG_-2wAFoAIqdLbAgr9rsXEpoGynP0wLv9jeGPudx2CYA8CgH-2lS3L1dHmKu-YbMCATmJ4M-wEwiGqu0O3WPF_26AXr9-ijMMYIY_KrukM9p7A7mS2AWs_YP81eYMPvmwJ8qwBgGizitedfs_Twq3yTTAOiMtHjxikRBwZYS_Wn5nUzBb5dHXnMc-GNE9LZDyrcxDAe6tjnsIG2QpjQNCK942BGmqagk4Tylf3PoYpGppuDqhnJVRFiG2FcUm2YuuwzC1l6dMPuWTdyBhTqkube-w4zvY_RpVWQkSrfDLHJvtx2K7g-DPHmZfAhkWVuBGykLV4tJo-gWh-eVpxCcGr5909bZDCAJRHGj1Zqj51oP2fIM0pytoplgTCJ6Qlu1HBueDdFzz1ZYxLJiScCh0nQMaDprhbFF2K50MtX43blalzATB1V5vid8N8F9uk6mm3nj5v-T7ubFjXeTqVK6P58nimY7HszUX03GxGpWJrDKLlpdYvFbs8QMsOYSlgVdsMCP-Kuja31S1rZIX2RjeWCtU-w51YYkRYtqpEGvqqBVt-NhHcK71w0KWOw2H-TEIdYRqB7-5_JXQNKfnpMlaIwaU5lmPBfHYRgJ41VgpD_xl7iJznAResluzNAS0qPcKysaswPOY7ffi_thB98QqknoQaWN31FrrPpu52WrWEYC8Wh0AAjZ5tlEil-Vdh8sgwv1cooWU9YG8vy48KRCaR6zFJSDlb6xN1dNr7vKtw3ekCBwKOvuzbmm56oArL6lMWx6P0JeIiamu5Zib8PXNDJda85OGT5ySIebOPmgj79qwIGKIKpNnWfF0f8pSrojPC0xDWkMvwNcb0jRw2Crk5eLrExbzSSP_q-xma1foEOBzkFYqCVKM01tkHW6qc9VgvZj3f4-se0xremhYpLoQbbLqB5oiIAv50LyPcrDvMszGy2LMHIAp1rlLQ7r1BoE34pn6oR02XiN201swmnTGIVHIBDlDclBnmvzsPefQTE8m3RkV5j0M1aC2gJYgqAUVCbEUeuhh8S9SM9HROd7d9YO_yt-F3j2fPsWYXKCbGTfkLa4DKFcV0sAtwjLzY4zFpuYcXGVj3grYrbx7bHiE8T6XCAuff-hu7Qf86FAJg3Ab4JYSC0xLB6xAm2K3cVSFJQz0IBqTONhsVT9hplJ7jrDNjCIaXOQVuq_e5Nm8Ig7O8ssWV1Oj4zBLUQDpwLYB-Tz2GkhfQ-Ij3zdPxKNiZkq8x4LQ4Gs4RMWGZ-2sjJ9geBEar0tVHEbznUZDoie9dWW_NygpzaYyOytoMVzhgRMF0pokQLjyD9qkT7HyiDoBs_oLuKxrAP1XWRV_D8wYvzr4Ey-KzuSwhAJrwei70kUk7W3GmiNp8HmGU8JNN22A5ivucUuNv_xQUK-cZb9Q_9zShLJrgz-ame5AIPRuoSmD9pZpku970JRoRBH78lSX7Toh9NRYF6PguHimS4qQ8P6H-j5J8r3Ru_I-lFlpNU1-Tnb93-d05VUZ-XlVceABOl-zp1ziCDEVkXk2FnSCAeuZAd65BK_jhpyud_fmEsihwn0cadQf4so1nJGKQEk4QMxT9w6tZMk&cid=CAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=41534760017471460&adk=3047537735&idt=406&cac=0&dtd=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08d3eb48507c39171c0f29961969cb07598fc8721e02c1ae00592322a71aedbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11770
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 66B5 0
20 B 94ms
91ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7095434044503&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 66B5 0
20 B 92ms
91ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7095434044503&version=m202307240101&ct=77&x=1&cor=15218381105736794000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 66B5 16 KB
12 KB 127ms
126ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DlwCzGgBhr8PjwVes0vEF1Lt78imLrxiVX02BFabvp-GbIOhIDRefice43r8aZXD3p16ih0KbXXpd2AnOfJwivJlSb6io4Z9OhcRelBr0VvKF3MlYdmgxBEaSU5gZ8OjMKugAzwwdflNOTHG5CuHCj5meZDXSunCg0H4zy8RpB3e3YtfY&cry=1&dbm_d=AKAmf-BNCuCzVEolGdQk9jmq5ZkSwjxIjOK7b8AIF-boiMj2ihIi3pyX8im1eyKdmiHlF-MgV-l4g5eygmA9YKCrB3QMJbMRR7MUSzbSMpVLAlS15oTjjCXyLZn3UB1mWuPygfp6-nh0NVaMNmqtVzIHfgLa8-FcbTBqg6BO93A5ZdUhbAO6Prs5HF6cvrJHuxJ_mjrvtuxBbueDJgGLKYNTFcC8IPeySn0TsKYzrVTUxjFu4-BTkjhagfRWUnGLWBrLK4FMoq8t3ZeYOCyhhwmL6ot3tPRU_BVrq31860Oh-5-dnuBdF0tnny3epjsDbUsW5pkybTcZTIR9o-Dk-QpTvh7tPFEWv63K39CWgfPeb0xTNaruS2XoEKt5J88ThVl31tYKcApLaG1k0H3z7mv3rLJrkxwnYRhrTUT_eegedYRixbYIWvC75AROVTC4RKB1sknhrBNaZzCXHfBSaoOEmsigjI_AEubXjnWDd5xjXTHq9RHdnqhLccAya1qYBjSZk9GZEzKoiMyOWc339pQH5ZgW4s-080sj34C3DrxFa8-_OFwwVzPKDLeVZ1_yixcVM24qMF-Dz9R2E01i_Ubp85A8gpMqvXwoPijCchWhxkeGnHnwtlBj2sZDfioaEags_cRAUYHVFOmxM8_LkJ0MXuqdb02ImoAMSrmh5Iy_YbDkMr_HFle43VBjyh5Fc3WX2nZinCDHOHkc6Dfj-7V1ZRn79rW6KMDHMCc_EbxQ8u-bsfxzo4y5G6640BLSztM0gZ6xbbZ-xWhl4cYvK2WOTQBOx0qoKhcka-FBGy53t2a6M2GrrNvxKCFmGit_137cYr3udg5_H40e2sQpUIK39j1CDxjm4D7Kh1Dg5jSkFeSou2d5e31831LuQ4gcJLtYUSr70wOmZSmwVYTmmsvrUXNgGv2MNluLObv20TzgkHGYEl9w3tJ_dRs-y2qrJVhy1KCR421-YAPXT39_n7G1OXJ6jC2tZRSISvm_jID9fzhu7PKkFbOIGoaL_7NmQJGhohMihY257wXMVIfUg1Bwf0w8ak6D2DhkiIEXsEZ15SM2dv8ISTqV8R-Vqp9odrmgtf3XOcaeZpRl5NutlQONogDLK6BBhVvuvH1GX5WwEZZMLddYxdoUbmJt2QPW5KbJ7c3Gt1rTkA4-40GdV5XM4mjrvlayxp2rcX4wi0KCsyJHfl_kWFuwzgH6q2H7SJAzCM4JEJfG8VzTRNoKNr_E2akZrNx8m_2HiFMMYh-aOK3pW0XlwpwTotEbcLXJNqQrC6ue7IVVlZz0PVthYLv286iW0EwPHLt5JcYYmXwdDvhrZ100UHtclyKqZnbidsesy2qTmC5p43hz8mhAkZ6i01uw3ns-XeNDZJAEfYkCB0uY-N8tXQDW10I7TpwFT59fuNaPJlaSPgwfGrsCOOnqm4PCN8GBU9cEsAeVzSgPY3N5VIUL7pDahUx27Zp5TCT_0OQaLHt61oVGeGZuyKJTw-4hv5HEloaZDYF31H-jIUUWN1-QB1prdASNCULKNQWlmitCOyMeYOlk6dq9bu1E-eQLavugM4Ii0tYKx52BsqF0GYlrPTv4LnAXTBAhu4ZfSwqh6lFxn9D1na-zIvfOqAZCoANhPWA6_SF4QPTgIrrNIKEObgspoURdy-ywH5pDKAAgN9EoRftwbI7HK-1uSNbSKnzlVI2vyqvRLU5TdsPZuUHVgZuY-3Uuo4FUZzENcfWMnkUcDf9BleTWaiMHEBd1hdqESuokQbxFYEXG6NCDTOiaiT_kQYVyWhHZwVQmEUIVEUtz5gk3HsgE_IP-Aqj6ktpKX-FSzsJvZ_J0x_4VjHFAjdZvswhMTXKx2bTYfkJNz5e81XdIf6cIzpPDOUpr7j0LWw66_OPSZEYShNha63khbXSYGZ4oTe9cBpe_tMl-dYrsXBDD5-eFk2DrWAR4gyZLHcSGTdqzRbdAuZPxrzG7ficM-wVYZkYzQ2YRgMroLvCurLJH2_Zzri2YMkgoj3V66Mr9v3hpADudZVpMp-a8GeXNtQEoVoH5eZxsDmfazDOqJeQRA7uMMxPS-MQAZ0-YcsBs4XcxT6TwkTmskkh2-qQd3XXvsWIrWj7Fogh-6H8QCN37UqyQXYJ0koxZD-wtNMceHuML3e8ca7oWaPDqToG2mtX-Qht0dL2dKcPRPTZBbvsKSEl31TGrRULDiY3tYQD62IyzniGWD1J-BnlmZkyrYoz-CjhoM89uCxv6n3-O6hDDJQW9bispI1_aUSd_Hxn1ga-H4oBBoS5otvZ15vR153RLDDFSTM8URuod5mypf8p2FucE1Fxt9LlZot0rgOivAKThIp1wXUOZP7xll5MqkRhwx8wnSpQTz8kjmvgFU7KwloatKhSWRzfHnBhKosqdOTnaL_ZrGwifxrhlE_bEKgvMFka617Xy2yaFLXgxt09mvyN1SreINg7Q5XNOlkfbbWF263qv1JzU-hszUZxRKLSSrNNwkqzUtWdGUquKz4iPQArdBX_QdsUmwGjMHINAea1RQTyhLcZezxDBNwm-cfn5hg6sjqEr8nmnI33sLmppchDqKMU_qr9iEdjmxIGg_d4HI4pPS17MHCgidTuuhffMd8eoXf1vsHu0qa-b5v893aQKrd6tbzwRpNB8IHG5jBaAZ6Zt1S0PEhPscuKdUl7CC-XuV1Jf-1PSDHL7DX5ZYNI8WWATxoh17tIy8uSh1swUrs-mmInwdeZNjJWPP__6YGwuwXsLzdhncFkR5wM9-Qw5LZmZjPc4hzlAJ_g5focBe3KGnyox_XHEpGoMLCGZ0RyfYsjH9Rlr-60SlVwpCI9Ufh039wazK0-4k_a-7bOQCnXvDWgXMj6ItAAIBbpw6BhGpmVhSX5Sds29MZ8fbShMoPVjkVvnuTW64iyClpzKbcvGxAqVp8E42SahsLg3PSuNiVoYwdKwowdtdSwCHKOTk8kUkDArrIyEbOx90FePmFEVd7HDjrbaVz-iBNIW6EKEZRO6xzFWDlaNKX9_TgxtQFWucrjIXJGsvcEEmk3DfDVJvlzyVtEeTxKbgPZafCUnTQ1wmTWQnHNabAMBWEqpFeeaA0Jysw3eM0Y94Qm2KiWSOWoju9q22VOcXq_FwGfb39QmKr4y3DjWGy5WDC49Jl5l1-EqUAmqQMaqy5nFcIxL6PzwC0RPo2g2QV5OuwURSY288X5UoCLAmUSSSlNxrEJIpPfxS0NPpdCfA5X3EN3y22SMS86JNdo22XQfjWvzOVaIPJE59W5a46-dG_fNTKYLViblvVS8ycJwWJHhgrfQH4FKfHhNoSE6fzDE1BLPLUMZsTLFdfgf5PNE8rJRdyzf6kcNPjqZSGFJoKupIeDBgOuKwo7tYQrjETAPNd4oQOZGbdJqiQ0r92Erlt0LPKyOr2sq6CY_XrxCCKGnhNB9A9c_5OjW_MQvewZxqQZw3dbCj3HzTqK4uPlzVla4bPm7C-RAyE3lGUlm4qIL22iEMTCSySYjTCnRjAnCbx7rKdMzKp4zXyaZ3OvyOa85kPOxzUMfvk0RwFhN0uO4AJUWPdivpTa9106E7c5byPpVtKsZFsvByf2jFh6vbhhFhLyeI_bVA4TmLO24B1Mqp1CyXbTeDeplApvX--jsap2PUVdMqNLNUghnlOOyBsJ0kqOUwWp_XomF3_yt1-0Vr0D_U4FIlx4a369LnV7-0KhL5Xbg4QVHQ-CJDhRju7tadsqO9E8GHGj7fbboRwla9EppWw6ieqM7-9Lsvcq5_ORlzpTIGhgLqh4NvDVJmHgUvc49u241-STI9-R0vdm92AUnl4ck2yRPSAOFnGA9ZPt_ShMWCAiGcvsn4pe0tJsmmO1IU4v_33MHVyue_vTfWx56WMaDAcrWV-uqymzelLXX0BwQrCIvyequTfZT8E0T_BCXWSPRdcjxkCX1d0vQN14zrv7WlYAHX2M&cid=CAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=15218381105736794000&adk=250412560&idt=470&cac=0&dtd=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dabe6b091dc1bf7d2ddf130adb2fd81eff70088a908ef66ca69e3aa673ddf5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11808
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C2D7 0
20 B 90ms
90ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2510574505802&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C2D7 0
20 B 90ms
90ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2510574505802&version=m202307240101&ct=77&x=1&cor=5296299607446345000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C2D7 16 KB
12 KB 126ms
125ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D9KSh_Fel3kTVu7QkrBzirL1k25Wf4zlN-IdEv74roPWkOZbkJTE_7w8qgbpafTPh2vOqwY2Wr0oj3nwvQWJXNG2syEt7p2iyeMlT7-KWvPZsqLwP8NWwYgzmhj7LfCXpCEM7EG92gN9nx8d0OS7dcXZpfXUxXDXrt_rIUgfxJV9psQJY&cry=1&dbm_d=AKAmf-DRzuGE3dsYuVhYXEph8OwIuGNy2xF7VObpdU5cLh1qooV0YLmTyYq932gzaPoTmtAH4-cntymOfsi7ukYI41gRejp9loxJZDQEXysXryDPAodBAjXaphjSJIXEHBxap5zTuEld80CKIpNzm0rqDs26fr6aVgzqDkAEBEkGtj75xC3xiRJ7x23xL3w1_xy86MIbrnhHrwjlqjs1x1FeG72flKYBnHxxoVQIqXOpy67gFkdZjIYlUuYs0t9241xQrM__QjHRfGQN-pplWbVJ_NsXGD1JOvBGhLf-eOueoBrAj8kBgJt4r815RH0-vumtnRg3jqcuguf0DMCI8Gm3l_RScB60jauN_bJ-p4zPs9llesSCvAsdHiJUFN1T3yyofS1IMKflziqux40qteqyrNCVWltM0PvMmZ6GsYnpDqeEVPTXBnjO03gQGb1-QrQ8rDmwXnaGzTZega8BaFSsd-ZigS4Hg-D7Z1xncdFNmFZSpMIzp4k4NGQtFQzXmRVBxTAeihLWVrEoGV8MLYn5pVOrJVhxgNPcPTAQiczdq7C6Fx4UUChuhqJaYcEeOmIij5SYSAfM2VjRoMf27o_3HnwC4mua7mPvk-YwvkWEZvNG3vrMRFE7_vdXEW7_a6_ZPi21918ncoPw5LGgYUp5jFasFfwVuiCd7aLjXMnyISaME5nmje8QqPcgle_cjH235hD2OHUepjDYH3Q2ULGZ7RgR-kXNIWOOrGeHMPzAUWiePnGGoUmuJpPY-si1gSCvzgSaj4QTgoghmK3Yn02gDItmoKW54pfE7UNdoeO-5hFMMbrsu4UiXdr2ZdZ49GIyop_VZnBhQ7FQiE3MfJPXWJnq_l2BKTb9FbBwGNsukTi-uOwSrJwYU2Ww9lQWIQRys_ESaRm1rRiwWoyiu6_uwQKrWkaW80jSI6tletWJj68OTqKLoLWoVMn_giZwrX30RRbhK_ltdDc2UjhobzCYcxUjKMrQ5Yr3edZFOoXWwOWT2zi8v3GRYIAFVyCP7Tyy6G_5GvYckMHqr9L1D8YZXYRvJKFs1DRgtcTgSGbm7yoYGFojfYHtrwIqH_hkcpZmrjy6G0iXihXVvXqJTb8-nQWYu68GZ-Xmzv_2hc-fZEEiif-kLhsghwodthefkY-Cf8P7SV4WrF20KAwh7tqpj3mGKRAFiRbfVW8TDSC5v3N4-Wu6cA-vlh49SUFT5XqiNwdnjD_u5IYObqPMYF25juPQ-_lC27KD9OFjkvIQkx3U7BR08SrpSEsD1pZZBMQfIxq89mr42dBcFc3sPuVv5V309GPtIpDn5-1HzCLcirsyeqryHimwcA3NKHvS8lDzhFhwp7kLlBu4F19IgPrCfvf07EfLDYKYmpUyz5GGjF7PqkJUqPWPLfloL94M_PIkCfiGnxKp8AvbchXcDMwJ3mL42SKNd7uFgtOiCaSLi8-pPDPGPECbs9Zj6OuSWrQX4CVwkQjJQuBoFq-SXp7KbSMstESLOEbWUoF36k7xEMGOgoHzPlSY2n6j_gudgIX4JBkvMyDFOaZNQ-Z1GYr-cIosOeQUIAUsXPLrh8SbOT3IjfxbJSfPQ7EKOl_Qd4edxQJaIYDw_pJXRXg0OJDIx2vw2GJQxXeK1lAi6gy-rCOP02Ux4gxnfpNZfJcwBrNbR8ybiiocWEPW3CLpGxELpBUpcoBkzCgL0unP-wZLNuwhNXMsqzMYBbaNAkwGs0X1Vcv5vxVMIPNbdjdSM8BLUJqtRahX2WeaYpeZidri4pgeSlcAPP9Z9i0KD9FaICk4UkA2WPW3LW2f5fldjARLuGaiKN5mpTqfFcSV2bD0bG7X3YZxhx6rPgVlTGuorJi8407rbdNLPpqONbP8c-kxg3s4FDyhqUMbkr5Kag4X5Qey3-v0J-cslIjDB2a-T-Q1jMdxyIDCNC1DUPhbKOZloFyR_ZML6UpvKO8W_aZEbnHEJPr0QtMVN_e6UyY7xD5nzWGkAkfIjUxsEakycfLI6wqKgeS4AaEo_5ghsVA-Vcx5RF063AKC4pl1BTIKhi69aTQrptD0CXZQhHPuYcWKVr82sijR--2gjclvoRYytqqVYef72b1YG8VPE44lkX-64tYkGIG9XmOvJ9ud2wFBYN9-5NG7MX32joIFDzRqlF-5wq_-aelqqDEVvTdGbHde9TAwomYqEyxO5sYVmxIh57T6IfSOpjzY_NWFAQmLswFHGYRrYCI_lDdN7yvtqJCPLYWY4hzjkF1u8e8yi4F-R-m_gCS-YTzrZ2fD1Vrf0_KSV7rCd8KQS4tpAfAQSKaJbrddfGPy63EpU3PTqUxv9rJa-PSYbZh1q0HGOAjM6RYOAVe3LD3efiUZhPZQRWA-9BBS5GIADt3L4JT_XTClbfbyXdU4hx8WDep-FeTQm0wbSUj3bJkom_cQvpAvo3WGULeh15HWv7R0aNWB6ffFbSt55jR4Og1KRzEtUtWNzuQ3DeetLO_ouDE1wTjYI4V7Vxr4ldZjuaMIBl4osSG7yruyZzGvkIwvxAA7CK5bDMe-L6YqlBkQuwjSpeAo8wEQyuX-UQX9xzMoHaqL6GRq2oTk_w5iBEXFM11AArWPDrOuiLwAxfm2-Pc2-zoQf_5_TnlO9hrKuJBK0D6pWyMpnhZPJOn2PHUzsZSoxuWK9cdpt6zREutcBQLlX-Qs7QEU0YLj3oQTjJYJkyBoERDqWwziMPRXRdf6D_1K2gpbUNlTMGI2p2NWybDFErj7uXS2N-TdbNwSfWQ5cwhQM9fywRAiOPVE9RR0-dp5RxoCM_7xWdXXIpxpaq3FcPsFWanES-HyB9m17qNB0EGSBoQUK_TRrP6wkNzLNBLCjg7BlknnDuNfyzYgFgW-hFBDJrRXUiKCeqEsc8GbCUPgrZ7NhCtgv8qsCqaIYpyE0r1wPGrLGLf4PwjNFeU_ISMbiY94ecy-inK2g3fTB7XoZ9I2a6ydU4IaQRk1v6Hhz-FgUyY4EQ7cvnHrnYakfiIuMRkP66nXoCsQ-SDoXS1TFwEKiD3nDCzKAmQ5q4gY6NoQuR7u5lmfsMgrplbQL81TSgawXKITN3POhix5sbHGSWzc_WlCgFhxRrur7Gtxer5ROsA-YhLAgkOlAsmXQg2-dUKjKvMyhSf6R30jgAvULDasg7OZlKvUXxSHclHVGfCFO8rUTvzGq8kVnDYB6zNzvFoXKq4vsDUkuTSyzFbjL-ZNrEbpup2gEv-qGBW3OX9qEomKvj42Tj-D4aFwF_XV-vaW6fgpK0wR5KpGcrnuEq1UUBLUVhuilY1flmTI9uKugcgRIHSdZRzyScO2sDlr2ya05I2v70V5zS1W8ycpIvN13Pcl1w8GSRxy50bQchcQNsIrWKq9RzTG_rC6yw2pZqKFIcUJyxgdzFA1-SPrS43SHLXwwPE1sYicr2kBz1-XQeLfsRruMoNkul9aFtHLW72vmWPCwRHLpF_RvJcFBEWA1VG9mPCFx24cBPMNjM9MpYMqtga4D-kELPMuuGHZYaetrK8DtEgxuDoLNzWYzapzoAVkIa5wHc7FnC7Zvj4cc0L-TadE6B0rwsTgMAL_w8rOqH8Mz19YhypyqcprT-8z9DyBx65JJiYLC-zC9qqAbDwQPxt6HWz0KrNsliLLnHzMKi1VYHDqyKiUiAxDfCPp1ZrwUP-HtUE_2ZicWvUIvTNhH6yDf3XnD88o8C8fz69iMv3eWkPbSoerk9gEH1lpMz2NkgjtHH9WYJ7L7MuarZ4ZA7vRqRINVHUzvV5QNdIxVx3AwO-m4HMP2OkvR_OTt_q_Olkw56E2bK0bQ8nCmn-sdx4Xf8pWmsgQD7nnH3z-aM6Sb4FicASUSQw2FapTdDlBGtchxbISSVmDzZpjudYWoFQK3GysNPH_ozg4F3UGkBfT5lBG5w1iHTiGCZMw5wtp81IyQX71xl2wR0GPcA09QGtnxZI&cid=CAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=5296299607446345000&adk=2228999115&idt=443&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1dfde3d8ca493d77e46e6e02dc9900e074474f952f78355af1c9b369646ea247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11951
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F468 0
20 B 91ms
90ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6944414019007&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F468 0
20 B 91ms
90ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6944414019007&version=m202307240101&ct=77&x=1&cor=14371588974816954000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F468 15 KB
12 KB 126ms
125ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DoW3vdeNexcos2jBK2b86sIKweg6eIJHVFHk0XJh3OmsoTfQMjWTjwNp_PN7cLmZS4CgJRIwzXHNOxWh7-1mlsHs0cRKgkxR1mORyBL5FMg70lh6OlpKdYv8WoziDIhQ2ujzho1pj0h_vqltEqXoIbu4_YQdpAUctTf0y3jfsuhUYzVZA&cry=1&dbm_d=AKAmf-AFhRCdtfvjbgShVJZEJtQuIJsb6edCbohx4xF5Y7hNyckPQ2NZfb1b00PxsmB6ZvePGPpPB3VlykAjWZMA7yJhK9DlyrM3ItK78-VKQGdIBcYyTShp3zV71hAbEPlFDW_WoEkhaEpN6-WJ4MjbVT_NQ3fUCJPHtJkYGNCCl6j5FATP3quFHT6faFKI0rcDy_-VwI6zgrvz74GyMQp_9iGUuZzV_EnEgoSmJVuhWxvU2WgyUm2jxVh0-Vtf4OjxAdeys3Nax2_1neNyu_O-KZGf7EfySqfB_U0db6NTiDGwVXJtrjsdEi0NLIjNUEIGnCppdhUeKbj5EKiTR5hZ_slHzEBcWv5WnJwqdVx51oyW8D_YIr1tzM_vftH7YyKEp1dncOBxvGAG2YeQaf4dZBI_gEHAUACUgmVcYI72eYPw1b5MJ0yjApCqaO3XVFj-UEtU581vgb2u00poiBv2-mXz9LbuDUFKOg6MZolmXM6sy1adLw3w52LLo4y6u5rkP3qbY9exkj_XjtO2qD0WrxBvnbptOXnmTtj3QbNkABjBmcU4Xb7DHaOIUflZVpvKXolN-YzaMWpNlgM3YMY1yMBGwY83x_OzMYtidLNIGpVrGZiIYxKEnkLnCAgQnS2eeHZlNmse6V_is-23bs4viD_jHPFsdUCsGYqGYrT8sQ33Wqfus_8RYa_crL8u93W5rA-vEwulTZ9zfCH-OijSDkxmkSyYGDt9QCBmsUcHEuzWqapjXTuhco0FwBwQL67EmZElsw1TTRHoyR50hK9nl8J1DyM2RxKm1bKLoSi5h7EeCXkaaU1ZvSw10xx4tGXUEMRVABoRJgtrgMHJG2Pmw_YSBJ01I2UA2FLR_gN-wHW9LjJLMNID-T603NQYqdv0nvz8VKoCp2-P8x18E2wWO-xRsRzUvWdNl1cN9fbucStbVEp7BHJlrppGvFSP_iFOJLcDYES09ghwiGSJlGVgwhGugaZbSfWiXQM-khs4ExZd0EBxFBfmiZA_hua8Zu3sP9naaAyYWCt84DCz-b-2p_JfYScHKpVQnGx485Ai6mdYYQvUwNOTlQhKcjP_Bac2bMlE5Om1FKXrn7gAkTQ1g1yhERCicQy0tVUzPl9cF8jfyduVWt-luHN5ulcql5HCNTjeqmaSLBpTcEpKMOa7qPYk0J9xIHSruAHFn20-6Afr1-3JhdsN2DJtddUD0JcPbXTl2FlaDlarPx8BPpA4XILv1iLqymR3kDJwa_878uzTrKf-dV_ehX0fL8ilaOCpRD_jQuU4a5LfYINkyB3TZe0ejTtG3SkaO7aoiYIzyRvrUfF3U04PIkKmCPdQllu688s2w_pi3-2j9mtz-ChjontgWnpxH2hkV7XMz3z5h7on6--O2FfxknRmdsAP8lPL_h7Q7UtUdhmDjgkyV1b2QnBxIpm5k1sccmeKBvuE-q89OmPK_wY6gTSp6jMN8NS2bKnI5fhdbU23gVYU-XooYSFl-PvGZXCamciXpv1CMy3aFbmI5jDppZvfogo7eBKXL-nTrYvJ64kvKT7oNuz1igTxNKXBMj-orwARwIQuJ6lK2RtJNrgOhar25BdetGeyXhjwjQlX50FPXL-Y_GSQ3qHZ3OZZbuBRX_JeSGNZw63fGHj9LSXBWXJWlKROsyg5RHbTUHO-P5ccr9IVDe16XbGCbqFUUsQKDLUnzjqncS43rMjfA9ekV-2ja6mteOsgSlv5H5LctIlehyelTOLzRTqwy2mSvbygpPBEQUfURSN2Q_JMMixjU_uDXjJq4JnpGHdgo65MoUsGBfmBHevVTStInN0BHFWK66cRCXceZe0kb3wezC1Hve1hSgCrkng-sgZno40dL0H9OogKgF0xawxw9II7XeB1l6ka6CkUVYwxrJdoCrRHBHGD-vuUlBv9oLzzqm9hCe61kV3aqjg7anIi_kr2GKza_myhzlDJIZ1x0LAWulEbptZ0pm_NhhZ8G-ziSpnJGYUZTpE77jYp9MLQ7Tqe-Cyx64874PGxJe6BnERly4aT_0w5Fqdq5huyQnIRRqdkBY8vAct0-1Y8XYixgqUOREmKwsagW-SAMrxQXGUc2CnAGPPMvkrRgGDIBSibiJPc6DfIITH4GjKID0JmIVs4YhsrkuH6U0Jdp42WAeAAKHoLDGQsPTzEo4GxwOseindWW6ABP8aUZrmJqlQGWaJA8JPCwFMka6VBJBDaoJoChFBEMr-2RpdxNjzsBz-OLM12tYzBY6dVFtFWgXZWBest9Ai-tAvKvRkuDLHWqDjBIDo__xKTMlDUdPaByPGeLlGipeDVlTRFYWi4l4RJ0qsrDgqbzot_OSac2mCJhNlBvinkrVMFj-ciBsc7F8IsWC6NTeOYeN0B4wiREoI4ekF68383YfCseAMfLCeeRptZGgfiaryQCFmGNMIKChchSXrqF3TSOhVsMezKcoaQy4HEdXR2YQHAB36nl3gmlilo3ZsUqdmraru7O7gpF3Hzi3sT6UINvNb56AHaoK4AvIvcpjZ5vf52dbYYYhrLcvjaJZ5FRPn4Qeeb7BzirobKNXLjXOnCION5tr4vDS4t5ynEtnAIM94UirIVl2aMl1DBUPOeNWCorEPjP0pTDqwFFPEXjpZDcFj1Gw9FdenGYe60OiYaaVNRSAixtwEzvZ617bxMFCluEmTIuViPwD4NBZk1stmsW4D4atUu7yNdEX4K6j-u3hDOCi0GnLSfrLtJXTOPcMdE04eO7CTRVLvNBUtYvAibg4fE-qF4-YuzLw5YdTm3ChCpkET9HSAjiSQ4AL4n6t_jcwcovYMl6ljZ1zED9osfbobWJH_FLpEgvn3cnfWbXvvP3CWskflIl248rMPPBR97bW7pw4xKizoFzFuc1VuDWGWU3Ep2GMwl8y0rrrS9W8WuJTT-a75Zeh4-S1grzf-uMJnvek2qxfP5WrwL9suAireDRr3Ra7G7pBmXMKCjDCMo0v0GJIEF1wbs_I-WFLkpuxj8ExmvrvK2AnlrRI1q2q-QpkEGtr4L8XqDmDvEXwkhLXGXzCI_WnG74oIEfQ5CXD_xQEBHdi182jiN9CyA306KN_HZ2vEylQw7CxaTCOtbKILa2z7JFlvSSI3tP86tm3qRTD2DFoHAEk2OwfOzTDNNevnjNxijjfcutXnEwGNUTWmn-Wf2-Lcumam2fhLkdbcwkM1TrlbQdSWN6FWrV0Me2VfeNU0ay_9SSpxZMpNHXwrhSKaTMmupc6b6yxCVIvGdjBYCCkBzekSl6pknccfXCtYxCY6XZ_UklQXO2FjXpw-KJgAShYJz_1-2A3DEuF9Q8z_2jYH7zYIaqnvhpikJG_QCMKKTXqBeJ3yxiyB0lwzgK0JkSYDEeTsLtNCTMXND9yVSnlm-w5mZQbFRGceHHvybWnF1u_-Knx_XSIezJQkICDlnH1FJtvX8R_tybsaXIsWUlaj1mL_p70eXa0K7QLv4638zKw3OCRMReUtBZlR5EnNinL46WcrIvie1clxUgNKWNs8_S4PU9WcHglE261FWVsEQLcEWZQGWIh9ayT0KpCkFJFIvtlf-f8CJMNCIvI1kVoPbdZBwrqvCrFMMj7NXNVgz4-4oCQ5x2STtRFYw8NePe11tWME5tn6lxWm2QSfZJsbTXEYz4qEY6QtaFXiSoneUxPG5Fu3rQZ6L6dheQQrOfcOAkzIZ0fp-vEkvV1vRuHVLJ80E3sCsiVzoo76h-kxj5kx_imYu4N3FC7SCxbb3gJYLbEibCeotwWhfYou5YK-Y8qw8U8cN7sbHM8GZgrf6u0fFbabbejMpsdeAW57KvFktJDpkZSLemm3HnVnOimq91-Q1QPoWV57XLGnGasslLK20ZVAGpj6MbpjwvdZ40_9wxlFbkyac2Jf-VaiEDtW4lGn2wIRWHROBiC3ue0Ynnyrp3g&cid=CAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=14371588974816954000&adk=2086295851&idt=424&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1dfcff95b14ee359d8890a706b8d4f06ea140a7cb2218aa077389bdb2e422d58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11774
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 25DE 0
20 B 96ms
94ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2468031927865&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 25DE 0
20 B 95ms
95ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2468031927865&version=m202307240101&ct=77&x=1&cor=951578651274809000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 25DE 15 KB
12 KB 113ms
112ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BXs7tOartRgq7Vjk6-yavp5C8VghWbOGFlANJJc6lWFs-o7_3WXNACOhjs-ft6unvH2B5MCjhyMn7dz7J6Fokn-4JRAQnQeo3lX6E8c3o1F7tiivF-3b33X0qJ2S1WLSDqqtKSca732YZ3nAVfyTMBOH-prmOERzJIpnDzMZ3CcKM3yOU&cry=1&dbm_d=AKAmf-B5v0UXemmB1m7RpzObcqKpux-LX-0fDrsZ0DQNwRo-SSAivaZveyCviAUv8F6Mzesx_qlifBFO4vLWoW8PZNHfsClGvT_tqFJ3UYAGubVxIu-w6U5Rv_GPCESzBbBK8gVF1qDh3zXj1QtDUO6Vtqo2rUeGUc0722FQt9AVZBgMOpP0I3684VCWdYaEW18H4TnTVc_g5cWN9KQfxo3Y6NF41TigsAKaGycDfF8HlG8im1guShBdAhIhIApI2IFOn3WLdu2UEe6t5YXr1enzS5pDQFNOdgGNCOgGgqW4YBLU3Mo7J2ZI05YnVKt0V8TQMADt0cn9aMXlsJ-1ntDIfFTi4rBU7fYJdlg9_yqoQ26784T-lNFbHZrlTIvPHaDnchnqmeEMfh-24SICByv9jETMUjUpLhpE_LrFLn0khkRfpFGaYeWpRON6ugEHhRzcIa_Z2Hy6SNQCInfTLRAPaYiemiWr21r0to6we-Dq0Y4Ii6z8jnRB97XpZiUYvWS1u04s9LMLYTBDZfCNDq-wmo3T5PtVqUEZ_h5vRAabasTltTwkqX9uxIBS0m0cSSmOYZg9_RBNZVLuWen_NFfKt2EW4DYDIdaRH1OIX663b-GfP1u1DFOqJE0US-IuXHH9G_JV1wb3dE8F1_9MFTXSYEsC7jCDzXlsdjUzIHbLm2Etg0-fOW0ochKISVnY1JbrWTjl5vhQJUSPpMQn2JCQTI-Gvq2p-nvPIBNEL0CQ0U_E97a0CM-PnXhahj4fmvTem6VmGMp-ECFRXCUJVWpYTfHzklXqWsPyYEz-rSqXrl73664cQ1A7q0I0_hS71YclF7-b0ApUyXGCIWEGPGBzWy3YBNUPPwcmUZN8IMqMFMx8JRtKwcXV8ZQS1BNsN3W4IrbvjiTj_ii8cXw-zGWFjoC944Nfc6pK32q-KMJ3Q-hQUplJhVn0jSqMcbVHbrmSYpILf0tb0p2742Nj4Bpx8k1Vef_g5hhku5P-z7rAbyzL6nGG6JmyhhXrEXPU6Oa0qhIJ7n3COrpYoEIXX2-9TBZYBpplLvnClFoXpwGfN_KVBdHvckV7YesdM_SA1VqEHanM7P-X3GE7xgigBzUubQ_E0zMLuF6sEzo7fmft0ZvC3w2XixpaWz_X07PNow23NeYYkHwmqMRRc9FbW104UduHkvcjKAOqMHS3ksCxU0_KA0amXIShXmFsoTyYSIhjKXhjqN4RJks12aeQbk2FIJjQl6r1TqHhIIPjizaQp0NKRiLyMN74vrCjWcleKv1KOQvUBlpQfZzw_NpKvDRIhMS1Z47-7BH-Kuo4WMfzPd32undS81Tl7zr1CP6KLgAnPYRWyUZ_XcYZXZ5oANfmiymEaGK2_S0gzAW_VEAvkreL7jnQy3PUO59RD-hVeOihP5wXlSZ9q1oTzY0yE7g0r6mDvj_hLqqr8nFFwuYYmAga5cPnRfpAQKmP8M36WckNej_9wHdv_tRmS8e_cp-0CPesRiL7mXUbW4EzozqwkhM5vlg7zhoChe7-JYxhbULXJ5JjJda__Khj_Tz2G-i0I030AbmRUC84Zed3O2o4ejn2mHI0dJK81y7SeC8I7hVMcMf5QImVGgk0989oLFi_kJSdsh02zkycQr6p3URklmCW0lrSZ8fQHoSQ69vj6HdDM72eX50xTfmalhKrv-kAWtSJ2YJsmLg8v2WSvpIRklDlJg3i90QcDoqUho2bJx4WRwdZIIPH2BM8Xc6auVY-Pl8EoGO3nyVZlUYM2Uv6HOKdzN8T_77cjb0eKUI6XELS8cpVkKV4L7s-CCCYBZedbL7EFsln-K6iomkPdRR9DVoMTWVHZJ4LVO4zMHEaTbeFJeh7_WV7ghPCxb8I33zzwnabcAt2oJ2LS_P9eyhSxfTc5mSkVaXEfjhu3mFWJHSPhlnqlBh1R0-_l5n4BtVQDbQzwgu3YOF-QJKjc2KfPES2Qx9RcA-LD4ufSkA5h4lQiAdv70KEgkK7ZPLIF43AzDKgkpQczutZsOrz52I7wm98dEU9fmesfZ1O64Ccc0puMofhPFUuPSmtsaNTaKxBwPJWLKlIOba5nb2pzbyFVC9MidX8vb1alTQ95ahxiAh-IsCA1G21psv73e8GOV4td4fXIBoh_C29JEoAMsHpp6jww6-n0_NmRh8UvfgqttQIS4Ob6-rjYx6rDB_ms4B5DuxcfH3KNuN25F1RPAlotAKq6xVVw0irSF7sBPnWUBbYxL6NWYYK14HyNo2YtF79Hj-3b9idpDD11s481ACmLxhyIaOWHRci2OyWbFCLHyZyaPqWufjJNK00sy3KbU8GswEfW19wc79gqrfkb7DYAMevxL1K_9zvj-5dEziIsqhTll0Iqoadbr_7MzvN6e_i_iMYTnJebgxxyT_M6O1H0zQqZdxlpRKdnh_9O5iQddMNO1bqz6flUWBd96Eri-UWJaA4aEBIPakzSvU1XpoF8XGOkiI-AUAn-PIPbe44-P6mOff_qi_R0RTYzycryqLJvvYDKuLaNojtxhio_Lqx_ynXQsNIy2JmIxXbgIkPX7e8Mwky_zdlqiUXECCAY5_KWrTDWaDCzdSP0-gwD3X7_yr6xVcEXOxZG-0TLPbpAKQPhCFqSggfe9xZ_kG0pxb7PngkdlKlwYJEEsEgcSRINgbQ5lavuU0fH_nX1rw_fJEAWlS2joOFkQtW8Wv5PDayJhGZC_CbxrpkcSN_-wTg9mkydpJ0vD0eyRWY-GsB2YUTkgh7s8fYL7j7BswoAZEVHUrPrvINVUYzJ1MhokQx-LbuBk0zNIDfGfUQlkVMDrasETJZtzi8cMjsJedy4Ey8YnbpKtvXqRbhDaAaQOSUoiEPBinpk_i9kFcI8VdZSr33D7aTQbpFfSfYheiz8fhKh-nQbhruhW64vKGuvPXhaTw0hdz01B1_oND2sTZDzgVCikP-gWwPspWbTKDGLH5gwiikZUK4qOTFf69qc_dcMaGTbMa1JQQ4E5jB5-kH1gJEFEodiNRf686f3x4cejzM-L6wpWKYfcAYaaPMQ7CXMxVTi4oeclm5LkyxQAGuOqy_sxphQHnfVngxGhCdhkkIpxZreuCVLDE3vPXk5OLKfQrm4khPnXT-k2pzbIrWObkij8OpsVm8I5ZQ8e7D5hgOPBeMR8ubf7BOWEmBBM3UxCEqtlxyc3i5Q-QVMiOWsvCj7ouMCqGbAzJZ2zpcVElhAg3vtJttaaoRSIoymr0p9fn4yjOJdMCxprLDBYep9t6th6yD7bfuYnmjceMyZ67cz3Cj6NNMgqZMSA4zXgI92sD9uTtSJh_Lb0U08CQqtFy05uX-zu3MvBHCZrI-FoI_bx73sT4giRqlEFgiSWLtoCsWZ_LkPxlctedi_rYdgTiUcMi8r0jDXT9tv8OUFlVM_oOqDCjrttFy_3XXySk6LuP9ZAPnBaOirTF9autCsKoOnvLFg6IGg2RspCRhNftXzoHrTijibrHjy_MvZy8CXDlhLGelCIe1BFRf7kqUfOFCRBtDLbUi_rgGj6y-3WuAPojpVa63jZrRCwy_B5Ucrlulji9IRgHYY41o78sKtAGU7FGXNioIcq4h_87SQ8c62drThvPLiPfcXCzAQkSYuG58kzA014IdXCQNsiK7_oEhtMzJcz8vtWyy18CtycL9iAlXL83hyKUXeOxLzmSI3A719sdayjrslT3swspaaNE37toCXtWQQQG6BXOH27HBMhich1gZs-vt2r9FkPgwa1XnFcE_3uSET6ZdejIXrgVRra-P0AE1VBKoyz5MAiS-0tjvrQT4509Q6kVor3vO5KobEOVaxRlvcSfr-UXzo7BrnLHTlFtBjZwMV-HZrQrGlx3NOPb_42_bGNKZS9fjR0-VrW_fmY3ZSWgJrdu3qre9bEG1KInt8ltWRxjfDzoWlhYj64N4pg&cid=CAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=951578651274809000&adk=1877897943&idt=443&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac00c1a7b571958ea0a8a364599e7215d1a0dd278d21307c6753ab9763a5575c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11758
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 5745 111 KB
39 KB 256ms
54ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
Origin: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 18:51:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35603
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Aug 2023 18:51:01 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230822/r20110914/elements/html/ Frame 5745 11 KB
4 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230822/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C86-ymDqKq8B7Zz2Y4GqQMVv0fX0z3tHdXVkaXwTRGLShz1Ik9NLxhanTlujNIRVWx-CYrAWaCia3TXP3ULuzV-Ah_9Q&cry=1&dbm_d=AKAmf-DooBaq02o6bNwz964U7SoufB3DylQoybrPuaanl05zdASU5-13A0DpjENfBuDOspZv7hpOSXNNB3233-qfXKDM_IXrhdbSiWrGU88F0WsywZNIVphk2QzZym6mGhj1ou7tX1VmgCbv1pJgpzb6DgDHpnuFxUSH2Ib2ekSCsBDq37_pKul2SdA3hBeQSKW7WivB4Bpil1zqNTlLsUZzVli8dZmJtu9rVu6jTG4QtEzuwx1HNFASOrnvdG8N1zwNykLIV4jiDgpeU9arP9CAk9gKXs1GXJkgNuzTzAcKY8QeOteRjcwjreeQ8feO5Jg2IkpoGdT76-kyEiapFru-IDJo1JqF1AmIEcdf1D4OIXsae-RNINmKQyrT5HSAk_Z6eUPO0AmQesPwtmDaiVIwJ1XPwhBRN2yF6CSu85S72PdrfmPJWkYhIQ6w2Fm0QAgFvgTUuTxhHCZdf3OBPbqCIBdNP7BDd9xmlQ38MzmcINqmD8Sn8nzio2hjPQEnOXJuBRfvkQVotBF4U0-N156-Ch2QRY7N_0RE0uwGKKlPDgUHYEZL7xj5FODnyfHaUNV8r3PUUklodP4OxxqOm9dOeZXKX-MsR4EtTT-AOY08DRDvSwEVCLs2YnliRJ_P9iZDH00w1SDrps9fB_GxoMlafrQ1rVabxyMM1vjtPO4WBTqRUIuNS63J8-VwS8L3zpuRkd2LBZqPQsU7-Q9CaHrbDxSuL1m2vyhE9IgVjDlL_as41_tZn_9zpcfreil-LuTFSGYG9ywIDhKGBNgXqvwUG4oSEFYxpctfY4NTn5ucb66eqLS9P7ZUJYuj65jPfP3e1D9D1NMktrkGty_h8L6kmEqMxNube9fvDP4wUrW5WExxk8HOkMnboX1NgN1EMBCNkNgwtSkTauyug4qlbP7CJsW77bt54bxKspQkKsQp8XTZCZtUafrV6iM-BtL4TqslYlhtS_W5_p3VU5YhdPwZ3hyq3YdvLv8ANg6lHdFXS_41m8AFun0NJNDsvpXqw01kV-DLXf0WAx3pmg_uzIiRYCm8T3yqeo3MxmCGBerPSEjMgKP1O2mxwY9hIKAZsoMs3ky-_gSSY8NFsj229XH5cowe_WoBsXBgIZBVBo_iL820k3MX1zuhrxuKOQ1ZDJJ1u6jwOZs_Nd2Y6YrGQ9jIXfpzDsJb1GnMzPme2u62L0DHqpRd6OG2Gzi3ZIa1HASPm2c3Ce-77V6pTUxxKvH1Mn-MkhIjc_myD4cmDpEu2f0v_DxmzhwcXxSlWZA8bpbL2ibzvfQnZueZvpcqdSfXrAGpDJR29z6G6D0kgIBPQVRH0TqtzIy4XSRIEWc9Jea1oycUop4esOsqW7GFA5rGad_KdeTEo--8JrHGXFIFVnOguY_51CAbL6eyzrguRkHP2XrXxFIrAyrlmnwu5IHZ6r6yK6FREQwN4weS6qIQ_rEbQPa_Uq3B5KBz5IYzTrhLhFruo4q6EfN1zl5LTF6xVnbI4syDdI2_fap6t6o6zCpmIXgKrHxXPY7wWdvts1yf0l2SAPSjy_xyAh5TvoIsZnC7_fZ_2knppV7_Lvzf2gKsuQ5MPfr-GHcTqcT2ZaIU7xNs-XpnzHvPfWAoe3FOM0lte8LDeYibwX9TP-qeoYfaAR8risevx5gU_4H2vMDhWuP9w7wOSHwuxUMm0BJ-k7VmTpB7e-bGviXLWSZ7D3ga-566yuF3m4GRt-ys32cF5eL_hXfbTx5gwRsi-ESFg8JbiEpXadOeI4KKfSXKOXVXoURlnCb8d9s6oOo6Ll1z5lUClqw8rocRtH8MEv1pU5Scctj0iBDGqzbyk4qR2DQRYd5p314QuDIiGGO3fVfK7Y-m-kXVEN_TG3hFLpXdSEbDRQx7jPxA-7QMxMgxT_4YRmZVySY6iwb1OcXNO6AjhE47xqNaM0YFVJmq7dTwVQXjDs-8rnBBJBGxa9hPC8DT2_7ZRrVqZwmXHAtrWYMG4nNrvbfO2EP-QyRulhJtJPzYwVzFTzq5FX5gKV7ps9pfk_TGhgrypD2ypfKEgvfUSIRJYPiK_D6rbI9OAOdgJVyZSPp7VK4OfBYubaqBAQbpdRBhPT9NqKmU7g_At2n9oZvzzinIMKdwa7wl6YC-jcfYV4sk2eF5sy9ZzTa2AUY2YLCt7K3XZpN4m7wlDEInN__dXiEibJhQNSlALsuoM9ILjLJ8kVGLUnCy-GIAKkejzR0NHDTPy8znac8HJ0-CnU2HHnm7N0jZlBCRcF_dDCd6I1O-jmE5e_RBV9jAYdk4B3bERLhfR4dLNW4R9Y5MhM2smK-SEdnKlvAyCcN6zIc90JYOhSc3kutZGyZqx8dOqSNQzg4p7Or7jCEqZugShmzmLVLkoqL1l0_gI2yFtdSE4R_g4SV16nhTQp6j2YAgaEMdq79FYVq2QQ_X30Q1bRSqx1t2udxGAJ2WQAQUYpJlaNCJillFfIyg7wqpxh4iF6EcceW0ON7ganSFjEs4QOyxKM_8QdZjhtz4da6E9xzHEgzA_fEinhOE-slQHP1nv4xRaJENSOdlWtuzI0O6Mi9RuBoVmnItohSDae_YZMystGOUXLXytwigjIAWvc95vYeGx9fp2fZXffaTK7tJ0v-9AmSZLK_Jm6POZrOG2blNd6Kf8V1bUqTczZdO_hmtNqEDJ6ym4SEW-GCN_NUgh3aZCaPJ5uwXqaJ_2SbQwf_T6JfT_vT3FcCQvvf6abBT1LZRXUvWbEU7pvMsLTDAbZZOgnblV1DkIQlXtpJ2exTB-07wYEffL6czaLYREhYQNKAfKADHMWjrdHUm_FKdzgPoUCl66JnFlEzsCpB7sIfuX_TMtSG5fiw0-F6ZXi-rnRqjsgiEi273M5_7pVDinNNcNPkXNPMfiNlD0SkObcH_uJwVPdBVKd4ZOSlBjIpkj5R59vpiZnaghk-t6OyS9Tztvq6kminyl2i0Ru-FYb7nChvbYDo0HvEtZErwxz7Es0mAsFbc0PUrVi1syP8tweIFEDVDWaicA-bRhe6VcQHiKIQNsAegYl2qMBHws0SOncPxL1WTBpzec9KfyhVjD8Yv8zt4l_4GSQMrM6GDqnodFj2zf1OgpdBeKd72D6BAsu2B3fo42qQHgS33KyXaaL0dzY-wexttMQy7h8N6QXiNYd4gqACisn80iI5gQ2XLZYNSQ456bi7uCyaC6uYBnfzunGD24X9YDwlB0KbMNKu26BOVVuLS0P8Yqgix98VhjmYavqIDXtzNtu6TnFIFp9ZC0ZRnyw6A-XWdLheyLFwPvnvYbgRh19MVowHRFqmJJZCsOq6oZLvEHulaLaGqeA4bIxZrUdncZNaaSphNOqqqpujkFYZlTTaUtARVkkgA4cUxR1V0IT48KQtgi_oDIReTh9MT-ZTz7X5I5rP44O2h-KKi2Llm6uuyhqe4sS6syP-3yf1MwPOdpw_HUX4xORHcLiV91I9IX7M2vSbrRq2EUl7VFbGKsUXK_WTPtpT8kCmOLDEI9Wkyr21RVzUGD8mHjLYqYnaav7FVz0nKK7IHy6D0MuW3FK3CtQJcoCayVQ5hSVVPNhH2FHSygVIfTqT9MAwMuaWeePqGvcl9iqYCS931Dw&cid=CAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=11856948659799253000&adk=2124396030&idt=343&cac=0&dtd=62

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:10:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52411
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:10:53 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230822/r20110914/ Frame 5745 30 KB
11 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230822/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:09:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52503
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11511
x-xss-protection: 0
server: cafe
etag: 961974302080011826
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:09:21 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5745 41 KB
13 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1162999-caixa-tem-1-52-1-610-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 09:08:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70525
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 09:08:59 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2C52 41 KB
13 KB 87ms
86ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AsO_VFS0hcq8SCmraezYk6bd2Awn8lryZy8KNKValCrOhgQxExJDVQ-8HQY_XdrZQft-bnhHhpwZxU0deaz2Tm_kMsEe9ebvbtZidabFVf-p0aLueT8LybsvlY6o2_44ZVzWqSeO_je1wipCD_vpoaaZ19scBU0TvJU2dd3lrDUIRKywc&cry=1&dbm_d=AKAmf-BxGV4CKv_79p1m26QrIBt1cniz6KGI4s29UcaeEH-p-NWckKqcmXFsoyD05NIfU2DX9VnYHGfp8jC-mhVdrXBKj-C3gd5NkCDtSdQnUAkIq0kKcfpnj3suqrM7eFbnv7VBZSk1W3JrJDO_4EAmL2Eq-QuR30UWU4RyB8FWNnBw0FcWuhsP3HVrekY0WlenklaW9NLFIMXM7pFa8vkINr316AeZxM9O-qb4hE02_RzftHdAqvXwieVVIEIRDbof6J7JWySY2T75rNfMCCI4d2__V2LUiA6Jw0_iWqjUa2EQVBKsRV83xPCsBf2RaAmhXiGtKCNDarEbEq8rFeXZqlN22elY2tdC2ogkjutG0DlBTLSL-3s5uPjTmL_T-ObzPHEANKk2nHVnD_U78Ur8oMZIR6CIwkANUZvrXpk2_GX3Itzycck832q4r8o9SsjqZVO2Hmk-gK9Xre2XS3FxBn0_sZ6r3ObPcNRKY2NtNnC7kJkiWuYj1ZZ4ZXH4BS9hMSwCxF3TcJKUh3Zd3F1jJ5ghqqxVF5Fsey9fMbR1Wv-YZsBxXUtuaCaGXg2-6YKkDH3F47NRFcMtjLm0xjcNy8s7VWm359aY3hdszl2hLjDt3JNdiXQrReKu1Rall-OolOsXa_HPlelkKN50uzhkBkBr06e0xOh7fJxp0r-Nx_87zfR4qERCt-HLa81bBjCgHOC_iICkdkWomtcZwXcqJAfIowb8gqhUnyhR6dPsmQu0jBwUO7bHddFITNUOWI3IkKhMbQSaQ5ChDKmG_ST1acv4CeoqXfBTQbF6XkvYMu0l38UFxHKYFMrKW0-va535fDtguihpOArfKCvcXoPaLOEJpz6vvdrrnbaeIEv2ks2QkAo-f4kBXhVy8jG8w6y9oYJkZ8dW1NCN1HRvU3KvefMHmy3tdIbHUy9Qpd7N6MQD_Q_SdF5x762QWMn4idNTEJlB7ZiO-TG-pjkHBnThn8gylMGXLOs_SPkU3lF-0y4mZOZCgxwDfBL627qLsWS3Z6JGQJs2HnhM-HBa_rPePoV3Mqs8YTY8CEpozgp4Q-kMOYZoqqAMwr8dve_aE6rocMTe5-EkUIQeXuCexyKYXNAiKVyQNZXCmFhyrZt0tVonM3oVYkfrBXtZrP7m8V-wPgHpltQGxlnYlf2nfMjUcmkG58-g3pvt99cADfFz45OmEmFLye_KKucCsDlKgAwyYuWoFjLSG5ze-Sujv3qxS1knroCZeOA0er1rNBtVH1pEoF0YVrkogRda6s_f62kqodjCOpJlbOuTFOYgec5Ot6Av86wqAX8u0vfk-G32DkgcefNTxfUWu6fsW8bXkHVq8hL85cEr4gmvsX8ulbRxPBfrJ3oqfbpxE7j4-hZzgUkWG-SOE8eWZhBaonY7xmj2jA_TH6wakrlpgLE2GxFLfTlsM3CymopW1R-w2nTliqDRyH0F1hstsSimFjJ7V7vHoQ6oFwfDurWjk6tLrD9Qvhgac1zMNBlJwxQNIFDYF9WvMGNDPiFYXNtVIJFFw4OGIti6hdERunK7uESeSxv8046LkOu_EZf2Us5s11HhyU9lkV_BwkkIsho6pFxj2uZ383yPpOQO1fRpbHysUD12o8uJt2Y7fKKKDkKpaQYaVQqp8GR__Mrh8XpBv5BMJE0EmYDfjfDGT7tDmsTeSeTTXls4d_7e04Tt8P_gTjkpfnpDLQl0UeaqDgIXXvKOgTd0XX202Rmcf7m8pPfsxUwN1cbR_SUthK8qrfyeaHbbSG-HcMFhDsMDem30kdQFuPzI0ohl4Vhqw_hwWL6FczGOKiJvlcIbD-CcwMW8W698YmZoe6S2GdEXW2nGxnEiTxuMCzVkA46k89H9TZe-dmTAQu5WjCDGmjL3n2jclQp7ncvlEBaJfGXW2XraQ8rz5F3uXYQ1rLuM3fjpPTkP_JBMUKerwp2swGiTklfbSJIvQ-u3vxg36JbUX-KVLJV5OU_KuwDK9qeqoYQPk2MT6vNJTrwVFBEqwOqb7viSqnR8GsC68oHm3hLy9PIEeBmOTMtzNKjknzms7uWgKe18rw0mUiaYlKjFBmbRGGY533JfFlLf2nm8c0yhbPHf2VSxq_WZ1eN2rzXrASmVUM7nyttrcUjbLfJUhvIl8ZwSjB6tc1S8IUVAWflWJ7wBpIRabGhxwL5ZThaMPd9XHxILF-LzaJCXeBaAtEQFh8ryLQtV4zI_HUQJ2kYjM2SkC2pc26VSou4BZCchE187zSjFE25DFAq70ISbsB-yyLvwfi3w6rGZuoSu7E09Tk6YrORcClvSEfCn0_7gHRTr4PeRgwEo2UFXF2SNiiWjBk8srebEJyUcCl8tiwxA1ii5XTaUQC0zwYknPrlHuH45ltm2z4du5mr0kxuGVQzg7UGndV73ri5bKyAOvvc4TFW9Yh0uGEIChybdAa4Z_x-bpkOYtg_0GQm8a2debP8O6CoIFkWWxM6zFI5K0Naqqrl43_P93zM54NA4BiFWuZEmwjWQpv4xeDOwetODZWXorf4yaJnJOrENujvqi23mwQuH0otZhiixhkisxaMxvfjNDC1Ttev9P6Px-QPD04ppNmRPkSJYzFxmkFAnVAur-XVanfYIXVT7tf05p5JI13MDZa_uwuktEj-TXmsJJ5EeoXkVUrm2YOFv8oE85iwdh34puBXJVo86g5ewNIDQtOu2lAKBp5a9EQwSglKfGAjhHElk9Gq8lktjMD3LpqZuikeSzpjoRoUbqlPjMYzbcTvyiaDkB9UJlm0lO6lVBxrO_sWmcjUkLAso5TNNtMumFMV3ZUSqn3E8x72l0Zvu1Id-KJB2l7nMg5txQ8n7hZFwBSLjxCmeUVUPwfnuQzOKgRpENjeHYKQSTdFk5Mdd2HuM_ykExjXbWmuZJ10wnKKdO2fLtpaGrKv9UYIJK1XJpVZiU8LxvFIVss9UURZD-iRZevRjCKGHf0vXz2Gt7LfXosBHeVij0d6EF65A5olBvWdVGDzPfMad_1cD55DsR9fC-5FyVUoHg5MXRhimTvMRNqzZceSg3ibK-vGXmqrkvYUyh4uKembe5aPgPh1YuwJ5njFsLWqsFU4K-Akr66yqAtmwLuKqwcWfGpFuf54kzVREfQ-8x_vaDk9SO9LuRvKUTlHM8Zj4FNqq-HIpTUVWG6h5K0ilsxEREQCREGS3kLJD0QcqTBrrs-OYzNDp9MyxatXjGKReiUTpuDO_DJwPUxtJmggFXDlqyT_VCsPU4W1RmmtNu_Zw_Nm7Ojypcpogl1ctMYHJiAUaBZBNQq2KhMYp8sPTAB4RA6D3vPDeS2ZUsynDA2j73HQDRiBk57GwcedmTVtowHaXIhXPKyZE_SpfZb2bnc5mFwR8qR7EXHZCWyxhiU31m8i1hNsSu0dnxYNhROYfTgyK8mk4p1nGXVSjLIFJklkzdKPoAePaO9oGuBnkdsixOjUXMlHgWNf8nYRvNBPE_GuvW0mpvnx_qS0lpVmgMh-vwlI4p2XLsI3_z5GYWnu9EPKe0A_j8HJDljuZ8vsDiszCVyCPjk-UVvSdzP7gOuIyrP_Mwqlzfcc9VYnRkCBiJUrX4L1dYXNcbxZsFB0_9bqV1ybRow5LNKQq4oYfjIwEXE-6hhGlCtGu95lQnJIwerovaNSD09TWWIGDFAmvt3_bc2yZXQI4cOm0wfQFXIntl3PoPJczDXRKV-PUbK0R8PZve7NGFSFWFCSyNscLKSUg9gN7AP1M692VUejvpDfVaL4IOV05htKB1wQQ6P5YWNGVkABg7s8nEFaASARm6SQWiDugtYEBlnVBGCtGuTnwNMQZMkRF-6XLWRWLzCn0uPLnC4MDkZyC3xI76UBj24ZpqR-NcTp13NuN4262z5wRL6FeW6GhrdqZDMBBBc3-qK2zbHJQ50I3gfnkjYvsVlk3jHMeoA&cid=CAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=114898442525193120&adk=1964084972&idt=414&cac=0&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 09:08:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70525
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 09:08:59 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E3EA 41 KB
13 KB 87ms
87ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C7ExpqhjN8PX9ZDgt1O2aOGZ4K6tWIFHarjC1JjOCJEvH0QLU6Dq7u6f5oT-ZgGltEDs8S700GIissvaNZJ7VoZxF_7CHsINYrYBZtKZxM1NsClziYkMHBNUdwfhGWC-okqy9MfJFkoWWDbk3hfV57NeyhbbNvuHl5GwpMnAwG8LyPnGc&cry=1&dbm_d=AKAmf-CahcDLCrIdCtLpx_TsGfO3r8D72RGm2Bvi-mL9T3C44hm7WLwmU_uS6TK3sZJpc_pYvWzgj3qzd69fJf-rd1gyFtKdLPhYQPtETzGwsLqiMxqiPMlm_u66VsUexJlteBEw3c7GT3DJ1MNbhcHyunIDd8usMOrd1p2CsviLsZHcfe2xsic-qHOdDT79mKG7ymBrXbNyb0NtCIh89WQR7FoobtQB37iEWkg8xgkIUyyV4ZCxS0A2udNxjrAUB_4X1zqRQCKYpSvemby_N6psCaa86RGxIxewiw8JHrJka6EufP-7T1QbcRzwLiSKkP9Dz8RA33b-81l5T_-g44YrWIAt6a9fD32Un2BCb0A1ZiQJeeSGiVmNQfMQuPpi-9N20tnpo_Ko7O_eAziCKHb7g3Lu_u6AOXiwHPERSPr2O0_l-jPFOBwuxBk7SAJ6ff9LzdusSpJfwDkichQV6undj95zT3vWvntmbSeN8NOLp_yrCARTS1hxICJwZoGR3UEVg2K5j0PszRt_XQ2S3M7flxT8oQv2jqX9QRKuYEc5QvI2XxSbPr9Zmq0ZHh7u1VfGZ306XmWnKS97Kni4JvveSt6KkSxuB9R5Huz-v5VGFjJOrIuW6OiTThWE5QK1jQ37wbUbUv0YUQ_E_5KYw6tg0m1kQfEpvx7zZE3wuqdoptRpA9wJoLcAt2yBWQ_Z_7WK6cYhRdrrkzzHgXr8vpMMmHsjZWJbfjdVEcWyc8SL_JQprzkje-HEp2QIwT1ACOifmMjPUbRKWVCgQQchHWFge5EH3dtUrnSXJNxdNLQDKFHVwNbipaAw9c8MatoqdjrGagLWA7vFR06A2QU_TqDp6zQ5TSsUXU0FWA8WQ1iSff6XkDiloPMRMNjMt_BOlinDLlpqU54FWWyAODuxQm_-eAC0ofN0o5Lh7x2l4iuSkbblaId7VnxKp0xQWQqeQHrvLJyFWwbM0dp-k8jrEY-MPq_azYnJnr1NJxj_ZHRSxt1PWtu-Ntez1W5J5HbgIW7DAAy1EPD85yOGT5YY3Jl_1EDLEHeHoMEVHpe1-KOXsaYxzIOVb9p--MYfkZwXvnfjLavsMVZ_Ilpx3geHdCVE48H_pThyieEf54VIRhaMQpeoBB3EDqHymFt3iJwJE8wKArWXZ9-anNhXTvAIGKNkRWcpJMTERuL-FglHOO_yTwFlNQbWltfjUCu4MXQiSYtCbYpVRVIrkjsU_jv_ucT_96UNyuaxUOH4XjbPOcaLrNTYB3hmBAGrs4Kq2dub1VCarSAsfIMaQyda6pfqHXoiiZDTQWzNxY9E7GLO77pVfSycS-LnPC6CcUNLbw-lLatPpniBFKS8wZqkqpoXCidhp_0Gvw4vNSyrQi17DJaPZkYS8856WZRVcfXb0ySLJnqo0HndwiiKLafHlK9WDTc4Vp_J2YIl1PaRsAjgJ-iER7v06NBrHChJOEYrpfNNCqMy0GhizHuslkmcuUEPM6XLDODYgnV0IQcD4OBJzKKm9_gWU4c_pcae6OitfrNUvhOmQRyiDlFALr9bRg1H9Z2iOOlaC_gYKYjUIXywILqMQpETPHqs0IgSXZnoveHZh7sll2bHcxlUSctwG878oMq0CxELxOerqOJWO-Qr7D_mG0Yhdv8P0iiCZczxvTOssnLiZah09Ww5ilN1oGN8xRL43jf5m2D99ztrwdJvvliK0v-K6K7X7_EeT-5xbFkIXv17GyshkLiihm48-cVi-0IKFgpk4anQiKtxhKcUSNaTllu95YZ03gyI_iaZ9RbseP7x8ggeIgalimxXqVyS75ZPip4X8ag__8t2S-oZiis9N7Yu5_YNx_Ei_GKHA3f3_ErkfExXa-ZLwebg0Voj0ft10iEuNeP_KIhTmYKAh7qF5spHaTqg2Kiz_4XX_EK3ahL1OgZ3MnK8mU91rtQd4xhRBl_SfH0TVDgRiL-zKvVCmCk6I1vaC5Ll5VkBIzx7uZV35Va9JTG5kRSjsAa-z_hkGy9wapPs2qzEztPoKW97Kfehgs4ha4F_WARBmQkPOfy5uDbb30t18elNH4DAyHGMwmljydl4jL47b4SjdhOqj8eSndp5tBFvIlGboLP-KynQMn7YuVpoYZGS1l7H4Pphp5rDbb_yHkjaU_TQokC_PRpTq3QmYZfmRF6RcPPLEpCANvzX1YqBj7ba2eJTQiQp9o_LZ583U3u11lTmJtuyDOtixfDJzhFOyJ4J_7eE_FWrmqbDioKajZhiCFHlM9u5keVZyoHJ6HEjyAXNtrqhOmehtywzPLkm5l0q7M6wP4UHkwtoLftSWhcbrfTicwAlHpq_MpBuAK-6lEtt7wf4KREvLwOi0Ban9dwzM2VG_-2wAFoAIqdLbAgr9rsXEpoGynP0wLv9jeGPudx2CYA8CgH-2lS3L1dHmKu-YbMCATmJ4M-wEwiGqu0O3WPF_26AXr9-ijMMYIY_KrukM9p7A7mS2AWs_YP81eYMPvmwJ8qwBgGizitedfs_Twq3yTTAOiMtHjxikRBwZYS_Wn5nUzBb5dHXnMc-GNE9LZDyrcxDAe6tjnsIG2QpjQNCK942BGmqagk4Tylf3PoYpGppuDqhnJVRFiG2FcUm2YuuwzC1l6dMPuWTdyBhTqkube-w4zvY_RpVWQkSrfDLHJvtx2K7g-DPHmZfAhkWVuBGykLV4tJo-gWh-eVpxCcGr5909bZDCAJRHGj1Zqj51oP2fIM0pytoplgTCJ6Qlu1HBueDdFzz1ZYxLJiScCh0nQMaDprhbFF2K50MtX43blalzATB1V5vid8N8F9uk6mm3nj5v-T7ubFjXeTqVK6P58nimY7HszUX03GxGpWJrDKLlpdYvFbs8QMsOYSlgVdsMCP-Kuja31S1rZIX2RjeWCtU-w51YYkRYtqpEGvqqBVt-NhHcK71w0KWOw2H-TEIdYRqB7-5_JXQNKfnpMlaIwaU5lmPBfHYRgJ41VgpD_xl7iJznAResluzNAS0qPcKysaswPOY7ffi_thB98QqknoQaWN31FrrPpu52WrWEYC8Wh0AAjZ5tlEil-Vdh8sgwv1cooWU9YG8vy48KRCaR6zFJSDlb6xN1dNr7vKtw3ekCBwKOvuzbmm56oArL6lMWx6P0JeIiamu5Zib8PXNDJda85OGT5ySIebOPmgj79qwIGKIKpNnWfF0f8pSrojPC0xDWkMvwNcb0jRw2Crk5eLrExbzSSP_q-xma1foEOBzkFYqCVKM01tkHW6qc9VgvZj3f4-se0xremhYpLoQbbLqB5oiIAv50LyPcrDvMszGy2LMHIAp1rlLQ7r1BoE34pn6oR02XiN201swmnTGIVHIBDlDclBnmvzsPefQTE8m3RkV5j0M1aC2gJYgqAUVCbEUeuhh8S9SM9HROd7d9YO_yt-F3j2fPsWYXKCbGTfkLa4DKFcV0sAtwjLzY4zFpuYcXGVj3grYrbx7bHiE8T6XCAuff-hu7Qf86FAJg3Ab4JYSC0xLB6xAm2K3cVSFJQz0IBqTONhsVT9hplJ7jrDNjCIaXOQVuq_e5Nm8Ig7O8ssWV1Oj4zBLUQDpwLYB-Tz2GkhfQ-Ij3zdPxKNiZkq8x4LQ4Gs4RMWGZ-2sjJ9geBEar0tVHEbznUZDoie9dWW_NygpzaYyOytoMVzhgRMF0pokQLjyD9qkT7HyiDoBs_oLuKxrAP1XWRV_D8wYvzr4Ey-KzuSwhAJrwei70kUk7W3GmiNp8HmGU8JNN22A5ivucUuNv_xQUK-cZb9Q_9zShLJrgz-ame5AIPRuoSmD9pZpku970JRoRBH78lSX7Toh9NRYF6PguHimS4qQ8P6H-j5J8r3Ru_I-lFlpNU1-Tnb93-d05VUZ-XlVceABOl-zp1ziCDEVkXk2FnSCAeuZAd65BK_jhpyud_fmEsihwn0cadQf4so1nJGKQEk4QMxT9w6tZMk&cid=CAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=41534760017471460&adk=3047537735&idt=406&cac=0&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 09:08:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70525
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 09:08:59 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 66B5 41 KB
13 KB 85ms
84ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DlwCzGgBhr8PjwVes0vEF1Lt78imLrxiVX02BFabvp-GbIOhIDRefice43r8aZXD3p16ih0KbXXpd2AnOfJwivJlSb6io4Z9OhcRelBr0VvKF3MlYdmgxBEaSU5gZ8OjMKugAzwwdflNOTHG5CuHCj5meZDXSunCg0H4zy8RpB3e3YtfY&cry=1&dbm_d=AKAmf-BNCuCzVEolGdQk9jmq5ZkSwjxIjOK7b8AIF-boiMj2ihIi3pyX8im1eyKdmiHlF-MgV-l4g5eygmA9YKCrB3QMJbMRR7MUSzbSMpVLAlS15oTjjCXyLZn3UB1mWuPygfp6-nh0NVaMNmqtVzIHfgLa8-FcbTBqg6BO93A5ZdUhbAO6Prs5HF6cvrJHuxJ_mjrvtuxBbueDJgGLKYNTFcC8IPeySn0TsKYzrVTUxjFu4-BTkjhagfRWUnGLWBrLK4FMoq8t3ZeYOCyhhwmL6ot3tPRU_BVrq31860Oh-5-dnuBdF0tnny3epjsDbUsW5pkybTcZTIR9o-Dk-QpTvh7tPFEWv63K39CWgfPeb0xTNaruS2XoEKt5J88ThVl31tYKcApLaG1k0H3z7mv3rLJrkxwnYRhrTUT_eegedYRixbYIWvC75AROVTC4RKB1sknhrBNaZzCXHfBSaoOEmsigjI_AEubXjnWDd5xjXTHq9RHdnqhLccAya1qYBjSZk9GZEzKoiMyOWc339pQH5ZgW4s-080sj34C3DrxFa8-_OFwwVzPKDLeVZ1_yixcVM24qMF-Dz9R2E01i_Ubp85A8gpMqvXwoPijCchWhxkeGnHnwtlBj2sZDfioaEags_cRAUYHVFOmxM8_LkJ0MXuqdb02ImoAMSrmh5Iy_YbDkMr_HFle43VBjyh5Fc3WX2nZinCDHOHkc6Dfj-7V1ZRn79rW6KMDHMCc_EbxQ8u-bsfxzo4y5G6640BLSztM0gZ6xbbZ-xWhl4cYvK2WOTQBOx0qoKhcka-FBGy53t2a6M2GrrNvxKCFmGit_137cYr3udg5_H40e2sQpUIK39j1CDxjm4D7Kh1Dg5jSkFeSou2d5e31831LuQ4gcJLtYUSr70wOmZSmwVYTmmsvrUXNgGv2MNluLObv20TzgkHGYEl9w3tJ_dRs-y2qrJVhy1KCR421-YAPXT39_n7G1OXJ6jC2tZRSISvm_jID9fzhu7PKkFbOIGoaL_7NmQJGhohMihY257wXMVIfUg1Bwf0w8ak6D2DhkiIEXsEZ15SM2dv8ISTqV8R-Vqp9odrmgtf3XOcaeZpRl5NutlQONogDLK6BBhVvuvH1GX5WwEZZMLddYxdoUbmJt2QPW5KbJ7c3Gt1rTkA4-40GdV5XM4mjrvlayxp2rcX4wi0KCsyJHfl_kWFuwzgH6q2H7SJAzCM4JEJfG8VzTRNoKNr_E2akZrNx8m_2HiFMMYh-aOK3pW0XlwpwTotEbcLXJNqQrC6ue7IVVlZz0PVthYLv286iW0EwPHLt5JcYYmXwdDvhrZ100UHtclyKqZnbidsesy2qTmC5p43hz8mhAkZ6i01uw3ns-XeNDZJAEfYkCB0uY-N8tXQDW10I7TpwFT59fuNaPJlaSPgwfGrsCOOnqm4PCN8GBU9cEsAeVzSgPY3N5VIUL7pDahUx27Zp5TCT_0OQaLHt61oVGeGZuyKJTw-4hv5HEloaZDYF31H-jIUUWN1-QB1prdASNCULKNQWlmitCOyMeYOlk6dq9bu1E-eQLavugM4Ii0tYKx52BsqF0GYlrPTv4LnAXTBAhu4ZfSwqh6lFxn9D1na-zIvfOqAZCoANhPWA6_SF4QPTgIrrNIKEObgspoURdy-ywH5pDKAAgN9EoRftwbI7HK-1uSNbSKnzlVI2vyqvRLU5TdsPZuUHVgZuY-3Uuo4FUZzENcfWMnkUcDf9BleTWaiMHEBd1hdqESuokQbxFYEXG6NCDTOiaiT_kQYVyWhHZwVQmEUIVEUtz5gk3HsgE_IP-Aqj6ktpKX-FSzsJvZ_J0x_4VjHFAjdZvswhMTXKx2bTYfkJNz5e81XdIf6cIzpPDOUpr7j0LWw66_OPSZEYShNha63khbXSYGZ4oTe9cBpe_tMl-dYrsXBDD5-eFk2DrWAR4gyZLHcSGTdqzRbdAuZPxrzG7ficM-wVYZkYzQ2YRgMroLvCurLJH2_Zzri2YMkgoj3V66Mr9v3hpADudZVpMp-a8GeXNtQEoVoH5eZxsDmfazDOqJeQRA7uMMxPS-MQAZ0-YcsBs4XcxT6TwkTmskkh2-qQd3XXvsWIrWj7Fogh-6H8QCN37UqyQXYJ0koxZD-wtNMceHuML3e8ca7oWaPDqToG2mtX-Qht0dL2dKcPRPTZBbvsKSEl31TGrRULDiY3tYQD62IyzniGWD1J-BnlmZkyrYoz-CjhoM89uCxv6n3-O6hDDJQW9bispI1_aUSd_Hxn1ga-H4oBBoS5otvZ15vR153RLDDFSTM8URuod5mypf8p2FucE1Fxt9LlZot0rgOivAKThIp1wXUOZP7xll5MqkRhwx8wnSpQTz8kjmvgFU7KwloatKhSWRzfHnBhKosqdOTnaL_ZrGwifxrhlE_bEKgvMFka617Xy2yaFLXgxt09mvyN1SreINg7Q5XNOlkfbbWF263qv1JzU-hszUZxRKLSSrNNwkqzUtWdGUquKz4iPQArdBX_QdsUmwGjMHINAea1RQTyhLcZezxDBNwm-cfn5hg6sjqEr8nmnI33sLmppchDqKMU_qr9iEdjmxIGg_d4HI4pPS17MHCgidTuuhffMd8eoXf1vsHu0qa-b5v893aQKrd6tbzwRpNB8IHG5jBaAZ6Zt1S0PEhPscuKdUl7CC-XuV1Jf-1PSDHL7DX5ZYNI8WWATxoh17tIy8uSh1swUrs-mmInwdeZNjJWPP__6YGwuwXsLzdhncFkR5wM9-Qw5LZmZjPc4hzlAJ_g5focBe3KGnyox_XHEpGoMLCGZ0RyfYsjH9Rlr-60SlVwpCI9Ufh039wazK0-4k_a-7bOQCnXvDWgXMj6ItAAIBbpw6BhGpmVhSX5Sds29MZ8fbShMoPVjkVvnuTW64iyClpzKbcvGxAqVp8E42SahsLg3PSuNiVoYwdKwowdtdSwCHKOTk8kUkDArrIyEbOx90FePmFEVd7HDjrbaVz-iBNIW6EKEZRO6xzFWDlaNKX9_TgxtQFWucrjIXJGsvcEEmk3DfDVJvlzyVtEeTxKbgPZafCUnTQ1wmTWQnHNabAMBWEqpFeeaA0Jysw3eM0Y94Qm2KiWSOWoju9q22VOcXq_FwGfb39QmKr4y3DjWGy5WDC49Jl5l1-EqUAmqQMaqy5nFcIxL6PzwC0RPo2g2QV5OuwURSY288X5UoCLAmUSSSlNxrEJIpPfxS0NPpdCfA5X3EN3y22SMS86JNdo22XQfjWvzOVaIPJE59W5a46-dG_fNTKYLViblvVS8ycJwWJHhgrfQH4FKfHhNoSE6fzDE1BLPLUMZsTLFdfgf5PNE8rJRdyzf6kcNPjqZSGFJoKupIeDBgOuKwo7tYQrjETAPNd4oQOZGbdJqiQ0r92Erlt0LPKyOr2sq6CY_XrxCCKGnhNB9A9c_5OjW_MQvewZxqQZw3dbCj3HzTqK4uPlzVla4bPm7C-RAyE3lGUlm4qIL22iEMTCSySYjTCnRjAnCbx7rKdMzKp4zXyaZ3OvyOa85kPOxzUMfvk0RwFhN0uO4AJUWPdivpTa9106E7c5byPpVtKsZFsvByf2jFh6vbhhFhLyeI_bVA4TmLO24B1Mqp1CyXbTeDeplApvX--jsap2PUVdMqNLNUghnlOOyBsJ0kqOUwWp_XomF3_yt1-0Vr0D_U4FIlx4a369LnV7-0KhL5Xbg4QVHQ-CJDhRju7tadsqO9E8GHGj7fbboRwla9EppWw6ieqM7-9Lsvcq5_ORlzpTIGhgLqh4NvDVJmHgUvc49u241-STI9-R0vdm92AUnl4ck2yRPSAOFnGA9ZPt_ShMWCAiGcvsn4pe0tJsmmO1IU4v_33MHVyue_vTfWx56WMaDAcrWV-uqymzelLXX0BwQrCIvyequTfZT8E0T_BCXWSPRdcjxkCX1d0vQN14zrv7WlYAHX2M&cid=CAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=15218381105736794000&adk=250412560&idt=470&cac=0&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 09:08:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70525
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 09:08:59 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C2D7 41 KB
13 KB 118ms
55ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D9KSh_Fel3kTVu7QkrBzirL1k25Wf4zlN-IdEv74roPWkOZbkJTE_7w8qgbpafTPh2vOqwY2Wr0oj3nwvQWJXNG2syEt7p2iyeMlT7-KWvPZsqLwP8NWwYgzmhj7LfCXpCEM7EG92gN9nx8d0OS7dcXZpfXUxXDXrt_rIUgfxJV9psQJY&cry=1&dbm_d=AKAmf-DRzuGE3dsYuVhYXEph8OwIuGNy2xF7VObpdU5cLh1qooV0YLmTyYq932gzaPoTmtAH4-cntymOfsi7ukYI41gRejp9loxJZDQEXysXryDPAodBAjXaphjSJIXEHBxap5zTuEld80CKIpNzm0rqDs26fr6aVgzqDkAEBEkGtj75xC3xiRJ7x23xL3w1_xy86MIbrnhHrwjlqjs1x1FeG72flKYBnHxxoVQIqXOpy67gFkdZjIYlUuYs0t9241xQrM__QjHRfGQN-pplWbVJ_NsXGD1JOvBGhLf-eOueoBrAj8kBgJt4r815RH0-vumtnRg3jqcuguf0DMCI8Gm3l_RScB60jauN_bJ-p4zPs9llesSCvAsdHiJUFN1T3yyofS1IMKflziqux40qteqyrNCVWltM0PvMmZ6GsYnpDqeEVPTXBnjO03gQGb1-QrQ8rDmwXnaGzTZega8BaFSsd-ZigS4Hg-D7Z1xncdFNmFZSpMIzp4k4NGQtFQzXmRVBxTAeihLWVrEoGV8MLYn5pVOrJVhxgNPcPTAQiczdq7C6Fx4UUChuhqJaYcEeOmIij5SYSAfM2VjRoMf27o_3HnwC4mua7mPvk-YwvkWEZvNG3vrMRFE7_vdXEW7_a6_ZPi21918ncoPw5LGgYUp5jFasFfwVuiCd7aLjXMnyISaME5nmje8QqPcgle_cjH235hD2OHUepjDYH3Q2ULGZ7RgR-kXNIWOOrGeHMPzAUWiePnGGoUmuJpPY-si1gSCvzgSaj4QTgoghmK3Yn02gDItmoKW54pfE7UNdoeO-5hFMMbrsu4UiXdr2ZdZ49GIyop_VZnBhQ7FQiE3MfJPXWJnq_l2BKTb9FbBwGNsukTi-uOwSrJwYU2Ww9lQWIQRys_ESaRm1rRiwWoyiu6_uwQKrWkaW80jSI6tletWJj68OTqKLoLWoVMn_giZwrX30RRbhK_ltdDc2UjhobzCYcxUjKMrQ5Yr3edZFOoXWwOWT2zi8v3GRYIAFVyCP7Tyy6G_5GvYckMHqr9L1D8YZXYRvJKFs1DRgtcTgSGbm7yoYGFojfYHtrwIqH_hkcpZmrjy6G0iXihXVvXqJTb8-nQWYu68GZ-Xmzv_2hc-fZEEiif-kLhsghwodthefkY-Cf8P7SV4WrF20KAwh7tqpj3mGKRAFiRbfVW8TDSC5v3N4-Wu6cA-vlh49SUFT5XqiNwdnjD_u5IYObqPMYF25juPQ-_lC27KD9OFjkvIQkx3U7BR08SrpSEsD1pZZBMQfIxq89mr42dBcFc3sPuVv5V309GPtIpDn5-1HzCLcirsyeqryHimwcA3NKHvS8lDzhFhwp7kLlBu4F19IgPrCfvf07EfLDYKYmpUyz5GGjF7PqkJUqPWPLfloL94M_PIkCfiGnxKp8AvbchXcDMwJ3mL42SKNd7uFgtOiCaSLi8-pPDPGPECbs9Zj6OuSWrQX4CVwkQjJQuBoFq-SXp7KbSMstESLOEbWUoF36k7xEMGOgoHzPlSY2n6j_gudgIX4JBkvMyDFOaZNQ-Z1GYr-cIosOeQUIAUsXPLrh8SbOT3IjfxbJSfPQ7EKOl_Qd4edxQJaIYDw_pJXRXg0OJDIx2vw2GJQxXeK1lAi6gy-rCOP02Ux4gxnfpNZfJcwBrNbR8ybiiocWEPW3CLpGxELpBUpcoBkzCgL0unP-wZLNuwhNXMsqzMYBbaNAkwGs0X1Vcv5vxVMIPNbdjdSM8BLUJqtRahX2WeaYpeZidri4pgeSlcAPP9Z9i0KD9FaICk4UkA2WPW3LW2f5fldjARLuGaiKN5mpTqfFcSV2bD0bG7X3YZxhx6rPgVlTGuorJi8407rbdNLPpqONbP8c-kxg3s4FDyhqUMbkr5Kag4X5Qey3-v0J-cslIjDB2a-T-Q1jMdxyIDCNC1DUPhbKOZloFyR_ZML6UpvKO8W_aZEbnHEJPr0QtMVN_e6UyY7xD5nzWGkAkfIjUxsEakycfLI6wqKgeS4AaEo_5ghsVA-Vcx5RF063AKC4pl1BTIKhi69aTQrptD0CXZQhHPuYcWKVr82sijR--2gjclvoRYytqqVYef72b1YG8VPE44lkX-64tYkGIG9XmOvJ9ud2wFBYN9-5NG7MX32joIFDzRqlF-5wq_-aelqqDEVvTdGbHde9TAwomYqEyxO5sYVmxIh57T6IfSOpjzY_NWFAQmLswFHGYRrYCI_lDdN7yvtqJCPLYWY4hzjkF1u8e8yi4F-R-m_gCS-YTzrZ2fD1Vrf0_KSV7rCd8KQS4tpAfAQSKaJbrddfGPy63EpU3PTqUxv9rJa-PSYbZh1q0HGOAjM6RYOAVe3LD3efiUZhPZQRWA-9BBS5GIADt3L4JT_XTClbfbyXdU4hx8WDep-FeTQm0wbSUj3bJkom_cQvpAvo3WGULeh15HWv7R0aNWB6ffFbSt55jR4Og1KRzEtUtWNzuQ3DeetLO_ouDE1wTjYI4V7Vxr4ldZjuaMIBl4osSG7yruyZzGvkIwvxAA7CK5bDMe-L6YqlBkQuwjSpeAo8wEQyuX-UQX9xzMoHaqL6GRq2oTk_w5iBEXFM11AArWPDrOuiLwAxfm2-Pc2-zoQf_5_TnlO9hrKuJBK0D6pWyMpnhZPJOn2PHUzsZSoxuWK9cdpt6zREutcBQLlX-Qs7QEU0YLj3oQTjJYJkyBoERDqWwziMPRXRdf6D_1K2gpbUNlTMGI2p2NWybDFErj7uXS2N-TdbNwSfWQ5cwhQM9fywRAiOPVE9RR0-dp5RxoCM_7xWdXXIpxpaq3FcPsFWanES-HyB9m17qNB0EGSBoQUK_TRrP6wkNzLNBLCjg7BlknnDuNfyzYgFgW-hFBDJrRXUiKCeqEsc8GbCUPgrZ7NhCtgv8qsCqaIYpyE0r1wPGrLGLf4PwjNFeU_ISMbiY94ecy-inK2g3fTB7XoZ9I2a6ydU4IaQRk1v6Hhz-FgUyY4EQ7cvnHrnYakfiIuMRkP66nXoCsQ-SDoXS1TFwEKiD3nDCzKAmQ5q4gY6NoQuR7u5lmfsMgrplbQL81TSgawXKITN3POhix5sbHGSWzc_WlCgFhxRrur7Gtxer5ROsA-YhLAgkOlAsmXQg2-dUKjKvMyhSf6R30jgAvULDasg7OZlKvUXxSHclHVGfCFO8rUTvzGq8kVnDYB6zNzvFoXKq4vsDUkuTSyzFbjL-ZNrEbpup2gEv-qGBW3OX9qEomKvj42Tj-D4aFwF_XV-vaW6fgpK0wR5KpGcrnuEq1UUBLUVhuilY1flmTI9uKugcgRIHSdZRzyScO2sDlr2ya05I2v70V5zS1W8ycpIvN13Pcl1w8GSRxy50bQchcQNsIrWKq9RzTG_rC6yw2pZqKFIcUJyxgdzFA1-SPrS43SHLXwwPE1sYicr2kBz1-XQeLfsRruMoNkul9aFtHLW72vmWPCwRHLpF_RvJcFBEWA1VG9mPCFx24cBPMNjM9MpYMqtga4D-kELPMuuGHZYaetrK8DtEgxuDoLNzWYzapzoAVkIa5wHc7FnC7Zvj4cc0L-TadE6B0rwsTgMAL_w8rOqH8Mz19YhypyqcprT-8z9DyBx65JJiYLC-zC9qqAbDwQPxt6HWz0KrNsliLLnHzMKi1VYHDqyKiUiAxDfCPp1ZrwUP-HtUE_2ZicWvUIvTNhH6yDf3XnD88o8C8fz69iMv3eWkPbSoerk9gEH1lpMz2NkgjtHH9WYJ7L7MuarZ4ZA7vRqRINVHUzvV5QNdIxVx3AwO-m4HMP2OkvR_OTt_q_Olkw56E2bK0bQ8nCmn-sdx4Xf8pWmsgQD7nnH3z-aM6Sb4FicASUSQw2FapTdDlBGtchxbISSVmDzZpjudYWoFQK3GysNPH_ozg4F3UGkBfT5lBG5w1iHTiGCZMw5wtp81IyQX71xl2wR0GPcA09QGtnxZI&cid=CAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=5296299607446345000&adk=2228999115&idt=443&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 09:08:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70525
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 09:08:59 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F468 41 KB
13 KB 137ms
75ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DoW3vdeNexcos2jBK2b86sIKweg6eIJHVFHk0XJh3OmsoTfQMjWTjwNp_PN7cLmZS4CgJRIwzXHNOxWh7-1mlsHs0cRKgkxR1mORyBL5FMg70lh6OlpKdYv8WoziDIhQ2ujzho1pj0h_vqltEqXoIbu4_YQdpAUctTf0y3jfsuhUYzVZA&cry=1&dbm_d=AKAmf-AFhRCdtfvjbgShVJZEJtQuIJsb6edCbohx4xF5Y7hNyckPQ2NZfb1b00PxsmB6ZvePGPpPB3VlykAjWZMA7yJhK9DlyrM3ItK78-VKQGdIBcYyTShp3zV71hAbEPlFDW_WoEkhaEpN6-WJ4MjbVT_NQ3fUCJPHtJkYGNCCl6j5FATP3quFHT6faFKI0rcDy_-VwI6zgrvz74GyMQp_9iGUuZzV_EnEgoSmJVuhWxvU2WgyUm2jxVh0-Vtf4OjxAdeys3Nax2_1neNyu_O-KZGf7EfySqfB_U0db6NTiDGwVXJtrjsdEi0NLIjNUEIGnCppdhUeKbj5EKiTR5hZ_slHzEBcWv5WnJwqdVx51oyW8D_YIr1tzM_vftH7YyKEp1dncOBxvGAG2YeQaf4dZBI_gEHAUACUgmVcYI72eYPw1b5MJ0yjApCqaO3XVFj-UEtU581vgb2u00poiBv2-mXz9LbuDUFKOg6MZolmXM6sy1adLw3w52LLo4y6u5rkP3qbY9exkj_XjtO2qD0WrxBvnbptOXnmTtj3QbNkABjBmcU4Xb7DHaOIUflZVpvKXolN-YzaMWpNlgM3YMY1yMBGwY83x_OzMYtidLNIGpVrGZiIYxKEnkLnCAgQnS2eeHZlNmse6V_is-23bs4viD_jHPFsdUCsGYqGYrT8sQ33Wqfus_8RYa_crL8u93W5rA-vEwulTZ9zfCH-OijSDkxmkSyYGDt9QCBmsUcHEuzWqapjXTuhco0FwBwQL67EmZElsw1TTRHoyR50hK9nl8J1DyM2RxKm1bKLoSi5h7EeCXkaaU1ZvSw10xx4tGXUEMRVABoRJgtrgMHJG2Pmw_YSBJ01I2UA2FLR_gN-wHW9LjJLMNID-T603NQYqdv0nvz8VKoCp2-P8x18E2wWO-xRsRzUvWdNl1cN9fbucStbVEp7BHJlrppGvFSP_iFOJLcDYES09ghwiGSJlGVgwhGugaZbSfWiXQM-khs4ExZd0EBxFBfmiZA_hua8Zu3sP9naaAyYWCt84DCz-b-2p_JfYScHKpVQnGx485Ai6mdYYQvUwNOTlQhKcjP_Bac2bMlE5Om1FKXrn7gAkTQ1g1yhERCicQy0tVUzPl9cF8jfyduVWt-luHN5ulcql5HCNTjeqmaSLBpTcEpKMOa7qPYk0J9xIHSruAHFn20-6Afr1-3JhdsN2DJtddUD0JcPbXTl2FlaDlarPx8BPpA4XILv1iLqymR3kDJwa_878uzTrKf-dV_ehX0fL8ilaOCpRD_jQuU4a5LfYINkyB3TZe0ejTtG3SkaO7aoiYIzyRvrUfF3U04PIkKmCPdQllu688s2w_pi3-2j9mtz-ChjontgWnpxH2hkV7XMz3z5h7on6--O2FfxknRmdsAP8lPL_h7Q7UtUdhmDjgkyV1b2QnBxIpm5k1sccmeKBvuE-q89OmPK_wY6gTSp6jMN8NS2bKnI5fhdbU23gVYU-XooYSFl-PvGZXCamciXpv1CMy3aFbmI5jDppZvfogo7eBKXL-nTrYvJ64kvKT7oNuz1igTxNKXBMj-orwARwIQuJ6lK2RtJNrgOhar25BdetGeyXhjwjQlX50FPXL-Y_GSQ3qHZ3OZZbuBRX_JeSGNZw63fGHj9LSXBWXJWlKROsyg5RHbTUHO-P5ccr9IVDe16XbGCbqFUUsQKDLUnzjqncS43rMjfA9ekV-2ja6mteOsgSlv5H5LctIlehyelTOLzRTqwy2mSvbygpPBEQUfURSN2Q_JMMixjU_uDXjJq4JnpGHdgo65MoUsGBfmBHevVTStInN0BHFWK66cRCXceZe0kb3wezC1Hve1hSgCrkng-sgZno40dL0H9OogKgF0xawxw9II7XeB1l6ka6CkUVYwxrJdoCrRHBHGD-vuUlBv9oLzzqm9hCe61kV3aqjg7anIi_kr2GKza_myhzlDJIZ1x0LAWulEbptZ0pm_NhhZ8G-ziSpnJGYUZTpE77jYp9MLQ7Tqe-Cyx64874PGxJe6BnERly4aT_0w5Fqdq5huyQnIRRqdkBY8vAct0-1Y8XYixgqUOREmKwsagW-SAMrxQXGUc2CnAGPPMvkrRgGDIBSibiJPc6DfIITH4GjKID0JmIVs4YhsrkuH6U0Jdp42WAeAAKHoLDGQsPTzEo4GxwOseindWW6ABP8aUZrmJqlQGWaJA8JPCwFMka6VBJBDaoJoChFBEMr-2RpdxNjzsBz-OLM12tYzBY6dVFtFWgXZWBest9Ai-tAvKvRkuDLHWqDjBIDo__xKTMlDUdPaByPGeLlGipeDVlTRFYWi4l4RJ0qsrDgqbzot_OSac2mCJhNlBvinkrVMFj-ciBsc7F8IsWC6NTeOYeN0B4wiREoI4ekF68383YfCseAMfLCeeRptZGgfiaryQCFmGNMIKChchSXrqF3TSOhVsMezKcoaQy4HEdXR2YQHAB36nl3gmlilo3ZsUqdmraru7O7gpF3Hzi3sT6UINvNb56AHaoK4AvIvcpjZ5vf52dbYYYhrLcvjaJZ5FRPn4Qeeb7BzirobKNXLjXOnCION5tr4vDS4t5ynEtnAIM94UirIVl2aMl1DBUPOeNWCorEPjP0pTDqwFFPEXjpZDcFj1Gw9FdenGYe60OiYaaVNRSAixtwEzvZ617bxMFCluEmTIuViPwD4NBZk1stmsW4D4atUu7yNdEX4K6j-u3hDOCi0GnLSfrLtJXTOPcMdE04eO7CTRVLvNBUtYvAibg4fE-qF4-YuzLw5YdTm3ChCpkET9HSAjiSQ4AL4n6t_jcwcovYMl6ljZ1zED9osfbobWJH_FLpEgvn3cnfWbXvvP3CWskflIl248rMPPBR97bW7pw4xKizoFzFuc1VuDWGWU3Ep2GMwl8y0rrrS9W8WuJTT-a75Zeh4-S1grzf-uMJnvek2qxfP5WrwL9suAireDRr3Ra7G7pBmXMKCjDCMo0v0GJIEF1wbs_I-WFLkpuxj8ExmvrvK2AnlrRI1q2q-QpkEGtr4L8XqDmDvEXwkhLXGXzCI_WnG74oIEfQ5CXD_xQEBHdi182jiN9CyA306KN_HZ2vEylQw7CxaTCOtbKILa2z7JFlvSSI3tP86tm3qRTD2DFoHAEk2OwfOzTDNNevnjNxijjfcutXnEwGNUTWmn-Wf2-Lcumam2fhLkdbcwkM1TrlbQdSWN6FWrV0Me2VfeNU0ay_9SSpxZMpNHXwrhSKaTMmupc6b6yxCVIvGdjBYCCkBzekSl6pknccfXCtYxCY6XZ_UklQXO2FjXpw-KJgAShYJz_1-2A3DEuF9Q8z_2jYH7zYIaqnvhpikJG_QCMKKTXqBeJ3yxiyB0lwzgK0JkSYDEeTsLtNCTMXND9yVSnlm-w5mZQbFRGceHHvybWnF1u_-Knx_XSIezJQkICDlnH1FJtvX8R_tybsaXIsWUlaj1mL_p70eXa0K7QLv4638zKw3OCRMReUtBZlR5EnNinL46WcrIvie1clxUgNKWNs8_S4PU9WcHglE261FWVsEQLcEWZQGWIh9ayT0KpCkFJFIvtlf-f8CJMNCIvI1kVoPbdZBwrqvCrFMMj7NXNVgz4-4oCQ5x2STtRFYw8NePe11tWME5tn6lxWm2QSfZJsbTXEYz4qEY6QtaFXiSoneUxPG5Fu3rQZ6L6dheQQrOfcOAkzIZ0fp-vEkvV1vRuHVLJ80E3sCsiVzoo76h-kxj5kx_imYu4N3FC7SCxbb3gJYLbEibCeotwWhfYou5YK-Y8qw8U8cN7sbHM8GZgrf6u0fFbabbejMpsdeAW57KvFktJDpkZSLemm3HnVnOimq91-Q1QPoWV57XLGnGasslLK20ZVAGpj6MbpjwvdZ40_9wxlFbkyac2Jf-VaiEDtW4lGn2wIRWHROBiC3ue0Ynnyrp3g&cid=CAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=14371588974816954000&adk=2086295851&idt=424&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 09:08:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70525
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 09:08:59 GMT

GET
H/1.1 200
OK g72h7lz2c4az Show response
hal9000.redintelligence.net/zone/ Frame 2C52 12 KB
4 KB 178ms
36ms Script
text/html 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/g72h7lz2c4az?subid=&gdpr=&gdpr_consent=&rnd=1692852262927878&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCl3bOJuDmZIbROOuF1PIP-8a66AOm5b2gaYWVnKfJD_AuEAEg3rionQFglfrwgYwHyAEJqQJHMi6NJTmyPqgDAcgDmwSqBOgBT9BWATRFzZRNqSfM6U-eln3mJNEIplB8ZxtWv6dNMing5giY6jTg2bZald1qPJ-4n9mKmj3KYox5imymIxgr-4GbLAJnzZQWycRV3GJ4OwucsU8BqFZ5irOoDE7IeqRlMKeS7a3sKCVhRQaR5qiidlIjudfkicDVAsRRP5n6pRc8F9i_yq5cOeEE-1EbJAko245Kp1lr_rjPjgTk5KrA2ZtnpPtRp8F484zYGE2qkcdswfl2RE0X0KoXmHHISh5y_dgDVGf46MH-NKnEN6VYsJlP5bTUwLbbHVVoeAxdDTGrH_g33bSiT8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIhvynjr70gAMV6wJVCB17ow49EAEYASAAEgK-yPD_BwE%26num%3D1%26cid%3DCAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ%26sig%3DAOD64_2IUwumYsxoyoe-_MUpkdJbpv0w2Q%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-BrJ6QBO5rYs_OSjNdfhsXevpRnFY4t_G32gUAZvyBvVQzdziltpNA9y1jaR-9Pz8FlX0lTNOPSP2-c800zxQ99KxNrpW0ph7s5DlPSW_N6_aivPX14II-YtJ-MZszpDEkBDyx9DFLzJArmAGBDJH8OZ75bTp4RCvxaV3tUWA4pkwMnkhc%26cry%3D1%26dbm_d%3DAKAmf-CXyxIhL52r-1g6cwrLcEhY9hEwZ48GmVDdzfzsNlkgcdZkg3H1o7WVAuHM6-OWk2vTfheBtv-ornrcLCAjNEE3vwO-fuKSJWeflxyC8DNO5WT37RkxQXQ93br5V-5RUHByn_MJyov0vzL1ytNLRgJ5v8b1Kc9MBilN0efcoaZRw1sFLyk3uklD9fCQNVCZLTWigaLMiXl1r3rCKBTg9dWY5AZbjKJAF48-pbiCpPr_Xwl54PxkM8vcPAHkYCnPVpp0DYC9Eng9xSCdkuHo1S3mFtITTskioaCrGS7JxercVfguD4_LKFO2sF8RvMDJ6W63bnzsasiKhVkJ15lcSBGGH2uOn-PGMZvo26KMGsR_7gd3M5_wcxww4uNz55DG6limLpkEHz3M7YOnkjMngU2kUOmdZPekE6Yoq141joQCHqCe6__qAzVfXo5Y-96n2CuhLCwuIz22I1yS2BDDVpky53QiQu6W8DA2qZDudojnDJlTdZ7uAANIGYbNsvILFmz5-Pl9eXc4vvRopjLE-8JCixdLzJTmCARK61KUUmhQBeyWwGAFZZ6VFnqQYKDMa2kXL0vnUde1Aut7jkG6XWF9shQI7CptYX1zRkcx1fBr305tK2wxPKhgQ0EpH3si1rYA8Rwd%26adurl%3D
Requested by: Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 34b703385ca7c9c267172333660894f281b3ba9dc5248202ea5f0d9db3557c87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 04:44:24 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4264
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK iju9wczm8trb Show response
hal9000.redintelligence.net/zone/ Frame E3EA 12 KB
4 KB 179ms
37ms Script
text/html 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/iju9wczm8trb?subid=&gdpr=&gdpr_consent=&rnd=1692852262927880&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCklL-JuDmZIjROOuF1PIP-8a66AOm5b2gaa2VnKfJD_AuEAEg3rionQFglfrwgYwHyAEJqQJHMi6NJTmyPqgDAcgDmwSqBOwBT9DsVCTvhBk1HOfJOTYWxG0kN5Af2WpCOMBIPuLXALW8HOIUvlFl2l53b8Pl1y4-K8sfAvKJHqYn8uXUAn_A9pmRgOYrjDAcO_fPkpKPxaP5nKljBD6_IthzbgSR_ysPIvJ9XD458eqg87_FD68Or9i7T4VkaMdCf-aOv9G-Si0stF9Mdhlwwwd6qSlJBp5RcW-Uf579BBkNls2h5goaEAxOTiWuSd8OUBE-TARYKdiikUr6lcOVtF4LJpIriI5QimIazw_-NPfacXQfRNqckc_9ZJwE69X5O7n0mDpeMHjNQT4tTGik81HzIyHABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIiPynjr70gAMV6wJVCB17ow49EAEYASAAEgIlEPD_BwE%26num%3D1%26cid%3DCAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ%26sig%3DAOD64_2GoEQszV9YHefSHB5YGPMJShMPDg%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-CQMCwG6S2ggyUC4ZclfyOvh1fzTeOljGZBIrikHnKKsXseOdghufTxo2kXvGPK8aS3b08w-nGHcKv3SqoE84gd1h_fvBC_QB-2K_C8l-VyFkvMWOfX1-e7fFBJdsznSG-3LoDbo7dNGkj9_RkYH2OFdUXCgYILCC8MTxgctgGrX_nfS-Q%26cry%3D1%26dbm_d%3DAKAmf-DvhpeiQRdSv8LFkJ-nYxljHMgoAFXbyJszX7qk996LnMAufdaHJ3DhL-71UG0H2B_KuXN91ZxdFdeI9VewSR4qGsr1mtMP_CMyvT_1Sny0hcqQOer2UQi5ENXBUiv9w4QiP8MNwvz286MS3cVPUynEmIgkiY4CtsheMaB4JELNbfpeojZrAWR1Mb4I8JMujym1MAmJfm0E76JfTsd2zJc71uUIhMD8SyybxRRNylMFl2nwj-J2nt2aIMoP0fyLNGkyCanWVmGsL7Zat0FdYGLXuGGj3uqiXbHdi5J9TV9tJ9A1DrnEkQKzhcuYDRep6PPfXcRaeeK87pXgznPK2ppjGS4utOME1EUj38Z6jH9jX0yUmazYTqBh-inW_Qn3uXb2HdPpXaV8sktyyL6ZjpasIxHQpRYWm0A7rzbr6JMxUpYXKRut1URuHX1XZDCWQrjruJy5c-qaGBpr0J-qFnvpBKEi1A2tZ5dIKliBdgCZ8sNhswNOF6WKmS00KwarliNpB1QFZ3KJJVpoz3x79s6kg0nHeNtuaf-gY6JQAgWUWawVYCzYOHeehlWf0j_UzCnyROCySnKLiD375I3SQFT0bYACz_HTEjZC2v5Hi3sQ2A1s99Pk_U8VlI-PdLpp7CoJFC9d%26adurl%3D
Requested by: Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 0c5a7a0f0c891bb17d0f529963cd22aaa382233bdd453fe43c1da6b6c2e89b7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 04:44:24 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4266
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 25DE 41 KB
13 KB 149ms
87ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BXs7tOartRgq7Vjk6-yavp5C8VghWbOGFlANJJc6lWFs-o7_3WXNACOhjs-ft6unvH2B5MCjhyMn7dz7J6Fokn-4JRAQnQeo3lX6E8c3o1F7tiivF-3b33X0qJ2S1WLSDqqtKSca732YZ3nAVfyTMBOH-prmOERzJIpnDzMZ3CcKM3yOU&cry=1&dbm_d=AKAmf-B5v0UXemmB1m7RpzObcqKpux-LX-0fDrsZ0DQNwRo-SSAivaZveyCviAUv8F6Mzesx_qlifBFO4vLWoW8PZNHfsClGvT_tqFJ3UYAGubVxIu-w6U5Rv_GPCESzBbBK8gVF1qDh3zXj1QtDUO6Vtqo2rUeGUc0722FQt9AVZBgMOpP0I3684VCWdYaEW18H4TnTVc_g5cWN9KQfxo3Y6NF41TigsAKaGycDfF8HlG8im1guShBdAhIhIApI2IFOn3WLdu2UEe6t5YXr1enzS5pDQFNOdgGNCOgGgqW4YBLU3Mo7J2ZI05YnVKt0V8TQMADt0cn9aMXlsJ-1ntDIfFTi4rBU7fYJdlg9_yqoQ26784T-lNFbHZrlTIvPHaDnchnqmeEMfh-24SICByv9jETMUjUpLhpE_LrFLn0khkRfpFGaYeWpRON6ugEHhRzcIa_Z2Hy6SNQCInfTLRAPaYiemiWr21r0to6we-Dq0Y4Ii6z8jnRB97XpZiUYvWS1u04s9LMLYTBDZfCNDq-wmo3T5PtVqUEZ_h5vRAabasTltTwkqX9uxIBS0m0cSSmOYZg9_RBNZVLuWen_NFfKt2EW4DYDIdaRH1OIX663b-GfP1u1DFOqJE0US-IuXHH9G_JV1wb3dE8F1_9MFTXSYEsC7jCDzXlsdjUzIHbLm2Etg0-fOW0ochKISVnY1JbrWTjl5vhQJUSPpMQn2JCQTI-Gvq2p-nvPIBNEL0CQ0U_E97a0CM-PnXhahj4fmvTem6VmGMp-ECFRXCUJVWpYTfHzklXqWsPyYEz-rSqXrl73664cQ1A7q0I0_hS71YclF7-b0ApUyXGCIWEGPGBzWy3YBNUPPwcmUZN8IMqMFMx8JRtKwcXV8ZQS1BNsN3W4IrbvjiTj_ii8cXw-zGWFjoC944Nfc6pK32q-KMJ3Q-hQUplJhVn0jSqMcbVHbrmSYpILf0tb0p2742Nj4Bpx8k1Vef_g5hhku5P-z7rAbyzL6nGG6JmyhhXrEXPU6Oa0qhIJ7n3COrpYoEIXX2-9TBZYBpplLvnClFoXpwGfN_KVBdHvckV7YesdM_SA1VqEHanM7P-X3GE7xgigBzUubQ_E0zMLuF6sEzo7fmft0ZvC3w2XixpaWz_X07PNow23NeYYkHwmqMRRc9FbW104UduHkvcjKAOqMHS3ksCxU0_KA0amXIShXmFsoTyYSIhjKXhjqN4RJks12aeQbk2FIJjQl6r1TqHhIIPjizaQp0NKRiLyMN74vrCjWcleKv1KOQvUBlpQfZzw_NpKvDRIhMS1Z47-7BH-Kuo4WMfzPd32undS81Tl7zr1CP6KLgAnPYRWyUZ_XcYZXZ5oANfmiymEaGK2_S0gzAW_VEAvkreL7jnQy3PUO59RD-hVeOihP5wXlSZ9q1oTzY0yE7g0r6mDvj_hLqqr8nFFwuYYmAga5cPnRfpAQKmP8M36WckNej_9wHdv_tRmS8e_cp-0CPesRiL7mXUbW4EzozqwkhM5vlg7zhoChe7-JYxhbULXJ5JjJda__Khj_Tz2G-i0I030AbmRUC84Zed3O2o4ejn2mHI0dJK81y7SeC8I7hVMcMf5QImVGgk0989oLFi_kJSdsh02zkycQr6p3URklmCW0lrSZ8fQHoSQ69vj6HdDM72eX50xTfmalhKrv-kAWtSJ2YJsmLg8v2WSvpIRklDlJg3i90QcDoqUho2bJx4WRwdZIIPH2BM8Xc6auVY-Pl8EoGO3nyVZlUYM2Uv6HOKdzN8T_77cjb0eKUI6XELS8cpVkKV4L7s-CCCYBZedbL7EFsln-K6iomkPdRR9DVoMTWVHZJ4LVO4zMHEaTbeFJeh7_WV7ghPCxb8I33zzwnabcAt2oJ2LS_P9eyhSxfTc5mSkVaXEfjhu3mFWJHSPhlnqlBh1R0-_l5n4BtVQDbQzwgu3YOF-QJKjc2KfPES2Qx9RcA-LD4ufSkA5h4lQiAdv70KEgkK7ZPLIF43AzDKgkpQczutZsOrz52I7wm98dEU9fmesfZ1O64Ccc0puMofhPFUuPSmtsaNTaKxBwPJWLKlIOba5nb2pzbyFVC9MidX8vb1alTQ95ahxiAh-IsCA1G21psv73e8GOV4td4fXIBoh_C29JEoAMsHpp6jww6-n0_NmRh8UvfgqttQIS4Ob6-rjYx6rDB_ms4B5DuxcfH3KNuN25F1RPAlotAKq6xVVw0irSF7sBPnWUBbYxL6NWYYK14HyNo2YtF79Hj-3b9idpDD11s481ACmLxhyIaOWHRci2OyWbFCLHyZyaPqWufjJNK00sy3KbU8GswEfW19wc79gqrfkb7DYAMevxL1K_9zvj-5dEziIsqhTll0Iqoadbr_7MzvN6e_i_iMYTnJebgxxyT_M6O1H0zQqZdxlpRKdnh_9O5iQddMNO1bqz6flUWBd96Eri-UWJaA4aEBIPakzSvU1XpoF8XGOkiI-AUAn-PIPbe44-P6mOff_qi_R0RTYzycryqLJvvYDKuLaNojtxhio_Lqx_ynXQsNIy2JmIxXbgIkPX7e8Mwky_zdlqiUXECCAY5_KWrTDWaDCzdSP0-gwD3X7_yr6xVcEXOxZG-0TLPbpAKQPhCFqSggfe9xZ_kG0pxb7PngkdlKlwYJEEsEgcSRINgbQ5lavuU0fH_nX1rw_fJEAWlS2joOFkQtW8Wv5PDayJhGZC_CbxrpkcSN_-wTg9mkydpJ0vD0eyRWY-GsB2YUTkgh7s8fYL7j7BswoAZEVHUrPrvINVUYzJ1MhokQx-LbuBk0zNIDfGfUQlkVMDrasETJZtzi8cMjsJedy4Ey8YnbpKtvXqRbhDaAaQOSUoiEPBinpk_i9kFcI8VdZSr33D7aTQbpFfSfYheiz8fhKh-nQbhruhW64vKGuvPXhaTw0hdz01B1_oND2sTZDzgVCikP-gWwPspWbTKDGLH5gwiikZUK4qOTFf69qc_dcMaGTbMa1JQQ4E5jB5-kH1gJEFEodiNRf686f3x4cejzM-L6wpWKYfcAYaaPMQ7CXMxVTi4oeclm5LkyxQAGuOqy_sxphQHnfVngxGhCdhkkIpxZreuCVLDE3vPXk5OLKfQrm4khPnXT-k2pzbIrWObkij8OpsVm8I5ZQ8e7D5hgOPBeMR8ubf7BOWEmBBM3UxCEqtlxyc3i5Q-QVMiOWsvCj7ouMCqGbAzJZ2zpcVElhAg3vtJttaaoRSIoymr0p9fn4yjOJdMCxprLDBYep9t6th6yD7bfuYnmjceMyZ67cz3Cj6NNMgqZMSA4zXgI92sD9uTtSJh_Lb0U08CQqtFy05uX-zu3MvBHCZrI-FoI_bx73sT4giRqlEFgiSWLtoCsWZ_LkPxlctedi_rYdgTiUcMi8r0jDXT9tv8OUFlVM_oOqDCjrttFy_3XXySk6LuP9ZAPnBaOirTF9autCsKoOnvLFg6IGg2RspCRhNftXzoHrTijibrHjy_MvZy8CXDlhLGelCIe1BFRf7kqUfOFCRBtDLbUi_rgGj6y-3WuAPojpVa63jZrRCwy_B5Ucrlulji9IRgHYY41o78sKtAGU7FGXNioIcq4h_87SQ8c62drThvPLiPfcXCzAQkSYuG58kzA014IdXCQNsiK7_oEhtMzJcz8vtWyy18CtycL9iAlXL83hyKUXeOxLzmSI3A719sdayjrslT3swspaaNE37toCXtWQQQG6BXOH27HBMhich1gZs-vt2r9FkPgwa1XnFcE_3uSET6ZdejIXrgVRra-P0AE1VBKoyz5MAiS-0tjvrQT4509Q6kVor3vO5KobEOVaxRlvcSfr-UXzo7BrnLHTlFtBjZwMV-HZrQrGlx3NOPb_42_bGNKZS9fjR0-VrW_fmY3ZSWgJrdu3qre9bEG1KInt8ltWRxjfDzoWlhYj64N4pg&cid=CAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=951578651274809000&adk=1877897943&idt=443&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 09:08:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70525
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 09:08:59 GMT

GET
H/1.1 200
OK q84gc72z27ut Show response
hal9000.redintelligence.net/zone/ Frame 25DE 12 KB
4 KB 178ms
37ms Script
text/html 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/q84gc72z27ut?subid=&gdpr=&gdpr_consent=&rnd=1692852262927881&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGuhPJuDmZInROOuF1PIP-8a66AOm5b2gadWanKfJD_AuEAEg3rionQFglfrwgYwHyAEJqQJHMi6NJTmyPqgDAcgDmwSqBOoBT9AX5C525K5oRSsKadt6UbXCaaPkDZWMDLMj16BYLjJpgCsgsrEu0PRy-JJM9vQxtB8V7vCItojRESemZevlAWrk_hb6CTXInYHhsQ1wV2lWUEsH3MdpHNkBTlG4jBKeMOeWwY5yVNUqZlXgf7Whs2c7CiGvYr-S8Zd0qyH6eHtOXl2VVNppYCNQs3asZmmkY8LMUcnT87MIIWuTCwIrlVWml5reVZrRHeMpz8XLn3yGEsM4GD7pevQGXo48UZzw9O-5gP7GENrzA3gqY7GLzQKjdnqpCJRWq5dnHEB2zKyjM8YvGRtV4rJJwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIifynjr70gAMV6wJVCB17ow49EAEYASAAEgJ-O_D_BwE%26num%3D1%26cid%3DCAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ%26sig%3DAOD64_0onhK0ZyA-mPkLzkrJXMmsc1-aBQ%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-BsIEpD5V5Cvhk2CshNCw_NnBOmAGJXS5-WPSY0kcM4FOEh_KufbGh-SUlO5LlUH6L_pN6gR6LY-NU0u-Knt4Tdlp81ARvBMMbh8Drq4tOB_YAc3oMXD5_nNAWAIJCiyPQ4MpZgwy-j90AyeWq_0qytf_JhSZUYczZsfFMWZuLhIiJg9mw%26cry%3D1%26dbm_d%3DAKAmf-AZVxXepMyt_S9amX1ckPOLDPmJ1tlMVNosTl1HBskrk7Uny5haK_geY-u5IXe5d_GQ7B37Xu2hfFAd04xxDHngt7hBacahpRdXRRzS0pvcWJVch--9ZILou7n4Itm0UrSKEJStmrVIkn3KzSZrx5y-bN2FAxbEZLGHA_4Z9m17PxFVVTOj7-HBAo2gVdqWw2qI3j8vxNd-vbYDlCFMOIe3_zn_pYbLVJMrn97fWY5N-xkvghRC97sSWUUZkRlIjArJISmU7EoePNTqy0jyfoc9abqJ2OFc-oPtyqxuOtgXW-3qGrhnaXfbXUHFeOaLpYtdTAS-V34rqFI7vTXsGlO7hkQTaDuGlxuYW13gCamR1jnZnafFatVtncXjnPE7cW1LD7ZH5lSi4L7iSZa3YhvbamnN4kD7w3t8w6FOvmmer1CZFM4SpOMKPjiBGNSypmI5BkTlealp9J_24iAqGUvNPMAfAJSMpmbLEIVFYbhuC3o4qU9Dnnba-6rrwm0deP9klC1Tb-cgB5-6tmlMa73yRAhpo8zZ2qBuy6Tboj8n7fWZqev73E262lEkeN2HqO0D9UbSAUwJWePXjGQKV0mDXfroGz7GSAniE0Ezivla7hxCBc9onznimVgmDOidMARN8wz3%26adurl%3D
Requested by: Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 364da57deae8e38daeab440e860045f857fe86bafe8e2b0955e226764b5d455f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 04:44:24 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4264
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK e95xao572jml Show response
hal9000.redintelligence.net/zone/ Frame 66B5 12 KB
4 KB 168ms
36ms Script
text/html 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/e95xao572jml?subid=&gdpr=&gdpr_consent=&rnd=1692852262927877&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCA3t-JuDmZIXROOuF1PIP-8a66AOm5b2gaeWYnKfJD_AuEAEg3rionQFglfrwgYwHyAEJqQJHMi6NJTmyPqgDAcgDmwSqBOkBT9AMWz38UGdK7RgG81Gt7P0SavKn3vI60IY7BXI9CQrCwl3dixQHzRYPuGYo7W5-TD2kBkv1NOMQDPRThkhDpv3rP_DzexTPqiBwvzI1xCOdS9vXZpDmjeTe-d-KoMxWN39sbewFTlqQTqpogkwjyZc5k1Q9GBxl3OiDU0EYCde4_z4jalW9cOoFYEl-L3q9A5YqaWL-npIcvwGaFvomlqddUu0cXZJZjXUGc90gHDCvy6ywA9DLMvGe3dXKKySQqGNgfX0LEYTOvKLnB5q77KRHXopSUOlrCjCMmrpTYgsBZF3DRK9MAqTABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIhfynjr70gAMV6wJVCB17ow49EAEYASAAEgLPIPD_BwE%26num%3D1%26cid%3DCAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ%26sig%3DAOD64_3IuFcm0-UEpkQ-bsl6Ky22WUXhwQ%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-AuOrm3-unHg5wopPwo-riEFjG6-yGdeRVEbqvoi_ZodELC2xYsy8jKTjbwC8fSTEk9tDv5cPIb6o0F8A0HZ-8r8tSNvEulOJMrW0Rl0ayr7z5sPNEU_J9MDTf1IMgi5cUlFjjrbqrgb1dgxefCZxr0tUuHFeVai9_S2grrXpOAcTbE53c%26cry%3D1%26dbm_d%3DAKAmf-DzJppIK3B-63_NgHwrWMhCPxfu4mh-5Hz0w6Somj0WOxI0s4xEY7dc4yuaAhRoaYZWivEYVIk4Rm4gTCFV-jkpXKIMH-lluzi1E3BxWSTNa6KMDCegYZZh3eUHIgOLpkltgwQhBVawqpY0ecquLTnzVH28os8E-cc_tx8tJIAgaGGhKcALJl3NZKcQGtMYKdg878HWqD4Urv3P-SzDm_zx7cIdXvN7ncDx333Quc9SIr8NesXPQNRYs8nVatsrjBHmLwk0kaDkuVF9rBIzoWb_3bCqNJdzQbanAZ4LGuRBqF92Euptp7fFZ_0zcNHXKmWHbAH3KC0z_O-d0Hz7giChw2EVBptCUO5z1gqcVMGZDzULkxsL83SlMjzBWG-R-DIJVwLFpaBsXiH-rEUgrn-qLedzFtD30vYqXmgc3LAgrtwvBnquddV9sZo_UmpPKTP6c1OcNHyZPwhaIPxoNW1p7n1K9h7CYo4qS0BY3w6ubebyrfD69bB71w-jLUKPnu0s8uz5HHfroaJRtLpdJVefR5Vt6Pvx_ZF3FVJWP6F_N9IcyRH6gAuKJBUWTbvaZXH0MR9GMooyifzO7fD1cJebbE0tnEXPgaJhOoRlqhZYplLGnqrjPO0xMClxXP2AgOQRSK25%26adurl%3D
Requested by: Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 81a6e12dabe1a9b44002444a47af44b2aa968f22afce56fd71b2dc7743bdddaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 04:44:24 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4261
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 81CA 22 KB
8 KB 110ms
54ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 571389
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 14:01:15 GMT
expires: Fri, 16 Aug 2024 14:01:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK iju9wczm8trb Show response
hal9000.redintelligence.net/zone/ Frame C2D7 12 KB
4 KB 161ms
37ms Script
text/html 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/iju9wczm8trb?subid=&gdpr=&gdpr_consent=&rnd=1692852262927879&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCtk9wJuDmZIfROOuF1PIP-8a66AOm5b2gaa2VnKfJD_AuEAEg3rionQFglfrwgYwHyAEJqQJHMi6NJTmyPqgDAcgDmwSqBOwBT9BoAhE2FAhS4RqS-vcyqqVZUj7GetClgYmtKA71rEN_ldcChopwiokGy5E-zroJDAMKFvvd-Wsri4zLEgIr6mjDGTtG8lgArenqI31POpfb-lOqjBKvu2XgVOPOox-Vqv4zm6JSvqjBAmPuTauVy-_GhLu5xzlwwubOKu543bU6eQOmxrq7G_3VjMGUuKeu74eupDzo7rn-FvVaSdB9PHN0leu6OgvCuCmXotI_jgkiUgswtgSA0K4d5F1f7QGDnaZlSgue76NgVcC2F3a0Ko0NHXrFrhC1XUG2Zvva7kRapGKcz6MxYHw0sVbABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIh_ynjr70gAMV6wJVCB17ow49EAEYASAAEgIURPD_BwE%26num%3D1%26cid%3DCAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ%26sig%3DAOD64_0YefWzfo7pcLuXcCBpOyuTxPtqkQ%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-Bv3jK4aDx1l3hXTdXw_sTGAdeO1s7r1ijVtN9Ao9jFh8Bz1cslJJ-NsSDNjlGElgWe_0Aou5ie9o83536eiv7hAQktvDXfrqM34d4XaDFBzLaetpMFc5Q2TWL6Elep85o9p3cnXic7si3kTpw6SXQ9QVI_-0si47okBIDbTe-jBLch9iE%26cry%3D1%26dbm_d%3DAKAmf-BXOq80OBJiJltAjTBn0076_B_oP97rU7A_pR7cMj3kiBTO9Xhv2tab5EYcgCviAp8N2kBwnVa97PnqHgRiKBrWwrkjoKhtNgiAW4HLDSlJAMd2feftlldSGBjOUycjRhpOqifztUc3A8nzEKXNJd23YC1DnMB_2-WTWPT5TiNnMElto1zb-DDh3-5hH7VumttitZZYcPi3fvVECs0ARCNENzWhvHd0vDHCLJZ3a2VAkc00eOFCbs9iCaOYdSuxyvxcYcUlu2ANgtqcHlmmwuxAZVMAU9IQpf7E_SXAAjlQ49tuh7_-TI_mgfwoB6Et-Aa3e0FnpC7jsjRK02OQpc-onWS7OfsTYhDa04AbYmK_ffRGxnAGmkoTW0ZTS9C2JTGMZFZuTDn_IFZWG0ONU2j_SYFWpLUXwa4dBXf2EnPMcwVV1RUVQ9Hpw5OvBhdqt39DbQTToBAFd90Wf9j2icDvgKfNAXKLw_FR7zsxJJEJ9fiHUkkDiSyVSqQXqtqq6AfObZCLYzTQj_72pHnS3DAhnImbjHb0uN1Gvzxo0xrPEtiIDvADf8i6yXwD_jS3cACK68U_Wvd6z0DeifYddbHucr2AkJz6HNd3U9B3BFcF-5tY0kvtYYGbGlwjyyjajk8Q2_v0%26adurl%3D
Requested by: Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 2cb82382b04c6ad07f28dab4c4ea8cbf328b6a8f6d01b0b22cc38b9795830e6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 04:44:24 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4259
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ar0wka2ffzvy Show response
hal9000.redintelligence.net/zone/ Frame F468 12 KB
4 KB 158ms
42ms Script
text/html 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/ar0wka2ffzvy?subid=&gdpr=&gdpr_consent=&rnd=1692852262927882&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCC1VsJuDmZIrROOuF1PIP-8a66AOm5b2gaf2QnKfJD_AuEAEg3rionQFglfrwgYwHyAEJqQJHMi6NJTmyPqgDAcgDmwSqBOgBT9B2nO2_5dMdnCPOjiUVw9ZcynAxagU8IknBLnujkLNQi6N-eo0Sx9kT5-DGb6hk3Mh5VHeBpE8FKvy1GKGRJQxHFEK7H7Cun9VaK1QHTeoFOaDrUcfOXPjq74PzQfnycF4bSBA2aC5Vx00T0GGVG9tYkN1n0gdxGCodri_-mgn0WD7usyAuMBicBWj7d80V3ZF8Lm6YPanKtRA3P-jMfi7THFZTuMfilNvBdRRmN9WZWL9m1JmKabV1TzfrTmORlApztXFIg96II1LUQHx1ZXXLwbwBJ1ivgC1gradPALDikF8ZvxWZPMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIivynjr70gAMV6wJVCB17ow49EAEYASAAEgJHz_D_BwE%26num%3D1%26cid%3DCAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ%26sig%3DAOD64_3xMVahYqPyvgs5jMJWmCfkzgGchw%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-AtqVXKXZHeVBQbXLyqJNI4dAj5gj93qhH9J8TiDnS24k9gqmYDUCpre7l7qNX3wSzcLSDqjutJJHcUl0VD-Gcegz0k-_JJ5_s-j5ydd33FtI3tCuayFA7G6kq_Nspfa8aH-o7iwQu4ViAhPzH5tsbpon5ODkyDNLHzND5hFtE8SuhvnKg%26cry%3D1%26dbm_d%3DAKAmf-AHmR_htSUtlRs-H0LVORwxlb4u3vHRgScFGA9yl3g-y3HLkOfZ914EuVNMeT0a-_bocICHk7slVqzPoHU0XNEgLLqFOQJUTQWURlnOnI_pSlOnQShzpgXypi-mjemgCglndsYXb_eo_zRdi1GomuMO0jB_bZ7_y0kGnaxabTIKBrRcKNMMbJ7s52X3ylSq_rhgUYveFeuZEcRITbY6OWmf_zMt-SkGIud73D4ysdEui_CI5exCdbgnIOGymla9_UuK6O5ee6WhCz0yVgMiYIaFnUcPrLMH592PBLS0sNVkPLKUzOSi7wqwGtCTHCw9jtDmTVsyKMzlScw2ECZNgfUgTaHRf3qpxkvfIUL98VlOkt82TliD2oLjnkPEt5RfpuIUCHq3iyl9zi02bkobl_Pstfhh_WgLfjf6nbgjSjNqRaEfa0U19RFXR0XboKD6vx9LYUfGjLVCdljW_gdth6Rk56R61T46i470W0KwgnNH2XVjLlZ3Ila3qKUwPMjZIOtfdxkfRvQLQY3JanBV6BJf2crJLyzPeG1nZV48mJXlssy1s1CBE0CBDLUihZESTjNpo5HdGSWgEkT_5X1sZXwaelN9E95bggiEnohzDl7xDwAmQGK3o-4yChRQ_n-2GiIyha3Q%26adurl%3D
Requested by: Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 45e48e3d84b1c22dc8b706daf554d945402a78970f9e777ccc78088f9fb9bebb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 04:44:24 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4259
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9C2C 0
10 B 103ms
95ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?wyz4pw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 04:44:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4254 22 KB
8 KB 57ms
55ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 571389
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 14:01:15 GMT
expires: Fri, 16 Aug 2024 14:01:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame FD4E 22 KB
8 KB 60ms
59ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 571389
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 14:01:15 GMT
expires: Fri, 16 Aug 2024 14:01:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4AC0 22 KB
8 KB 65ms
64ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 571389
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 14:01:15 GMT
expires: Fri, 16 Aug 2024 14:01:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3FED 22 KB
8 KB 62ms
60ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 571389
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 14:01:15 GMT
expires: Fri, 16 Aug 2024 14:01:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js Show response
pagead2.googlesyndication.com/bg/ Frame 81CA 37 KB
14 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:57:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74802
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14636
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Aug 2024 07:57:42 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2DB7 22 KB
8 KB 60ms
58ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 571389
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 14:01:15 GMT
expires: Fri, 16 Aug 2024 14:01:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js Show response
pagead2.googlesyndication.com/bg/ Frame 4254 37 KB
14 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:57:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74802
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14636
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Aug 2024 07:57:42 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8D4B 22 KB
8 KB 58ms
57ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 571389
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 14:01:15 GMT
expires: Fri, 16 Aug 2024 14:01:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js Show response
pagead2.googlesyndication.com/bg/ Frame FD4E 37 KB
14 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:57:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74802
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14636
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Aug 2024 07:57:42 GMT

GET
H3 200 VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js Show response
pagead2.googlesyndication.com/bg/ Frame 4AC0 37 KB
14 KB 140ms
139ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:57:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74802
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14636
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Aug 2024 07:57:42 GMT

GET
H/1.1

200
OK

request.php Show response
hal90002.redintelligence.net/ Frame 2C52
Redirect Chain

https://hal90002.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=3778cd41e8&subid=&uid=1d3544385dba1d57&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90002.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=3778cd41e8&subid=&uid=1d3544385dba1d57&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

610 B
933 B

159ms
91ms

Script
application/x-javascript

46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90002.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=3778cd41e8&subid=&uid=1d3544385dba1d57&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCl3bOJuDmZIbROOuF1PIP-8a66AOm5b2gaYWVnKfJD_AuEAEg3rionQFglfrwgYwHyAEJqQJHMi6NJTmyPqgDAcgDmwSqBOgBT9BWATRFzZRNqSfM6U-eln3mJNEIplB8ZxtWv6dNMing5giY6jTg2bZald1qPJ-4n9mKmj3KYox5imymIxgr-4GbLAJnzZQWycRV3GJ4OwucsU8BqFZ5irOoDE7IeqRlMKeS7a3sKCVhRQaR5qiidlIjudfkicDVAsRRP5n6pRc8F9i_yq5cOeEE-1EbJAko245Kp1lr_rjPjgTk5KrA2ZtnpPtRp8F484zYGE2qkcdswfl2RE0X0KoXmHHISh5y_dgDVGf46MH-NKnEN6VYsJlP5bTUwLbbHVVoeAxdDTGrH_g33bSiT8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIhvynjr70gAMV6wJVCB17ow49EAEYASAAEgK-yPD_BwE%26num%3D1%26cid%3DCAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ%26sig%3DAOD64_2IUwumYsxoyoe-_MUpkdJbpv0w2Q%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-BrJ6QBO5rYs_OSjNdfhsXevpRnFY4t_G32gUAZvyBvVQzdziltpNA9y1jaR-9Pz8FlX0lTNOPSP2-c800zxQ99KxNrpW0ph7s5DlPSW_N6_aivPX14II-YtJ-MZszpDEkBDyx9DFLzJArmAGBDJH8OZ75bTp4RCvxaV3tUWA4pkwMnkhc%26cry%3D1%26dbm_d%3DAKAmf-CXyxIhL52r-1g6cwrLcEhY9hEwZ48GmVDdzfzsNlkgcdZkg3H1o7WVAuHM6-OWk2vTfheBtv-ornrcLCAjNEE3vwO-fuKSJWeflxyC8DNO5WT37RkxQXQ93br5V-5RUHByn_MJyov0vzL1ytNLRgJ5v8b1Kc9MBilN0efcoaZRw1sFLyk3uklD9fCQNVCZLTWigaLMiXl1r3rCKBTg9dWY5AZbjKJAF48-pbiCpPr_Xwl54PxkM8vcPAHkYCnPVpp0DYC9Eng9xSCdkuHo1S3mFtITTskioaCrGS7JxercVfguD4_LKFO2sF8RvMDJ6W63bnzsasiKhVkJ15lcSBGGH2uOn-PGMZvo26KMGsR_7gd3M5_wcxww4uNz55DG6limLpkEHz3M7YOnkjMngU2kUOmdZPekE6Yoq141joQCHqCe6__qAzVfXo5Y-96n2CuhLCwuIz22I1yS2BDDVpky53QiQu6W8DA2qZDudojnDJlTdZ7uAANIGYbNsvILFmz5-Pl9eXc4vvRopjLE-8JCixdLzJTmCARK61KUUmhQBeyWwGAFZZ6VFnqQYKDMa2kXL0vnUde1Aut7jkG6XWF9shQI7CptYX1zRkcx1fBr305tK2wxPKhgQ0EpH3si1rYA8Rwd%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=6338325203991&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: d67bb12b42897cb65be02c30cad6756901b9f6b411cf4cd82035ae077714d6c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 04:44:24 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 54264800010084604444550012426002
Connection: close
Content-Length: 327
Expires: Thu, 24 Aug 2023 05:44:24 +0200

Redirect headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 04:44:24 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=3778cd41e8&subid=&uid=1d3544385dba1d57&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCl3bOJuDmZIbROOuF1PIP-8a66AOm5b2gaYWVnKfJD_AuEAEg3rionQFglfrwgYwHyAEJqQJHMi6NJTmyPqgDAcgDmwSqBOgBT9BWATRFzZRNqSfM6U-eln3mJNEIplB8ZxtWv6dNMing5giY6jTg2bZald1qPJ-4n9mKmj3KYox5imymIxgr-4GbLAJnzZQWycRV3GJ4OwucsU8BqFZ5irOoDE7IeqRlMKeS7a3sKCVhRQaR5qiidlIjudfkicDVAsRRP5n6pRc8F9i_yq5cOeEE-1EbJAko245Kp1lr_rjPjgTk5KrA2ZtnpPtRp8F484zYGE2qkcdswfl2RE0X0KoXmHHISh5y_dgDVGf46MH-NKnEN6VYsJlP5bTUwLbbHVVoeAxdDTGrH_g33bSiT8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIhvynjr70gAMV6wJVCB17ow49EAEYASAAEgK-yPD_BwE%26num%3D1%26cid%3DCAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ%26sig%3DAOD64_2IUwumYsxoyoe-_MUpkdJbpv0w2Q%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-BrJ6QBO5rYs_OSjNdfhsXevpRnFY4t_G32gUAZvyBvVQzdziltpNA9y1jaR-9Pz8FlX0lTNOPSP2-c800zxQ99KxNrpW0ph7s5DlPSW_N6_aivPX14II-YtJ-MZszpDEkBDyx9DFLzJArmAGBDJH8OZ75bTp4RCvxaV3tUWA4pkwMnkhc%26cry%3D1%26dbm_d%3DAKAmf-CXyxIhL52r-1g6cwrLcEhY9hEwZ48GmVDdzfzsNlkgcdZkg3H1o7WVAuHM6-OWk2vTfheBtv-ornrcLCAjNEE3vwO-fuKSJWeflxyC8DNO5WT37RkxQXQ93br5V-5RUHByn_MJyov0vzL1ytNLRgJ5v8b1Kc9MBilN0efcoaZRw1sFLyk3uklD9fCQNVCZLTWigaLMiXl1r3rCKBTg9dWY5AZbjKJAF48-pbiCpPr_Xwl54PxkM8vcPAHkYCnPVpp0DYC9Eng9xSCdkuHo1S3mFtITTskioaCrGS7JxercVfguD4_LKFO2sF8RvMDJ6W63bnzsasiKhVkJ15lcSBGGH2uOn-PGMZvo26KMGsR_7gd3M5_wcxww4uNz55DG6limLpkEHz3M7YOnkjMngU2kUOmdZPekE6Yoq141joQCHqCe6__qAzVfXo5Y-96n2CuhLCwuIz22I1yS2BDDVpky53QiQu6W8DA2qZDudojnDJlTdZ7uAANIGYbNsvILFmz5-Pl9eXc4vvRopjLE-8JCixdLzJTmCARK61KUUmhQBeyWwGAFZZ6VFnqQYKDMa2kXL0vnUde1Aut7jkG6XWF9shQI7CptYX1zRkcx1fBr305tK2wxPKhgQ0EpH3si1rYA8Rwd%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=6338325203991&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Thu, 24 Aug 2023 05:44:24 +0200

GET
H/1.1

200
OK

request.php Show response
hal900014.redintelligence.net/ Frame 66B5
Redirect Chain

https://hal900014.redintelligence.net/request.php?zone=e95xao572jml&nw=20&renderingType=javascript&namespace=7bcf07f7b2&subid=&uid=9601ad6d453603df&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900014.redintelligence.net/request.php?zone=e95xao572jml&nw=20&renderingType=javascript&namespace=7bcf07f7b2&subid=&uid=9601ad6d453603df&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

611 B
936 B

175ms
99ms

Script
application/x-javascript

176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/request.php?zone=e95xao572jml&nw=20&renderingType=javascript&namespace=7bcf07f7b2&subid=&uid=9601ad6d453603df&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x480&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCA3t-JuDmZIXROOuF1PIP-8a66AOm5b2gaeWYnKfJD_AuEAEg3rionQFglfrwgYwHyAEJqQJHMi6NJTmyPqgDAcgDmwSqBOkBT9AMWz38UGdK7RgG81Gt7P0SavKn3vI60IY7BXI9CQrCwl3dixQHzRYPuGYo7W5-TD2kBkv1NOMQDPRThkhDpv3rP_DzexTPqiBwvzI1xCOdS9vXZpDmjeTe-d-KoMxWN39sbewFTlqQTqpogkwjyZc5k1Q9GBxl3OiDU0EYCde4_z4jalW9cOoFYEl-L3q9A5YqaWL-npIcvwGaFvomlqddUu0cXZJZjXUGc90gHDCvy6ywA9DLMvGe3dXKKySQqGNgfX0LEYTOvKLnB5q77KRHXopSUOlrCjCMmrpTYgsBZF3DRK9MAqTABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIhfynjr70gAMV6wJVCB17ow49EAEYASAAEgLPIPD_BwE%26num%3D1%26cid%3DCAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ%26sig%3DAOD64_3IuFcm0-UEpkQ-bsl6Ky22WUXhwQ%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-AuOrm3-unHg5wopPwo-riEFjG6-yGdeRVEbqvoi_ZodELC2xYsy8jKTjbwC8fSTEk9tDv5cPIb6o0F8A0HZ-8r8tSNvEulOJMrW0Rl0ayr7z5sPNEU_J9MDTf1IMgi5cUlFjjrbqrgb1dgxefCZxr0tUuHFeVai9_S2grrXpOAcTbE53c%26cry%3D1%26dbm_d%3DAKAmf-DzJppIK3B-63_NgHwrWMhCPxfu4mh-5Hz0w6Somj0WOxI0s4xEY7dc4yuaAhRoaYZWivEYVIk4Rm4gTCFV-jkpXKIMH-lluzi1E3BxWSTNa6KMDCegYZZh3eUHIgOLpkltgwQhBVawqpY0ecquLTnzVH28os8E-cc_tx8tJIAgaGGhKcALJl3NZKcQGtMYKdg878HWqD4Urv3P-SzDm_zx7cIdXvN7ncDx333Quc9SIr8NesXPQNRYs8nVatsrjBHmLwk0kaDkuVF9rBIzoWb_3bCqNJdzQbanAZ4LGuRBqF92Euptp7fFZ_0zcNHXKmWHbAH3KC0z_O-d0Hz7giChw2EVBptCUO5z1gqcVMGZDzULkxsL83SlMjzBWG-R-DIJVwLFpaBsXiH-rEUgrn-qLedzFtD30vYqXmgc3LAgrtwvBnquddV9sZo_UmpPKTP6c1OcNHyZPwhaIPxoNW1p7n1K9h7CYo4qS0BY3w6ubebyrfD69bB71w-jLUKPnu0s8uz5HHfroaJRtLpdJVefR5Vt6Pvx_ZF3FVJWP6F_N9IcyRH6gAuKJBUWTbvaZXH0MR9GMooyifzO7fD1cJebbE0tnEXPgaJhOoRlqhZYplLGnqrjPO0xMClxXP2AgOQRSK25%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=932243168276&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: bacc7756e956eb10046e9412c36140190ada11ea12f0d9f0c8be73e6ec58ab6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 04:44:24 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 13456000010928104445008012426014
Connection: close
Content-Length: 330
Expires: Thu, 24 Aug 2023 05:44:24 +0200

Redirect headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 04:44:24 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=e95xao572jml&nw=20&renderingType=javascript&namespace=7bcf07f7b2&subid=&uid=9601ad6d453603df&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x480&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCA3t-JuDmZIXROOuF1PIP-8a66AOm5b2gaeWYnKfJD_AuEAEg3rionQFglfrwgYwHyAEJqQJHMi6NJTmyPqgDAcgDmwSqBOkBT9AMWz38UGdK7RgG81Gt7P0SavKn3vI60IY7BXI9CQrCwl3dixQHzRYPuGYo7W5-TD2kBkv1NOMQDPRThkhDpv3rP_DzexTPqiBwvzI1xCOdS9vXZpDmjeTe-d-KoMxWN39sbewFTlqQTqpogkwjyZc5k1Q9GBxl3OiDU0EYCde4_z4jalW9cOoFYEl-L3q9A5YqaWL-npIcvwGaFvomlqddUu0cXZJZjXUGc90gHDCvy6ywA9DLMvGe3dXKKySQqGNgfX0LEYTOvKLnB5q77KRHXopSUOlrCjCMmrpTYgsBZF3DRK9MAqTABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIhfynjr70gAMV6wJVCB17ow49EAEYASAAEgLPIPD_BwE%26num%3D1%26cid%3DCAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ%26sig%3DAOD64_3IuFcm0-UEpkQ-bsl6Ky22WUXhwQ%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-AuOrm3-unHg5wopPwo-riEFjG6-yGdeRVEbqvoi_ZodELC2xYsy8jKTjbwC8fSTEk9tDv5cPIb6o0F8A0HZ-8r8tSNvEulOJMrW0Rl0ayr7z5sPNEU_J9MDTf1IMgi5cUlFjjrbqrgb1dgxefCZxr0tUuHFeVai9_S2grrXpOAcTbE53c%26cry%3D1%26dbm_d%3DAKAmf-DzJppIK3B-63_NgHwrWMhCPxfu4mh-5Hz0w6Somj0WOxI0s4xEY7dc4yuaAhRoaYZWivEYVIk4Rm4gTCFV-jkpXKIMH-lluzi1E3BxWSTNa6KMDCegYZZh3eUHIgOLpkltgwQhBVawqpY0ecquLTnzVH28os8E-cc_tx8tJIAgaGGhKcALJl3NZKcQGtMYKdg878HWqD4Urv3P-SzDm_zx7cIdXvN7ncDx333Quc9SIr8NesXPQNRYs8nVatsrjBHmLwk0kaDkuVF9rBIzoWb_3bCqNJdzQbanAZ4LGuRBqF92Euptp7fFZ_0zcNHXKmWHbAH3KC0z_O-d0Hz7giChw2EVBptCUO5z1gqcVMGZDzULkxsL83SlMjzBWG-R-DIJVwLFpaBsXiH-rEUgrn-qLedzFtD30vYqXmgc3LAgrtwvBnquddV9sZo_UmpPKTP6c1OcNHyZPwhaIPxoNW1p7n1K9h7CYo4qS0BY3w6ubebyrfD69bB71w-jLUKPnu0s8uz5HHfroaJRtLpdJVefR5Vt6Pvx_ZF3FVJWP6F_N9IcyRH6gAuKJBUWTbvaZXH0MR9GMooyifzO7fD1cJebbE0tnEXPgaJhOoRlqhZYplLGnqrjPO0xMClxXP2AgOQRSK25%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=932243168276&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Thu, 24 Aug 2023 05:44:24 +0200

GET
H/1.1

200
OK

request.php Show response
hal90003.redintelligence.net/ Frame 25DE
Redirect Chain

https://hal90003.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=3436433acd&subid=&uid=892e3031b564fe0f&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90003.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=3436433acd&subid=&uid=892e3031b564fe0f&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

610 B
933 B

154ms
87ms

Script
application/x-javascript

138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90003.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=3436433acd&subid=&uid=892e3031b564fe0f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGuhPJuDmZInROOuF1PIP-8a66AOm5b2gadWanKfJD_AuEAEg3rionQFglfrwgYwHyAEJqQJHMi6NJTmyPqgDAcgDmwSqBOoBT9AX5C525K5oRSsKadt6UbXCaaPkDZWMDLMj16BYLjJpgCsgsrEu0PRy-JJM9vQxtB8V7vCItojRESemZevlAWrk_hb6CTXInYHhsQ1wV2lWUEsH3MdpHNkBTlG4jBKeMOeWwY5yVNUqZlXgf7Whs2c7CiGvYr-S8Zd0qyH6eHtOXl2VVNppYCNQs3asZmmkY8LMUcnT87MIIWuTCwIrlVWml5reVZrRHeMpz8XLn3yGEsM4GD7pevQGXo48UZzw9O-5gP7GENrzA3gqY7GLzQKjdnqpCJRWq5dnHEB2zKyjM8YvGRtV4rJJwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIifynjr70gAMV6wJVCB17ow49EAEYASAAEgJ-O_D_BwE%26num%3D1%26cid%3DCAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ%26sig%3DAOD64_0onhK0ZyA-mPkLzkrJXMmsc1-aBQ%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-BsIEpD5V5Cvhk2CshNCw_NnBOmAGJXS5-WPSY0kcM4FOEh_KufbGh-SUlO5LlUH6L_pN6gR6LY-NU0u-Knt4Tdlp81ARvBMMbh8Drq4tOB_YAc3oMXD5_nNAWAIJCiyPQ4MpZgwy-j90AyeWq_0qytf_JhSZUYczZsfFMWZuLhIiJg9mw%26cry%3D1%26dbm_d%3DAKAmf-AZVxXepMyt_S9amX1ckPOLDPmJ1tlMVNosTl1HBskrk7Uny5haK_geY-u5IXe5d_GQ7B37Xu2hfFAd04xxDHngt7hBacahpRdXRRzS0pvcWJVch--9ZILou7n4Itm0UrSKEJStmrVIkn3KzSZrx5y-bN2FAxbEZLGHA_4Z9m17PxFVVTOj7-HBAo2gVdqWw2qI3j8vxNd-vbYDlCFMOIe3_zn_pYbLVJMrn97fWY5N-xkvghRC97sSWUUZkRlIjArJISmU7EoePNTqy0jyfoc9abqJ2OFc-oPtyqxuOtgXW-3qGrhnaXfbXUHFeOaLpYtdTAS-V34rqFI7vTXsGlO7hkQTaDuGlxuYW13gCamR1jnZnafFatVtncXjnPE7cW1LD7ZH5lSi4L7iSZa3YhvbamnN4kD7w3t8w6FOvmmer1CZFM4SpOMKPjiBGNSypmI5BkTlealp9J_24iAqGUvNPMAfAJSMpmbLEIVFYbhuC3o4qU9Dnnba-6rrwm0deP9klC1Tb-cgB5-6tmlMa73yRAhpo8zZ2qBuy6Tboj8n7fWZqev73E262lEkeN2HqO0D9UbSAUwJWePXjGQKV0mDXfroGz7GSAniE0Ezivla7hxCBc9onznimVgmDOidMARN8wz3%26adurl%3D&documentReferer=https%3A%2F%2F25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fa2zapk.io&random=3741719297840&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 138.201.63.117 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 9434f1e4db105bb2c326f2947430918b3730293f112fdabe6cdece3c79ffd58b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 04:44:24 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 57295000009940204445006012426003
Connection: close
Content-Length: 327
Expires: Thu, 24 Aug 2023 05:44:24 +0200

Redirect headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 04:44:24 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=3436433acd&subid=&uid=892e3031b564fe0f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGuhPJuDmZInROOuF1PIP-8a66AOm5b2gadWanKfJD_AuEAEg3rionQFglfrwgYwHyAEJqQJHMi6NJTmyPqgDAcgDmwSqBOoBT9AX5C525K5oRSsKadt6UbXCaaPkDZWMDLMj16BYLjJpgCsgsrEu0PRy-JJM9vQxtB8V7vCItojRESemZevlAWrk_hb6CTXInYHhsQ1wV2lWUEsH3MdpHNkBTlG4jBKeMOeWwY5yVNUqZlXgf7Whs2c7CiGvYr-S8Zd0qyH6eHtOXl2VVNppYCNQs3asZmmkY8LMUcnT87MIIWuTCwIrlVWml5reVZrRHeMpz8XLn3yGEsM4GD7pevQGXo48UZzw9O-5gP7GENrzA3gqY7GLzQKjdnqpCJRWq5dnHEB2zKyjM8YvGRtV4rJJwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIifynjr70gAMV6wJVCB17ow49EAEYASAAEgJ-O_D_BwE%26num%3D1%26cid%3DCAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ%26sig%3DAOD64_0onhK0ZyA-mPkLzkrJXMmsc1-aBQ%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-BsIEpD5V5Cvhk2CshNCw_NnBOmAGJXS5-WPSY0kcM4FOEh_KufbGh-SUlO5LlUH6L_pN6gR6LY-NU0u-Knt4Tdlp81ARvBMMbh8Drq4tOB_YAc3oMXD5_nNAWAIJCiyPQ4MpZgwy-j90AyeWq_0qytf_JhSZUYczZsfFMWZuLhIiJg9mw%26cry%3D1%26dbm_d%3DAKAmf-AZVxXepMyt_S9amX1ckPOLDPmJ1tlMVNosTl1HBskrk7Uny5haK_geY-u5IXe5d_GQ7B37Xu2hfFAd04xxDHngt7hBacahpRdXRRzS0pvcWJVch--9ZILou7n4Itm0UrSKEJStmrVIkn3KzSZrx5y-bN2FAxbEZLGHA_4Z9m17PxFVVTOj7-HBAo2gVdqWw2qI3j8vxNd-vbYDlCFMOIe3_zn_pYbLVJMrn97fWY5N-xkvghRC97sSWUUZkRlIjArJISmU7EoePNTqy0jyfoc9abqJ2OFc-oPtyqxuOtgXW-3qGrhnaXfbXUHFeOaLpYtdTAS-V34rqFI7vTXsGlO7hkQTaDuGlxuYW13gCamR1jnZnafFatVtncXjnPE7cW1LD7ZH5lSi4L7iSZa3YhvbamnN4kD7w3t8w6FOvmmer1CZFM4SpOMKPjiBGNSypmI5BkTlealp9J_24iAqGUvNPMAfAJSMpmbLEIVFYbhuC3o4qU9Dnnba-6rrwm0deP9klC1Tb-cgB5-6tmlMa73yRAhpo8zZ2qBuy6Tboj8n7fWZqev73E262lEkeN2HqO0D9UbSAUwJWePXjGQKV0mDXfroGz7GSAniE0Ezivla7hxCBc9onznimVgmDOidMARN8wz3%26adurl%3D&documentReferer=https%3A%2F%2F25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fa2zapk.io&random=3741719297840&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Thu, 24 Aug 2023 05:44:24 +0200

GET
H/1.1

200
OK

request.php Show response
hal900024.redintelligence.net/ Frame E3EA
Redirect Chain

https://hal900024.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=836e58d5c7&subid=&uid=16e3ca3999e8b06d&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900024.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=836e58d5c7&subid=&uid=16e3ca3999e8b06d&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

613 B
935 B

174ms
98ms

Script
application/x-javascript

138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900024.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=836e58d5c7&subid=&uid=16e3ca3999e8b06d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCklL-JuDmZIjROOuF1PIP-8a66AOm5b2gaa2VnKfJD_AuEAEg3rionQFglfrwgYwHyAEJqQJHMi6NJTmyPqgDAcgDmwSqBOwBT9DsVCTvhBk1HOfJOTYWxG0kN5Af2WpCOMBIPuLXALW8HOIUvlFl2l53b8Pl1y4-K8sfAvKJHqYn8uXUAn_A9pmRgOYrjDAcO_fPkpKPxaP5nKljBD6_IthzbgSR_ysPIvJ9XD458eqg87_FD68Or9i7T4VkaMdCf-aOv9G-Si0stF9Mdhlwwwd6qSlJBp5RcW-Uf579BBkNls2h5goaEAxOTiWuSd8OUBE-TARYKdiikUr6lcOVtF4LJpIriI5QimIazw_-NPfacXQfRNqckc_9ZJwE69X5O7n0mDpeMHjNQT4tTGik81HzIyHABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIiPynjr70gAMV6wJVCB17ow49EAEYASAAEgIlEPD_BwE%26num%3D1%26cid%3DCAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ%26sig%3DAOD64_2GoEQszV9YHefSHB5YGPMJShMPDg%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-CQMCwG6S2ggyUC4ZclfyOvh1fzTeOljGZBIrikHnKKsXseOdghufTxo2kXvGPK8aS3b08w-nGHcKv3SqoE84gd1h_fvBC_QB-2K_C8l-VyFkvMWOfX1-e7fFBJdsznSG-3LoDbo7dNGkj9_RkYH2OFdUXCgYILCC8MTxgctgGrX_nfS-Q%26cry%3D1%26dbm_d%3DAKAmf-DvhpeiQRdSv8LFkJ-nYxljHMgoAFXbyJszX7qk996LnMAufdaHJ3DhL-71UG0H2B_KuXN91ZxdFdeI9VewSR4qGsr1mtMP_CMyvT_1Sny0hcqQOer2UQi5ENXBUiv9w4QiP8MNwvz286MS3cVPUynEmIgkiY4CtsheMaB4JELNbfpeojZrAWR1Mb4I8JMujym1MAmJfm0E76JfTsd2zJc71uUIhMD8SyybxRRNylMFl2nwj-J2nt2aIMoP0fyLNGkyCanWVmGsL7Zat0FdYGLXuGGj3uqiXbHdi5J9TV9tJ9A1DrnEkQKzhcuYDRep6PPfXcRaeeK87pXgznPK2ppjGS4utOME1EUj38Z6jH9jX0yUmazYTqBh-inW_Qn3uXb2HdPpXaV8sktyyL6ZjpasIxHQpRYWm0A7rzbr6JMxUpYXKRut1URuHX1XZDCWQrjruJy5c-qaGBpr0J-qFnvpBKEi1A2tZ5dIKliBdgCZ8sNhswNOF6WKmS00KwarliNpB1QFZ3KJJVpoz3x79s6kg0nHeNtuaf-gY6JQAgWUWawVYCzYOHeehlWf0j_UzCnyROCySnKLiD375I3SQFT0bYACz_HTEjZC2v5Hi3sQ2A1s99Pk_U8VlI-PdLpp7CoJFC9d%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=3202589641776&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: a3bd598167c4feeabdc2182e0857713b2839bd3df1f869624af8cbc0446cf9e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 04:44:24 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 83798300012773404444554012426024
Connection: close
Content-Length: 329
Expires: Thu, 24 Aug 2023 05:44:24 +0200

Redirect headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 04:44:24 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=836e58d5c7&subid=&uid=16e3ca3999e8b06d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCklL-JuDmZIjROOuF1PIP-8a66AOm5b2gaa2VnKfJD_AuEAEg3rionQFglfrwgYwHyAEJqQJHMi6NJTmyPqgDAcgDmwSqBOwBT9DsVCTvhBk1HOfJOTYWxG0kN5Af2WpCOMBIPuLXALW8HOIUvlFl2l53b8Pl1y4-K8sfAvKJHqYn8uXUAn_A9pmRgOYrjDAcO_fPkpKPxaP5nKljBD6_IthzbgSR_ysPIvJ9XD458eqg87_FD68Or9i7T4VkaMdCf-aOv9G-Si0stF9Mdhlwwwd6qSlJBp5RcW-Uf579BBkNls2h5goaEAxOTiWuSd8OUBE-TARYKdiikUr6lcOVtF4LJpIriI5QimIazw_-NPfacXQfRNqckc_9ZJwE69X5O7n0mDpeMHjNQT4tTGik81HzIyHABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIiPynjr70gAMV6wJVCB17ow49EAEYASAAEgIlEPD_BwE%26num%3D1%26cid%3DCAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ%26sig%3DAOD64_2GoEQszV9YHefSHB5YGPMJShMPDg%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-CQMCwG6S2ggyUC4ZclfyOvh1fzTeOljGZBIrikHnKKsXseOdghufTxo2kXvGPK8aS3b08w-nGHcKv3SqoE84gd1h_fvBC_QB-2K_C8l-VyFkvMWOfX1-e7fFBJdsznSG-3LoDbo7dNGkj9_RkYH2OFdUXCgYILCC8MTxgctgGrX_nfS-Q%26cry%3D1%26dbm_d%3DAKAmf-DvhpeiQRdSv8LFkJ-nYxljHMgoAFXbyJszX7qk996LnMAufdaHJ3DhL-71UG0H2B_KuXN91ZxdFdeI9VewSR4qGsr1mtMP_CMyvT_1Sny0hcqQOer2UQi5ENXBUiv9w4QiP8MNwvz286MS3cVPUynEmIgkiY4CtsheMaB4JELNbfpeojZrAWR1Mb4I8JMujym1MAmJfm0E76JfTsd2zJc71uUIhMD8SyybxRRNylMFl2nwj-J2nt2aIMoP0fyLNGkyCanWVmGsL7Zat0FdYGLXuGGj3uqiXbHdi5J9TV9tJ9A1DrnEkQKzhcuYDRep6PPfXcRaeeK87pXgznPK2ppjGS4utOME1EUj38Z6jH9jX0yUmazYTqBh-inW_Qn3uXb2HdPpXaV8sktyyL6ZjpasIxHQpRYWm0A7rzbr6JMxUpYXKRut1URuHX1XZDCWQrjruJy5c-qaGBpr0J-qFnvpBKEi1A2tZ5dIKliBdgCZ8sNhswNOF6WKmS00KwarliNpB1QFZ3KJJVpoz3x79s6kg0nHeNtuaf-gY6JQAgWUWawVYCzYOHeehlWf0j_UzCnyROCySnKLiD375I3SQFT0bYACz_HTEjZC2v5Hi3sQ2A1s99Pk_U8VlI-PdLpp7CoJFC9d%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=3202589641776&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Thu, 24 Aug 2023 05:44:24 +0200

GET
H/1.1

200
OK

request.php Show response
hal90008.redintelligence.net/ Frame C2D7
Redirect Chain

https://hal90008.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=f7357571b7&subid=&uid=3966db5845a35f8a&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90008.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=f7357571b7&subid=&uid=3966db5845a35f8a&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

612 B
935 B

159ms
87ms

Script
application/x-javascript

138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=f7357571b7&subid=&uid=3966db5845a35f8a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCtk9wJuDmZIfROOuF1PIP-8a66AOm5b2gaa2VnKfJD_AuEAEg3rionQFglfrwgYwHyAEJqQJHMi6NJTmyPqgDAcgDmwSqBOwBT9BoAhE2FAhS4RqS-vcyqqVZUj7GetClgYmtKA71rEN_ldcChopwiokGy5E-zroJDAMKFvvd-Wsri4zLEgIr6mjDGTtG8lgArenqI31POpfb-lOqjBKvu2XgVOPOox-Vqv4zm6JSvqjBAmPuTauVy-_GhLu5xzlwwubOKu543bU6eQOmxrq7G_3VjMGUuKeu74eupDzo7rn-FvVaSdB9PHN0leu6OgvCuCmXotI_jgkiUgswtgSA0K4d5F1f7QGDnaZlSgue76NgVcC2F3a0Ko0NHXrFrhC1XUG2Zvva7kRapGKcz6MxYHw0sVbABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIh_ynjr70gAMV6wJVCB17ow49EAEYASAAEgIURPD_BwE%26num%3D1%26cid%3DCAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ%26sig%3DAOD64_0YefWzfo7pcLuXcCBpOyuTxPtqkQ%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-Bv3jK4aDx1l3hXTdXw_sTGAdeO1s7r1ijVtN9Ao9jFh8Bz1cslJJ-NsSDNjlGElgWe_0Aou5ie9o83536eiv7hAQktvDXfrqM34d4XaDFBzLaetpMFc5Q2TWL6Elep85o9p3cnXic7si3kTpw6SXQ9QVI_-0si47okBIDbTe-jBLch9iE%26cry%3D1%26dbm_d%3DAKAmf-BXOq80OBJiJltAjTBn0076_B_oP97rU7A_pR7cMj3kiBTO9Xhv2tab5EYcgCviAp8N2kBwnVa97PnqHgRiKBrWwrkjoKhtNgiAW4HLDSlJAMd2feftlldSGBjOUycjRhpOqifztUc3A8nzEKXNJd23YC1DnMB_2-WTWPT5TiNnMElto1zb-DDh3-5hH7VumttitZZYcPi3fvVECs0ARCNENzWhvHd0vDHCLJZ3a2VAkc00eOFCbs9iCaOYdSuxyvxcYcUlu2ANgtqcHlmmwuxAZVMAU9IQpf7E_SXAAjlQ49tuh7_-TI_mgfwoB6Et-Aa3e0FnpC7jsjRK02OQpc-onWS7OfsTYhDa04AbYmK_ffRGxnAGmkoTW0ZTS9C2JTGMZFZuTDn_IFZWG0ONU2j_SYFWpLUXwa4dBXf2EnPMcwVV1RUVQ9Hpw5OvBhdqt39DbQTToBAFd90Wf9j2icDvgKfNAXKLw_FR7zsxJJEJ9fiHUkkDiSyVSqQXqtqq6AfObZCLYzTQj_72pHnS3DAhnImbjHb0uN1Gvzxo0xrPEtiIDvADf8i6yXwD_jS3cACK68U_Wvd6z0DeifYddbHucr2AkJz6HNd3U9B3BFcF-5tY0kvtYYGbGlwjyyjajk8Q2_v0%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=5743102721442&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 138.201.63.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 7a4b7e1ef83e8585933488d6b0aa44b19074f2f2784a40ba5362d4ba183cac6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 04:44:25 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 79706200010569904444554012426008
Connection: close
Content-Length: 329
Expires: Thu, 24 Aug 2023 05:44:25 +0200

Redirect headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 04:44:24 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=f7357571b7&subid=&uid=3966db5845a35f8a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCtk9wJuDmZIfROOuF1PIP-8a66AOm5b2gaa2VnKfJD_AuEAEg3rionQFglfrwgYwHyAEJqQJHMi6NJTmyPqgDAcgDmwSqBOwBT9BoAhE2FAhS4RqS-vcyqqVZUj7GetClgYmtKA71rEN_ldcChopwiokGy5E-zroJDAMKFvvd-Wsri4zLEgIr6mjDGTtG8lgArenqI31POpfb-lOqjBKvu2XgVOPOox-Vqv4zm6JSvqjBAmPuTauVy-_GhLu5xzlwwubOKu543bU6eQOmxrq7G_3VjMGUuKeu74eupDzo7rn-FvVaSdB9PHN0leu6OgvCuCmXotI_jgkiUgswtgSA0K4d5F1f7QGDnaZlSgue76NgVcC2F3a0Ko0NHXrFrhC1XUG2Zvva7kRapGKcz6MxYHw0sVbABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIh_ynjr70gAMV6wJVCB17ow49EAEYASAAEgIURPD_BwE%26num%3D1%26cid%3DCAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ%26sig%3DAOD64_0YefWzfo7pcLuXcCBpOyuTxPtqkQ%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-Bv3jK4aDx1l3hXTdXw_sTGAdeO1s7r1ijVtN9Ao9jFh8Bz1cslJJ-NsSDNjlGElgWe_0Aou5ie9o83536eiv7hAQktvDXfrqM34d4XaDFBzLaetpMFc5Q2TWL6Elep85o9p3cnXic7si3kTpw6SXQ9QVI_-0si47okBIDbTe-jBLch9iE%26cry%3D1%26dbm_d%3DAKAmf-BXOq80OBJiJltAjTBn0076_B_oP97rU7A_pR7cMj3kiBTO9Xhv2tab5EYcgCviAp8N2kBwnVa97PnqHgRiKBrWwrkjoKhtNgiAW4HLDSlJAMd2feftlldSGBjOUycjRhpOqifztUc3A8nzEKXNJd23YC1DnMB_2-WTWPT5TiNnMElto1zb-DDh3-5hH7VumttitZZYcPi3fvVECs0ARCNENzWhvHd0vDHCLJZ3a2VAkc00eOFCbs9iCaOYdSuxyvxcYcUlu2ANgtqcHlmmwuxAZVMAU9IQpf7E_SXAAjlQ49tuh7_-TI_mgfwoB6Et-Aa3e0FnpC7jsjRK02OQpc-onWS7OfsTYhDa04AbYmK_ffRGxnAGmkoTW0ZTS9C2JTGMZFZuTDn_IFZWG0ONU2j_SYFWpLUXwa4dBXf2EnPMcwVV1RUVQ9Hpw5OvBhdqt39DbQTToBAFd90Wf9j2icDvgKfNAXKLw_FR7zsxJJEJ9fiHUkkDiSyVSqQXqtqq6AfObZCLYzTQj_72pHnS3DAhnImbjHb0uN1Gvzxo0xrPEtiIDvADf8i6yXwD_jS3cACK68U_Wvd6z0DeifYddbHucr2AkJz6HNd3U9B3BFcF-5tY0kvtYYGbGlwjyyjajk8Q2_v0%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=5743102721442&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Thu, 24 Aug 2023 05:44:24 +0200

GET
H/1.1

200
OK

request.php Show response
hal900011.redintelligence.net/ Frame F468
Redirect Chain

https://hal900011.redintelligence.net/request.php?zone=ar0wka2ffzvy&nw=20&renderingType=javascript&namespace=1d00bccd74&subid=&uid=69a6d0eb5cf1d2d0&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900011.redintelligence.net/request.php?zone=ar0wka2ffzvy&nw=20&renderingType=javascript&namespace=1d00bccd74&subid=&uid=69a6d0eb5cf1d2d0&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

611 B
936 B

183ms
114ms

Script
application/x-javascript

138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900011.redintelligence.net/request.php?zone=ar0wka2ffzvy&nw=20&renderingType=javascript&namespace=1d00bccd74&subid=&uid=69a6d0eb5cf1d2d0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCC1VsJuDmZIrROOuF1PIP-8a66AOm5b2gaf2QnKfJD_AuEAEg3rionQFglfrwgYwHyAEJqQJHMi6NJTmyPqgDAcgDmwSqBOgBT9B2nO2_5dMdnCPOjiUVw9ZcynAxagU8IknBLnujkLNQi6N-eo0Sx9kT5-DGb6hk3Mh5VHeBpE8FKvy1GKGRJQxHFEK7H7Cun9VaK1QHTeoFOaDrUcfOXPjq74PzQfnycF4bSBA2aC5Vx00T0GGVG9tYkN1n0gdxGCodri_-mgn0WD7usyAuMBicBWj7d80V3ZF8Lm6YPanKtRA3P-jMfi7THFZTuMfilNvBdRRmN9WZWL9m1JmKabV1TzfrTmORlApztXFIg96II1LUQHx1ZXXLwbwBJ1ivgC1gradPALDikF8ZvxWZPMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIivynjr70gAMV6wJVCB17ow49EAEYASAAEgJHz_D_BwE%26num%3D1%26cid%3DCAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ%26sig%3DAOD64_3xMVahYqPyvgs5jMJWmCfkzgGchw%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-AtqVXKXZHeVBQbXLyqJNI4dAj5gj93qhH9J8TiDnS24k9gqmYDUCpre7l7qNX3wSzcLSDqjutJJHcUl0VD-Gcegz0k-_JJ5_s-j5ydd33FtI3tCuayFA7G6kq_Nspfa8aH-o7iwQu4ViAhPzH5tsbpon5ODkyDNLHzND5hFtE8SuhvnKg%26cry%3D1%26dbm_d%3DAKAmf-AHmR_htSUtlRs-H0LVORwxlb4u3vHRgScFGA9yl3g-y3HLkOfZ914EuVNMeT0a-_bocICHk7slVqzPoHU0XNEgLLqFOQJUTQWURlnOnI_pSlOnQShzpgXypi-mjemgCglndsYXb_eo_zRdi1GomuMO0jB_bZ7_y0kGnaxabTIKBrRcKNMMbJ7s52X3ylSq_rhgUYveFeuZEcRITbY6OWmf_zMt-SkGIud73D4ysdEui_CI5exCdbgnIOGymla9_UuK6O5ee6WhCz0yVgMiYIaFnUcPrLMH592PBLS0sNVkPLKUzOSi7wqwGtCTHCw9jtDmTVsyKMzlScw2ECZNgfUgTaHRf3qpxkvfIUL98VlOkt82TliD2oLjnkPEt5RfpuIUCHq3iyl9zi02bkobl_Pstfhh_WgLfjf6nbgjSjNqRaEfa0U19RFXR0XboKD6vx9LYUfGjLVCdljW_gdth6Rk56R61T46i470W0KwgnNH2XVjLlZ3Ila3qKUwPMjZIOtfdxkfRvQLQY3JanBV6BJf2crJLyzPeG1nZV48mJXlssy1s1CBE0CBDLUihZESTjNpo5HdGSWgEkT_5X1sZXwaelN9E95bggiEnohzDl7xDwAmQGK3o-4yChRQ_n-2GiIyha3Q%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=1758311943501&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Requested by: Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 410a44405ff0b4e8ca64f7d20ec1f9419e3edc8e457c7e602f150f2e3b813905

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 04:44:24 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 52310800013233704444982012426011
Connection: close
Content-Length: 330
Expires: Thu, 24 Aug 2023 05:44:24 +0200

Redirect headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 04:44:24 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=ar0wka2ffzvy&nw=20&renderingType=javascript&namespace=1d00bccd74&subid=&uid=69a6d0eb5cf1d2d0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCC1VsJuDmZIrROOuF1PIP-8a66AOm5b2gaf2QnKfJD_AuEAEg3rionQFglfrwgYwHyAEJqQJHMi6NJTmyPqgDAcgDmwSqBOgBT9B2nO2_5dMdnCPOjiUVw9ZcynAxagU8IknBLnujkLNQi6N-eo0Sx9kT5-DGb6hk3Mh5VHeBpE8FKvy1GKGRJQxHFEK7H7Cun9VaK1QHTeoFOaDrUcfOXPjq74PzQfnycF4bSBA2aC5Vx00T0GGVG9tYkN1n0gdxGCodri_-mgn0WD7usyAuMBicBWj7d80V3ZF8Lm6YPanKtRA3P-jMfi7THFZTuMfilNvBdRRmN9WZWL9m1JmKabV1TzfrTmORlApztXFIg96II1LUQHx1ZXXLwbwBJ1ivgC1gradPALDikF8ZvxWZPMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIivynjr70gAMV6wJVCB17ow49EAEYASAAEgJHz_D_BwE%26num%3D1%26cid%3DCAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ%26sig%3DAOD64_3xMVahYqPyvgs5jMJWmCfkzgGchw%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-AtqVXKXZHeVBQbXLyqJNI4dAj5gj93qhH9J8TiDnS24k9gqmYDUCpre7l7qNX3wSzcLSDqjutJJHcUl0VD-Gcegz0k-_JJ5_s-j5ydd33FtI3tCuayFA7G6kq_Nspfa8aH-o7iwQu4ViAhPzH5tsbpon5ODkyDNLHzND5hFtE8SuhvnKg%26cry%3D1%26dbm_d%3DAKAmf-AHmR_htSUtlRs-H0LVORwxlb4u3vHRgScFGA9yl3g-y3HLkOfZ914EuVNMeT0a-_bocICHk7slVqzPoHU0XNEgLLqFOQJUTQWURlnOnI_pSlOnQShzpgXypi-mjemgCglndsYXb_eo_zRdi1GomuMO0jB_bZ7_y0kGnaxabTIKBrRcKNMMbJ7s52X3ylSq_rhgUYveFeuZEcRITbY6OWmf_zMt-SkGIud73D4ysdEui_CI5exCdbgnIOGymla9_UuK6O5ee6WhCz0yVgMiYIaFnUcPrLMH592PBLS0sNVkPLKUzOSi7wqwGtCTHCw9jtDmTVsyKMzlScw2ECZNgfUgTaHRf3qpxkvfIUL98VlOkt82TliD2oLjnkPEt5RfpuIUCHq3iyl9zi02bkobl_Pstfhh_WgLfjf6nbgjSjNqRaEfa0U19RFXR0XboKD6vx9LYUfGjLVCdljW_gdth6Rk56R61T46i470W0KwgnNH2XVjLlZ3Ila3qKUwPMjZIOtfdxkfRvQLQY3JanBV6BJf2crJLyzPeG1nZV48mJXlssy1s1CBE0CBDLUihZESTjNpo5HdGSWgEkT_5X1sZXwaelN9E95bggiEnohzDl7xDwAmQGK3o-4yChRQ_n-2GiIyha3Q%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=1758311943501&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Thu, 24 Aug 2023 05:44:24 +0200

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/6493879008008578228/ Frame 0EBA 28 KB
5 KB 187ms
64ms Document
text/html 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dd0461220c3fe1a0946011521aa8e2160e59b4248f069b31552e15943c5478c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 581968
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5393
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 11:04:56 GMT
expires: Fri, 16 Aug 2024 11:04:56 GMT
last-modified: Mon, 14 Aug 2023 08:45:57 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js Show response
pagead2.googlesyndication.com/bg/ Frame 3FED 37 KB
14 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:57:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74802
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14636
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Aug 2024 07:57:42 GMT

GET
H3 200 VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js Show response
pagead2.googlesyndication.com/bg/ Frame 2DB7 37 KB
14 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:57:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74802
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14636
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Aug 2024 07:57:42 GMT

GET
H3 200 VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js Show response
pagead2.googlesyndication.com/bg/ Frame 8D4B 37 KB
14 KB 68ms
61ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:57:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74802
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14636
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Aug 2024 07:57:42 GMT

GET
H3 200 cc6b3873eb176a8a951ef41188915745.js Show response
s0.2mdn.net/sadbundle/6493879008008578228/ Frame 0EBA 131 KB
37 KB 61ms
60ms Script
application/x-javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6493879008008578228/cc6b3873eb176a8a951ef41188915745.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6c6dd40aae49f4a05c22b99e451d3230f78086a1a65d05e243f10e13942275f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 581968
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38112
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:04:56 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900024.redintelligence.net/ Frame 2D12 4 KB
2 KB 105ms
33ms Document
text/html 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900024.redintelligence.net/request_content.php?s=83798300012773404444554012426024&a=dd10c29e
Requested by: Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=836e58d5c7&subid=&uid=16e3ca3999e8b06d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCklL-JuDmZIjROOuF1PIP-8a66AOm5b2gaa2VnKfJD_AuEAEg3rionQFglfrwgYwHyAEJqQJHMi6NJTmyPqgDAcgDmwSqBOwBT9DsVCTvhBk1HOfJOTYWxG0kN5Af2WpCOMBIPuLXALW8HOIUvlFl2l53b8Pl1y4-K8sfAvKJHqYn8uXUAn_A9pmRgOYrjDAcO_fPkpKPxaP5nKljBD6_IthzbgSR_ysPIvJ9XD458eqg87_FD68Or9i7T4VkaMdCf-aOv9G-Si0stF9Mdhlwwwd6qSlJBp5RcW-Uf579BBkNls2h5goaEAxOTiWuSd8OUBE-TARYKdiikUr6lcOVtF4LJpIriI5QimIazw_-NPfacXQfRNqckc_9ZJwE69X5O7n0mDpeMHjNQT4tTGik81HzIyHABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIiPynjr70gAMV6wJVCB17ow49EAEYASAAEgIlEPD_BwE%26num%3D1%26cid%3DCAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ%26sig%3DAOD64_2GoEQszV9YHefSHB5YGPMJShMPDg%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-CQMCwG6S2ggyUC4ZclfyOvh1fzTeOljGZBIrikHnKKsXseOdghufTxo2kXvGPK8aS3b08w-nGHcKv3SqoE84gd1h_fvBC_QB-2K_C8l-VyFkvMWOfX1-e7fFBJdsznSG-3LoDbo7dNGkj9_RkYH2OFdUXCgYILCC8MTxgctgGrX_nfS-Q%26cry%3D1%26dbm_d%3DAKAmf-DvhpeiQRdSv8LFkJ-nYxljHMgoAFXbyJszX7qk996LnMAufdaHJ3DhL-71UG0H2B_KuXN91ZxdFdeI9VewSR4qGsr1mtMP_CMyvT_1Sny0hcqQOer2UQi5ENXBUiv9w4QiP8MNwvz286MS3cVPUynEmIgkiY4CtsheMaB4JELNbfpeojZrAWR1Mb4I8JMujym1MAmJfm0E76JfTsd2zJc71uUIhMD8SyybxRRNylMFl2nwj-J2nt2aIMoP0fyLNGkyCanWVmGsL7Zat0FdYGLXuGGj3uqiXbHdi5J9TV9tJ9A1DrnEkQKzhcuYDRep6PPfXcRaeeK87pXgznPK2ppjGS4utOME1EUj38Z6jH9jX0yUmazYTqBh-inW_Qn3uXb2HdPpXaV8sktyyL6ZjpasIxHQpRYWm0A7rzbr6JMxUpYXKRut1URuHX1XZDCWQrjruJy5c-qaGBpr0J-qFnvpBKEi1A2tZ5dIKliBdgCZ8sNhswNOF6WKmS00KwarliNpB1QFZ3KJJVpoz3x79s6kg0nHeNtuaf-gY6JQAgWUWawVYCzYOHeehlWf0j_UzCnyROCySnKLiD375I3SQFT0bYACz_HTEjZC2v5Hi3sQ2A1s99Pk_U8VlI-PdLpp7CoJFC9d%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=3202589641776&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: c277c6a90727f413a07d2f14e9ad9bb23e3624422a49de776772901371bb2a03

Request headers

Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1503
Content-Type: text/html; charset=utf-8
Date: Thu, 24 Aug 2023 04:44:25 GMT
Expires: Thu, 24 Aug 2023 05:44:25 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK request_content.php Show response
hal900014.redintelligence.net/ Frame 939B 4 KB
2 KB 114ms
37ms Document
text/html 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/request_content.php?s=13456000010928104445008012426014&a=510301e7
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=e95xao572jml&nw=20&renderingType=javascript&namespace=7bcf07f7b2&subid=&uid=9601ad6d453603df&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x480&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCA3t-JuDmZIXROOuF1PIP-8a66AOm5b2gaeWYnKfJD_AuEAEg3rionQFglfrwgYwHyAEJqQJHMi6NJTmyPqgDAcgDmwSqBOkBT9AMWz38UGdK7RgG81Gt7P0SavKn3vI60IY7BXI9CQrCwl3dixQHzRYPuGYo7W5-TD2kBkv1NOMQDPRThkhDpv3rP_DzexTPqiBwvzI1xCOdS9vXZpDmjeTe-d-KoMxWN39sbewFTlqQTqpogkwjyZc5k1Q9GBxl3OiDU0EYCde4_z4jalW9cOoFYEl-L3q9A5YqaWL-npIcvwGaFvomlqddUu0cXZJZjXUGc90gHDCvy6ywA9DLMvGe3dXKKySQqGNgfX0LEYTOvKLnB5q77KRHXopSUOlrCjCMmrpTYgsBZF3DRK9MAqTABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIhfynjr70gAMV6wJVCB17ow49EAEYASAAEgLPIPD_BwE%26num%3D1%26cid%3DCAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ%26sig%3DAOD64_3IuFcm0-UEpkQ-bsl6Ky22WUXhwQ%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-AuOrm3-unHg5wopPwo-riEFjG6-yGdeRVEbqvoi_ZodELC2xYsy8jKTjbwC8fSTEk9tDv5cPIb6o0F8A0HZ-8r8tSNvEulOJMrW0Rl0ayr7z5sPNEU_J9MDTf1IMgi5cUlFjjrbqrgb1dgxefCZxr0tUuHFeVai9_S2grrXpOAcTbE53c%26cry%3D1%26dbm_d%3DAKAmf-DzJppIK3B-63_NgHwrWMhCPxfu4mh-5Hz0w6Somj0WOxI0s4xEY7dc4yuaAhRoaYZWivEYVIk4Rm4gTCFV-jkpXKIMH-lluzi1E3BxWSTNa6KMDCegYZZh3eUHIgOLpkltgwQhBVawqpY0ecquLTnzVH28os8E-cc_tx8tJIAgaGGhKcALJl3NZKcQGtMYKdg878HWqD4Urv3P-SzDm_zx7cIdXvN7ncDx333Quc9SIr8NesXPQNRYs8nVatsrjBHmLwk0kaDkuVF9rBIzoWb_3bCqNJdzQbanAZ4LGuRBqF92Euptp7fFZ_0zcNHXKmWHbAH3KC0z_O-d0Hz7giChw2EVBptCUO5z1gqcVMGZDzULkxsL83SlMjzBWG-R-DIJVwLFpaBsXiH-rEUgrn-qLedzFtD30vYqXmgc3LAgrtwvBnquddV9sZo_UmpPKTP6c1OcNHyZPwhaIPxoNW1p7n1K9h7CYo4qS0BY3w6ubebyrfD69bB71w-jLUKPnu0s8uz5HHfroaJRtLpdJVefR5Vt6Pvx_ZF3FVJWP6F_N9IcyRH6gAuKJBUWTbvaZXH0MR9GMooyifzO7fD1cJebbE0tnEXPgaJhOoRlqhZYplLGnqrjPO0xMClxXP2AgOQRSK25%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=932243168276&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: 3b8f61e341ec742a42256c7457357a6b2de70f6798a95019724c0daea6f7ac75

Request headers

Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1505
Content-Type: text/html; charset=utf-8
Date: Thu, 24 Aug 2023 04:44:25 GMT
Expires: Thu, 24 Aug 2023 05:44:25 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame E3EA 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 93efa79094925dc54218e069404b6fd9950486ca68e10a58020cc3918bf93f01

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 66B5 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7ef5b07dfca37a502bab407d4c22b157b8da03cd1b677d6fbc8a293f2945dd8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 9c69f07deadda884c61396a404004929.svg
s0.2mdn.net/sadbundle/6493879008008578228/media/ Frame 0EBA 1 KB
642 B 87ms
87ms Image
image/svg+xml 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6493879008008578228/media/9c69f07deadda884c61396a404004929.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 581969
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 613
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:04:56 GMT

GET
H3 200 35e60908e3a830df0c098dc57e9fb916.png
s0.2mdn.net/sadbundle/6493879008008578228/media/ Frame 0EBA 18 KB
18 KB 61ms
61ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6493879008008578228/media/35e60908e3a830df0c098dc57e9fb916.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd02b5306f49bc23613dd599506bab5a73a3f1cefb1cdfa8c08f91cb88fb427a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:04:56 GMT
x-content-type-options: nosniff
age: 581969
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18512
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:04:56 GMT

GET
H3 200 6e63dc6db0229c6b77723858da8f9e7b.jpg
s0.2mdn.net/sadbundle/6493879008008578228/media/ Frame 0EBA 8 KB
8 KB 60ms
59ms Image
image/jpeg 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6493879008008578228/media/6e63dc6db0229c6b77723858da8f9e7b.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5285269c35d1500dcbd2686eb455790d6133945217bcd22ebaa42b5c30ff5e9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:04:56 GMT
x-content-type-options: nosniff
age: 581969
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8524
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:04:56 GMT

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/6493879008008578228/media/ Frame 0EBA 5 KB
3 KB 61ms
60ms Image
image/svg+xml 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6493879008008578228/media/6d7052ff6df13eae564657f4b45cc79a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 581969
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:04:56 GMT

GET
H/1.1 200
OK S-300x250.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame 2D12 70 KB
71 KB 174ms
55ms Image
image/gif 85.114.131.235
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/DE/S-300x250.gif
Requested by: Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=83798300012773404444554012426024&a=dd10c29e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.114.131.235 Weil am Rhein, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: srv21039.dus4.fastwebserver.de
Software: nginx /
Resource Hash: 8aa79a5d6fdffd63c26f013cd8f1bcb12ed624ef714702b5850cc30b673e6a37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900024.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 04:44:25 GMT
Last-Modified: Mon, 23 Jul 2018 15:19:52 GMT
Server: nginx
ETag: "5b55f218-119bc"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 72124

GET
H/1.1 200
OK S-320x480.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame 939B 80 KB
81 KB 166ms
55ms Image
image/gif 85.114.131.235
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/DE/S-320x480.gif
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=13456000010928104445008012426014&a=510301e7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.114.131.235 Weil am Rhein, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: srv21039.dus4.fastwebserver.de
Software: nginx /
Resource Hash: 41d2b9e4024405dbcba3d806a1cb5f2bdcc5882d59b8ac60023b7bcb2a9e0a8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 04:44:25 GMT
Last-Modified: Mon, 23 Jul 2018 15:19:29 GMT
Server: nginx
ETag: "5b55f201-14156"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 82262

GET
H3 200 ibm_plex_sans_500_normal.ttf
s0.2mdn.net/sadbundle/6493879008008578228/fonts/ Frame 0EBA 173 KB
80 KB 61ms
57ms Font
font/ttf 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6493879008008578228/fonts/ibm_plex_sans_500_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11ddde88c29ef7e51f5c03da7fde285085469879139d006f631a62dba9bbd069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 581969
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81411
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:04:56 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 94ms
94ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308170101&jk=1334174101539628&bg=!RkWlRQrNAAZGPLJIZjw7ADQBe5WfOF1_v2wEg1swllnKHwr4bDKEMwMbD_unCpMgmErRjLZH1-L668m0YR-XX-_3ExPvAgAAAU9SAAAACWgBBwoAUitEFPhMnsZ_TCBfW5GfwdIOPFVsmDsChIrIA3j-e-ZsBmxlFKhIk2DKdz9sd4YVnYo5fqb0sWGEuZaVDsAkqJ9atp1BESZZT5L-aYhIksR0pXSZAvgWprW5ExIWF8yxGFTwJFNFsfPQzzGEJuNFMqN8fyp9NZLN4tkF5syuJNqgo3WXnstdHjnGpF8WjmiODp76qgBYhHu4UUhfVRqJN1gtIBOuogLRiNd_yHaLMsy4cpczhfdLDF9SFTD3J6P_ahlR6mzfSRvnhvaQeALhtOyJEQZvJLZs4-OVr1BEhiJuQGjDNRJR5e1Cwu6dZgaShqHUMB0S3ws4hK86O2LtYZE29iKaWY03ALQtTVIG8cGqGNGQw8Jq_NiVK2BWrrar23LBcF-ASxZCKlQGqHGajT1sfIAYGZ2yyXuvnlQYRksLAN8cL2lC6K-jmQfFzrJDgadnPrkg6z0ODzMIBR0vwPvoynan4iS-koi-2HqsD-9zivyuSmCFW5-Uy81Qn6FbqRinErOmOpWlAa_PzUQv3hIfxWCgZ3iy8LAzKjXUJuy0OUydSKnMvlmFVe6Q3OswdK-iglIaI6hW6FdK2R0hophwN2XZwvbfh1FvJ-64ly0kWLhtY-kgvli8YsIjZgpK38QfwBsNt3Hep5vi7ahx_Dx4VZpMYh6hTgp00u4zpC-YCmkZu05e5Juz7ffQiqyh4oXF0eKq7SIQLHQGN5_T97WilV7Qf6E7hPwAtOCwmaUqk11i63HoB_IF_nafGB9ZwIwweyrswhCN8OccsZvtRKZvyxm-ay0Dc7siiwDtXm5nBuZI2a4wcp_bd8ouhlcT8JwugF6wFYiEkp8hdIEMI6OPvlt_nTPAaeUm7rJqYorAQza5buGTTDt7Vtaq104a5-UbhSa8CsUZXQ5qwVmv5YpJVj8MXvhTu6KfyjcTwiV9O8aLmwUvap7hOam8IAlC2lbedU1k8VFVy8YgTNFbJcAV1Zzp0SfZzAThpXxdCX3ZTXE0Uq5jPn0ldurDxGHjHG-VbWAn2SOqN1cSyZ7XMrUPx_l87CJzZFSBEHav9MlBByvr7VU35_MqzP_arR5ywBPZ6qcywBpNmqWSCSKeuqoL09zmYNJeE4mlDW3u
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H/1.1 200
OK viewability Show response
hal900024.redintelligence.net/ Frame 2D12 0
150 B 102ms
35ms Script
text/html 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900024.redintelligence.net/viewability?s=83798300012773404444554012426024&a=345350c9&vb=m
Requested by: Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=83798300012773404444554012426024&a=dd10c29e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900024.redintelligence.net/request_content.php?s=83798300012773404444554012426024&a=dd10c29e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 04:44:25 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 2D12 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK viewability Show response
hal900014.redintelligence.net/ Frame 939B 0
150 B 106ms
40ms Script
text/html 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/viewability?s=13456000010928104445008012426014&a=615bbd51&vb=m
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=13456000010928104445008012426014&a=510301e7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/request_content.php?s=13456000010928104445008012426014&a=510301e7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 04:44:25 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 939B 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK request_content.php Show response
hal90003.redintelligence.net/ Frame AB9F 4 KB
2 KB 103ms
36ms Document
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90003.redintelligence.net/request_content.php?s=57295000009940204445006012426003&a=1f56cc1d
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=3436433acd&subid=&uid=892e3031b564fe0f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGuhPJuDmZInROOuF1PIP-8a66AOm5b2gadWanKfJD_AuEAEg3rionQFglfrwgYwHyAEJqQJHMi6NJTmyPqgDAcgDmwSqBOoBT9AX5C525K5oRSsKadt6UbXCaaPkDZWMDLMj16BYLjJpgCsgsrEu0PRy-JJM9vQxtB8V7vCItojRESemZevlAWrk_hb6CTXInYHhsQ1wV2lWUEsH3MdpHNkBTlG4jBKeMOeWwY5yVNUqZlXgf7Whs2c7CiGvYr-S8Zd0qyH6eHtOXl2VVNppYCNQs3asZmmkY8LMUcnT87MIIWuTCwIrlVWml5reVZrRHeMpz8XLn3yGEsM4GD7pevQGXo48UZzw9O-5gP7GENrzA3gqY7GLzQKjdnqpCJRWq5dnHEB2zKyjM8YvGRtV4rJJwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIifynjr70gAMV6wJVCB17ow49EAEYASAAEgJ-O_D_BwE%26num%3D1%26cid%3DCAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ%26sig%3DAOD64_0onhK0ZyA-mPkLzkrJXMmsc1-aBQ%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-BsIEpD5V5Cvhk2CshNCw_NnBOmAGJXS5-WPSY0kcM4FOEh_KufbGh-SUlO5LlUH6L_pN6gR6LY-NU0u-Knt4Tdlp81ARvBMMbh8Drq4tOB_YAc3oMXD5_nNAWAIJCiyPQ4MpZgwy-j90AyeWq_0qytf_JhSZUYczZsfFMWZuLhIiJg9mw%26cry%3D1%26dbm_d%3DAKAmf-AZVxXepMyt_S9amX1ckPOLDPmJ1tlMVNosTl1HBskrk7Uny5haK_geY-u5IXe5d_GQ7B37Xu2hfFAd04xxDHngt7hBacahpRdXRRzS0pvcWJVch--9ZILou7n4Itm0UrSKEJStmrVIkn3KzSZrx5y-bN2FAxbEZLGHA_4Z9m17PxFVVTOj7-HBAo2gVdqWw2qI3j8vxNd-vbYDlCFMOIe3_zn_pYbLVJMrn97fWY5N-xkvghRC97sSWUUZkRlIjArJISmU7EoePNTqy0jyfoc9abqJ2OFc-oPtyqxuOtgXW-3qGrhnaXfbXUHFeOaLpYtdTAS-V34rqFI7vTXsGlO7hkQTaDuGlxuYW13gCamR1jnZnafFatVtncXjnPE7cW1LD7ZH5lSi4L7iSZa3YhvbamnN4kD7w3t8w6FOvmmer1CZFM4SpOMKPjiBGNSypmI5BkTlealp9J_24iAqGUvNPMAfAJSMpmbLEIVFYbhuC3o4qU9Dnnba-6rrwm0deP9klC1Tb-cgB5-6tmlMa73yRAhpo8zZ2qBuy6Tboj8n7fWZqev73E262lEkeN2HqO0D9UbSAUwJWePXjGQKV0mDXfroGz7GSAniE0Ezivla7hxCBc9onznimVgmDOidMARN8wz3%26adurl%3D&documentReferer=https%3A%2F%2F25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fa2zapk.io&random=3741719297840&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 77ad42e8990c4692692e14175ca40738110340df0379af6ab8be6d451a182762

Request headers

Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1499
Content-Type: text/html; charset=utf-8
Date: Thu, 24 Aug 2023 04:44:25 GMT
Expires: Thu, 24 Aug 2023 05:44:25 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 25DE 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23019f42fba78085cdae2e1eadb2511815ef3607b57d78a8003501859002f237

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK request_content.php Show response
hal90002.redintelligence.net/ Frame E169 7 KB
3 KB 120ms
37ms Document
text/html 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90002.redintelligence.net/request_content.php?s=54264800010084604444550012426002&a=3066094a
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=3778cd41e8&subid=&uid=1d3544385dba1d57&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCl3bOJuDmZIbROOuF1PIP-8a66AOm5b2gaYWVnKfJD_AuEAEg3rionQFglfrwgYwHyAEJqQJHMi6NJTmyPqgDAcgDmwSqBOgBT9BWATRFzZRNqSfM6U-eln3mJNEIplB8ZxtWv6dNMing5giY6jTg2bZald1qPJ-4n9mKmj3KYox5imymIxgr-4GbLAJnzZQWycRV3GJ4OwucsU8BqFZ5irOoDE7IeqRlMKeS7a3sKCVhRQaR5qiidlIjudfkicDVAsRRP5n6pRc8F9i_yq5cOeEE-1EbJAko245Kp1lr_rjPjgTk5KrA2ZtnpPtRp8F484zYGE2qkcdswfl2RE0X0KoXmHHISh5y_dgDVGf46MH-NKnEN6VYsJlP5bTUwLbbHVVoeAxdDTGrH_g33bSiT8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIhvynjr70gAMV6wJVCB17ow49EAEYASAAEgK-yPD_BwE%26num%3D1%26cid%3DCAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ%26sig%3DAOD64_2IUwumYsxoyoe-_MUpkdJbpv0w2Q%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-BrJ6QBO5rYs_OSjNdfhsXevpRnFY4t_G32gUAZvyBvVQzdziltpNA9y1jaR-9Pz8FlX0lTNOPSP2-c800zxQ99KxNrpW0ph7s5DlPSW_N6_aivPX14II-YtJ-MZszpDEkBDyx9DFLzJArmAGBDJH8OZ75bTp4RCvxaV3tUWA4pkwMnkhc%26cry%3D1%26dbm_d%3DAKAmf-CXyxIhL52r-1g6cwrLcEhY9hEwZ48GmVDdzfzsNlkgcdZkg3H1o7WVAuHM6-OWk2vTfheBtv-ornrcLCAjNEE3vwO-fuKSJWeflxyC8DNO5WT37RkxQXQ93br5V-5RUHByn_MJyov0vzL1ytNLRgJ5v8b1Kc9MBilN0efcoaZRw1sFLyk3uklD9fCQNVCZLTWigaLMiXl1r3rCKBTg9dWY5AZbjKJAF48-pbiCpPr_Xwl54PxkM8vcPAHkYCnPVpp0DYC9Eng9xSCdkuHo1S3mFtITTskioaCrGS7JxercVfguD4_LKFO2sF8RvMDJ6W63bnzsasiKhVkJ15lcSBGGH2uOn-PGMZvo26KMGsR_7gd3M5_wcxww4uNz55DG6limLpkEHz3M7YOnkjMngU2kUOmdZPekE6Yoq141joQCHqCe6__qAzVfXo5Y-96n2CuhLCwuIz22I1yS2BDDVpky53QiQu6W8DA2qZDudojnDJlTdZ7uAANIGYbNsvILFmz5-Pl9eXc4vvRopjLE-8JCixdLzJTmCARK61KUUmhQBeyWwGAFZZ6VFnqQYKDMa2kXL0vnUde1Aut7jkG6XWF9shQI7CptYX1zRkcx1fBr305tK2wxPKhgQ0EpH3si1rYA8Rwd%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=6338325203991&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 28d9d37f142d82e50bc0a7ac73a34a5254457ec1989f1e9f901e0759fbb4adc8

Request headers

Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2280
Content-Type: text/html; charset=utf-8
Date: Thu, 24 Aug 2023 04:44:25 GMT
Expires: Thu, 24 Aug 2023 05:44:25 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK request_content.php Show response
hal900011.redintelligence.net/ Frame 5357 4 KB
2 KB 108ms
35ms Document
text/html 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900011.redintelligence.net/request_content.php?s=52310800013233704444982012426011&a=6fef2659
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request.php?zone=ar0wka2ffzvy&nw=20&renderingType=javascript&namespace=1d00bccd74&subid=&uid=69a6d0eb5cf1d2d0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCC1VsJuDmZIrROOuF1PIP-8a66AOm5b2gaf2QnKfJD_AuEAEg3rionQFglfrwgYwHyAEJqQJHMi6NJTmyPqgDAcgDmwSqBOgBT9B2nO2_5dMdnCPOjiUVw9ZcynAxagU8IknBLnujkLNQi6N-eo0Sx9kT5-DGb6hk3Mh5VHeBpE8FKvy1GKGRJQxHFEK7H7Cun9VaK1QHTeoFOaDrUcfOXPjq74PzQfnycF4bSBA2aC5Vx00T0GGVG9tYkN1n0gdxGCodri_-mgn0WD7usyAuMBicBWj7d80V3ZF8Lm6YPanKtRA3P-jMfi7THFZTuMfilNvBdRRmN9WZWL9m1JmKabV1TzfrTmORlApztXFIg96II1LUQHx1ZXXLwbwBJ1ivgC1gradPALDikF8ZvxWZPMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIivynjr70gAMV6wJVCB17ow49EAEYASAAEgJHz_D_BwE%26num%3D1%26cid%3DCAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ%26sig%3DAOD64_3xMVahYqPyvgs5jMJWmCfkzgGchw%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-AtqVXKXZHeVBQbXLyqJNI4dAj5gj93qhH9J8TiDnS24k9gqmYDUCpre7l7qNX3wSzcLSDqjutJJHcUl0VD-Gcegz0k-_JJ5_s-j5ydd33FtI3tCuayFA7G6kq_Nspfa8aH-o7iwQu4ViAhPzH5tsbpon5ODkyDNLHzND5hFtE8SuhvnKg%26cry%3D1%26dbm_d%3DAKAmf-AHmR_htSUtlRs-H0LVORwxlb4u3vHRgScFGA9yl3g-y3HLkOfZ914EuVNMeT0a-_bocICHk7slVqzPoHU0XNEgLLqFOQJUTQWURlnOnI_pSlOnQShzpgXypi-mjemgCglndsYXb_eo_zRdi1GomuMO0jB_bZ7_y0kGnaxabTIKBrRcKNMMbJ7s52X3ylSq_rhgUYveFeuZEcRITbY6OWmf_zMt-SkGIud73D4ysdEui_CI5exCdbgnIOGymla9_UuK6O5ee6WhCz0yVgMiYIaFnUcPrLMH592PBLS0sNVkPLKUzOSi7wqwGtCTHCw9jtDmTVsyKMzlScw2ECZNgfUgTaHRf3qpxkvfIUL98VlOkt82TliD2oLjnkPEt5RfpuIUCHq3iyl9zi02bkobl_Pstfhh_WgLfjf6nbgjSjNqRaEfa0U19RFXR0XboKD6vx9LYUfGjLVCdljW_gdth6Rk56R61T46i470W0KwgnNH2XVjLlZ3Ila3qKUwPMjZIOtfdxkfRvQLQY3JanBV6BJf2crJLyzPeG1nZV48mJXlssy1s1CBE0CBDLUihZESTjNpo5HdGSWgEkT_5X1sZXwaelN9E95bggiEnohzDl7xDwAmQGK3o-4yChRQ_n-2GiIyha3Q%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=1758311943501&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 4ef03c4824a95b2ad0174a94f800138d6e262e1c9582263b457466719fa8c2a2

Request headers

Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1494
Content-Type: text/html; charset=utf-8
Date: Thu, 24 Aug 2023 04:44:25 GMT
Expires: Thu, 24 Aug 2023 05:44:25 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK request_content.php Show response
hal90008.redintelligence.net/ Frame 2344 7 KB
3 KB 109ms
33ms Document
text/html 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/request_content.php?s=79706200010569904444554012426008&a=c140bb15
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=f7357571b7&subid=&uid=3966db5845a35f8a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCtk9wJuDmZIfROOuF1PIP-8a66AOm5b2gaa2VnKfJD_AuEAEg3rionQFglfrwgYwHyAEJqQJHMi6NJTmyPqgDAcgDmwSqBOwBT9BoAhE2FAhS4RqS-vcyqqVZUj7GetClgYmtKA71rEN_ldcChopwiokGy5E-zroJDAMKFvvd-Wsri4zLEgIr6mjDGTtG8lgArenqI31POpfb-lOqjBKvu2XgVOPOox-Vqv4zm6JSvqjBAmPuTauVy-_GhLu5xzlwwubOKu543bU6eQOmxrq7G_3VjMGUuKeu74eupDzo7rn-FvVaSdB9PHN0leu6OgvCuCmXotI_jgkiUgswtgSA0K4d5F1f7QGDnaZlSgue76NgVcC2F3a0Ko0NHXrFrhC1XUG2Zvva7kRapGKcz6MxYHw0sVbABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIh_ynjr70gAMV6wJVCB17ow49EAEYASAAEgIURPD_BwE%26num%3D1%26cid%3DCAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ%26sig%3DAOD64_0YefWzfo7pcLuXcCBpOyuTxPtqkQ%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-Bv3jK4aDx1l3hXTdXw_sTGAdeO1s7r1ijVtN9Ao9jFh8Bz1cslJJ-NsSDNjlGElgWe_0Aou5ie9o83536eiv7hAQktvDXfrqM34d4XaDFBzLaetpMFc5Q2TWL6Elep85o9p3cnXic7si3kTpw6SXQ9QVI_-0si47okBIDbTe-jBLch9iE%26cry%3D1%26dbm_d%3DAKAmf-BXOq80OBJiJltAjTBn0076_B_oP97rU7A_pR7cMj3kiBTO9Xhv2tab5EYcgCviAp8N2kBwnVa97PnqHgRiKBrWwrkjoKhtNgiAW4HLDSlJAMd2feftlldSGBjOUycjRhpOqifztUc3A8nzEKXNJd23YC1DnMB_2-WTWPT5TiNnMElto1zb-DDh3-5hH7VumttitZZYcPi3fvVECs0ARCNENzWhvHd0vDHCLJZ3a2VAkc00eOFCbs9iCaOYdSuxyvxcYcUlu2ANgtqcHlmmwuxAZVMAU9IQpf7E_SXAAjlQ49tuh7_-TI_mgfwoB6Et-Aa3e0FnpC7jsjRK02OQpc-onWS7OfsTYhDa04AbYmK_ffRGxnAGmkoTW0ZTS9C2JTGMZFZuTDn_IFZWG0ONU2j_SYFWpLUXwa4dBXf2EnPMcwVV1RUVQ9Hpw5OvBhdqt39DbQTToBAFd90Wf9j2icDvgKfNAXKLw_FR7zsxJJEJ9fiHUkkDiSyVSqQXqtqq6AfObZCLYzTQj_72pHnS3DAhnImbjHb0uN1Gvzxo0xrPEtiIDvADf8i6yXwD_jS3cACK68U_Wvd6z0DeifYddbHucr2AkJz6HNd3U9B3BFcF-5tY0kvtYYGbGlwjyyjajk8Q2_v0%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=5743102721442&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e137a7d3af4f388750aed7bfe7d4ebd49fe60ffc383007fb23003d2b0755ba9c

Request headers

Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2291
Content-Type: text/html; charset=utf-8
Date: Thu, 24 Aug 2023 04:44:25 GMT
Expires: Thu, 24 Aug 2023 05:44:25 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 2C52 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5163adccae16eb4f86eb6b0a2298da1b5ddfa797a0fa544594baee3b43ea2a2f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C2D7 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7846f574cdcdcc1b761663a01f0fab940fcbe6193005d8b1cd3dfad9ea82d1f6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 9c69f07deadda884c61396a404004929.svg
s0.2mdn.net/sadbundle/6493879008008578228/media/ Frame 0EBA 1 KB
642 B 67ms
67ms Image
image/svg+xml 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6493879008008578228/media/9c69f07deadda884c61396a404004929.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6493879008008578228/cc6b3873eb176a8a951ef41188915745.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 581969
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 613
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:04:56 GMT

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/6493879008008578228/media/ Frame 0EBA 5 KB
3 KB 67ms
67ms Image
image/svg+xml 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6493879008008578228/media/6d7052ff6df13eae564657f4b45cc79a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6493879008008578228/cc6b3873eb176a8a951ef41188915745.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 581969
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:04:56 GMT

GET
H3 200 ade14ddece1fb96d3c38225539814db6.png
s0.2mdn.net/sadbundle/6493879008008578228/media/ Frame 0EBA 6 KB
6 KB 62ms
62ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6493879008008578228/media/ade14ddece1fb96d3c38225539814db6.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

703912524593a505b4b2e4380556ad8eb04f5bf22b2c57474f57e1928d473fac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:04:56 GMT
x-content-type-options: nosniff
age: 581969
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6377
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:04:56 GMT

GET
H/1.1 200
OK S-980x90.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame AB9F 24 KB
25 KB 149ms
54ms Image
image/gif 85.114.131.235
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/DE/S-980x90.gif
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=57295000009940204445006012426003&a=1f56cc1d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.114.131.235 Weil am Rhein, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: srv21039.dus4.fastwebserver.de
Software: nginx /
Resource Hash: e5741effcd117827c8468c0ca8b4312d3331925be9803bbcfa2cc6e7c3584908

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 04:44:25 GMT
Last-Modified: Mon, 23 Jul 2018 15:19:52 GMT
Server: nginx
ETag: "5b55f218-61a4"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 24996

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame E169 89 KB
32 KB 174ms
55ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=54264800010084604444550012426002&a=3066094a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 17:46:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32245
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Aug 2024 17:46:53 GMT

GET
H/1.1 200
OK S-728x90.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame E169 24 KB
24 KB 149ms
51ms Image
image/gif 85.114.131.235
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/DE/S-728x90.gif
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=54264800010084604444550012426002&a=3066094a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.114.131.235 Weil am Rhein, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: srv21039.dus4.fastwebserver.de
Software: nginx /
Resource Hash: 7c67dc1e9ecce0d3757d97792fd606effaa6fe799ebe7423aff81e26e07900a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 04:44:25 GMT
Last-Modified: Mon, 23 Jul 2018 15:19:29 GMT
Server: nginx
ETag: "5b55f201-5f90"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 24464

GET
H/1.1 200
OK S-300x75.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame 5357 12 KB
12 KB 155ms
53ms Image
image/gif 85.114.131.235
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/DE/S-300x75.gif
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=52310800013233704444982012426011&a=6fef2659
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.114.131.235 Weil am Rhein, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: srv21039.dus4.fastwebserver.de
Software: nginx /
Resource Hash: 9104212df7bb18cd2e0697773c91e0387ee338dfd3c3cf44c29e75744e5b464e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 04:44:25 GMT
Last-Modified: Mon, 23 Jul 2018 15:19:52 GMT
Server: nginx
ETag: "5b55f218-2f74"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 12148

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 2344 89 KB
32 KB 202ms
119ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=79706200010569904444554012426008&a=c140bb15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 17:46:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32245
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Aug 2024 17:46:53 GMT

GET
H/1.1 200
OK S-300x250.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame 2344 70 KB
71 KB 149ms
54ms Image
image/gif 85.114.131.235
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/DE/S-300x250.gif
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=79706200010569904444554012426008&a=c140bb15
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.114.131.235 Weil am Rhein, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: srv21039.dus4.fastwebserver.de
Software: nginx /
Resource Hash: 8aa79a5d6fdffd63c26f013cd8f1bcb12ed624ef714702b5850cc30b673e6a37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 04:44:25 GMT
Last-Modified: Mon, 23 Jul 2018 15:19:52 GMT
Server: nginx
ETag: "5b55f218-119bc"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 72124

GET
H/1.1 200
OK viewability Show response
hal90003.redintelligence.net/ Frame AB9F 0
150 B 34ms
34ms Script
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90003.redintelligence.net/viewability?s=57295000009940204445006012426003&a=18b9eabc&vb=m
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=57295000009940204445006012426003&a=1f56cc1d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/request_content.php?s=57295000009940204445006012426003&a=1f56cc1d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 04:44:25 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame AB9F 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK viewability Show response
hal900011.redintelligence.net/ Frame 5357 0
150 B 38ms
38ms Script
text/html 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900011.redintelligence.net/viewability?s=52310800013233704444982012426011&a=8d14a4da&vb=m
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=52310800013233704444982012426011&a=6fef2659
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/request_content.php?s=52310800013233704444982012426011&a=6fef2659
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 04:44:25 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 5357 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FD4E 0
20 B 94ms
94ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BR1WFKODmZMn8B4j33gO83Ki4BQAAAAA4AeAEAg&bg=!8vGl8b7NAAZGPLJIZjw7ADQBe5WfODjZPcRgkWju1KucbulnYK81cxG8e5LCc5Jy26DZnw_z0r7mhYT5akaa0ElGO5oGAgAAAy1SAAAAB2gBB5kDSUg6OoZidL9eh22Ida7klMllSxO_KhaqNMHyDjuJF4VMJ8m2AKKXIIdDS2RcYcuGEku66FHF7SOTL4pg3fdhxDHqgC_aSMl2WPIYZjiWoNE29MX5jjbxqnvV2BvXzCqjL-_htddYdhbvRtGPK3_AtDfpM7aa83hsVo3BinUgbZIcBBZHjyewQMyOCn_soZRYLFdt79GdFkssSEHTsOBTRDjG8S1ZKCzQlnYuvIST-7guksPUmkt0vkX3vCWwYEwmVj1YGj6W-n4189iQcYpwWmzn4tSxY-t_j_syF2KPi1xNA-jpVzuWrx42LcxOnTHzhRba7mwYuDvEiOITwya9SeN9vttaitKXZFRWo6Ycb_IIfE7IlPPRmMBZaFZdKvvFcmN9GSi6ZHq7s6IJOd2gHDH20f1XioylLALYUNvAVq_-R6e4DJ80sv5cC3LJjwUUEuo6rePpHueAnWdHcNjDxhbEVoNCC2lkfCy4uXy5TwitOxKzhcSN5kfiL7uHld08O6BCZdSzo3U4LP8eb0-DT6mhP94JzESgo7xeYcCAUHzapPdJ4KRAhmEYlWqdiMKhCJP1QzYDtKWxH8zhiVNiqaBnjrOtX6JZb1M4tNGPcpzhVlhdq0ebPUrQHny57r-scA4074foLnzD-J7g8o_l95GbnTpA02YP4btYr88TfqyIZFh-VJyhmeayf6AplGMe4jeVy9ap-IcURD7SUdinE7rtyAVLYs7XNvKN8CvIrGzgWgmtgDIm8MlgFYEvauwlWf0hQfpZzsjuvcFZ6m9EfvsW7Mdwo3lU6rEXNzvkhBqRSFh5rO0RBw0zexHt1l6o_5qgISwbmCKX1-aCkxeLfsm9Ub_MzQWtHXZizDWivOmBi1Itf1_a93rzATyYR2GwrysHL3Q3QPZY5yKybs4nBmsnA-I5MDKflFiFAt6oLOkdZv9byf7NySDPKUNTU6HTipDC2QOjAtX8eqgk8OK0_cVN1fs0VNiOY6OKzE2iseiHzoqkm-YB5_Aeif3KVsgrhrvf5suVGWnLwgbIKQK385djqpcLcxMhDSZs1k2yrZN8It2yr16y-646r7Z5c9n_HsTuvl1ZKf3pppYlV6tr2YH0nNs6jQvBcnc

Requested by

Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 81CA 0
20 B 95ms
94ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BuPgsKODmZPaVAfKcjuwPn4q8EAAAAAA4AeAEAg&bg=!0dKl0p3NAAZGPLJIZjw7ADQBe5WfOIpaFhrymbwt5ahGV6CASw-qDSCkrIPwJRMfsM5T3L0D6mjrt7UpKXCWpVQk_FQvAgAAAmNSAAABQmgBB5kDpp4Jmh9phUlfVWT9ObhynWBl455jiIRKlQE8nMWjpHah6_lf4or4r0O4jTIHb4BIj0YmSqjUNIkJQJKBwJJZbzKQsA7yrLlOx5oLSmTkrezg_yx2zHJjAMYA8QtUK_ykvOME4tFi4NIEt_83CpbtwPN8J9yv1S1dxV9gLq7nsRoBrx3wgRh9BCfEgWasZM0wrM161SC9oNR9nP3zG1pAfsYUBpM5yOfdvUSSMhjWT2ujwrjoKs2HGGJjowg3iyWd77vIQw_u-MENbkhtKCcS5edftk2SH2nEjLIugSHOQyK7Ptj4-A8uEygkUmWeiJ5oAHSnxxv8BuaZFyg10Ap-k9JpdfSmbL3BfB4ms3ekGZqEWLhmsqXl61o9wpOSYnOqM6I8jTilJ24y65POhkd_m5k8HUW4Mn8rwaTxeifoX_Km8dBkAHFb7tztS3psNbovyn_scs_X72nr2Y4_7j0NKxs7I1TFu_AM3VYpnxz6rEjiod6tCuo5kHboEZiaKrHAOh8gpSIbH3VzMC0a2Rt2d2sCaSWaZpBjqAGy2i3Qlg1kO7If1WMBU0CuwT7myyQjjJV3zySUZ6pEtdpJBzqUslVz-Zw9ucsAQ-7-tjXFX-lWDL15x-F71bxiOpq3KiYzOhPkjrsbFhg8DZfHSZbp40w1_LFDm1iIod3H25swmC-W_mSuoulCRAGn_82x4OyV6CykPpkD7xtVaO9AmFVnX2Z2x6-tRJAjkbH2ZrQvUs3ug5YRrjZWWZpB9gQhTdsGmoWerYJk8bWuJYh1x0JwqrpsqyRXR52aLC8zwg2gyvru9Rz7VA-GYZRkricZ4DLMrSCFFSU4VFowes9L--Eo2EgCJuz6audVbUHxVzdfstrPChblq0fMrrrP2zINi7ajKcPJ_aeA241acHQZvzYKgo7_1JcFh8ueLjTsGjRn_HOiegyHtl3IR-J6aLWbgih2KIcpQA41M40KFbpmHHANf58dQADC6lpHoSAz5lRbWpe2rPZ0iPlMHtVc6EGfJtHJtxBgO3tQy5fxDi1jqHqdyRir_F2jj_KFo93cHO0kDcyvBzVzi5CfxqzTZk08tA6tzrXd54t6tjrF5hM0j83ZrtA3D3TCPcfL74Pdp-RGW8gegKWmOcaoKCJtZokgjQH6iUIKLamHBrRZufGCvLgkThJxTqTwiz_UbPZYNVPUtjMdrAFSXedigpakG_hwrSkynUXZUAXlyydsZqmcRu2ZXCys6BCaTlE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4AC0 0
20 B 93ms
93ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BSYSnKODmZPiCCc6YjuwPy_CkyA8AAAAAOAHgBAI&bg=!hoWlhcrNAAZGPLJIZjw7ADQBe5WfOFy-dHzjx-2AIT_6kUCOEy8TZG8p9uBYN8z6z2VjoPHgDW0D3JKpgd5vrxNW3owrAgAAA7BSAAAACGgBB5kDL4y2PrPOiZe9Q7v8Nt8MHjmKCQifYtm7CdcdRClrmacnPu6ArKxfXFMds9rXOxtKK2_CyQK2EQdICFKQUpWzcW4qYXQclfd0M2MWu9ds3UZaPaHfv_LBjK-I0hPd5vwP0MvTT3JTf1yD5ZpNGyWqVp1IEMQqTLufkJP3Wb60W5-PpRQZrEvMbgQUejqHn9K-pYdJiqUw6GBTGASyDAjG_z7amgkNrFCEJZqCtmgNoenKJhBAkkgoXTgK9vhl1DaqRbSjENa82pfkiokrwfo3sXDdX37M85NL78SlJ-kRUD13WxbLFcLTj4YSnBRqfqAHGeKXztjSVjXsb4JDawj0xIXCN23qQJDF5bEgKKBo1uhGt4U-fvqk0ObXHZD2Oy-RlUgKThF4vdXXsu3KrldTQRoCcfwfZKENrJiE74pFnp_agcWcq3QBzZzvEszTYrpAHuuE0_48-pGPkqjM-wuhap8FCEm597Nb8s6NsmafODx5mgV4lxpxYttbZ6GLL1mf2eo7giSCo6-6ApCxxSg4RJ12g7RUI4aoTEuSZDJ2eztyZuBRaJYwGovi-V0pttJ6Tu1kOeLn06X6JUlY5hTdPFkldVWmaXsB-WcYZzJ56yHMi_1ywL2g1j44R2RAzvfLoskdHjkNzrcPaYGA3N3Ex5vGSrzx2BkrhvhH5g5LGqNqRlNT0LcM-K07yBkhqolCuuTmd0ml4sRp-OXwzmF-jhsHLbcKlhe05NT70nGVYAuydQMND-LOmt-YkSZotS6KafVXTawaTG_UrsRZ3nb2eG8fhV0rUJQTtT5_WS5DiB9Pjl6UyKrhkOGfTklJn0Xh9Ij3VBbLMIz3tBvR9Pk0xnQGPCtY2GzlVeiUkFFhepOovoXgHzXtDLu8N0uZ90qPKjQYT0DNrscytYEz9CWLFb5f72o5eDI-kvsY5EiVplPbPW-XYmzVk_aVZaYxANVRJboYT1uqsUysz9P3l4FyTHMlV9_9KpWeS8owdXxiULmpGmgpiymeyxo_4uA7lB5HsuO7go1dgoL1gr6VPwbyCknPa3DKoy3LCAADMGA8FqUVBggIoOv77J4nNSZRU4SU

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2DB7 0
20 B 98ms
97ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B9GtqKODmZMu-CeL33wOpv4E4AAAAADgB4AQC&bg=!LS6lLmHNAAZGPLJIZjw7ADQBe5WfOH-hyfh_x346Vwv5VjUFdv1whW_M1fpwPMBpHpJTzippgEM3giTfE3KcYoNVKcj8AgAAA2tSAAAAB2gBB5kDPAVkPbi5VGsgxxmVjjbQhTnCy2VsQOFSM9Y-8ZcIiPF3AaVa57UrqsubMnDfPewZ-GaarOHxFy9mR8e5EbH1P1-cpAFlsRgRC2KTi2eJrW3WL0Sp5oRGMuRM4Wca2K-JIOPsQ2lUwaDmGULyoZEMCRh0Sm1DHRGPrSJSH0KEYXqNd_VyDjx-X38vewVRtKtxCqEI3CsoEug24GA2pdv4glKlgTdNS9mhiijDS9_MGxrzfMu3W4wjJVm8wmEZOwm5tB0ypPldOdbvqc4KDwvGQ8Bq3HYXauBcDIWCFuSoqCOJACb4_hyfsr98Qip2CkCp3_rMV5-kLgQRzfclZH-LataE1ZgDVoivj-11zVg62zBH_IdLd88dJRWCRNKjQ1t9m0eQBnk83KvqOwKMN6RAfcsOIT17JfbjZP2LGn_A6XNTB3dPEzF27Cc41Q9WV-LNGBIP7pjct9cgx7jWbS3DXTE45ilGHS7pP0Jh8J9E4e2ns-LA_PsPzLBDG6oM421hmU9c8N6jqv8R5yNKpmtFuW-07dbFibQBkDhfMp93DaDdUS5Q38vzQ0hTLaTAfsnlQIL95uGK-hkz0Zatx7D_reL3nWwa1xZ8a8owVuktDmrn3iR-0p6d_E9SWKoJxpK7z6qoU4NsZEQltB2MAEniGjihhuANjb8MEv-2iAc27wZe0s9yLefJJ3j9zohMGMGUzmIrgRFpUywPyFFP0DviDfdu-wz3VsfMDtyoCZ5VKelw4fVsuOGoAutraQ4kxJm4iMl87TRn5obGcMM3oGkNNeOx2YXrghe_ebRVFHz_rxxFiNGLIYsOwlvEBCFSAbVxXb8_3y8lcFNYnKroIwNLJe1MzO8v3928pdiWz8rBK3aK0jfq1lMGo7cbFvNPo8a3onapihkOh6_d5weI_Og_W173ZdpzPVLnzMpWgxa2rzkoFetyTqXCNqvNr0GTQ195lpb7co_euBo-cVBO1ZdmeEAgAupSBUApD4qN-DUg99tolJVmXQnIsoM-LC7AMK9IXTy3YHoauYtNT81vIa7vmucQjHC44uoC-PPHajGdeZG7x1is4I9-jGA5UMoFyYS19Bu9NJGrANje-8uqzw

Requested by

Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4254 0
20 B 94ms
94ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B9S5NKODmZJjoBpLT7_UPiaCVsAUAAAAAOAHgBAI&bg=!zM-lz4DNAAZGPLJIZjw7ADQBe5WfOCSz2WNFvXtHcMr0IBxYPuObeMFYpp6exVtEt4quNMfwut_HwuQdXgwBzosbisYuAgAABBhSAAAACGgBBwoAQFzOPDk_4c3u4wOEOKdinwewb_yQ4Dzi48nPXTmc518XDWG3PF7uSRm_PE_sfzL2pioTbL2XziqkKAcm_pCVdSyZAzYXhtpY9lidYUHz8b4NWsWNt92ywf595v7vSflynCxTBG2kzQmxpaEiwABLG3hRnRIR9I7EHq-XrG-cg8QtMRyD3b8bea7RgX1ln11Z3L0FhIGIZc53qH3BIQDeX1MbHbRo2Fe9Z4YKD3RW2YbupWaBRsigHwQKa9BuzlfENUYEQ6UOxKUveA2kzEzrtW0-JuzWE-xcYUdM9ZpHxC2qWAdMBYHbKlTFc9qb2frrv2_UYox1MrntC9TZLBulMm_4gJ0CmO0PwrJwnsbYp3v14Q6FADmtvHMhUw3jIGm7YNi4k17CZCLCWl7Nu88BllXBzS0oiyw_ZyLjUO73epru_Oq_EYDjrizT70QZYRm11yDF_iRWiIjh-6LAdyjcMZFX8GUXCY_jVgR9ocO8T-8ITV5QVXNK-eD42s6sQUDoUsymYlScox60ug-EOupcBOfQ5vWfRBomeKe8PYN14uke8fLy49QSXCVsKTjAi2iuoI0ijTYLZbMnJZtEyQ3uBU4O8bI8gMq0uZ7leN_brBR5lhCQIsuGSncCDrLZsoNdIlQh4fUx6uyncEL1AXoVK10Sk7zc5EpaNpF-Mhnr8_521UuWeXIrDqiunNWdtpZINGI6g0-jCsGF434Z788ZU_O3_L0Vc6OQhLLgPGhnSwxxhzBkf4WrlAi-cLMEIm5g5-SZBHJ9gIAsnJ4qDOVW-5bbHu0jq_kZlWeluGjIDC5pCg31twqwftzdzcpQD6VIszoFZFmdNFGSOgEe7VYmpHmYvP4QF7uZzCOKieuC3jh19yoRqSVVt36UXlOjzUhlaeQAbea8V9FE0FB7WmVLtfNTQA0g9rsAfkP_B-tGNJ1rjaa-InERLqMkHr6w6UYmKGV7lG5NL0GeCyvVcHY0U5u6VX5y__9TYiXUk9By7a1DsMln-BoO-aKTwB8EtDJyYrhG2Q4ni4-uvhHE1bHbuX0QD--_dXrykmOaOmMDXeNdwIpmCqTsL-skvPeWKHsG6YqLKrAZTKl46faxA76-JEaycly9aC5Dvg2AZoOVA-wPRlrwNq3vLsBETcwKh7jcmthTvvtvih6N5YNqwoU0C2Icj3SLHf-bKps

Requested by

Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3FED 0
20 B 93ms
93ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BLj5eKODmZLGKCcy-gAeY_YvIBgAAAAA4AeAEAg&bg=!f3ylfDPNAAZGPLJIZjw7ADQBe5WfONcZM22Is1s7ifQUmL6tIu8XXLL-hLafSfe-FOTINzJuSyCu287jv-Bu3m90_Gb3AgAAA3hSAAAALGgBB5kDO2qNEp7KQItdKILIN0YMXdQZT6Lkl-4BQtI7qMOM03pSX6O_FB3hZaKfH6gXFk2Jay61ngS6CWLdw-uTdnF00nPAiicfwJdlJGZJOyNfB5Bht1Kql06zTD-pDlPHDLwMxtEhgtWUrAGdMrZ6R1dBN07zTa1Pmweg4ZUmNrQf8vW-1XCt-00HssHAdC7gjC-gYF9YgTG_sKv7kJALqn0ov-T9oYryYrryhXctoBkp4TplMol3PUERtm6YfLLl-Ra-Sf-43N4IczlsTyhrWf1SMQv2tpXa7XBM-ijX-L5PfXUU9R6e4EDmk-1xBwSfFyHlEnVx99ZiO_i02rcuERen4h7SH9vEiqLcQs7XDmQIGKjsi6pXEqOo22p3xrhK_Kau2V88MrWiEPTqw9R12_YCuWZTQHfd_2ORIFfEn6Kqm4Q1vx2T2KVEBnde-CzgaP4_rlxN1mOpqFGSYU1Pg60My1mX6_ZjHOJjYPa9NsY4PB3_W-8PrDRS0Fb6Q0uO15j4A3UUcxCOgJjKfsE5CCRTy96x485t-jD-KZllb932Bku-U8XCzg7SSnK4byQ7PqACKl3ESxCwdTuzJbcRf9CCGQwuweRoeCPYWj4-B3Zns9o5CayiBzvypnUoFbHZsF56vqpW-Rj4Qn9mzK0liWvQbtIcL_JtduLuMQmPPANe1cxvqGkp7GU2zApFy9qhUziuabGaWAxYvRM-9EUTGDq8j0eJHj6490DH-c-n7SbsFW48rIoafiwrxXWpEV-qBY8XxDeW84UX9m9990VI790zKubBauOEsWxCp2a0-KT8TdPif8kfuJ2kPsFGr_AYeJrq46-pZBgLUn2sddewtTFbC9Oq861EWIIQ6Gwmz8UvguAYgw80hcZUVqtF6sySHj8gt4aPl7EU2K1peW06sLaDZmpv-HBgX_vUuepBJ3OhvJ8Ut-T1-JAFmt7GIoejjStGOu125fSnq9ZBJD5xXRCi4g39avN2c_ZwOzYbvJZrscVM8nD0vY-9Nbcu8ZPzuJejKSZAXdBd8lw0hs1lb1FW6PFsulFPDFuT9CLltkb6zwQEu9DuYDFkTE-eKrKwUOYWkFD6a0xB1EJsVcX1

Requested by

Host: 25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
URL: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8D4B 0
20 B 94ms
93ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_xa_KODmZNDWCZqSjuwPnqugmAEAAAAAOAHgBAI&bg=!FhWlFVrNAAZGPLJIZjw7ADQBe5WfOOs0kozdih_P_SFtdJSZvvf6CkSsSNQLD4NEYti_DYhcW5uFhyotf1VCq4ZgMBOTAgAAA05SAAAACGgBBwoAC_IM8wG32MRHdP05mQNrfInHpIrvVvhPhLuysCDrR93d48zumUJwQRzZ8nk3x4W-KMmePqvFVIS00RhBewIRcVuPq8vr2NqhPnWf8F9rH3yh4vt9A2iYz1hhepRpCXcPHgufCl_GyJfqjKDSvnaG07GkJSKKHF3i_An64j_NUYcxXB7wnhS_zyf8owJzP35B0YgRv20RCkWnUzuCgwuXWBUCpO5zi1JC6BiBVhsnxFf-ty3yB8sGJ5vLVV7czaepfVOnzjSi8qHPfjS_hDQqVbPWqusfGLA8QtksNVeDJe6-98GCeUMxVe_Fd2FUxMchU0guBAEiKyINmx-1NFBEMvgkuTl7ts0bIX4EZFuy3My5Z4cehFDUMme9m6uRjng3zisfDSA11VNTafwUkYMKjUZa48nKBKAQMvqhhihl-kBJK1jZt5ud6zGuPZCCnAb-nnG8ddN_gxIWc82dUi9T6gCnct3tVl9hLhQkjyuanqKtJvwCM-k5XHmGwinYzrnbYFInYNC8lYEj_qfDPDGrNBZ_-gHq7cv6sMCwS14wjFX4tMAXeCtOhOPAmEwe7Y40828h_qsylFCfsdR7ksEseuxziRp2vF3dTc9gzeujhwRKGJRt8_oN7b6n3oaaBDfdUTsoZd7WC7BrL__XGPJuk_lqjjjx54FwPInOnvs7A_-diuyxxHdGHCmJjJI6G2dAhCa3_FQ2Vjh-svVp2-38Uvf1sPwp3PIj-0h9WzoQbY761sS_VPIzN9yuYFoKMn-TZZYEnD8beZIYhSKZpp9YlAMtk4KPZLRWy_aU13hmqHUD27pp3IIhw8k0OVJgHTnVztDcnBnvQb95Tgacv6zaXB6_fbnzs-s7xU3QAxvz2Cs6dRQ2hAPyR28V12Zee3f55Tr-bulaidfwxm0AcFR0C4a75R_xdJNNDRlWxRXEzNEqrq5JbYPQ-Vpd7pRZgjLDAI_9vzGE6U5C8I2-hRbMFBL13Q29igrXdnYI0Ph7-RE6ElOjfUXeZp-me0VAzsBgfJDhgj9qojIuPEfwtgH14tTBuU0f6QUCfmJ5p9C92AT7Bq_GAdExAeQdRZckNj8jbvbccKhAL6O_cEVIf3fpHeJD7wuDzmHTEL7igrHRYJnz3mzIWjEmWG01FsAUwXPsBmg7u6lwBlCYS2dyvw8RYE1cSJ_fV6hcVXM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal90002.redintelligence.net/ Frame E169 0
150 B 34ms
34ms Script
text/html 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90002.redintelligence.net/viewability?s=54264800010084604444550012426002&a=8893b406&vb=m
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=54264800010084604444550012426002&a=3066094a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/request_content.php?s=54264800010084604444550012426002&a=3066094a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 04:44:25 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame E169 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK viewability Show response
hal90008.redintelligence.net/ Frame 2344 0
150 B 34ms
34ms Script
text/html 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/viewability?s=79706200010569904444554012426008&a=ab444d43&vb=m
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=79706200010569904444554012426008&a=c140bb15
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90008.redintelligence.net/request_content.php?s=79706200010569904444554012426008&a=c140bb15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 04:44:25 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 2344 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 25DE 42 B
174 B 95ms
95ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvPk-ALu6iOiAEjkk0CdH3GOOA2KvAW3frHExKf7ODaoOC7ffdvjIfMh9a00qAZ8oz635LLXka6f8VA9YOWZLmzEi8HFNFKlm_hSFCMtwr5vJ44Ypk7Us5RuEjo6f7j7BE&sai=AMfl-YTd2rnTZOTT8mw4y_xseoriCDF6kYa15EK5gKZB0I28bqYkZr0TgacbcnAlz8sjC5quKXKPimQPOjQfE_9NJMHgeBOycrX-mmo1US-aTcH8pke51Hn3dVCBIEgILLDCS_vvlFLtWdQla5wNpQ&sig=Cg0ArKJSzNOmSYO30GfhEAE&cid=CAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ&id=lidar2&mcvt=1000&p=0,0,90,980&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230821&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1309157062&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692852263611&rpt=1607&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2C52 42 B
108 B 94ms
93ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsupDfgZ3_uzX8E1jKijZeJA0Hxp6mEVvJbkRzkI6rX4oZ_pQiaWupQQ73TEZBvTTh2rVbe3Q2IHE8d5gAvbH4APsKor6izkfQhhwcoeZoi1CCm8dPYZcg_MsHDpmMBEjJM&sai=AMfl-YRMOtmdv10RYJA9WAZk3bfx6Vvnk0-iNP6Y8QIhphCUlnE2quDLpqV4X7peIvhJe8OGk-aXCRKEHILm4p8oxQM-6qi-KFXrRfNY6AwnXk_dhB0cM73PsYST18cPbx1dMmnU0jeSfzqVwqKuAw&sig=Cg0ArKJSzFez1yP5ce1FEAE&cid=CAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ&id=lidar2&mcvt=1001&p=75,436,165,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230821&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=299942153&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692852263448&rpt=1901&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5745 0
20 B 91ms
91ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9647013791957&version=m202307240101&ct=76&x=1&cor=11856948659799253000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C2D7 42 B
64 B 95ms
95ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvdrceRV0REKbQkOMJNZjnxYkm1qLekqUF1hjQhaGljg_jEvg8Elr7ySQHSBFXSgIul-ifRPpb0BSCz1kE8LjcE4X4-9Ku6mfIfQRBlZ9anIP60V2m2ZKxQAaww4_6UewI&sai=AMfl-YRZZbzYubfU1_zQ255La4iRemHUh7mmsgADQ2uN5ygQ05df3xduGMoDJRZKuocMgx9Y--cvPsja6zMgw5RnQ0SsOXze5AlQawEdK63KKP43EcS9L-agofCj37Rsnw6Dw8piA9bWmPNlHXKx0A&sig=Cg0ArKJSzIo4delWuEJiEAE&cid=CAQSTABpAlJWad0Y8GMDs1SISk1kIUoFD47c5PUV-Lwlhb9JiggWtauG0pbxbMIFDdonFMJ1VOuYctDEJDtaH-GZkAlpToeqUjwaREn406gYAQ&id=lidar2&mcvt=1000&p=539,278,789,578&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230821&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2763825005&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692852263459&rpt=1972&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E3EA 0
20 B 91ms
91ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8598084017264&version=m202307240101&ct=77&x=1&cor=41534760017471460

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 66B5 0
20 B 91ms
90ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7095434044503&version=m202307240101&ct=77&x=1&cor=15218381105736794000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal90003.redintelligence.net/ Frame AB9F 0
150 B 102ms
35ms Script
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90003.redintelligence.net/viewability?s=57295000009940204445006012426003&a=18b9eabc&vb=v
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=57295000009940204445006012426003&a=1f56cc1d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/request_content.php?s=57295000009940204445006012426003&a=1f56cc1d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 04:44:26 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 25DE 0
20 B 92ms
92ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2468031927865&version=m202307240101&ct=77&x=1&cor=951578651274809000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F468 0
20 B 91ms
90ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6944414019007&version=m202307240101&ct=77&x=1&cor=14371588974816954000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal90002.redintelligence.net/ Frame E169 0
150 B 99ms
34ms Script
text/html 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90002.redintelligence.net/viewability?s=54264800010084604444550012426002&a=8893b406&vb=v
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=54264800010084604444550012426002&a=3066094a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/request_content.php?s=54264800010084604444550012426002&a=3066094a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 04:44:26 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C52 0
20 B 90ms
90ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8071095380831&version=m202307240101&ct=77&x=1&cor=114898442525193120

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C2D7 0
20 B 91ms
87ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2510574505802&version=m202307240101&ct=77&x=1&cor=5296299607446345000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 04:44:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal90008.redintelligence.net/ Frame 2344 0
150 B 99ms
34ms Script
text/html 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/viewability?s=79706200010569904444554012426008&a=ab444d43&vb=v
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=79706200010569904444554012426008&a=c140bb15
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90008.redintelligence.net/request_content.php?s=79706200010569904444554012426008&a=c140bb15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 04:44:26 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/6493879008008578228/media/ Frame 0EBA 5 KB
3 KB 58ms
57ms Image
image/svg+xml 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6493879008008578228/media/6d7052ff6df13eae564657f4b45cc79a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6493879008008578228/cc6b3873eb176a8a951ef41188915745.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 581973
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:04:56 GMT

GET
H3 200 18e69e740fc2e818b3a337f11496090b.png
s0.2mdn.net/sadbundle/6493879008008578228/media/ Frame 0EBA 13 KB
13 KB 60ms
60ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6493879008008578228/media/18e69e740fc2e818b3a337f11496090b.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb9055d4402fa3bac664d6bc6eed253ecadbecd5a618ed1d1b23bf08a7571bc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 21:11:06 GMT
x-content-type-options: nosniff
age: 459203
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13192
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Aug 2024 21:11:06 GMT

GET
H3 200 ibm_plex_sans_700_normal.ttf
s0.2mdn.net/sadbundle/6493879008008578228/fonts/ Frame 0EBA 172 KB
75 KB 65ms
65ms Font
font/ttf 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6493879008008578228/fonts/ibm_plex_sans_700_normal.ttf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

856c41d7d47bba74b107e526ef8f49968fb2a3a129cdc3c5ef5899ba3c2dc181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 581969
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76650
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:05:00 GMT

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.a2zapk.io/	1970-01-20 23:50:12	Name: _ga_SS5VJ1BTPE Value: GS1.1.1692852262.1.0.1692852262.0.0.0
.a2zapk.io/	1970-01-20 23:50:12	Name: _ga Value: GA1.1.1489411320.1692852262
.a2zapk.io/	1970-01-20 22:59:48	Name: cf_clearance Value: pvrznMLccS6NdjuRJSBqGXUWtMPxZT8gEhRWBBV5hGE-1692852262-0-1-110b713f.b1bfb5b6.460a2edf-0.2.1692852262
.a2zapk.io/	1970-01-20 23:35:48	Name: __gads Value: ID=a6fde69ab2a476bc:T=1692852262:RT=1692852262:S=ALNI_MaWD9FkbGWEy-YAgtsR5rqzmJW3wg
.a2zapk.io/	1970-01-20 23:35:48	Name: __gpi Value: UID=00000c66413c0f7e:T=1692852262:RT=1692852262:S=ALNI_Mb1MeL-992_bM9B5JKO3RHH-sjpmQ
.doubleclick.net/	1970-01-20 23:35:48	Name: IDE Value: AHWqTUmE5lHyJPD-JaqkUig6pIE-BM7ZnuOc2TEbnoaZarmvwjs0PZUydiy3qcqw
.adnxs.com/	1970-01-20 16:23:48	Name: uuid2 Value: 6140720912534469241
.casalemedia.com/	1970-01-20 16:23:48	Name: CMPS Value: 5229
.casalemedia.com/	1970-01-20 22:59:48	Name: CMID Value: ZObgJ5m7QuqjTjt7HE8XHQAA
.casalemedia.com/	1970-01-20 16:23:48	Name: CMPRO Value: 5229
.adnxs.com/	1970-01-20 16:23:48	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?(DNe(.!A#El.TOKKnyW<U1`VROYQM-:VuXenA/I=^L#P^xUz<uqHh+'2@4v%f#4.C$<QG=%9sk@3@'s>T3ZF33
.doubleclick.net/	1970-01-20 18:33:24	Name: APC Value: AfxxVi6mUYW79y_iyhg-Z_0rnLVXme1koZtaFrb2B-UawiIctZCMmQ
.redintelligence.net/	1970-01-20 16:23:48	Name: 8lcfmzhxc8d6_uid Value: 09a40a99844e8e7c

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://srtb.msn.com/auction Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

25eb0f1db897b2c610929a2148c017e1.safeframe.googlesyndication.com
a2zapk.disqus.com
a2zapk.io
ajax.googleapis.com
cdn.contentspread.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900011.redintelligence.net
hal900014.redintelligence.net
hal90002.redintelligence.net
hal900024.redintelligence.net
hal90003.redintelligence.net
hal90008.redintelligence.net
ib.adnxs.com
pagead2.googlesyndication.com
play-lh.googleusercontent.com
region1.google-analytics.com
s0.2mdn.net
securepubads.g.doubleclick.net
srtb.msn.com
static.cloudflareinsights.com
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
138.201.135.164
138.201.63.117
138.201.63.150
138.201.64.38
138.201.84.252
142.250.186.98
176.9.26.250
185.80.39.216
199.232.192.134
2001:4860:4802:34::36
204.79.197.203
2606:4700:20::681a:79a
2606:4700::6810:3965
2606:4700::6811:190e
2a00:1450:4001:808::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2006
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2008
2a00:1450:4001:811::2001
2a00:1450:4001:813::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:828::2004
2a00:1450:4001:830::200a
2a00:1450:4001:830::2016
37.252.171.21
46.4.10.47
85.114.131.235
00067a13f6ac6be3ee460d799be2e268e0973d1f49e6a2737868e3231fb2698a
03c3cdc21d2bff5ce75dcf0a2eff01acefe9a72463d18631dbd8e92adfb194a6
03ed6e30bee0904aa1c18913cf4ea46865b9f13c339ef3f0ec6a76feff369c39
05d161ff3a5d195fc70366fa828ac91eec94ed9533a1d65b76af45b8590a4a8a
07ae83422c3f5f751119b6f1bbf94555eb9757f0e2392dcf90b963c3dbaf3fd6
08d3eb48507c39171c0f29961969cb07598fc8721e02c1ae00592322a71aedbc
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c5a7a0f0c891bb17d0f529963cd22aaa382233bdd453fe43c1da6b6c2e89b7c
10651dca9e2ceeb75be4fbb13d1af7f947432eb0176711dc9e91ae4a00914cd1
11ddde88c29ef7e51f5c03da7fde285085469879139d006f631a62dba9bbd069
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
16f0c014f312327af786fc926fb23ab23e405bf8ecfb3f2b8035a6a0d09448a0
1b582acaf161db1ef436343a487e95a35a5ee579d35893ad726dce7fa4b85b4c
1d8a10f707df99a7e5d84aeb947777a8daf1be07007780b0c0bf8d0d88707ae9
1dfcff95b14ee359d8890a706b8d4f06ea140a7cb2218aa077389bdb2e422d58
1dfde3d8ca493d77e46e6e02dc9900e074474f952f78355af1c9b369646ea247
1fd93de5dab28bfc6583e39bdaac6a7a4b610e0c5c9560984a4ec04f84099f99
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
23019f42fba78085cdae2e1eadb2511815ef3607b57d78a8003501859002f237
26ef1399edc15fddc1cf7e2fedcd2f5be0103c4c23e1c81c72d332407cefe1cb
272f2244814e649578b0ea90e4cc0ba8c97752f5ee3d6dbbb32082a1dce382fc
27686f826ed1dfe39698b13eba4ac46241a32852e3fac100dd519dde58425fd4
2813af943a0ba19932b9df7db6dea24cc9beaec4a3a8bf69fb5c145c112dc972
28d9d37f142d82e50bc0a7ac73a34a5254457ec1989f1e9f901e0759fbb4adc8
2925735552eb35109c7d23a42579810b5f46bad2bc1b602fd0a1aff0d215eda9
2987f8ce761dbdafa880a50e06360cb287d2db365d490eb5ef0ddfdf9d8cab45
2ae11b8d7458ea7d87d6889e190ad6b5701aaf6072f54df327f745c997c3a0d0
2bae9fc3e57c860103d1e03360ba3246e3b6c5bcaa6f3183ce8066cc69843a5d
2cb82382b04c6ad07f28dab4c4ea8cbf328b6a8f6d01b0b22cc38b9795830e6f
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d1836debbebf9dee72c2dc1475c563218af65a31ffc0e420c6cb29c0b2468a0
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
34b703385ca7c9c267172333660894f281b3ba9dc5248202ea5f0d9db3557c87
364da57deae8e38daeab440e860045f857fe86bafe8e2b0955e226764b5d455f
3b8f61e341ec742a42256c7457357a6b2de70f6798a95019724c0daea6f7ac75
3bc29f8a45ea096b6c42fd03a805e35ffe853afe14f0ded374b7857fb21e4397
40973a3e0be1b19f1d4a5c766421814dc51eaa807a8568e95619bebe2903473d
410a44405ff0b4e8ca64f7d20ec1f9419e3edc8e457c7e602f150f2e3b813905
41a16c82f1a1901a55bbdfd4129b05e975196942d38831be77207b5ed82e57ee
41d2b9e4024405dbcba3d806a1cb5f2bdcc5882d59b8ac60023b7bcb2a9e0a8a
4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8
45e48e3d84b1c22dc8b706daf554d945402a78970f9e777ccc78088f9fb9bebb
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
4ef03c4824a95b2ad0174a94f800138d6e262e1c9582263b457466719fa8c2a2
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5163adccae16eb4f86eb6b0a2298da1b5ddfa797a0fa544594baee3b43ea2a2f
5285269c35d1500dcbd2686eb455790d6133945217bcd22ebaa42b5c30ff5e9a
54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56b2ee5bf0628946267ddcaf4be02035e2f89ec2d050157614a6e99e0375e94d
58287b6da8d82e54e3bd83a37f810d490e3194604359d624b3155d32c23ead9d
5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f580a4e0b6f4eb257c1f1c4d8b34dc69b9f28984882346b089149a1eda7746
6314a56f8073aea8790aedca4c3d0e076e08f2b77ead2dbef8bb59083ee47bf6
703912524593a505b4b2e4380556ad8eb04f5bf22b2c57474f57e1928d473fac
7560081f09d7c7cc914628f0d6f9bd2f91a1c33ccd0403e130c441c607d06f33
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
77ad42e8990c4692692e14175ca40738110340df0379af6ab8be6d451a182762
7846f574cdcdcc1b761663a01f0fab940fcbe6193005d8b1cd3dfad9ea82d1f6
7a4b7e1ef83e8585933488d6b0aa44b19074f2f2784a40ba5362d4ba183cac6a
7c67dc1e9ecce0d3757d97792fd606effaa6fe799ebe7423aff81e26e07900a1
7d331fb82724f45c59327c435134c753bc5a07be33b7c94b621d5401d2156fab
7dd0461220c3fe1a0946011521aa8e2160e59b4248f069b31552e15943c5478c
80351098c2478918bb80008d7836499305bf6f4d4b2abf742b8823255bbb0d8e
80752a6725c62468e79fec444b115bcbaca5c8d9c84b8328dd297193a89cb23b
80ec0d21e5ec1ce39ae2a25821ca2369a0faad2633e3195e5d2108950bde0b24
81a6e12dabe1a9b44002444a47af44b2aa968f22afce56fd71b2dc7743bdddaa
845f9d847395981696cd5f4711c77adbca30faae057d24cbdf4b89216fa47430
85546fc1dc5bd86a9db3f5d39e5cbc0dd92106c5e67c147d78eddf19b3f13a2b
8555fd4d9b084d0196daff5bcd75bff3931dec40f27ba33b5ab400ac9d90ceb7
856b7627332054da5d97c14110a9d32817707ce60898c83d97004a7268858d60
856c41d7d47bba74b107e526ef8f49968fb2a3a129cdc3c5ef5899ba3c2dc181
8aa79a5d6fdffd63c26f013cd8f1bcb12ed624ef714702b5850cc30b673e6a37
8e416d4bfc379a213a83613d8c12e30871025e1a735cd06f7daa53519b2c7110
9104212df7bb18cd2e0697773c91e0387ee338dfd3c3cf44c29e75744e5b464e
914c92ff6b49efddbfa604d70390190ef886425a1d5d064ae07a01b3b1202698
93efa79094925dc54218e069404b6fd9950486ca68e10a58020cc3918bf93f01
9434f1e4db105bb2c326f2947430918b3730293f112fdabe6cdece3c79ffd58b
996993bfeb7cd9c381255c28e21b63f2c391ef090fe0266f016991eb8e3efdd8
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a231c8c9b85655bd11127d15c1fe0692cf75405dfb436a2614a581caf175453b
a3bd598167c4feeabdc2182e0857713b2839bd3df1f869624af8cbc0446cf9e5
a41620a90c460d71993a408748ecc6be5bd243708f42d7289fbb45a2860dc153
aa300a570cc50f33f0dbe6fa43169017bb99a2518e002f72b5a445ae07f7edc7
ac00c1a7b571958ea0a8a364599e7215d1a0dd278d21307c6753ab9763a5575c
acad84adbf567da758e140fc6d02e4a74bbbb8696864fb130996929486ca28bb
afcb75952f910e74a87f9c7154e98bd1d3321452a2ff7ddf63eb22dd5f652c7b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b257d5d9d3e857f54d63ff3c6139e086e5c8ca31ab501a7da4b21edd22bdf78a
b2c6e114d26c42d9a678f0a81a15c8c876fde4b711e852ce7e9735f90bdef370
b7ef5b07dfca37a502bab407d4c22b157b8da03cd1b677d6fbc8a293f2945dd8
b812ad17db30c294ce8d31ca938776f35834742ca016cecaf4c1756b825c9d59
b9f24416dc04e9b661270520183a4080ef0bc4862be4043278716f6debe2d0ec
bacc7756e956eb10046e9412c36140190ada11ea12f0d9f0c8be73e6ec58ab6c
bb9055d4402fa3bac664d6bc6eed253ecadbecd5a618ed1d1b23bf08a7571bc8
bd5fb0009cf07b385a1a689f9e2ecf92025d6b0ad9bc1aa545ce077657964bf2
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c277c6a90727f413a07d2f14e9ad9bb23e3624422a49de776772901371bb2a03
c438c413fbad7c509b936b0866b354ca6efc56e64bac35fa2127ea1339210a4e
c6c6dd40aae49f4a05c22b99e451d3230f78086a1a65d05e243f10e13942275f
c784ecc6cb0492bd4f432b733f0b780026ae16b975dd82d7a951a9f3044d79fa
caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150
d14655909420f9ebf6ead0163a23930907885e2d7392b00d5897a7b85799c89a
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d21803ddac2c626338f5740a636fe951da54ff17a683b3333dcfeb8addc46edd
d67bb12b42897cb65be02c30cad6756901b9f6b411cf4cd82035ae077714d6c2
dabe6b091dc1bf7d2ddf130adb2fd81eff70088a908ef66ca69e3aa673ddf5bc
dc60e6f6e60e1cc56e2ebfc8d51811b55fc04a29e0a383dfceba765c2e870ba6
dd02b5306f49bc23613dd599506bab5a73a3f1cefb1cdfa8c08f91cb88fb427a
de16fd70e645265335ce7453f787726ee7c95d9d379d9759eea0a48d99d28913
e137a7d3af4f388750aed7bfe7d4ebd49fe60ffc383007fb23003d2b0755ba9c
e37817763c084e0af5a14e4a4025b49862effe93608b0fd1644103beb518f68d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5741effcd117827c8468c0ca8b4312d3331925be9803bbcfa2cc6e7c3584908
e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e
e7bd904fcd102260a24dd805ae0c7828b99941110291332cf9f5e3994ef27799
eb41b019613aa88688529bdb45c6496a238f4496d51e9077e2b69ba01102006a
eba7a7a39459c37cc784afeb2ef1613d0b046b4e1988984fd2f801b568cb7a08
ed0b6cf04cd484a5a817d7e64121674b837a42c361df9231f899270acbf49dfb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d0cfc322eef2504a71973cdccf2a6b0d2ed6cadf8c2ee812b0f57cfc91f49a
f1f1d4deac832a38fe85263c83371ca3dd1852401a9aafc6201c3ce19fa19daf
f6135796cbdc91d896457d04e673761aaf6e3b54f51b8dc2162c30a523a81b64
f96b7006a671e0b70afc37bdd2b8a582f3c16e6ee7e0d2ea6503d6a0325aa156
fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e
fb3a4c9440211608ff55f933356f04cdb0a629575902dc4fd80db26b25b45eb9
fc1f5610c96200875fb98043688653e3edeb19c69d4037823918a573eca2c9ed
ffe0a5b83049b3395df4e98eeac04e5fce824815bc4ba32faf3c7e6b5690a420
ffe96b98423bb7a4e0ca465361afca090f1896831face3abdbd51365e6675c1a
fff7144fa7e0efc47824ffc51e4c5dbaffaacfd04b89193aaebdb226ca1e3494

a2zapk.io Open in urlscan Pro 2606:4700:20::681a:79a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

280 Requests

88 %HTTPS

55 %IPv6

18 Domains

29 Subdomains

30 IPs

3 Countries

2452 kBTransfer

5874 kBSize

13 Cookies

13 Outgoing links

Redirected requests

280 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

a2zapk.io Open in urlscan Pro
2606:4700:20::681a:79a Public Scan

Screenshot
Live screenshot

Full Image

280
Requests

88 %
HTTPS

55 %
IPv6

18
Domains

29
Subdomains

30
IPs

3
Countries

2452 kB
Transfer

5874 kB
Size

13
Cookies

280 HTTP transactions
11 data transactions