tcafe2a.com Open in urlscan Pro
2606:4700:20::681a:b19 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://tcafe2a.com/
Submission: On December 13 via manual (December 13th 2021, 1:56:51 am UTC) from KR — Scanned from DE

Summary HTTP 119 Redirects Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 22 domains to perform 119 HTTP transactions. The main IP is 2606:4700:20::681a:b19, located in United States and belongs to CLOUDFLARENET, US. The main domain is tcafe2a.com.

This is the only time tcafe2a.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
40	2606:4700:20:... 2606:4700:20::681a:b19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
12	2606:4700:20:... 2606:4700:20::ac43:49e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
1	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3 8	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2 4	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
10	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
1 1	54.73.238.193 54.73.238.193	16509 (AMAZON-02) (AMAZON-02)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8101:fca3:6f47:214a:2d54	16509 (AMAZON-02) (AMAZON-02)
2	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	52.30.186.249 52.30.186.249	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba2a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
119	26

40 2606:4700:20::681a:b19 (United States)

ASN13335 (CLOUDFLARENET, US)

tcafe2a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::ac43:49e4 (United States)

ASN13335 (CLOUDFLARENET, US)

www.tcafe2a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i2.tcafe2a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.34 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.123 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.73.238.193 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-238-193.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8101:fca3:6f47:214a:2d54 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.186.249 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-186-249.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	tcafe2a.com tcafe2a.com www.tcafe2a.com i2.tcafe2a.com	8 MB
19	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	242 KB
15	doubleclick.net 3 redirects googleads.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	47 KB
10	2mdn.net s0.2mdn.net	305 KB
5	krxd.net cdn.krxd.net beacon.krxd.net consumer.krxd.net	88 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com	4 KB
4	gstatic.com fonts.gstatic.com	63 KB
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	1 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	google.com adservice.google.com www.google.com	2 KB
1	createjs.com code.createjs.com	63 KB
1	innovid.com ag.innovid.com	297 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	456 B
1	openx.net rtb.openx.net	351 B
1	everesttech.net 1 redirects pixel.everesttech.net	375 B
1	quantserve.com cms.quantserve.com	465 B
1	googletagservices.com www.googletagservices.com	37 KB
1	google.de adservice.google.de	792 B
1	googleadservices.com partner.googleadservices.com	642 B
1	googletagmanager.com www.googletagmanager.com	36 KB
1	googleapis.com fonts.googleapis.com	1 KB
119	22

	Domain	Requested by
40	tcafe2a.com	tcafe2a.com
13	pagead2.googlesyndication.com	tcafe2a.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
10	s0.2mdn.net	tcafe2a.com s0.2mdn.net googleads.g.doubleclick.net
8	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net tcafe2a.com
7	i2.tcafe2a.com	tcafe2a.com
6	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	www.tcafe2a.com	tcafe2a.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
2	beacon.krxd.net	googleads.g.doubleclick.net cdn.krxd.net
2	googleads4.g.doubleclick.net	tcafe2a.com
2	cdn.krxd.net	s0.2mdn.net cdn.krxd.net
2	image6.pubmatic.com	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	www.google.com	tpc.googlesyndication.com
1	consumer.krxd.net	cdn.krxd.net
1	code.createjs.com	s0.2mdn.net
1	ag.innovid.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	pixel.everesttech.net	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	tcafe2a.com
1	fonts.googleapis.com	tcafe2a.com
119	30

This site contains no links.

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-16` - `2022-06-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh
cdn.krxd.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2021-02-08` - `2022-02-07`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
tls.adobe.com DigiCert SHA2 Secure Server CA	`2020-06-01` - `2022-06-06`	2 years	crt.sh
consumer.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2022-07-12`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh

This page contains 10 frames:

Primary Page: http://tcafe2a.com/
Frame ID: CDBC66435E30215B6BC11C4B33973ECE
Requests: 68 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Frame ID: 6FCA7595A235FD0E359DA6E9E1ED75BD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6840554518587098&output=html&adk=1812271804&adf=3025194257&lmt=1639360536&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Ftcafe2a.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1639360605822&bpp=6&bdt=448&idt=252&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7049048100612&frm=20&pv=2&ga_vid=900420661.1639360606&ga_sid=1639360606&ga_hid=801370088&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=2094621900063319&pem=184&tmod=207&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=268
Frame ID: B24A3470C35BBC70EF05D8824CC5C72C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6840554518587098&output=html&h=600&slotname=7529873956&adk=2030298515&adf=184740106&pi=t.ma~as.7529873956&w=120&lmt=1639360536&psa=0&format=120x600&url=http%3A%2F%2Ftcafe2a.com%2F&flash=0&wgl=1&dt=1639360606238&bpp=2&bdt=864&idt=2&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7049048100612&frm=20&pv=1&ga_vid=900420661.1639360606&ga_sid=1639360606&ga_hid=801370088&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1230&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=2094621900063319&pem=184&tmod=207&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=QNU5J7gCWC&p=http%3A//tcafe2a.com&dtd=8
Frame ID: 7AD4E3285F280257A0BBFC4BF62B5F39
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYxsCzZTAB&v=APEucNW97QpVj0gD2RGgEr4iIDg-vureQA-oyCeSuyPpti86U6iAhuY87GC6Q2pchl3qbIedP24GyZqp9sILnI9FSsfL0Zxr36b91lRggrnB60I2us4UTaQfOHLUe4jsvE-_R27W4PrNKN6L1Z3mP2ZrlGUDy5NK4psQsOxjryEMwDoL9WzjTTs
Frame ID: 0EC9138019F40FB6809D25CDB6C28A6C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7210C37F316AA30560ED68D9EC86B52C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D62611DDD1746E7E4FCCC33DD4F0AE56
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/4528516/1018998188104344/index.html
Frame ID: CE3C3128E074177F7D930DAEB4250556
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B3BEF2253905390AC78349FA7BBDADEB
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3773257AAEEC295F7A5436EAAFF6023C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tcafe2a

Page Statistics

119
Requests

55 %
HTTPS

57 %
IPv6

22
Domains

30
Subdomains

26
IPs

4
Countries

8631 kB
Transfer

10263 kB
Size

19
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 73

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM1aU58FtrsYIj0U7ckD6ak&google_cver=1

Request Chain 74

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YbaoXpDPJk.HMi46-0LobQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM1aU58FtrsYIj0U7ckD6ak&google_cver=1&google_hm=2

Request Chain 75

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFoX1Tbbg-LJVxiQPr1hN5A&google_cver=1

Request Chain 76

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkwMTM5NDM3MTc1NjYzNjUxMg%3D%3D

Request Chain 83

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPLxbJITwWTmmNKKDkU_7w7lwOKMIeJrG7P8CvLzD4TNeir5aXuURbzlCVpnZ6TuwKdHtwxPqlXtzGoAGTWa7l6kTpRdEW8&google_gid=CAESEOMkZNFpqJ3I02D0HbAG6AI&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWJhb1hnQUFCQVRIN0ZFcQ&google_push=AYg5qPLxbJITwWTmmNKKDkU_7w7lwOKMIeJrG7P8CvLzD4TNeir5aXuURbzlCVpnZ6TuwKdHtwxPqlXtzGoAGTWa7l6kTpRdEW8

Request Chain 85

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPwtLrlPPMAh6Ye2xEzhDh0&google_cver=1&google_push=AYg5qPIzSOrnOv83KdyrFJxSy4W1lATMUUY15Iv9nV52g8VyEnsGTFw5k5A53uKi1Pf-I1ruEaVgPedYn1jsIGfaVPQw43aymmY HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPwtLrlPPMAh6Ye2xEzhDh0&google_cver=1&google_push=AYg5qPIzSOrnOv83KdyrFJxSy4W1lATMUUY15Iv9nV52g8VyEnsGTFw5k5A53uKi1Pf-I1ruEaVgPedYn1jsIGfaVPQw43aymmY&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wSzL7zeYQS6kZWzkl7N9jQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIzSOrnOv83KdyrFJxSy4W1lATMUUY15Iv9nV52g8VyEnsGTFw5k5A53uKi1Pf-I1ruEaVgPedYn1jsIGfaVPQw43aymmY

Request Chain 86

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEP1F3UBvAV7UekcHnAnDjTQ&google_cver=1&google_push=AYg5qPKSSkYmC9_OcbyjEK6ABztrUHNIdsgWUanaEShscNZ8sMUnKVttUr4rrMF1QeOyoewkb2kjdTuBqQbRlw2zT2MZI-P1Ums HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g0MFo4NVctMy01S05C&google_push=AYg5qPKSSkYmC9_OcbyjEK6ABztrUHNIdsgWUanaEShscNZ8sMUnKVttUr4rrMF1QeOyoewkb2kjdTuBqQbRlw2zT2MZI-P1Ums

Request Chain 87

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENes1VS4-woIzoEwJDFgayw&google_cver=1&google_push=AYg5qPIunDqhxeB6edhNbDKwp5KqxpH1NmseNmZFrJamrADIQTCUS6ctLDUe6QX3gbjadE6kAMdyK5gMFR07a7IPLJuRM_5lQw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbaoXpDPJk-HMi46_0LobQAABMAAAAAB&google_cver=1&google_gid=CAESENes1VS4-woIzoEwJDFgayw&google_push=AYg5qPIunDqhxeB6edhNbDKwp5KqxpH1NmseNmZFrJamrADIQTCUS6ctLDUe6QX3gbjadE6kAMdyK5gMFR07a7IPLJuRM_5lQw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbaoXpDPJk-HMi46_0LobQAABMAAAAAB&google_cver=1&google_gid=CAESENes1VS4-woIzoEwJDFgayw&google_push=AYg5qPIunDqhxeB6edhNbDKwp5KqxpH1NmseNmZFrJamrADIQTCUS6ctLDUe6QX3gbjadE6kAMdyK5gMFR07a7IPLJuRM_5lQw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbaoXpDPJk-HMi46_0LobQAABMAAAAAB&google_cver=1&google_gid=CAESENes1VS4-woIzoEwJDFgayw&google_push=AYg5qPIunDqhxeB6edhNbDKwp5KqxpH1NmseNmZFrJamrADIQTCUS6ctLDUe6QX3gbjadE6kAMdyK5gMFR07a7IPLJuRM_5lQw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbaoXpDPJk-HMi46_0LobQAABMAAAAAB&google_cver=1&google_gid=CAESENes1VS4-woIzoEwJDFgayw&google_push=AYg5qPIunDqhxeB6edhNbDKwp5KqxpH1NmseNmZFrJamrADIQTCUS6ctLDUe6QX3gbjadE6kAMdyK5gMFR07a7IPLJuRM_5lQw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbaoXpDPJk-HMi46_0LobQAABMAAAAAB&google_cver=1&google_gid=CAESENes1VS4-woIzoEwJDFgayw&google_push=AYg5qPIunDqhxeB6edhNbDKwp5KqxpH1NmseNmZFrJamrADIQTCUS6ctLDUe6QX3gbjadE6kAMdyK5gMFR07a7IPLJuRM_5lQw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbaoXpDPJk-HMi46_0LobQAABMAAAAAB&google_cver=1&google_gid=CAESENes1VS4-woIzoEwJDFgayw&google_push=AYg5qPIunDqhxeB6edhNbDKwp5KqxpH1NmseNmZFrJamrADIQTCUS6ctLDUe6QX3gbjadE6kAMdyK5gMFR07a7IPLJuRM_5lQw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbaoXpDPJk-HMi46_0LobQAABMAAAAAB&google_cver=1&google_gid=CAESENes1VS4-woIzoEwJDFgayw&google_push=AYg5qPIunDqhxeB6edhNbDKwp5KqxpH1NmseNmZFrJamrADIQTCUS6ctLDUe6QX3gbjadE6kAMdyK5gMFR07a7IPLJuRM_5lQw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbaoXpDPJk-HMi46_0LobQAABMAAAAAB&google_cver=1&google_gid=CAESENes1VS4-woIzoEwJDFgayw&google_push=AYg5qPIunDqhxeB6edhNbDKwp5KqxpH1NmseNmZFrJamrADIQTCUS6ctLDUe6QX3gbjadE6kAMdyK5gMFR07a7IPLJuRM_5lQw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbaoXpDPJk-HMi46_0LobQAABMAAAAAB&google_cver=1&google_gid=CAESENes1VS4-woIzoEwJDFgayw&google_push=AYg5qPIunDqhxeB6edhNbDKwp5KqxpH1NmseNmZFrJamrADIQTCUS6ctLDUe6QX3gbjadE6kAMdyK5gMFR07a7IPLJuRM_5lQw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbaoXpDPJk-HMi46_0LobQAABMAAAAAB&google_cver=1&google_gid=CAESENes1VS4-woIzoEwJDFgayw&google_push=AYg5qPIunDqhxeB6edhNbDKwp5KqxpH1NmseNmZFrJamrADIQTCUS6ctLDUe6QX3gbjadE6kAMdyK5gMFR07a7IPLJuRM_5lQw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbaoXpDPJk-HMi46_0LobQAABMAAAAAB&google_cver=1&google_gid=CAESENes1VS4-woIzoEwJDFgayw&google_push=AYg5qPIunDqhxeB6edhNbDKwp5KqxpH1NmseNmZFrJamrADIQTCUS6ctLDUe6QX3gbjadE6kAMdyK5gMFR07a7IPLJuRM_5lQw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbaoXpDPJk-HMi46_0LobQAABMAAAAAB&google_cver=1&google_gid=CAESENes1VS4-woIzoEwJDFgayw&google_push=AYg5qPIunDqhxeB6edhNbDKwp5KqxpH1NmseNmZFrJamrADIQTCUS6ctLDUe6QX3gbjadE6kAMdyK5gMFR07a7IPLJuRM_5lQw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbaoXpDPJk-HMi46_0LobQAABMAAAAAB&google_cver=1&google_gid=CAESENes1VS4-woIzoEwJDFgayw&google_push=AYg5qPIunDqhxeB6edhNbDKwp5KqxpH1NmseNmZFrJamrADIQTCUS6ctLDUe6QX3gbjadE6kAMdyK5gMFR07a7IPLJuRM_5lQw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbaoXpDPJk-HMi46_0LobQAABMAAAAAB&google_cver=1&google_gid=CAESENes1VS4-woIzoEwJDFgayw&google_push=AYg5qPIunDqhxeB6edhNbDKwp5KqxpH1NmseNmZFrJamrADIQTCUS6ctLDUe6QX3gbjadE6kAMdyK5gMFR07a7IPLJuRM_5lQw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbaoXpDPJk-HMi46_0LobQAABMAAAAAB&google_cver=1&google_gid=CAESENes1VS4-woIzoEwJDFgayw&google_push=AYg5qPIunDqhxeB6edhNbDKwp5KqxpH1NmseNmZFrJamrADIQTCUS6ctLDUe6QX3gbjadE6kAMdyK5gMFR07a7IPLJuRM_5lQw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbaoXpDPJk-HMi46_0LobQAABMAAAAAB&google_cver=1&google_gid=CAESENes1VS4-woIzoEwJDFgayw&google_push=AYg5qPIunDqhxeB6edhNbDKwp5KqxpH1NmseNmZFrJamrADIQTCUS6ctLDUe6QX3gbjadE6kAMdyK5gMFR07a7IPLJuRM_5lQw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbaoXpDPJk-HMi46_0LobQAABMAAAAAB&google_cver=1&google_gid=CAESENes1VS4-woIzoEwJDFgayw&google_push=AYg5qPIunDqhxeB6edhNbDKwp5KqxpH1NmseNmZFrJamrADIQTCUS6ctLDUe6QX3gbjadE6kAMdyK5gMFR07a7IPLJuRM_5lQw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbaoXpDPJk-HMi46_0LobQAABMAAAAAB&google_cver=1&google_gid=CAESENes1VS4-woIzoEwJDFgayw&google_push=AYg5qPIunDqhxeB6edhNbDKwp5KqxpH1NmseNmZFrJamrADIQTCUS6ctLDUe6QX3gbjadE6kAMdyK5gMFR07a7IPLJuRM_5lQw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbaoXpDPJk-HMi46_0LobQAABMAAAAAB&google_cver=1&google_gid=CAESENes1VS4-woIzoEwJDFgayw&google_push=AYg5qPIunDqhxeB6edhNbDKwp5KqxpH1NmseNmZFrJamrADIQTCUS6ctLDUe6QX3gbjadE6kAMdyK5gMFR07a7IPLJuRM_5lQw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbaoXpDPJk-HMi46_0LobQAABMAAAAAB&google_cver=1&google_gid=CAESENes1VS4-woIzoEwJDFgayw&google_push=AYg5qPIunDqhxeB6edhNbDKwp5KqxpH1NmseNmZFrJamrADIQTCUS6ctLDUe6QX3gbjadE6kAMdyK5gMFR07a7IPLJuRM_5lQw

119 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
tcafe2a.com/ 161 KB
24 KB 415ms
400ms Document
text/html 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: 93b514c952637d2f37412aa4d368008a812180728d2733b2d1191d4bbe986b4a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Mon, 13 Dec 2021 01:56:45 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.40
P3P: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
Expires: 0
Last-Modified: Mon, 13 Dec 2021 01:55:36 GMT
Cache-Control: pre-check=0, post-check=0, max-age=0
Pragma: no-cache
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YdKzAV1qoBhZRKx%2BBXHk0sNqFCAReo9G88CPbhEYlGYnAxLjvl5m7Bjv2FDr43LjUJbMPNouMRHRi2YHk0Nfg40VPXRvOzZiYwP5oljoXHAqf7LRJITuJdhtEWQa7DHAOXU7mT1zTu5l"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6bcb93e518837025-FRA
Content-Encoding: gzip

GET
H/1.1 200
OK default.css
tcafe2a.com/css/ 24 KB
5 KB 28ms
21ms Stylesheet
text/css 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tcafe2a.com/css/default.css?ver=20210106
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8972399d9f8eb3a960ee2654c797afd696766963a26c00701aff31cc258ba15c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 01:56:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Thu, 31 Dec 2020 21:54:56 GMT
Server: cloudflare
Age: 6619
ETag: W/"5ef7-5b7c9ac9f8c00"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P2HLTu22OwPgPqeK40wO24x5wXPMi57HAJRU3uL1WKFmghq6lph%2FdPnkzNkgyjcmKT72Rdu4VUyEVQVYR411CpoiIhjHEMYYjkpqgNZNBKVhj19NIraZBt9l1a7xAuTYGNb4URO%2B1T5L"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6bcb93e7ba7dc2a9-FRA
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK apms.css
tcafe2a.com/css/ 77 KB
12 KB 26ms
20ms Stylesheet
text/css 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tcafe2a.com/css/apms.css?ver=180820
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eeb2f0aa6f3278df99747b59b7056bf210a5b0fc7dedf7e682467b8cb21fba77

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 01:56:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Thu, 23 Jul 2020 04:23:20 GMT
Server: cloudflare
Age: 6840
ETag: W/"132d4-5ab14375b9e00"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NI1ekQ9O09t678QtR4oNHdQxzw5A%2FjhjFcu7UVT1F%2BegkS5Of5NaPHUEojmhwdnOlTqb7Fq%2BbmYg6cYuNXkwyDZlSlez3JRuhe9N5wXFPwC3ktgsIJ%2BUNV0DSR8mcvuC7hkkqo0c9RXw"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6bcb93e7b9754e98-FRA
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK bootstrap-apms.min.css
tcafe2a.com/thema/rt-first/assets/bs3/css/ 101 KB
18 KB 28ms
21ms Stylesheet
text/css 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tcafe2a.com/thema/rt-first/assets/bs3/css/bootstrap-apms.min.css
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4af766357875fa073683e141403faf5ee5b42ff7c32e5b79960f17e3f52c3b09

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 01:56:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Sep 2020 10:20:46 GMT
Server: cloudflare
Age: 5715
ETag: W/"193fb-5aff86fccdb80"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IUjlijHAgJVEhZk9txXlAWe677M4nVc9NxY017ZbWFz%2BGhoDy%2BV%2BFk76tvqzCFqELaa7ZvtTI35mbHVGmhMoGjF0WlJMcKrNZ3kHJfp6QeZiECnHMftX8CZUBDP%2FizOjVcjxSjlRQ87B"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6bcb93e7bd4d1f21-FRA
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK themify-icons.css
tcafe2a.com/thema/rt-first/rt-first/misc/themify-icons/ 16 KB
3 KB 24ms
17ms Stylesheet
text/css 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tcafe2a.com/thema/rt-first/rt-first/misc/themify-icons/themify-icons.css
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8a90594cc8c2796c488059c7ee25ce6cc9de27c7ac359ee680b50a2bf438da6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 01:56:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Sep 2020 10:21:04 GMT
Server: cloudflare
Age: 359
ETag: W/"4033-5aff870df8400"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=naHfSjCpyHqK1hJ0fReyPhlw0wvXrJxeruzvieMvhetKbCZpe8U0LOZZH3MooqOLuzhwM6sjq1XiQaQuofkdQHUrskMEP0kLHAKg2E2OjrWqTbnGWlmOoFuN3uDbr8YewWDb9BOHR7TT"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6bcb93e7bea24351-FRA
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK colorset.css
tcafe2a.com/thema/rt-first/colorset/Basic/ 30 KB
6 KB 24ms
17ms Stylesheet
text/css 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tcafe2a.com/thema/rt-first/colorset/Basic/colorset.css?20210107
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cde4a9fab4c5dd31a96b36e89a83ce9c257d3dd695942c70f2bdce1a4a40489

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 01:56:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Mon, 02 Nov 2020 20:48:13 GMT
Server: cloudflare
Age: 7057
ETag: W/"7758-5b325dd637d40"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BkmjLiCcMYHlPhfUHZw9ebaxFVVVZDCiYMgD3HozIJKTysT5jd3BwiyhmKtGYsV7nYS5%2F%2ByDcxvPePukkgbBPQTTkkAYEXfpU7aFFX8nuV%2B6RfJ8HNcRue%2BbAMkeguKPRlikPgUzh%2BkF"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6bcb93e7bbbd69a3-FRA
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK rt-first-common.css
tcafe2a.com/thema/rt-first/rt-first/css/ 31 KB
5 KB 42ms
16ms Stylesheet
text/css 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tcafe2a.com/thema/rt-first/rt-first/css/rt-first-common.css?20210111
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b45030f96320f1503af252ab0d39dd70ba0c10e4d9ab3ab47899bdf735d8c5ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 01:56:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Mon, 11 Jan 2021 07:31:20 GMT
Server: cloudflare
Age: 6618
ETag: W/"7d4a-5b89ae4674200"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XHNM3c98W6VoTRjnTfRbROECwq4J6zYBPB1shAzsEVMrh0rrLpaSEl3nOaVMBSr2BcxMqmc4i4q%2Fg3xZC0Re97hReKvbKbV0PBBKbOzkvpYks28hHDzyvovMnhhfPH6zvJtXhEyh5boT"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6bcb93e7dec44351-FRA
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK rt-first-update.css
tcafe2a.com/thema/rt-first/rt-first/css/ 17 B
704 B 40ms
14ms Stylesheet
text/css 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tcafe2a.com/thema/rt-first/rt-first/css/rt-first-update.css?20210106
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eeda6f6208cf7226321ea4ff61ec9b93fde032d5dd25cff49a4941fbca6b2816

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 01:56:45 GMT
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Sep 2020 10:19:09 GMT
Server: cloudflare
Age: 6618
ETag: "11-5aff86a04c140"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ScuZxnHpOPFFBI9EoKFy49qu5TleJ3ZYqbUpnHt7KqOP%2FakBdA39MfJkOmxZkNv16Z%2FGF271%2BxArPw9%2FaiQOlGxMaa8FD5CZwwpc7wJOYfssvzBv52AASohssSumkdOhXHAgSjhNMfs"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6bcb93e7dbe669a3-FRA
Content-Length: 17

GET
H/1.1 200
OK rt-first-custom.css
tcafe2a.com/thema/rt-first/rt-first/css/ 17 B
708 B 39ms
12ms Stylesheet
text/css 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tcafe2a.com/thema/rt-first/rt-first/css/rt-first-custom.css?20210106
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eeda6f6208cf7226321ea4ff61ec9b93fde032d5dd25cff49a4941fbca6b2816

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 01:56:45 GMT
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Sep 2020 10:19:08 GMT
Server: cloudflare
Age: 6618
ETag: "11-5aff869f57f00"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AyHcEFJYyeCk137QkgX7YsAF2bGieI00Jr1qdiE%2FR%2FWrpyFRFs2e9ljqsWjq%2BNkGLhqTacujlAmPzYlsz%2Fa0SHst6ENr4hsJF0uUraMQRgbg8U09vXVUuwPnO2Hd7sc%2FVtJa7bYT%2F6Qy"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6bcb93e7e98e4e98-FRA
Content-Length: 17

GET
H/1.1 200
OK style.css
tcafe2a.com/skin/outlogin/newtcafe/ 3 KB
2 KB 358ms
331ms Stylesheet
text/css 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tcafe2a.com/skin/outlogin/newtcafe/style.css?20211213105536
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7478062c5e8339571a6ae1eec48dc7edba9e2c0b2962ead8e2e1f5743ef003ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 01:56:45 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Thu, 24 Sep 2020 10:02:13 GMT
Server: cloudflare
ETag: W/"c26-5b00c4b4d3340"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B9d6xm3qQ6fUAej0mDD70PDXOGnBj6%2FYJBrFQ5viDbB9Imlcc2bQKhaPu2ftej7bGt5VnoDqvyCUYDQ5YtN8zQuGSCUgW2t9xORUqDFpuITIC4%2BzBJrbxKVdUhhyukp2d2AvI9OgoUKp"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6bcb93e7ea9ac2a9-FRA
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK widget.css
tcafe2a.com/thema/rt-first/widget/miso-post-list/ 2 KB
1 KB 46ms
18ms Stylesheet
text/css 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tcafe2a.com/thema/rt-first/widget/miso-post-list/widget.css
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b4e1648db2aba557e6097d6b9a816e1f75e5603deb8c530fa21c93278bce487

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 01:56:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Sun, 17 Jan 2021 18:38:17 GMT
Server: cloudflare
Age: 5714
ETag: W/"7b3-5b91ce8a67840"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TAO1%2B%2FlD0N7EHux7%2Fd2l31IabZTSyQoQgW1yoX9hkC%2Fplqp5redjqoOWsARsNoicE45sh0MqpdFz%2BaQZD%2B5jmH0X9cOkYOckCQ%2FIb3ozRfYedOgkZCzWCGkgogePCGWGTWmQf3b49Iab"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6bcb93e7ed621f21-FRA
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK widget.css
tcafe2a.com/thema/rt-first/widget/miso-tag-list/ 362 B
901 B 51ms
12ms Stylesheet
text/css 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tcafe2a.com/thema/rt-first/widget/miso-tag-list/widget.css?ver=180820
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dffb7a20884f53b92d7e2caaaeb53493b627abfc59c0d5c81e3f11a69cdb3d8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 01:56:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Sep 2020 10:20:37 GMT
Server: cloudflare
Age: 5714
ETag: W/"16a-5aff86f438740"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=viThzTZ8lvANzI63A5adCSOikr%2FgQc80S1gUE1POF6lZfUdAmngM2iV524xi64Fb9DvHHo2GXKzHznjiN%2FL8AzEgJMaRQ9XFe4F8jGvKIQoZ7qKrr7dzrqnbHeRFv1LNhlWgLXBhHLwA"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6bcb93e7f99b4e98-FRA
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK widget.css
tcafe2a.com/thema/rt-first/widget/miso-sidebar/ 8 KB
2 KB 51ms
11ms Stylesheet
text/css 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tcafe2a.com/thema/rt-first/widget/miso-sidebar/widget.css
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a7d3003dd6cc75811dc57e142fc25d553d9a6703bfb2c08191b7aed56fa0344

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 01:56:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Sep 2020 10:20:30 GMT
Server: cloudflare
Age: 6571
ETag: W/"1f21-5aff86ed8b780"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pPtTXaIrMlghqvS3zPT6O66ERS7znc46Sx7qZTy%2BY8V8eXIAPy5E7RzlmtWpLIPOLr%2Brn%2BXAz593stuEt8tQJxsEM2TOObk7r0jQHJoNnes%2ByvSXpKxzbA4bLbtuhaeLAjIE1DnrR4vm"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6bcb93e7fbfd69a3-FRA
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK style.css
tcafe2a.com/skin/social/ 10 KB
3 KB 54ms
12ms Stylesheet
text/css 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tcafe2a.com/skin/social/style.css?ver=180820
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d6e1a2955ab529844a2913966d8b629c54a52cd8567032355eb85ad6c01f714

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 01:56:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Thu, 21 Jan 2021 16:07:58 GMT
Server: cloudflare
Age: 5714
ETag: W/"2784-5b96b4670f380"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4smTgeeAegvKzMgAPTuRj%2BT0QuTYWX%2FW3VkkP7gws6zYRVBowN2dP7Gq2Bh9ZJ00cKGdmyVO6SYrdhXva8i8rMola5JViT6Dx0U8MDMtLEF8DQO0rtK4C6BQqmmgsMBI8YOcJYkWhN%2B1"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6bcb93e7fee24351-FRA
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK basic.css
tcafe2a.com/css/level/ 2 KB
1 KB 60ms
15ms Stylesheet
text/css 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tcafe2a.com/css/level/basic.css?ver=180820
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa8c8958693d97e5212211e343045f51a449b4ff65cd347752e7061bf2ee008c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 01:56:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Thu, 23 Jul 2020 04:23:25 GMT
Server: cloudflare
Age: 6840
ETag: W/"912-5ab1437a7e940"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qvPlcV6HB8EiWlrIcYiEF0l9USeTkbWVdurPDrekrlVL5uhb5%2F6GHtJAIBf7THrY%2Fq%2Fy4JSGMklzFMwTu%2BuaDKEv1bcMLJlHKUudY2m8HNLJKJJbaCyCL%2Bqlxm6vyr0msjf4vwP73Lq%2F"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6bcb93e80d7b1f21-FRA
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 109ms
65ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: tcafe2a.com
URL: http://tcafe2a.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

484c7811e1205e42e2491695decc1300a0db84f279958d0b18d44b4c8bd5d101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Mon, 13 Dec 2021 01:56:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 15604084671605588879
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 51948
X-XSS-Protection: 0
Expires: Mon, 13 Dec 2021 01:56:45 GMT

GET
H/1.1 200
OK jquery-1.11.3.min.js Show response
tcafe2a.com/js/ 94 KB
33 KB 65ms
14ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tcafe2a.com/js/jquery-1.11.3.min.js
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 01:56:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Thu, 23 Jul 2020 04:24:16 GMT
Server: cloudflare
Age: 358
ETag: W/"176d5-5ab143ab21c00"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gYPpp%2FnkHnhfqojurolasL3qZEYiVWt3i%2FVFi1XOZzT%2Fn13PIdCuDiqxbp7OKofat28o7gEmI1NJ32RmrQZeOp61qwHkZdShb4ZMDumOTa8JAkFNKvbe0GhJEGOcjtIJXsPkenktse9y"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6bcb93e80c0b69a3-FRA
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK jquery-migrate-1.2.1.min.js Show response
tcafe2a.com/js/ 7 KB
4 KB 68ms
14ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tcafe2a.com/js/jquery-migrate-1.2.1.min.js
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 01:56:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Thu, 23 Jul 2020 04:24:16 GMT
Server: cloudflare
Age: 6840
ETag: W/"1c1f-5ab143ab21c00"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wNJxjP7FVf0Nms92RssSKS%2BvDt8C3VwiHeaffwNL3Qgilss07trdOhCLktxxNqwQAFRyr4DfBDMQXcG0idaXxf5lbHVgTUv7kR7oWyjkUW7MvHNKsNtKvbojwMYVvZuRI6aG3%2BY8b3xo"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6bcb93e80f134351-FRA
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK lang.js Show response
tcafe2a.com/lang/korean/ 3 KB
2 KB 75ms
15ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tcafe2a.com/lang/korean/lang.js?ver=180820
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f28639dc07afdde1de496894a3fccf10ad829a29c83dbd7fcad9af8e8963fd39

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 01:56:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Thu, 23 Jul 2020 04:24:19 GMT
Server: cloudflare
Age: 6840
ETag: W/"abd-5ab143adfe2c0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2BapNiq2qjS65tS7hwyCUFDRXGH%2BYz4vZ0yVA1ai5rqlbbzh03t8ann%2FaYwStAztHOdUuleRNLzFQ3roA2KaWsj4m3rukdU97C8wO%2BqX%2BC9h8srPdYWcRh0wShPY6%2FKYJNLL30QlF0rq"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6bcb93e81d851f21-FRA
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK common.js Show response
tcafe2a.com/js/ 20 KB
7 KB 75ms
12ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tcafe2a.com/js/common.js?ver=20210106
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d0a6031ac60ee6b1d15ea9d927bbb8bc5180b01579be92cd043bb741d1676fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 01:56:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Thu, 08 Oct 2020 03:23:13 GMT
Server: cloudflare
Age: 6839
ETag: W/"5014-5b1205a250a40"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zfshYO7K2CUqemEuugXDu4cIDo5cokJwt%2FnjoJ0apNH%2FiFMHBs%2BEupXhz3dqILuiHFhKPyr%2BOjOYZyIIHdDcxgjFt%2FS97w13YMx3VNzFBvrDSUK4YcsYYmQDTF6dpQ8KVjZZeao3p6EQ"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6bcb93e819ba4e98-FRA
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK wrest.js Show response
tcafe2a.com/js/ 11 KB
3 KB 82ms
14ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tcafe2a.com/js/wrest.js?ver=180820
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04ce0a5208b5305f1cea20d2e424d0c8db27b62800f66bac532954e2f7084f36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 01:56:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Thu, 23 Jul 2020 04:24:17 GMT
Server: cloudflare
Age: 6839
ETag: W/"2a27-5ab143ac15e40"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ADI9fYVqn5pwbcGAaeR7CGsRkKV9h1SQxOW8paBdweoFObPiEGpRtTI%2FmeN6msJEbvfjFSs4P0oRSp17DU2p%2BcqfCECn4ioxh6uz97C%2BIAbmHZuby5RLPbR2XDSumPdqBmsKsVATDbun"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6bcb93e82c2569a3-FRA
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK placeholders.min.js Show response
tcafe2a.com/js/ 5 KB
3 KB 79ms
11ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tcafe2a.com/js/placeholders.min.js
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 980b7c3657c19191a6eec108682f5d3dcb01c1c30a6ce4d379ab53db82549b13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 01:56:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Mon, 16 Sep 2019 02:39:25 GMT
Server: cloudflare
Age: 7057
ETag: W/"13ef-592a283137140"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PdHwZ1CxPGFbGWJqp7P4reA9KIE3%2FtTO7OXOOZYwPimjdiBhWmPAtKckeQ1nXik32xCC8%2BvG6LzrP8S71mViQLmZW%2BYpK%2FSiYRr4%2BheuArqI1j8TkSFAwQvR2PAZh5mBw3WP2kQbInsc"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6bcb93e82f294351-FRA
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK apms.js Show response
tcafe2a.com/js/ 18 KB
6 KB 89ms
13ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tcafe2a.com/js/apms.js?ver=20210106
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3784ce956bd1a25b970cdf94d4aee382cd0b64440c957e6ac44c8def4a696ec3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 01:56:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Sun, 14 Feb 2021 20:04:53 GMT
Server: cloudflare
Age: 6839
ETag: W/"4878-5bb5161e9a340"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UrgaJWqgOmRpyjlZcT8%2Fu2LtKauwMVP%2FOIj614a17Lq%2BlqpJA9qx5lQh4OlYos5XxYG70wZ79Ow7Wg7GTJJb2sTVJKVXvZ%2FAPZw3QeigkY42Gojg2sOVymlxfbXRZtAWnCrI65pcptmQ"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6bcb93e83da21f21-FRA
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK font-awesome.min.css
tcafe2a.com/js/font-awesome/css/ 30 KB
7 KB 62ms
12ms Stylesheet
text/css 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tcafe2a.com/js/font-awesome/css/font-awesome.min.css
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 01:56:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Mon, 16 Sep 2019 02:39:25 GMT
Server: cloudflare
Age: 6840
ETag: W/"7918-592a283137140"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a4oGqOaie3FL9hZmzZ4oWHFhYUO6LnlTURc83cPWKhG9aVN9iHtN5%2BQeP2r%2Fexs%2BNUl50ldu6SCGOjPsmfMDOfALqi4D5gMRX1JmXiRjaODoHj5nFBMOKqhJEtGjcw6wYZwe6HSYZa5o"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6bcb93e809a64e98-FRA
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK jquery.mobile.swipe.min.js Show response
tcafe2a.com/plugin/apms/js/ 8 KB
4 KB 87ms
11ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tcafe2a.com/plugin/apms/js/jquery.mobile.swipe.min.js
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c2f6c5d5cd0fe0ecfa24b844f841c8a73d8baaafb827ec413afa41335aa1c47

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 01:56:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Thu, 23 Jul 2020 04:24:39 GMT
Server: cloudflare
Age: 358
ETag: W/"1e68-5ab143c110fc0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pd4qNLeT7eVeIgMNoYzKGyBogp%2B9d%2Bl3bjRhaHn00lGCmW0ODn2OvOw2VoT4YzfmX1CNxijcM4kuI6l03by1j5pnB1MBpLkzr%2FMEND6W4RpEHeIb8vmScK1tqQQoybJzkbNwZd3UrEuO"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6bcb93e839ce4e98-FRA
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H2 200 css
fonts.googleapis.com/ 16 KB
1 KB 130ms
48ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,300,500,500italic,700,900,400italic,700italic

Requested by

Host: tcafe2a.com
URL: http://tcafe2a.com/thema/rt-first/colorset/Basic/colorset.css?20210107

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bfed40bd7ac9544c000cb5d67851dfb7526c4aad1e603c6998c7fc53ff40934b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 01:20:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 13 Dec 2021 01:56:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Dec 2021 01:56:45 GMT

GET
H/1.1 200
OK tcafe2_logo2_dark3.png
www.tcafe2a.com/ 6 KB
7 KB 37ms
21ms Image
image/png 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.tcafe2a.com/tcafe2_logo2_dark3.png
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba51ae4560976dcdce11ca289fb4d57e588ab5d199d3b7b6ee374b93b110af55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 01:56:45 GMT
CF-Cache-Status: HIT
Last-Modified: Tue, 13 Apr 2021 20:03:45 GMT
Server: cloudflare
Age: 5712
ETag: "18dc-5bfe020a7ca40"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fn432uqlWEsaIfbsNhYUr0NRobqsJK5vJ0%2FkA7J%2FY43BJ3nmU2OusrJ8BIxBb1w0rK0P%2FRlVRkcQhIbiAlarqEhjGt1dy0SSJM%2FPc%2FNMC4aE%2BT4oWltHduWwIngnu1agw2SQTXsJgBB1h0Whpw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6bcb93ea0ff54a7a-FRA
Content-Length: 6364

GET
H/1.1 200
OK banner_ad_3.png
tcafe2a.com/ad/ 2 KB
2 KB 333ms
333ms Image
image/png 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tcafe2a.com/ad/banner_ad_3.png
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5265b438fdbc5b1fc090c7b0f049c20b39ddfaeb22cef3ed5abbc98f6c0062a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 01:56:46 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Wed, 03 Feb 2021 18:33:58 GMT
Server: cloudflare
ETag: "704-5ba72d483d180"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M3d%2Fy5D9LNKkvKewPWu2wbO7nsWe%2F1h2XNlWU9OHUQw3JyYCtStHagKLqGYGiu%2BTCG1xw293urpwLYkk8JtdmCz9iTnYB8joCoiHaGJuUziUIpAQ3cMvxxs47wIWQNaCgBB2vMhRc6Ic"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6bcb93ea0ba8c2a9-FRA
Content-Length: 1796

GET
H/1.1 200
OK sns_gp_s.png
tcafe2a.com/skin/social/img/ 2 KB
2 KB 16ms
16ms Image
image/png 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tcafe2a.com/skin/social/img/sns_gp_s.png
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/skin/social/style.css?ver=180820
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: feb5efe08c478e22f7bdd40516caeddb9727e11d1aaa7071c18caf686087c948

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/skin/social/style.css?ver=180820
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 01:56:45 GMT
CF-Cache-Status: HIT
Last-Modified: Thu, 21 Jan 2021 16:07:59 GMT
Server: cloudflare
Age: 5712
ETag: "61a-5b96b468035c0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=blDqo163d%2BUAtaxogohjdQU28NzP%2FGEY1hpu7%2Focnv92ibqzZ0DigPYpbyU%2FXm8XxIH2p7cO%2Fdw0jkqXD7B1hLLwbvHKTvw66sHrX73w2hBVs3l2a8RhwsQe%2FlmXS%2BSzu%2FNEG3sSYzyr"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6bcb93ea1ecd1f21-FRA
Content-Length: 1562

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 123ms
37ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500,500italic,700,900,400italic,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://tcafe2a.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 14:02:00 GMT
x-content-type-options: nosniff
age: 474885
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Dec 2022 14:02:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 165ms
90ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500,500italic,700,900,400italic,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://tcafe2a.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 17:58:32 GMT
x-content-type-options: nosniff
age: 374293
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 08 Dec 2022 17:58:32 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 118ms
47ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500,500italic,700,900,400italic,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://tcafe2a.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 17:56:19 GMT
x-content-type-options: nosniff
age: 374426
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 08 Dec 2022 17:56:19 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 140ms
78ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500,500italic,700,900,400italic,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://tcafe2a.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:39:48 GMT
x-content-type-options: nosniff
age: 217017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 10 Dec 2022 13:39:48 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 276 KB
100 KB 147ms
62ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6840554518587098&plah=tcafe2a.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 01:56:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101734
x-xss-protection: 0
server: cafe
etag: 4507154694380913909
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 01:56:45 GMT

GET
H/1.1 200
OK icon_new.gif
tcafe2a.com/thema/rt-first/widget/miso-post-list/img/ 92 B
786 B 16ms
16ms Image
image/gif 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tcafe2a.com/thema/rt-first/widget/miso-post-list/img/icon_new.gif
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/thema/rt-first/widget/miso-post-list/widget.css
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ae60c96048d5c10f7b525f5ad6daf855e35d97945b433f8b9163716ba73abd2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/thema/rt-first/widget/miso-post-list/widget.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 01:56:45 GMT
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Sep 2020 10:21:19 GMT
Server: cloudflare
Age: 5712
ETag: "5c-5aff871c465c0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9AmVEIb6Q0pHFQ5n4%2FI2Fe0%2B6WWw81yUixw%2BWje9yH66x3JJ1L%2BcYnQDDMasUripHuV2EqW9q4ilM4hEdNcUxzCbj0e7afa2HR1pcvCzzQn%2FAZetidyGKh0W6Tg0%2BFTJGWa%2FqlQ6vdTY"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6bcb93ea6ef91f21-FRA
Content-Length: 92

GET
H/1.1 200
OK themify.woff
tcafe2a.com/thema/rt-first/rt-first/misc/themify-icons/fonts/ 55 KB
34 KB 15ms
15ms Font
application/font-woff 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tcafe2a.com/thema/rt-first/rt-first/misc/themify-icons/fonts/themify.woff?-fvbane
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/thema/rt-first/rt-first/misc/themify-icons/themify-icons.css
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7

Request headers

Referer: http://tcafe2a.com/thema/rt-first/rt-first/misc/themify-icons/themify-icons.css
Origin: http://tcafe2a.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 01:56:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Sep 2020 10:21:43 GMT
Server: cloudflare
Age: 6525
ETag: W/"db2c-5aff873329bc0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kQY%2F2kwhoNA0OirlfxCenJRC%2B%2Bgc0j%2Fg6eZDUODWtRO3ZQfMk1jkuGcURDAr4kIoweYrAujvc2b77hXve7fIuf5ay4XkyjlO%2Bo52ZcRkSEdgcEYLTEE5PoJ%2FGuxxi3YbxV%2FNxSMiV9gm"}],"group":"cf-nel","max_age":604800}
Content-Type: application/font-woff
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6bcb93ea6be64e98-FRA
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/ Frame 6FCA 11 KB
5 KB 135ms
38ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 12 Dec 2021 18:36:45 GMT
expires: Sun, 26 Dec 2021 18:36:45 GMT
content-type: text/html; charset=UTF-8
etag: 17731914101004188133
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4884
x-xss-protection: 0
age: 26400
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK widget.css
tcafe2a.com/thema/rt-first/widget/miso-post-gallery/ 3 KB
1 KB 328ms
328ms Stylesheet
text/css 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tcafe2a.com/thema/rt-first/widget/miso-post-gallery/widget.css?20211213105536
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49f979ac50b53b5d9cf8e02365a52be245aafaa57cd694601c8061fde7e0f7a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 01:56:46 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Wed, 23 Sep 2020 10:19:50 GMT
Server: cloudflare
ETag: W/"a22-5aff86c765d80"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I3FceIYRPRbf4%2FQi%2F4pMzApGHkGBaWzityUbVODun9ALaiPtlxsunQmmpsS1m3APCkH1Z2on3nwXEl6dPyfHaEu2aZFQw0FGbFpuk7yHqskWub67fnK7qNqzMbBJc13t7CQCycqU9k5j"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6bcb93eabfa57025-FRA
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H2 200 92ff861a1ec816439b0a4d05e199cb36_1639357718_6819.jpg
i2.tcafe2a.com/211213/ 231 KB
231 KB 842ms
814ms Image
image/jpeg 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2.tcafe2a.com/211213/92ff861a1ec816439b0a4d05e199cb36_1639357718_6819.jpg
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 580d8f009c94d106ddae46932424554466fb022a772adbf7af079a6e71f0ab6f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 01:56:46 GMT
cf-cache-status: MISS
last-modified: Mon, 13 Dec 2021 00:37:05 GMT
server: cloudflare
etag: "61b695b1-39a96"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y7ogAzHQTbV%2FkqqqHAUc6gcnOkUngQdtSCj5siE1DUUBQ2bYRzG8SbDMGChurqUDX48Ryq99L9fVcuY8KqjxRLs4ZGwyqtTDFwvZ%2FGq%2B9lBHLtgwY09aYkMC4HaOJdb7iaQw83%2BN0a65uRYy"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6bcb93eaebec4ec7-FRA
content-length: 236182
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 9fccfb266b0a66011564ae1f5a7ae239_1639357691_2909.jpg
i2.tcafe2a.com/211213/ 442 KB
443 KB 838ms
810ms Image
image/jpeg 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2.tcafe2a.com/211213/9fccfb266b0a66011564ae1f5a7ae239_1639357691_2909.jpg
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13666bd244fcfcfab04ad0f9fdb336ba669987d543c41d36d3c31d3a0b1738dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 01:56:46 GMT
cf-cache-status: MISS
last-modified: Mon, 13 Dec 2021 00:36:37 GMT
server: cloudflare
etag: "61b69595-6e7d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ACNcJ3oLtyuXj05NZiRaeXgUJIidmdaFea%2FpDt1qWmpnrpJxXBvZPdi4vzyM88fVbEKl7Ph8yV8oPJM5Pl6qkeIQEZHrepb0ea4JoXab8yYZbyO4p5dHhUbjQYP1WZPIS3A2vmbTM8uQSZ8"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6bcb93eaebed4ec7-FRA
content-length: 452561
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 404
Not Found 1
tcafe2a.com/ 199 B
199 B 325ms
324ms Image
text/html 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tcafe2a.com/1
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3218ca5aa39fe65775045426e6f38aa3b2d9e0e9b651578897a83b410f7f7f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 01:56:46 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JO5mYHKDVAhfbviCDlXr%2F3ncWVhXrYCzakfiJ6cxxmZgxzmZBruHoZp%2BVX8EcLojGbGpsgxAvMvVOVPeBEJGGT9RVQyncA9fkGecVlvm8nhicSGZcLf4YE8tG0hY7%2B5A8%2FoQU8%2BSrqwY"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
CF-RAY: 6bcb93eabc174e98-FRA

GET
H/1.1 200
OK 2728294280_jei4gawV_2f808537de40f6696862041694922dfdad1afed5.jpg
tcafe2a.com/data/file/c_humor/ 128 KB
129 KB 687ms
686ms Image
image/jpeg 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tcafe2a.com/data/file/c_humor/2728294280_jei4gawV_2f808537de40f6696862041694922dfdad1afed5.jpg
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ad78566ca94b92591aa7491da171b3ec522d502d28b7143362605885fc0b834

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 01:56:46 GMT
CF-Cache-Status: MISS
Last-Modified: Mon, 13 Dec 2021 01:04:17 GMT
Server: cloudflare
ETag: "1ff7d-5d2fca6e78c7b"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lAfs8Vz4zJ37JIYByEDCgx1MeTU0UJct96KeBJGt9rJc6KCyV%2Bvydbnz6j%2Fn6WPlXq1jXKRbHMItcn59493nrIUg2MOF7Yd6ymzmWqXIIvjEz81mAodRUKLziboh2qfygttanjsBlOdZ"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6bcb93eabf351f21-FRA
Content-Length: 130941

GET
H2 200 f18239b3e4b0346798a53dacbe36eed0_1639357213_7218.gif
i2.tcafe2a.com/211213/ 3 MB
3 MB 827ms
800ms Image
image/gif 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2.tcafe2a.com/211213/f18239b3e4b0346798a53dacbe36eed0_1639357213_7218.gif
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eec33e6be9c5ef4ae13d39748154d81e6ad74e4f755806b99bc5af17bc01880b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 01:56:46 GMT
cf-cache-status: MISS
last-modified: Mon, 13 Dec 2021 00:28:40 GMT
server: cloudflare
etag: "61b693b8-34d011"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lgTtQdOpXPpAfS6R410C89OyO12roXuewbvqpjtuhJUDWIUvk6ZkMjJiurRMZ6DR3MOJ948atSQj1qvsTLnhAM4lPq0XXxWX8A%2F98Nc1RKHtQRr4GqaiRk3CSR9n68DPPJYvjybGoSvO2NzB"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6bcb93eaebee4ec7-FRA
content-length: 3461137
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 d927f229dfe9eed834f1c4f85a4323ce_1639357147_5666.gif
i2.tcafe2a.com/211213/ 274 KB
275 KB 833ms
806ms Image
image/gif 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2.tcafe2a.com/211213/d927f229dfe9eed834f1c4f85a4323ce_1639357147_5666.gif
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87ebcc07b15df6ed5c9ab089437f53696f7ff9551933e1b4fed4ee9f0caacf43

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 01:56:46 GMT
cf-cache-status: MISS
last-modified: Mon, 13 Dec 2021 00:27:34 GMT
server: cloudflare
etag: "61b69376-449ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aVhXAOy%2Bh9lAJ7%2BGWqY8z6pUcFbFfTr1Z%2F6j%2FwbDxDN9c68KrqhK0A8id%2FF9WPOnePBcLHWLLO%2F284gcF%2FGEhz3a7e3eCI7Vxhw%2Fo773geJQ7UMugiVpYILvoLYtdPVxTdtyk3vsbACamBXV"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6bcb93eaebef4ec7-FRA
content-length: 281003
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 8BfyV9uGLW4.jpg
www.tcafe2a.com/data/apms/video/youtube/ 25 KB
26 KB 526ms
524ms Image
image/jpeg 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.tcafe2a.com/data/apms/video/youtube/8BfyV9uGLW4.jpg
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 569eca2b1d81b5a364c5841174fe53aa9cc930f827d6a7cc6231eb5125e51d88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 01:56:46 GMT
CF-Cache-Status: MISS
Last-Modified: Mon, 13 Dec 2021 00:53:41 GMT
Server: cloudflare
ETag: "635a-5d2fc81040e0c"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zah3uozdoVikFhdt9CTRECFCVcWqRQguy7HfeeDfYbsoeGzrHcjWMv2KDyGWSfAz8FKplmE6ZSa8uyzskRptpUaJa9jLPN%2BjqgAzifIgaKRlQBL7p1AGeiJVNF3anyuK0lj9B%2FP3Mlap4psHYA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6bcb93eab8694a7a-FRA
Content-Length: 25434

GET
H/1.1 200
OK taWgvhJpA5I.jpg
www.tcafe2a.com/data/apms/video/youtube/ 37 KB
38 KB 552ms
545ms Image
image/jpeg 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.tcafe2a.com/data/apms/video/youtube/taWgvhJpA5I.jpg
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12aeaec4f074adea1ca05a57628b6fd64fd53b49b5a4a1102c90e0b8df0320e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 01:56:46 GMT
CF-Cache-Status: MISS
Last-Modified: Mon, 13 Dec 2021 00:53:21 GMT
Server: cloudflare
ETag: "953c-5d2fc7fccf56b"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ulosa36DbNKQqcoYxmY2NbLNaRCyK9D67dMCZae4cQf8WNNsxFa9YOb%2BGmXvln%2B1DZY9io6663p23P7QHTl6Y4%2FK0Je3FVAoMsXCWvbORCw9BouLkafIYlzuuYqk4XNIzWUpvrYJRdQCVqP7gw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6bcb93eac9d36909-FRA
Content-Length: 38204

GET
H/1.1 200
OK qGbBgzEBCxc.jpg
www.tcafe2a.com/data/apms/video/youtube/ 11 KB
12 KB 374ms
367ms Image
image/jpeg 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.tcafe2a.com/data/apms/video/youtube/qGbBgzEBCxc.jpg
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b77cf0785a5a8ac4651c1494d6bfb9f416886b58f6aaefb293d0a10619a6234

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 01:56:46 GMT
CF-Cache-Status: MISS
Last-Modified: Mon, 13 Dec 2021 00:50:52 GMT
Server: cloudflare
ETag: "2bc6-5d2fc76f22c83"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ukdopgf3RTkygRWzEsdXGfpL9mHshf0rjIGn2X31RKkOlRiSnwFy7rGzTytHdR%2F%2BYSZrvMz%2Brgv95lAgoFlEvRju2n8817lHc98eFK1P0h%2FYgv6B1CLGw1UO6Ap5lcjVvnliNu%2Bt1TGTfzXZJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6bcb93eb6cdc2c56-FRA
Content-Length: 11206

GET
H/1.1 200
OK ias0Utq8s7M.jpg
www.tcafe2a.com/data/apms/video/youtube/ 16 KB
17 KB 502ms
495ms Image
image/jpeg 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.tcafe2a.com/data/apms/video/youtube/ias0Utq8s7M.jpg
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbfd7c4aaf868da615aecd6176e627f63694bb3e1901223dcc2a658b12d7b0a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 01:56:46 GMT
CF-Cache-Status: MISS
Last-Modified: Mon, 13 Dec 2021 00:50:27 GMT
Server: cloudflare
ETag: "40dd-5d2fc7574bffa"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ri7QSLEBQ6PSdLNe%2FoaRi6Lwy22FqLtAPaF6f3JshIHc3IqX6PP0QARtihvyicyZ91w9ABYbPyveMpy5fy6d9Kp3SKicZzWf2WF%2FV7h9IBpU8TgaLxZGSMGxaED8PcoZVQBOjdqSfbCD10DlSg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6bcb93ebe9885c7a-FRA
Content-Length: 16605

GET
H/1.1 200
OK 2890328341_ox0WHu98_bedff49b77b6b98c6667debafc8c631cc0de974d.jpg
tcafe2a.com/data/file/c_travel/ 122 KB
123 KB 651ms
651ms Image
image/jpeg 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tcafe2a.com/data/file/c_travel/2890328341_ox0WHu98_bedff49b77b6b98c6667debafc8c631cc0de974d.jpg
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cc9a53c43b5d342a78e7f239ff52ebe9ade5bd13a447be7fd8effad3f79f23b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 01:56:46 GMT
CF-Cache-Status: MISS
Last-Modified: Mon, 13 Dec 2021 00:25:45 GMT
Server: cloudflare
ETag: "1e989-5d2fc1d1b4190"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cJwh%2BAjSoiKK4l%2BflKZi92k056sU0ePu7KTyc2KrVhC9v1BN%2F8jo8zkn0aRqZSFE6RtuqWIEHtDNlYMUycXUskZKkwOAU4pLCbQhdhwYmFHs4LPff0Mj%2FMyM8wMLXypFZEG4XR130jev"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6bcb93eccdd44e98-FRA
Content-Length: 125321

GET
H/1.1 200
OK 2890281353_qPW38pEK_a5b7d463ba0f7a81d74eaba6197b144dc85040c5.jpg
tcafe2a.com/data/file/c_travel/ 82 KB
83 KB 654ms
653ms Image
image/jpeg 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tcafe2a.com/data/file/c_travel/2890281353_qPW38pEK_a5b7d463ba0f7a81d74eaba6197b144dc85040c5.jpg
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a0bf272b52fb14a5292f8b719a95a139884621bd133fbf082822efd20921654

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 01:56:46 GMT
CF-Cache-Status: MISS
Last-Modified: Mon, 13 Dec 2021 00:24:55 GMT
Server: cloudflare
ETag: "148b6-5d2fc1a1fb0e6"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4bC42E8%2BrLhioE%2Bx%2F%2BzIdpNBBW0UlZY7ZTR02EtP%2ByxOYuA%2BnNcEk48Ngrwq7gv5SpLI4TQ0fMLdy0z6MS6k%2BUN6HTuUCK9opPQo68JL5pg5aaK9rLdZi7DOVv1Hqo3ztgUzadFvNybV"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6bcb93ecdd37c2a9-FRA
Content-Length: 84150

GET
H/1.1 200
OK 8kdfEwp9sfQ.jpg
tcafe2a.com/data/apms/video/youtube/ 31 KB
31 KB 14ms
13ms Image
image/jpeg 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tcafe2a.com/data/apms/video/youtube/8kdfEwp9sfQ.jpg
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df187fc437a09095e84d517cc3688ee8403447c3192cfd350f5821a88b99fded

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 01:56:46 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 5713
Connection: keep-alive
Content-Length: 31256
Last-Modified: Mon, 13 Dec 2021 00:07:06 GMT
Server: cloudflare
ETag: "7a18-5d2fbda6eed29"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E2gwHpPKuPWf%2BO1k6qpeX8qa0nijVVVldztMOT%2FOKYvJv70zjqi3WmZFdOf5u9JAaH%2B0O98InN2N9c1YQUF7df%2Fenx33NGB5C%2F1JB7lwYxAyUHztYVPWiXzKN6GUUXC9OJudpPvSsdDc"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6bcb93ece94469a3-FRA
Cf-Bgj: h2pri

GET
H2 200 d51f73778872edfe063ffd36eeca5a93_1639353998_5421.jpeg
i2.tcafe2a.com/211213/ 2 MB
2 MB 20ms
19ms Image
image/jpeg 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2.tcafe2a.com/211213/d51f73778872edfe063ffd36eeca5a93_1639353998_5421.jpeg
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ab827e705a51d3cdbf288ee3cc416d19585e7e5a503686139481963dfc8ae9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 01:56:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5713
cf-bgj: h2pri
content-length: 2485685
last-modified: Sun, 12 Dec 2021 23:35:05 GMT
server: cloudflare
etag: "61b68729-25edb5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XV5AhXULoOCSnD3oId%2ButNm94CQZ09%2F7zx7QF5g3LxyOTZKC1eIJ8oOQ%2BwQsOx4zFLbtH2gYQOfbCMyExsK%2BV%2FKfZ5UVYaCymfFl%2FkHhIMaAYRT6xWTqYlQHHa1Se1pXGaQ5ApfBOLzF4G9u"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6bcb93eced694ec7-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 71946f9cff6b8a5190a5f04fbc1bbac4_1639353094_6652.jpg
i2.tcafe2a.com/211213/ 157 KB
158 KB 27ms
26ms Image
image/jpeg 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2.tcafe2a.com/211213/71946f9cff6b8a5190a5f04fbc1bbac4_1639353094_6652.jpg
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ba9ef701d9006a9c79d610a7a78f93338f6a64db385739546c51367ba78cc63

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 01:56:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5712
cf-bgj: h2pri
content-length: 161167
last-modified: Sun, 12 Dec 2021 23:20:01 GMT
server: cloudflare
etag: "61b683a1-2758f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FB%2BW4lO7qWz3Q1KHd1zibPcmDcldYaochfPEE2oKsfK2bnrbebB2cIFeOxXmgdsrROArjM4UPJ1sqbVNy59eyPMQOxCTDAYQ6eDOQPUZzUeg%2F36Pt5ZEenOGQiG%2BhpTVKmK2v9w%2FQPaeaGAz"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6bcb93eced6a4ec7-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 421279f6acbb2d170ba6df6f366978f7_1639353046_4407.jpg
i2.tcafe2a.com/211213/ 41 KB
42 KB 16ms
15ms Image
image/jpeg 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2.tcafe2a.com/211213/421279f6acbb2d170ba6df6f366978f7_1639353046_4407.jpg
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 985cdc0de44e6a5354f4e2954d964e96fa3062818d9f0e9bc67ed8f1862b0dec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 01:56:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5712
cf-bgj: h2pri
content-length: 42234
last-modified: Sun, 12 Dec 2021 23:19:13 GMT
server: cloudflare
etag: "61b68371-a4fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fJz905gU9nY1hiqB3T2hQMFciRtnyameRcLemfnVoylRp8Ue2PEeWBdZiLjnIZd8hw7CRQsAT94X7yF0nEEXiXlgl2Y8wFVUSsCqh5vU9SiQIlUJmoItL68QoEN5nJ79HbyxTbgFugh%2FeRlc"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6bcb93eced6c4ec7-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK sidebar.js Show response
tcafe2a.com/thema/rt-first/widget/miso-sidebar/ 4 KB
2 KB 12ms
12ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tcafe2a.com/thema/rt-first/widget/miso-sidebar/sidebar.js
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf573597aea23b7bdb09e42dcdc7b54838cebfe1910c637cd33330446f7e6035

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 01:56:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Sep 2020 10:20:29 GMT
Server: cloudflare
Age: 6719
ETag: W/"1174-5aff86ec97540"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2B5%2FyoSZVrxxvkiEz523YotjaPxv39p5smEZhXBnBYzn5NWsFkcQlhmNnh9TZ%2BRwq586MZH4sDmvJU0FK9CHPX%2F%2Bk1MxBRFNBePL35hAegQ%2Fe6mWmw8EuL8q6H1AsAchpKabccum9eqR"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6bcb93eaef3969a3-FRA
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK bootstrap.min.js Show response
tcafe2a.com/thema/rt-first/assets/bs3/js/ 31 KB
9 KB 13ms
12ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tcafe2a.com/thema/rt-first/assets/bs3/js/bootstrap.min.js
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 01:56:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Sep 2020 10:20:55 GMT
Server: cloudflare
Age: 6718
ETag: W/"7c4b-5aff870562fc0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ahpw2d4gR5tXX87h5uor7iEhgM1yxtjHdo%2FtvlHeV0Oo6%2FPCI%2Fgr%2FpJyQ%2Fdwv0aZ5RGLKetxs1PrNF3BcoJ3E2sAdpgGyUGoT0JIjZMHcL3mnjs1NbTka6XGGMSTnFmk5tJFwEYIRtEC"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6bcb93eb0f4e69a3-FRA
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK sly.min.js Show response
tcafe2a.com/thema/rt-first/assets/js/ 18 KB
8 KB 12ms
12ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tcafe2a.com/thema/rt-first/assets/js/sly.min.js
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8dc09e4ddc3c326ef6341498e7e8e70af3a848713429b909be53c947b43da10

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 01:56:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Sep 2020 10:18:59 GMT
Server: cloudflare
Age: 7056
ETag: W/"48de-5aff8696c2ac0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PGcP5Xn5p4uxK98x4EZCWgCHUpOBfZOvdXxVqN4qYTM0UHoRUDdf2lHYsp1uvoGNmePvn2F2Be6lqmzyS4ZSowQ7CUIrtP%2FVsF8ns542SxBkm%2BZOoOe4RorTuEWiGb3GM8UxtGg6kR2m"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6bcb93eb1f6469a3-FRA
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK custom.js Show response
tcafe2a.com/thema/rt-first/assets/js/ 5 KB
3 KB 15ms
15ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tcafe2a.com/thema/rt-first/assets/js/custom.js
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9436d1c1cfe022a2f8a94be49f4ce0b3456b4326a26b3ff7e5d4fd38799b4327

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 01:56:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Sep 2020 10:18:58 GMT
Server: cloudflare
Age: 6717
ETag: W/"13a7-5aff8695ce880"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=32BANTAAdCd7Njy83D7JTQP8%2FuNuHHvD%2FkrxHI%2B1aiXfPp6Phtct8qdqlMFLp%2BxaazxNMrmsoGikADlHlfFLvHL6MB7BiPNIWmr67S%2FtLWnZnTuy2Mw9DJCNMkI%2Fae26iv3jq90zXnul"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6bcb93eb2f7c69a3-FRA
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK sticky.js Show response
tcafe2a.com/thema/rt-first/assets/js/ 4 KB
2 KB 16ms
16ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tcafe2a.com/thema/rt-first/assets/js/sticky.js
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e444d1682648a41af23f384c2141339689aee3466c97635b264b952d1b5c1cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 01:56:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Sep 2020 10:18:59 GMT
Server: cloudflare
Age: 6717
ETag: W/"1106-5aff8696c2ac0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1qvs34lgvPbe4%2BC7z%2F9WdGo5O1zhKIZpbnJ7d0%2BLCyxIxIkSjdYOMbUZeOLN%2BUKxgjVOhIcj3co6WMPppQQTbcHCR%2FejfJYxo%2BKdCMMSh1tJKFwPKCKocyc6yH93NHMZ9JkHISncjZ2B"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6bcb93eb4f9569a3-FRA
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 227ms
87ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-122666392-1

Requested by

Host: tcafe2a.com
URL: http://tcafe2a.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0bc2f3839afea6bf1d7530dc61e7cb595228f9598bf231889d8753412fa9216f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 01:56:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36193
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Dec 2021 01:56:46 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 215 B
642 B 253ms
82ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=tcafe2a.com&callback=_gfp_s_&client=ca-pub-6840554518587098

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6840554518587098&plah=tcafe2a.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

8496cf84c90a41aca1a2bcceef7f14993d593e748452d180f06d0d1fdf1d6153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 01:56:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 156ms
56ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=tcafe2a.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 01:56:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 146ms
53ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tcafe2a.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 01:56:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B24A 0
179 B 85ms
84ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6840554518587098&output=html&adk=1812271804&adf=3025194257&lmt=1639360536&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Ftcafe2a.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1639360605822&bpp=6&bdt=448&idt=252&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7049048100612&frm=20&pv=2&ga_vid=900420661.1639360606&ga_sid=1639360606&ga_hid=801370088&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=2094621900063319&pem=184&tmod=207&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=268

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 13 Dec 2021 01:56:46 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 13 Dec 2021 01:56:46 GMT
cache-control: private

GET
H/1.1 200
OK fontawesome-webfont.woff2
tcafe2a.com/js/font-awesome/fonts/ 75 KB
76 KB 14ms
14ms Font
application/octet-stream 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tcafe2a.com/js/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: tcafe2a.com
URL: http://tcafe2a.com/js/font-awesome/css/font-awesome.min.css
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: http://tcafe2a.com/js/font-awesome/css/font-awesome.min.css
Origin: http://tcafe2a.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 01:56:46 GMT
CF-Cache-Status: HIT
Last-Modified: Mon, 16 Sep 2019 02:39:25 GMT
Server: cloudflare
Age: 5713
ETag: "12d68-592a283137140"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kN9rB2dvK%2FdpMsjp0TEp2hdex%2Fjt8oh0YZ8DHWWzBeJpzGiv2P0WupUKmpe78j3XSfyXaMhbRg%2B%2FerdKnpynZKED0zOcIUYF4Ec6msz7pvZL5lzsFjngTbZ%2Bq%2FMvkQHYkpmUee2iDyTY"}],"group":"cf-nel","max_age":604800}
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6bcb93ecda677025-FRA
Content-Length: 77160

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7AD4 17 KB
9 KB 379ms
378ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6840554518587098&output=html&h=600&slotname=7529873956&adk=2030298515&adf=184740106&pi=t.ma~as.7529873956&w=120&lmt=1639360536&psa=0&format=120x600&url=http%3A%2F%2Ftcafe2a.com%2F&flash=0&wgl=1&dt=1639360606238&bpp=2&bdt=864&idt=2&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7049048100612&frm=20&pv=1&ga_vid=900420661.1639360606&ga_sid=1639360606&ga_hid=801370088&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1230&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=2094621900063319&pem=184&tmod=207&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=QNU5J7gCWC&p=http%3A//tcafe2a.com&dtd=8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8f81a2978ed5e79bf74b0a700dcf4599ca2222a19aedde0018f68b9f7407c0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 13 Dec 2021 01:56:46 GMT
server: cafe
content-length: 9535
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 13 Dec 2021 01:56:46 GMT
cache-control: private

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 144ms
58ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-122666392-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1312
date: Mon, 13 Dec 2021 01:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 13 Dec 2021 03:34:54 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7AD4 42 B
63 B 123ms
72ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AiASzbjENpRNRZ6DSPzEWQgtRNY8H6iV52xFkow1AQ3SZGkxePoLORWs8RuZOJ3oV1Brr3rkd2tmT17jUWtdWhnkg9ZBPKLj7Faxs_hvhXek9vHSY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6840554518587098&output=html&h=600&slotname=7529873956&adk=2030298515&adf=184740106&pi=t.ma~as.7529873956&w=120&lmt=1639360536&psa=0&format=120x600&url=http%3A%2F%2Ftcafe2a.com%2F&flash=0&wgl=1&dt=1639360606238&bpp=2&bdt=864&idt=2&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7049048100612&frm=20&pv=1&ga_vid=900420661.1639360606&ga_sid=1639360606&ga_hid=801370088&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1230&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=2094621900063319&pem=184&tmod=207&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=QNU5J7gCWC&p=http%3A//tcafe2a.com&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 01:56:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 7AD4 2 KB
1 KB 158ms
40ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 01:43:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 820
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 01:43:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7AD4 119 KB
37 KB 165ms
48ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 01:56:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Dec 2021 01:56:46 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 7AD4 15 KB
7 KB 153ms
36ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 01:18:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 01:18:16 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0EC9 624 B
297 B 48ms
47ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYxsCzZTAB&v=APEucNW97QpVj0gD2RGgEr4iIDg-vureQA-oyCeSuyPpti86U6iAhuY87GC6Q2pchl3qbIedP24GyZqp9sILnI9FSsfL0Zxr36b91lRggrnB60I2us4UTaQfOHLUe4jsvE-_R27W4PrNKN6L1Z3mP2ZrlGUDy5NK4psQsOxjryEMwDoL9WzjTTs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6840554518587098&output=html&h=600&slotname=7529873956&adk=2030298515&adf=184740106&pi=t.ma~as.7529873956&w=120&lmt=1639360536&psa=0&format=120x600&url=http%3A%2F%2Ftcafe2a.com%2F&flash=0&wgl=1&dt=1639360606238&bpp=2&bdt=864&idt=2&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7049048100612&frm=20&pv=1&ga_vid=900420661.1639360606&ga_sid=1639360606&ga_hid=801370088&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1230&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=2094621900063319&pem=184&tmod=207&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=QNU5J7gCWC&p=http%3A//tcafe2a.com&dtd=8

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 13 Dec 2021 01:56:46 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7AD4 72 KB
30 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ArB1qwgCUjiJZCBAsfndIPuw5XL4CizZgPugR6qg2ES_yWawxPnQBSahh-g4xWP5QM7mofE47eRj3c170qN9zdVLz68MJZ0HJdhMBGTWrV06Q5LXNV95JW62ovaC47bDiGyvTu-j2kMJtTEGT7hf2_kDcKmQ&dbm_d=AKAmf-CRZxDetMii9CTV0-KNQzYlkNiuHcCM_tDR-SAdMaj5g7h_pMarYEPznwb9eOgX9TAUnlhm4oktLWmCjCCyidfwbe3p-VIyZFb__fedPVCOWMLriBwvzZl5prN_FtUkMLD3f7ho5YEFOESfAb4g87hR_ZrHj1gFx7PRMoBN1eedlb59nwRk6wCzlWGQy6BQEymXk5NceTau-_5eOBDwlCTZtPVghT8ioIWoFT2lpNXR2uJs88SkYUNCfcKBNZmHdHOL6ob1EXRkp1s7zR_jXU0xZnf5mnM_d82FqcUFfY8RhiAfUYEsZ7P18j3K2-6OXU1MkPdJtkvMYRW1D_xSpnJN4w4p9PnUbdTB69TElGmy2A9VZ_FGYtle_14rcrB26HiLob2Sh6GtBZvKMo2IbiBPkMl6QBWGfcHpJDvUs_smkzap5k1BSrpbzluV5sbhcmpmI6Io9MTvyZO40znT9tNibCHqf7SlJ9XACmi9dslAssXj8Ooqg19Oza0x76TbQTDfKQismSWEvbVoJKJT71BVt7yZkS2qT_T5IHqY3kQ9YP3mKNykEyM80xsgjMyWK442BtzC8-iclGSkwV6Q7iSoD9EgR7SFPmT6jPC6UVpNs7Lf_4ou0n3wuBictg-HZbeUQTBdMaBb9gPYNcSRah5pljgOZb1gLSl2u0Pgkg__OJoYqsewvgC_mvMO-HCpToTyRInAau9Rb1AjvaXT-2gmF_GTSO-4HEU7-GFepApWdz-apRwwUXuHmzcCgsuxYUI3FLqi7Xpu2Vq20oCgYomAfA89TGMVEX39UcCUj-2ViAwmT0Huf3_hZ49BxyWOOxLXaMbWrKrlYbHGUi1FRA_2LdzfvUxTldba0hOZPyPqQIH_lvvQmeJKOMUqr54TJwpLbz7l4ExGnf6gooST_HxHbVM3Y0u9m2E1fkfBVnhQOAcfbMvXYGt9tGRI2OoimQ3UeRxdB1Xei7B99X0O8fOSqpK8lwSaqN-rB-SImlu87SqGvN-YXR-3TT3uIn6JP7G9altb2kZw1X7Syd1EZjARS60bEstGh0rKkMlCG73TiVV7b6qI5NFNPWCO5okpdwCOxPhk-N3JK1lSx_AazDxFfs1Y4zUMXq3yWOEbdc0ollHNXgsQdTjU1_ceJujMxioFX1MdlwFAlR83yVFEQ1sQo9NJoxIJatZBPutamSfycASF6-jRCNdTyC9Svv0T8zmfrrxknSNhD_W1jBq_9IMmfQSAbAAKQHtZ3wErevMEWZmUp0unZ4--nkX04i-1HYDw5lnhCOGk7yz0DLbjfgLspH2TjEVW7y00BfHZS_s5AWBt8Mt0F5vbF0yp8ya5yLUtRCg3P6S6pDf6Y-TkGTjnoC7aKsBMDbtIDjPn9wieyTXRUgPnMJ-vgnq4QO-rMuTU_esOF6qoKQtHuC4iq967fumSoaiRaB34CWGHoYqur0HRKyli9a-HOR6jRQYBl5Pk5VXBzKE1Bca1mGQcCLestFGzOTZ2_lsdxKTfy7YwnMuQOjvqNPJQcJLv6YYfqRRAKjm1H-1U8gbKnij0HsCUvxKz0cWy2-CT5nc_L--CF8H9xLJ_McL_GI8aEv6f3qHW5soSkIUic0ynuMrsgDWWPE71m8XTh5W1qwdCyr96VX-DiG2kfpbGAu84ABLcFPsIjyP9KLQwSBOTl4FpJA5JGXGj6zCOXW59bTfk4D-Gr3BzNOW7lH6bdgEdPBQxl-l8GIHzILyYdhPQAP1Prbu-vEzCvVhiIP295YAW1Qt1FEf1E_Z9YySdHtcEVlJd7PlV_fW8MOETvcPtF5zyMVo4ztrwDo3JgurQ9nBgP6kVUtx6MCTl4AdFahwzCsX70wP4XOZECoTACMYx-RzyMw1c2zzFPOA6g6JgndfmmjSk7ch405yyLblzm6Eu6UF1P39FAvsiM5CY4CzDkcs-GUf-T05N_heCEhDlGKUKmcUshbXt0_pF9GT84C0wJU33v8rDB0xqs7pNgdsMFSXNXFPfDrsfPj7OJ4lrHpNE4QCsvMmtMudL0rW6g9kxcxigWzgy_4_428eWsiFQRkdNSkyB6a6hg59SwIzxkvkUoRL3LiTW7xHmgJW2CbPzwjIZeelzvTPpajC-Zg82Dg5hPiM84WdkPVCr1odYFV_Baonorn9yWcP2HTjfpZBS49sDxkFBKrBx0yqG_kfksxdIxiSVOu-oUAgQeGEyr4vEoVD_9fPSAGhMMZb-7m7VpFOix34ERM8jIsZXtl0J5Uo1tKx-ZxpuqHTRor93MIJQKPB3Dof1c2VUj7o9n4tmN9GgjFa-UM80JMNxuMqbADjiBlBotaBFePEmcsFr3Kn-JDBAqyT5reoOvfkaIZ3YuDKO-yrUHDktTwFiIrdez3Mm75d5JetWwdJNfPFye5tmFm3ZFEh2zpc3BT4hoQ8cGKwruLMYpQAiBrh-2jBZCxXD-V-hZ7vdW1atVmeNJAEAf1wTO6irwJBIEbjVB3RM3LP0NhRFvlPrjG1KKVcl6aucET4D7I-me5_uMTWggNdICfdnfl_u7CsILXsO2u0GZ-4MU8iyKUAfS6ZKbczQOvPea-6H7NAfjbiD7kiEDzazvihQ4O1HMmhmyQD0_Tl-kXA6xy_kNu0dq66L91_q8UmkLXQPugvyOD67KF6BILpH1pA9g5gZcNJWGcxHRpb1Z9o3BENJn1zI3ChfJMlUqpX6q0BSkF8AxY8OGYz-NyRwxghTmzpJEY1t2dxRviZi5cDRx9k1tqf5AkCQ2dMGR-qN9fjGgZ2pchxaPu-QbS72mPXSOaHPExUB8MieDgfcFTyELUPWkWkMsIz5tRjh2D1pSAGA1ITGplxJZZF7DR5-swTlVtyoongjpX4Hn4c65NM9eQ9CeuOZ3mNiYv7LvtxC33QwdN-siOVPCNSpDEb-QvDE7o-lw24O-JHFfoiHnUZFDCKkJv7b6CNBxGMT1UTej4mTIy8Yxm54wVdD8ZUCZaAQiHHDPqEIkQupAXNLNrNXJPfaj-J6Yh44V0HlGIrRrmULjW92zV1YKmqYzmUdU8YZhEO_Af2urOwc9SGhyfNMcn0K9e9Q&cid=CAASEuRov7VLs1p_beKP36fDQLurVA&rfl=1%2Chttp%253A%252F%252Ftcafe2a.com%252F%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

080fa5cd8b92ebd7e51a5b5ce76fa3c17dc3eedeefe722773d2d64aaaf8fad77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6840554518587098&output=html&h=600&slotname=7529873956&adk=2030298515&adf=184740106&pi=t.ma~as.7529873956&w=120&lmt=1639360536&psa=0&format=120x600&url=http%3A%2F%2Ftcafe2a.com%2F&flash=0&wgl=1&dt=1639360606238&bpp=2&bdt=864&idt=2&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7049048100612&frm=20&pv=1&ga_vid=900420661.1639360606&ga_sid=1639360606&ga_hid=801370088&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1230&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=2094621900063319&pem=184&tmod=207&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=QNU5J7gCWC&p=http%3A//tcafe2a.com&dtd=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 01:56:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30651
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 92ms
45ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=801370088&t=pageview&_s=1&dl=http%3A%2F%2Ftcafe2a.com%2F&ul=en-us&de=UTF-8&dt=Tcafe2a&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=83266042&gjid=1517241296&cid=900420661.1639360606&tid=UA-122666392-1&_gid=978762246.1639360607&_r=1&gtm=2ouc10&z=583911593

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://tcafe2a.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 01:56:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://tcafe2a.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0EC9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM1aU58FtrsYIj0U7ckD6ak&google_cver=1

43 B
894 B

25ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM1aU58FtrsYIj0U7ckD6ak&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYxsCzZTAB&v=APEucNW97QpVj0gD2RGgEr4iIDg-vureQA-oyCeSuyPpti86U6iAhuY87GC6Q2pchl3qbIedP24GyZqp9sILnI9FSsfL0Zxr36b91lRggrnB60I2us4UTaQfOHLUe4jsvE-_R27W4PrNKN6L1Z3mP2ZrlGUDy5NK4psQsOxjryEMwDoL9WzjTTs
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 01:56:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 13 Dec 2021 01:56:46 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 01:56:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM1aU58FtrsYIj0U7ckD6ak&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0EC9
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YbaoXpDPJk.HMi46-0LobQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM1aU58FtrsYIj0U7ckD6ak&google_cver=1&google_hm=2

43 B
894 B

12ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM1aU58FtrsYIj0U7ckD6ak&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYxsCzZTAB&v=APEucNW97QpVj0gD2RGgEr4iIDg-vureQA-oyCeSuyPpti86U6iAhuY87GC6Q2pchl3qbIedP24GyZqp9sILnI9FSsfL0Zxr36b91lRggrnB60I2us4UTaQfOHLUe4jsvE-_R27W4PrNKN6L1Z3mP2ZrlGUDy5NK4psQsOxjryEMwDoL9WzjTTs
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 01:56:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 13 Dec 2021 01:56:46 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 01:56:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM1aU58FtrsYIj0U7ckD6ak&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 0EC9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFoX1Tbbg-LJVxiQPr1hN5A&google_cver=1

43 B
1008 B

7ms
7ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEFoX1Tbbg-LJVxiQPr1hN5A&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYxsCzZTAB&v=APEucNW97QpVj0gD2RGgEr4iIDg-vureQA-oyCeSuyPpti86U6iAhuY87GC6Q2pchl3qbIedP24GyZqp9sILnI9FSsfL0Zxr36b91lRggrnB60I2us4UTaQfOHLUe4jsvE-_R27W4PrNKN6L1Z3mP2ZrlGUDy5NK4psQsOxjryEMwDoL9WzjTTs

Protocol

HTTP/1.1

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 01:56:46 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 166f1ba7-dc8a-4006-854c-b7d9c00f2574
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 01:56:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEFoX1Tbbg-LJVxiQPr1hN5A&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0EC9
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkwMTM5NDM3MTc1NjYzNjUxMg%3D%3D

170 B
243 B

109ms
51ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkwMTM5NDM3MTc1NjYzNjUxMg%3D%3D

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 01:56:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 01:56:46 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: da680407-8fcd-4497-ac3e-76c9539139a4
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkwMTM5NDM3MTc1NjYzNjUxMg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 7AD4 106 KB
38 KB 180ms
41ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: tcafe2a.com
URL: http://tcafe2a.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 20:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20499
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 13 Dec 2021 20:15:07 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame 7AD4 8 KB
3 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ArB1qwgCUjiJZCBAsfndIPuw5XL4CizZgPugR6qg2ES_yWawxPnQBSahh-g4xWP5QM7mofE47eRj3c170qN9zdVLz68MJZ0HJdhMBGTWrV06Q5LXNV95JW62ovaC47bDiGyvTu-j2kMJtTEGT7hf2_kDcKmQ&dbm_d=AKAmf-CRZxDetMii9CTV0-KNQzYlkNiuHcCM_tDR-SAdMaj5g7h_pMarYEPznwb9eOgX9TAUnlhm4oktLWmCjCCyidfwbe3p-VIyZFb__fedPVCOWMLriBwvzZl5prN_FtUkMLD3f7ho5YEFOESfAb4g87hR_ZrHj1gFx7PRMoBN1eedlb59nwRk6wCzlWGQy6BQEymXk5NceTau-_5eOBDwlCTZtPVghT8ioIWoFT2lpNXR2uJs88SkYUNCfcKBNZmHdHOL6ob1EXRkp1s7zR_jXU0xZnf5mnM_d82FqcUFfY8RhiAfUYEsZ7P18j3K2-6OXU1MkPdJtkvMYRW1D_xSpnJN4w4p9PnUbdTB69TElGmy2A9VZ_FGYtle_14rcrB26HiLob2Sh6GtBZvKMo2IbiBPkMl6QBWGfcHpJDvUs_smkzap5k1BSrpbzluV5sbhcmpmI6Io9MTvyZO40znT9tNibCHqf7SlJ9XACmi9dslAssXj8Ooqg19Oza0x76TbQTDfKQismSWEvbVoJKJT71BVt7yZkS2qT_T5IHqY3kQ9YP3mKNykEyM80xsgjMyWK442BtzC8-iclGSkwV6Q7iSoD9EgR7SFPmT6jPC6UVpNs7Lf_4ou0n3wuBictg-HZbeUQTBdMaBb9gPYNcSRah5pljgOZb1gLSl2u0Pgkg__OJoYqsewvgC_mvMO-HCpToTyRInAau9Rb1AjvaXT-2gmF_GTSO-4HEU7-GFepApWdz-apRwwUXuHmzcCgsuxYUI3FLqi7Xpu2Vq20oCgYomAfA89TGMVEX39UcCUj-2ViAwmT0Huf3_hZ49BxyWOOxLXaMbWrKrlYbHGUi1FRA_2LdzfvUxTldba0hOZPyPqQIH_lvvQmeJKOMUqr54TJwpLbz7l4ExGnf6gooST_HxHbVM3Y0u9m2E1fkfBVnhQOAcfbMvXYGt9tGRI2OoimQ3UeRxdB1Xei7B99X0O8fOSqpK8lwSaqN-rB-SImlu87SqGvN-YXR-3TT3uIn6JP7G9altb2kZw1X7Syd1EZjARS60bEstGh0rKkMlCG73TiVV7b6qI5NFNPWCO5okpdwCOxPhk-N3JK1lSx_AazDxFfs1Y4zUMXq3yWOEbdc0ollHNXgsQdTjU1_ceJujMxioFX1MdlwFAlR83yVFEQ1sQo9NJoxIJatZBPutamSfycASF6-jRCNdTyC9Svv0T8zmfrrxknSNhD_W1jBq_9IMmfQSAbAAKQHtZ3wErevMEWZmUp0unZ4--nkX04i-1HYDw5lnhCOGk7yz0DLbjfgLspH2TjEVW7y00BfHZS_s5AWBt8Mt0F5vbF0yp8ya5yLUtRCg3P6S6pDf6Y-TkGTjnoC7aKsBMDbtIDjPn9wieyTXRUgPnMJ-vgnq4QO-rMuTU_esOF6qoKQtHuC4iq967fumSoaiRaB34CWGHoYqur0HRKyli9a-HOR6jRQYBl5Pk5VXBzKE1Bca1mGQcCLestFGzOTZ2_lsdxKTfy7YwnMuQOjvqNPJQcJLv6YYfqRRAKjm1H-1U8gbKnij0HsCUvxKz0cWy2-CT5nc_L--CF8H9xLJ_McL_GI8aEv6f3qHW5soSkIUic0ynuMrsgDWWPE71m8XTh5W1qwdCyr96VX-DiG2kfpbGAu84ABLcFPsIjyP9KLQwSBOTl4FpJA5JGXGj6zCOXW59bTfk4D-Gr3BzNOW7lH6bdgEdPBQxl-l8GIHzILyYdhPQAP1Prbu-vEzCvVhiIP295YAW1Qt1FEf1E_Z9YySdHtcEVlJd7PlV_fW8MOETvcPtF5zyMVo4ztrwDo3JgurQ9nBgP6kVUtx6MCTl4AdFahwzCsX70wP4XOZECoTACMYx-RzyMw1c2zzFPOA6g6JgndfmmjSk7ch405yyLblzm6Eu6UF1P39FAvsiM5CY4CzDkcs-GUf-T05N_heCEhDlGKUKmcUshbXt0_pF9GT84C0wJU33v8rDB0xqs7pNgdsMFSXNXFPfDrsfPj7OJ4lrHpNE4QCsvMmtMudL0rW6g9kxcxigWzgy_4_428eWsiFQRkdNSkyB6a6hg59SwIzxkvkUoRL3LiTW7xHmgJW2CbPzwjIZeelzvTPpajC-Zg82Dg5hPiM84WdkPVCr1odYFV_Baonorn9yWcP2HTjfpZBS49sDxkFBKrBx0yqG_kfksxdIxiSVOu-oUAgQeGEyr4vEoVD_9fPSAGhMMZb-7m7VpFOix34ERM8jIsZXtl0J5Uo1tKx-ZxpuqHTRor93MIJQKPB3Dof1c2VUj7o9n4tmN9GgjFa-UM80JMNxuMqbADjiBlBotaBFePEmcsFr3Kn-JDBAqyT5reoOvfkaIZ3YuDKO-yrUHDktTwFiIrdez3Mm75d5JetWwdJNfPFye5tmFm3ZFEh2zpc3BT4hoQ8cGKwruLMYpQAiBrh-2jBZCxXD-V-hZ7vdW1atVmeNJAEAf1wTO6irwJBIEbjVB3RM3LP0NhRFvlPrjG1KKVcl6aucET4D7I-me5_uMTWggNdICfdnfl_u7CsILXsO2u0GZ-4MU8iyKUAfS6ZKbczQOvPea-6H7NAfjbiD7kiEDzazvihQ4O1HMmhmyQD0_Tl-kXA6xy_kNu0dq66L91_q8UmkLXQPugvyOD67KF6BILpH1pA9g5gZcNJWGcxHRpb1Z9o3BENJn1zI3ChfJMlUqpX6q0BSkF8AxY8OGYz-NyRwxghTmzpJEY1t2dxRviZi5cDRx9k1tqf5AkCQ2dMGR-qN9fjGgZ2pchxaPu-QbS72mPXSOaHPExUB8MieDgfcFTyELUPWkWkMsIz5tRjh2D1pSAGA1ITGplxJZZF7DR5-swTlVtyoongjpX4Hn4c65NM9eQ9CeuOZ3mNiYv7LvtxC33QwdN-siOVPCNSpDEb-QvDE7o-lw24O-JHFfoiHnUZFDCKkJv7b6CNBxGMT1UTej4mTIy8Yxm54wVdD8ZUCZaAQiHHDPqEIkQupAXNLNrNXJPfaj-J6Yh44V0HlGIrRrmULjW92zV1YKmqYzmUdU8YZhEO_Af2urOwc9SGhyfNMcn0K9e9Q&cid=CAASEuRov7VLs1p_beKP36fDQLurVA&rfl=1%2Chttp%253A%252F%252Ftcafe2a.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 01:48:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 495
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 01:48:31 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 7AD4 24 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 01:25:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1862
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9516
x-xss-protection: 0
server: cafe
etag: 14328493792227503680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 01:25:44 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7AD4 41 KB
15 KB 97ms
39ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 23:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8308
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Dec 2022 23:38:18 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7210 1 KB
749 B 41ms
40ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 12 Dec 2021 05:53:44 GMT
expires: Mon, 13 Dec 2021 05:53:44 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 72182
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dpixel
cms.quantserve.com/ Frame 7210 35 B
465 B 35ms
9ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEERRC9KLGa1lj4Q_kDOD0QE&google_cver=1&google_push=AYg5qPI7s829ziDdOInhBr6oh0A8k2fxSyDk2Lzvss8dgcnJ0HDKYE8qYmPWSPgYBfXkVuevH0QSr-e7DSUBn9sXCLB2wtooPA

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 01:56:46 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7210
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPLxbJITwWTmmNKKDkU_7w7lwOKMIeJrG7P8CvL...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWJhb1hnQUFCQVRIN0ZFcQ&google_push=AYg5qPLxbJITwWTmmNKKDkU_7w7lwOKMIeJrG7P8CvLzD4TNeir5aXuURbzlCVpnZ6TuwKdHtwxPqlXtzGoAGTWa7l6kTpRdEW8

170 B
188 B

60ms
60ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWJhb1hnQUFCQVRIN0ZFcQ&google_push=AYg5qPLxbJITwWTmmNKKDkU_7w7lwOKMIeJrG7P8CvLzD4TNeir5aXuURbzlCVpnZ6TuwKdHtwxPqlXtzGoAGTWa7l6kTpRdEW8

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 01:56:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWJhb1hnQUFCQVRIN0ZFcQ&google_push=AYg5qPLxbJITwWTmmNKKDkU_7w7lwOKMIeJrG7P8CvLzD4TNeir5aXuURbzlCVpnZ6TuwKdHtwxPqlXtzGoAGTWa7l6kTpRdEW8
Date: Mon, 13 Dec 2021 01:56:46 GMT
Server: Apache
Connection: keep-alive
Content-Length: 390
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 dds
rtb.openx.net/sync/ Frame 7210 43 B
351 B 60ms
21ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEOW6P4n-VPOe6sYfCA9PjXY&google_cver=1&google_push=AYg5qPKWlKRfe6akBrsemqhEJoarDm0b6GntoFcnlWWTmmzmBdBNH0-5vCNQj1HXANsLfhdWcoVa0P-TssnZL6xbLnMsMPK1SOo
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6840554518587098&output=html&h=600&slotname=7529873956&adk=2030298515&adf=184740106&pi=t.ma~as.7529873956&w=120&lmt=1639360536&psa=0&format=120x600&url=http%3A%2F%2Ftcafe2a.com%2F&flash=0&wgl=1&dt=1639360606238&bpp=2&bdt=864&idt=2&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7049048100612&frm=20&pv=1&ga_vid=900420661.1639360606&ga_sid=1639360606&ga_hid=801370088&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1230&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=2094621900063319&pem=184&tmod=207&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=QNU5J7gCWC&p=http%3A//tcafe2a.com&dtd=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 01:56:46 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: i71janeuufcu4eq4q0o5oqa19k35g7qr

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7210
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wSzL7zeYQS6kZWzkl7N9jQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

64ms
64ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wSzL7zeYQS6kZWzkl7N9jQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIzSOrnOv83KdyrFJxSy4W1lATMUUY15Iv9nV52g8VyEnsGTFw5k5A53uKi1Pf-I1ruEaVgPedYn1jsIGfaVPQw43aymmY

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 01:56:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wSzL7zeYQS6kZWzkl7N9jQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIzSOrnOv83KdyrFJxSy4W1lATMUUY15Iv9nV52g8VyEnsGTFw5k5A53uKi1Pf-I1ruEaVgPedYn1jsIGfaVPQw43aymmY
date: Mon, 13 Dec 2021 01:56:46 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7210
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEP1F3UBvAV7UekcHnAnDjTQ&google_cver=1&google_push=AYg5qPKSSkYmC9_OcbyjEK6ABztrUHNIdsgWUanaEShscNZ8sMUnKVttUr4rrMF1QeOyoewkb2k...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g0MFo4NVctMy01S05C&google_push=AYg5qPKSSkYmC9_OcbyjEK6ABztrUHNIdsgWUanaEShscNZ8sMUnKVttUr4rrMF1QeOyoewkb2kjdTuBqQbRlw2zT2MZI-P1Ums

170 B
188 B

56ms
56ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g0MFo4NVctMy01S05C&google_push=AYg5qPKSSkYmC9_OcbyjEK6ABztrUHNIdsgWUanaEShscNZ8sMUnKVttUr4rrMF1QeOyoewkb2kjdTuBqQbRlw2zT2MZI-P1Ums

Requested by

Host: tcafe2a.com
URL: http://tcafe2a.com/

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 01:56:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g0MFo4NVctMy01S05C&google_push=AYg5qPKSSkYmC9_OcbyjEK6ABztrUHNIdsgWUanaEShscNZ8sMUnKVttUr4rrMF1QeOyoewkb2kjdTuBqQbRlw2zT2MZI-P1Ums
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 29af2665c43893332e84c235bac366c1
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 7210
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENes1VS4-woIzoEwJDFgayw&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbaoXpDPJk-HMi46_0LobQAABMAAAAAB&google_cver=1&google_gid=CAESENes1VS4-woIzoEwJDFgayw&google_push=AYg5qPIunDqhxeB6edhNbDKwp5KqxpH1NmseN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbaoXpDPJk-HMi46_0LobQAABMAAAAAB&google_cver=1&google_gid=CAESENes1VS4-woIzoEwJDFgayw&google_push=AYg5qPIunDqhxeB6edhNbDKwp5KqxpH1NmseN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbaoXpDPJk-HMi46_0LobQAABMAAAAAB&google_cver=1&google_gid=CAESENes1VS4-woIzoEwJDFgayw&google_push=AYg5qPIunDqhxeB6edhNbDKwp5KqxpH1NmseN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbaoXpDPJk-HMi46_0LobQAABMAAAAAB&google_cver=1&google_gid=CAESENes1VS4-woIzoEwJDFgayw&google_push=AYg5qPIunDqhxeB6edhNbDKwp5KqxpH1NmseN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbaoXpDPJk-HMi46_0LobQAABMAAAAAB&google_cver=1&google_gid=CAESENes1VS4-woIzoEwJDFgayw&google_push=AYg5qPIunDqhxeB6edhNbDKwp5KqxpH1NmseN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbaoXpDPJk-HMi46_0LobQAABMAAAAAB&google_cver=1&google_gid=CAESENes1VS4-woIzoEwJDFgayw&google_push=AYg5qPIunDqhxeB6edhNbDKwp5KqxpH1NmseN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbaoXpDPJk-HMi46_0LobQAABMAAAAAB&google_cver=1&google_gid=CAESENes1VS4-woIzoEwJDFgayw&google_push=AYg5qPIunDqhxeB6edhNbDKwp5KqxpH1NmseN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbaoXpDPJk-HMi46_0LobQAABMAAAAAB&google_cver=1&google_gid=CAESENes1VS4-woIzoEwJDFgayw&google_push=AYg5qPIunDqhxeB6edhNbDKwp5KqxpH1NmseN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbaoXpDPJk-HMi46_0LobQAABMAAAAAB&google_cver=1&google_gid=CAESENes1VS4-woIzoEwJDFgayw&google_push=AYg5qPIunDqhxeB6edhNbDKwp5KqxpH1NmseN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbaoXpDPJk-HMi46_0LobQAABMAAAAAB&google_cver=1&google_gid=CAESENes1VS4-woIzoEwJDFgayw&google_push=AYg5qPIunDqhxeB6edhNbDKwp5KqxpH1NmseN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbaoXpDPJk-HMi46_0LobQAABMAAAAAB&google_cver=1&google_gid=CAESENes1VS4-woIzoEwJDFgayw&google_push=AYg5qPIunDqhxeB6edhNbDKwp5KqxpH1NmseN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbaoXpDPJk-HMi46_0LobQAABMAAAAAB&google_cver=1&google_gid=CAESENes1VS4-woIzoEwJDFgayw&google_push=AYg5qPIunDqhxeB6edhNbDKwp5KqxpH1NmseN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbaoXpDPJk-HMi46_0LobQAABMAAAAAB&google_cver=1&google_gid=CAESENes1VS4-woIzoEwJDFgayw&google_push=AYg5qPIunDqhxeB6edhNbDKwp5KqxpH1NmseN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbaoXpDPJk-HMi46_0LobQAABMAAAAAB&google_cver=1&google_gid=CAESENes1VS4-woIzoEwJDFgayw&google_push=AYg5qPIunDqhxeB6edhNbDKwp5KqxpH1NmseN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbaoXpDPJk-HMi46_0LobQAABMAAAAAB&google_cver=1&google_gid=CAESENes1VS4-woIzoEwJDFgayw&google_push=AYg5qPIunDqhxeB6edhNbDKwp5KqxpH1NmseN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbaoXpDPJk-HMi46_0LobQAABMAAAAAB&google_cver=1&google_gid=CAESENes1VS4-woIzoEwJDFgayw&google_push=AYg5qPIunDqhxeB6edhNbDKwp5KqxpH1NmseN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbaoXpDPJk-HMi46_0LobQAABMAAAAAB&google_cver=1&google_gid=CAESENes1VS4-woIzoEwJDFgayw&google_push=AYg5qPIunDqhxeB6edhNbDKwp5KqxpH1NmseN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbaoXpDPJk-HMi46_0LobQAABMAAAAAB&google_cver=1&google_gid=CAESENes1VS4-woIzoEwJDFgayw&google_push=AYg5qPIunDqhxeB6edhNbDKwp5KqxpH1NmseN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbaoXpDPJk-HMi46_0LobQAABMAAAAAB&google_cver=1&google_gid=CAESENes1VS4-woIzoEwJDFgayw&google_push=AYg5qPIunDqhxeB6edhNbDKwp5KqxpH1NmseN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbaoXpDPJk-HMi46_0LobQAABMAAAAAB&google_cver=1&google_gid=CAESENes1VS4-woIzoEwJDFgayw&google_push=AYg5qPIunDqhxeB6edhNbDKwp5KqxpH1NmseN...

0
0

GET
H2 200 trk
ag.innovid.com/ Frame 7210 43 B
297 B 150ms
34ms Image
image/gif 2a05:d01c:1d8:8101:fca3:6f47:214a:2d54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESELr4a2eueEmtG25uoMB7Vsk&google_cver=1&google_push=AYg5qPKGtby4HB0-qtMc5NJAENzKK16bhkVprfMsj9bMV_d7EDH0G47ljMjPYyb6B79A1XybBdmALWCPymuQFzIYjUaSmPw_iA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6840554518587098&output=html&h=600&slotname=7529873956&adk=2030298515&adf=184740106&pi=t.ma~as.7529873956&w=120&lmt=1639360536&psa=0&format=120x600&url=http%3A%2F%2Ftcafe2a.com%2F&flash=0&wgl=1&dt=1639360606238&bpp=2&bdt=864&idt=2&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7049048100612&frm=20&pv=1&ga_vid=900420661.1639360606&ga_sid=1639360606&ga_hid=801370088&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1230&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=2094621900063319&pem=184&tmod=207&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=QNU5J7gCWC&p=http%3A//tcafe2a.com&dtd=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:fca3:6f47:214a:2d54 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 01:56:47 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 7210 0
12 B 95ms
47ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IILx-uyV3fZgeA_CFVcrdJabyqyoHcLOwmR4_wRLJ9Hp0eaj21PxMZAGeoSoDX6SzbogzF

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 01:56:46 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 7AD4 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 328b0f9f13ba6f2a63381d66446d24f582abf7ce8c4f6b33a922beaabf2842bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D626 22 KB
8 KB 39ms
39ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Sun, 12 Dec 2021 23:38:39 GMT
expires: Mon, 12 Dec 2022 23:38:39 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 8287
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js Show response
pagead2.googlesyndication.com/bg/ Frame D626 35 KB
13 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 23:33:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8615
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13577
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 12 Dec 2022 23:33:12 GMT

GET
H2 200 sfht0if3y.js Show response
cdn.krxd.net/controltag/ Frame 7AD4 11 KB
4 KB 61ms
6ms Script
text/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/sfht0if3y.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 40a1b3366662d4c052b65b0e7842e3e7f78c4514afb3b4a387f550108ecdab03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Mon, 13 Dec 2021 01:56:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 1099
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 3744
x-served-by: config-service-a002-ash-prod.krxd.net, cache-bwi5144-BWI, cache-hhn4071-HHN
x-response-time: 1
x-do-esi: esi
x-timer: S1639360607.069266,VS0,VE0
etag: "6b7f7c5dd851aeb3a658ac72e276f359fcdeb737"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 139

GET
H3 200 index.html Show response
s0.2mdn.net/4528516/1018998188104344/ Frame CE3C 7 KB
3 KB 87ms
40ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/4528516/1018998188104344/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8495b6296b7d16296e49e7bfa5c51448b958bb7e42106ed4cf93399dacd4ad6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 2669
date: Sun, 12 Dec 2021 23:04:48 GMT
expires: Mon, 13 Dec 2021 23:04:48 GMT
last-modified: Mon, 01 Nov 2021 14:50:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 10319
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7AD4 0
571 B 204ms
85ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssjcxeZjEsDx5lao-WE5ZSOsQIgwtV-dX8lgzYfeejh5DQ2lMnoSAyl6lnUwgMvxDq7Ivkv7nH99idSZuhxI2rpbwKje24eZN3fbUx_KizC-DMKoPAzOGV5jXw5pe9_T16BPM5hjOJIQE-61WOGEcmaBnDF89Q7tIQ24CWu0Pj0pOr3zerJv63OaWJH3fZT6LQ0QCnDkAwrZocYXTfLAum5I22gKzLSw6sVI1BLErT3e9wbN8XWSEOM5DZeNaJol5-7-bIa8BA5RD7lzpsuyZ4v1POh91Mf6CwlMBDdWANk6cdttNrQMxp0SDTdyEWtuIlfUWDrqYbrSqa5BhnUZxyZMle1eu8qf9n8mFFODvIrrpfARH_fUZk3AHdhBCbjwRDn5XxuTBctlFeJcyd98WdJaDdbeR6b5bat9TRqpcw6PrlhDyCiJnimCn8aCnsREad8zyPfYqU_pikHQargmArbn3xP2kTk_qXf59zv4aPV6gZgGMTHgjXMPM47L7uhMQmDQezJZNcbfreUXX8-1r9kaGAq7JF4C8X_hHOUVwhq7REbL6Gg3C12jv2N5Nti0CP5WpboiY2howXzobXOn95tCgMyGalukEbCvi5ftjRB1BDWxNEqx0MSrMvcZQTRnMX7pGW0xsG6wfBYMX7Ah8A7QfoQoMj8dLXdu3KzxUatmMHjrUD_DwL8OANOnKS-1K9migaJ6QJaNnes7Xz200LBC7vHdnrcqBxEHKSi2_Nlblmuf230Nh5iisYDdw-upLPic94C5d__0xx6LKQBNICL3HKBTpomyxPDyEpmGR2i3i9u5rpYmFPIdqQm48gl8Rhtou7G0nJXBpQuLN9UiAzFa7w8YMXinhWUZkKbHu-j5_HoK5SAXW9lYFXZmStLpvccEkL24NNV2fgyC0AaqYCTTK1IQ6zJmP70GQe4gbrkFjy7IJAPHtXN0hST2SyW85REnZ-wn0nqR7tczivrxt_TMj9cxptPM-Vs1JjLZt2-_DF9RpSVRkVoIs__1nyzk7uelqxW9YRyME6577UP9jCl5gBI73zs0GMI0TPhw_0smBOUsvW3YpbRj0zWNCnEySbnqDN3fEB0TB38_O1Om_o5C1ij4CiSfhom6RmvW6RGKhBmxnyTQsoY76hKegO1VPEeeGXRgkXhshFDaGhOP5n9737_2rqakFdBJSkg0-NayEpUgx8g-KO6wuqpZC0CL5RC6Mmo8XoV_ms&sai=AMfl-YRG3EO3M9SWbzVRs-WtctVhPgfam_kDCRrdM9HPYyUEbmAFnl9ZEKFXY1KmVHq73jbo8bhxokzusx8hWpIZNh63CcMgMOAwbd1yw3pJBnoK7B4m97W70aTjA-HON_mKDa93qqKIeE1lJ6Z-FObe1DdJXtgzIw&sig=Cg0ArKJSzGhn145JYwqXEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=238&cbvp=1&cstd=236&cisv=r20211207.22513&adurl=

Requested by

Host: tcafe2a.com
URL: http://tcafe2a.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 13 Dec 2021 01:56:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Show response
cdn.krxd.net/ctjs/ Frame 7AD4 259 KB
83 KB 7ms
6ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/sfht0if3y.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Mon, 13 Dec 2021 01:56:47 GMT
content-encoding: gzip
age: 3896743
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 6423110
content-length: 84509
x-served-by: cache-hhn4071-HHN
last-modified: Mon, 02 Aug 2021 12:06:17 GMT
x-timer: S1639360607.088994,VS0,VE0
etag: "a1705c5ac5f06cf0c202ff70908fc042"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Jul 2031 12:06:16 GMT

GET
H2 204 ad_impression.gif
beacon.krxd.net/ Frame 7AD4 0
338 B 101ms
28ms Image
text/plain 52.30.186.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/ad_impression.gif?campaignid=11313517&advertiserid=4528516&placementid=261921428&adid=457763484&creativeid=160603196&siteid=1729994&url=https%3A%2F%2Fbeacon.krxd.net%2Fad_impression.gif&_kpid=af5fc09f-edef-481c-bfa7-696005c6deb3&confid=sfht0if3y
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6840554518587098&output=html&h=600&slotname=7529873956&adk=2030298515&adf=184740106&pi=t.ma~as.7529873956&w=120&lmt=1639360536&psa=0&format=120x600&url=http%3A%2F%2Ftcafe2a.com%2F&flash=0&wgl=1&dt=1639360606238&bpp=2&bdt=864&idt=2&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7049048100612&frm=20&pv=1&ga_vid=900420661.1639360606&ga_sid=1639360606&ga_hid=801370088&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1230&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773&oid=2&pvsid=2094621900063319&pem=184&tmod=207&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=QNU5J7gCWC&p=http%3A//tcafe2a.com&dtd=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.186.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-186-249.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 01:56:47 GMT
cache-control: private, no-cache, no-store
x-request-time: D=31 t=1639360607
x-served-by: beacon-n017-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame CE3C 236 KB
63 KB 93ms
17ms Script
text/javascript 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/4528516/1018998188104344/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 01:56:47 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Mon, 13 Dec 2021 02:11:47 GMT

GET
H3 200 javascript.js Show response
s0.2mdn.net/4528516/1018998188104344/ Frame CE3C 33 KB
8 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/4528516/1018998188104344/javascript.js?1635437037603

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/4528516/1018998188104344/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75ef924f82598eef26e7346816df5e0ab3a56229b8f60943b66986b87dbf36d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/4528516/1018998188104344/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 23:04:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10318
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7953
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 14:50:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 13 Dec 2021 23:04:49 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D626 0
20 B 75ms
74ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BR_geXqi2YeTBKtqux_APvs2YuAEAAAAAOAHgBAI&bg=!bG-lbyvNAAZKWFskSlg7ACkAdvg8WnRIUmCQVgOFX7AHFbOzLWG-FwUc-4pInpqt6Cz1wxCbLSFypgIAAABdUgAAAAtoAQeZAsg_L4T03sIJJx0vCoCTUMQir_0nKC0uBsd_YrjIj3-HhxORmVoS5DLq8NH7otVXsoH2IZ25gZbY0dnDNZgfVbTP8gblOyILdOd-yM9ZgZ66DU-ugihzqUQv2j7TCRIrSH8Gy2-kck4BDeQyxKp4siwaJk6vVyqTnDvveGr6soxOQiZQeUXJQoarvXrJKxgEqclNa7vnRxkcDqOle9cZBhfS1D8dte58lrC9R0Eprd4p5d3q2QsXDlKmKgM_xZ5HviAMrYtAlaN8QBE7nYaPNKIMacLo0EIB4TA8uBAV6r_x3UuqqZsSzP-xA1xYmfiKePLe-jTiDTLCxV5Qu8gwnKvIyqnutxuL-ZRk9zcyHTtQYx7-SC6OB2EkA4IoT1g3x2XQ0jZwvQV1tA6wSLSHauxFRxstDfraaFHApbaXLpze37XRQTdsoxATC1ICH_VGy9Gs6UHSz3D6y-dQ2TwPv3c-DoPKY4NtrT69ATnJIlAFjr44mj_E2FPw86h9kOljGBx73y_S_yn-SoMs2ux4oiIXYCqeJlfKXt3jNbTySBEoMJtbWg-JDp-lXauDF4jUfB6C4e-pKw5RkGumhVm_Bt9tDxeGiTMBvZ06EaDKADsOOhcPyKanEmIibUITObc_bJvPjGtNW2e0MSzmmy-7rqIhnf_QszKhuICwJXbYMsCgSMFvMUE-I_ZkpwPaBSZcL9nMHOBgeVVdMlVp8HHo5EBf_p1sf3ts5B7a7ytIYEaLL2jhwogRaZ2omsc6ribskSjdA-oMRBVO_N1RaN_hqyc9IkPeNK_bZEkhaGZZG_mbeZwN3mvggCoQrf73XQO3viVbDrTbKt68khhISFcAVWqrvrH1YjCvWyerpgMnj4ImNFjGlgCsqABRjgSSudCNF3ODAZFMMY7z5LznS3E19J024HPmT2tx88FE_zF-yt9hw6rZ-ksSHpab

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 01:56:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 af5fc09f-edef-481c-bfa7-696005c6deb3 Show response
consumer.krxd.net/consent/get/ Frame 7AD4 236 B
426 B 39ms
8ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/af5fc09f-edef-481c-bfa7-696005c6deb3?idt=device&dt=kxcookie&callback=Krux.ns.congstar.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1c16d201a9100daacb04cf145129a08cb61e6c06afe4c81f9d63eb7090718c12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 01:56:47 GMT
via: 1.1 varnish
age: 1738
x-served-by: consumer-a010-dub-prod.krxd.net, cache-hhn4052-HHN
vary: Accept-Encoding
x-cache: MISS, HIT
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1639360607.222406,VS0,VE0
content-length: 187
x-cache-hits: 0, 1

GET
H3 200 hintergrund.png
s0.2mdn.net/4528516/1018998188104344/ Frame CE3C 22 KB
22 KB 40ms
40ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528516/1018998188104344/hintergrund.png?1635437037571

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d92bbe554c2740bd61ec469f3ab0832f449db651ecb364ba0ef9e34ff54aa865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/4528516/1018998188104344/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 23:19:04 GMT
x-content-type-options: nosniff
age: 9463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23000
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 14:50:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 13 Dec 2021 23:19:04 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7AD4 0
23 B 124ms
76ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: tcafe2a.com
URL: http://tcafe2a.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 01:56:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 optout_check Show response
beacon.krxd.net/ Frame 7AD4 81 B
240 B 28ms
28ms Script
text/javascript 52.30.186.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.congstar.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.186.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-186-249.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2c8bc75edeb602e266c7e0e6ee39307dbcd9fa2a1ee1ae7e8fce4514a6d70b65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 01:56:47 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=28 t=1639360607
x-served-by: beacon-n014-dub-prod.krxd.net
content-type: text/javascript

GET
H3 200 stoerer.png
s0.2mdn.net/4528516/1018998188104344/ Frame CE3C 4 KB
4 KB 46ms
46ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528516/1018998188104344/stoerer.png?1635437037571

Requested by

Host: tcafe2a.com
URL: http://tcafe2a.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09b8ff1678987ed790d4f097d38ee6b8d02f6ca83955a5b8d251fff927cd25d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/4528516/1018998188104344/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 23:04:50 GMT
x-content-type-options: nosniff
age: 10317
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4533
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 14:50:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 13 Dec 2021 23:04:50 GMT

GET
H3 200 verlauf.png
s0.2mdn.net/4528516/1018998188104344/ Frame CE3C 29 KB
29 KB 41ms
41ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528516/1018998188104344/verlauf.png?1635437037571

Requested by

Host: tcafe2a.com
URL: http://tcafe2a.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae0c04f97ad979437002c8d7a3952846e58cb52ddebc83a6f3b3ae86caeedcce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/4528516/1018998188104344/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 23:04:50 GMT
x-content-type-options: nosniff
age: 10317
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29754
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 14:50:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 13 Dec 2021 23:04:50 GMT

GET
H3 200 visual.png
s0.2mdn.net/4528516/1018998188104344/ Frame CE3C 23 KB
24 KB 40ms
39ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528516/1018998188104344/visual.png?1635437037571

Requested by

Host: tcafe2a.com
URL: http://tcafe2a.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4de10bb7ed622654b08c43570d01d619e368da8e2218c88374f184ff2f66f09a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/4528516/1018998188104344/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 23:04:50 GMT
x-content-type-options: nosniff
age: 10317
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24046
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 14:50:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 13 Dec 2021 23:04:50 GMT

GET
H3 200 visual2.png
s0.2mdn.net/4528516/1018998188104344/ Frame CE3C 19 KB
19 KB 57ms
57ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528516/1018998188104344/visual2.png?1635437037571

Requested by

Host: tcafe2a.com
URL: http://tcafe2a.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc5fca409590dca039e15024e5cd10e7d1688abe1d9031bf378e670f1c5c9279

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/4528516/1018998188104344/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 23:03:11 GMT
x-content-type-options: nosniff
age: 10416
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19052
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 14:50:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 13 Dec 2021 23:03:11 GMT

GET
H3 200 CongstarFont.woff2
s0.2mdn.net/ads/richmedia/studio/45844501/ Frame CE3C 102 KB
102 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/45844501/CongstarFont.woff2

Requested by

Host: tcafe2a.com
URL: http://tcafe2a.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c310a100b2bb38cd97a6ed696abe3dd3556b707607d207a13b838cd89f73e78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4528516/1018998188104344/index.html
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 01:47:21 GMT
x-content-type-options: nosniff
age: 566
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104232
x-xss-protection: 0
last-modified: Thu, 06 Oct 2016 14:32:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 13 Dec 2021 02:02:21 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 99ms
53ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4a8e9b5c8793f83ddcf0387337aa17eb13b047510257c4a080ad4a336bdd045

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 01:56:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8552
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7AD4 42 B
64 B 91ms
83ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssv6uur84qgAXzVcMBsr6UYs5qyivPCdX51X7mWqtrCdziIEVbO-OLj9xFlszbHv9sP27S1VECs9Vu2WOV_4ESXqilrW_0pl6ThvAE0yqMl7G8uT5m0mQ&sai=AMfl-YTUAhkjnta2jZ6cNhIjDgxmIBeV-a792pYRcGnd_zORBQHgNA0559mUafBpLVvABk3IjbLvRRKavtp-bdIBQA0KzHXoMmoQiHs&sig=Cg0ArKJSzF0IdETHw-soEAE&cid=CAASEuRov7VLs1p_beKP36fDQLurVA&id=lidar2&mcvt=1023&p=0,79,40,120&mtos=1023,1023,1023,1023,1023&tos=1023,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2030298515&rs=2&la=0&cr=0&vs=4&r=v&rst=1639360606247&rpt=684&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 01:56:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 01:56:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Mon, 13 Dec 2021 01:56:48 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B3BE 13 KB
5 KB 39ms
39ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Mon, 13 Dec 2021 00:22:08 GMT
expires: Tue, 13 Dec 2022 00:22:08 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 5680
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3773 783 B
1 KB 170ms
89ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

131ab7c7e4cc22b1db218604dbe4cfaa3fee6a71e30d12f72dc48194e7a972ec

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-erYvAaaSuZISF6wdb53Z7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 13 Dec 2021 01:56:48 GMT
date: Mon, 13 Dec 2021 01:56:48 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-erYvAaaSuZISF6wdb53Z7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js Show response
pagead2.googlesyndication.com/bg/ Frame B3BE 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 23:33:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8616
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13577
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 12 Dec 2022 23:33:12 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3773 0
0 51ms
50ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20211207&jk=2094621900063319&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 76ms
76ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20211207&jk=2094621900063319&bg=!ExClEFTNAAZKWFskSlg7ACkAdvg8Wk5rIyi-876uRseUgbN48AbRzUE9QOMgoExYXpI1AFKMGABnvAIAAABXUgAAAAtoAQcKALUO0WpQfnqqyRyUvpEc3yCxF-0W4ypuQ7YSsmbZjFDd-J3tmRxc7kMI6MJA5bq7pmwbrcQcK1vwrhTjvnzIDFJn9oD7SC_ynAjCZ0TAvjmTCOJLjgddBaTM9H5bQnv0H99HXg1AZD7vNJ7pefkh6X6GvrKpETbzsCrvAUytRQNDXglw0qmbxzLDYF2icyT1N7ZqxGxZRN7BYTmUgWH4GMsFcA3fqHtSKKRTuJJqCMiuu5gQepO2mQLGhC-FnU4hWqRz3zkCL9_RjI1FLY8C0ABIUMVJqfD9hFipxSvLvm2B9S3GRY-lbMk_sB1JUkH0w9FCkcv42nX9tA2EtubY-RgFKMYTwY2RboIAL-m23HP7czffjzfke3eKsEFhukDvgFo3X2dEtNyD0sYsPZ5NCTKjB26BClQxok7fA6AHEUZ7h570FKWVLmhrT9foW9zb93VkTk2durrTFyt4ZnWBYvi_Q9S-wJ9YRQTmMWHwnnttLobRFHqhrfkHNi6l3emM-FtJ_HspM9ZXb8ChU5JEIK1-cBHiov6hLdUlswKvTy7Yh0zOFTcMYZkkuyjMv2c4TcsYU4yeZoqNWF5zC74JGGwS2GRnnfirNLyK577i3ArdLYaKbDW_vbML9MHzlEWnaCudWa1PQ0Y83yGXZHpkVknvgUnSDSBH-355qsLjisTTT-9QEaRxEX57ORc7Xww1_ZvXTKnPDDRG2mFJpwmKLC552McLNerg44vwrJUvW6tdhOh0xLPiWuPYXttkXomJ9EwBbqhdi99MRvav1fi4_j6e2lk8v25_ynKcH4OQHlXjykHqj3sWvdfuMEPZpJDJrj4JgWQHmidmWpPD_anqpvT-QN_j8DkJCZiNTxSeW6nGm98xtxJrAgh4WGYA5rg4vCQh_hZaqpxFUTTh6E5r82tfwud0lNRzwIlkO20KVbCsAOQb4sRMQeq5BM-XYi_t0Oga4NdTJa2-7v94WgJGuMzH0hseqN41Z7e6HGDHVO77c8NdJSYPRruE2Kz0az2OaWPauUyh35yxm_ksqcP1fH6HKYqFkm_yUNJ3JShz_Ucr8h1362AFTX3Upp1qO1ZbfdZyQ_up8VHUG4qNXoQjjFbVi7RhFFttaWx1PQzcEk-RK93nZpQCs0cKl1PSp_C3dUj9LGmkxGH23n0648I3M7qcv6eD6vWjuDA7gY5gRIw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 01:56:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame CE3C 57 KB
57 KB 40ms
40ms Font
font/woff 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4528516/1018998188104344/index.html
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 01:49:03 GMT
x-content-type-options: nosniff
age: 468
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58447
x-xss-protection: 0
last-modified: Wed, 15 Feb 2017 10:23:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 13 Dec 2021 02:04:03 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbaoXpDPJk-HMi46_0LobQAABMAAAAAB&google_cver=1&google_gid=CAESENes1VS4-woIzoEwJDFgayw&google_push=AYg5qPIunDqhxeB6edhNbDKwp5KqxpH1NmseNmZFrJamrADIQTCUS6ctLDUe6QX3gbjadE6kAMdyK5gMFR07a7IPLJuRM_5lQw

Verdicts & Comments Add Verdict or Comment

192 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tcafe2a.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: ks05b5eleto5e2g5ucr4iotla6
.tcafe2a.com/	1970-01-20 08:44:16	Name: __gads Value: ID=98c9367c81021856-2270dd2b06cd0020:T=1639360606:RT=1639360606:S=ALNI_MZW9IniJ1pi0E6E7TTcE_r6DGK6xA
.doubleclick.net/	1970-01-20 08:44:16	Name: IDE Value: AHWqTUnRmvfCZ8cwcrRQo9ETnAxVKZdsBKBL5daapUHZtoVuqUEzEEevWr08fpXjCa4
.tcafe2a.com/	1970-01-20 16:53:52	Name: _ga Value: GA1.2.900420661.1639360606
.tcafe2a.com/	1970-01-19 23:24:07	Name: _gid Value: GA1.2.978762246.1639360607
.tcafe2a.com/	1970-01-19 23:22:40	Name: _gat_gtag_UA_122666392_1 Value: 1
.adnxs.com/	1970-01-20 01:32:16	Name: uuid2 Value: 6901394371756636512
.casalemedia.com/	1970-01-20 08:08:16	Name: CMID Value: YbaoXpDPJk.HMi46-0LobQAA
.casalemedia.com/	1970-01-20 01:32:16	Name: CMPS Value: 3271
.casalemedia.com/	1970-01-20 01:32:16	Name: CMPRO Value: 1216
.casalemedia.com/	1970-01-19 23:24:07	Name: CMST Value: YbaoXmG2qF4A
.adnxs.com/	1970-01-20 01:32:16	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GTynV_`I!]tbPl1M>e)ZlrFUfJ+tGXxoHM^?0$?Ky-2S(tJTEriqiDB>HVYZSTR`xLcUbpRzqF1`*b^Zu)xrwD
.casalemedia.com/	1970-01-20 08:08:16	Name: CMRUM3 Value: 2d61b6a85e2760CAESEM1aU58FtrsYIj0U7ckD6ak
.quantserve.com/	1970-01-20 01:32:16	Name: d Value: EEUBCQH5JIEA
.quantserve.com/	1970-01-20 08:52:55	Name: mc Value: 61b6a85e-dfe1b-64643-5f3c1
.pubmatic.com/	1970-01-19 23:24:07	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 01:32:16	Name: KADUSERCOOKIE Value: C12CCBEF-3798-412E-A465-6CE497B37D8D
.innovid.com/	1970-01-20 01:32:16	Name: uuid Value: ff46f4dc-3647-4592-b51c-9077eddc5b33-20211212 20:56:47
.krxd.net/	1970-01-20 03:41:52	Name: _kuid_ Value: OiZGMA35

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://tcafe2a.com/1 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbaoXpDPJk-HMi46_0LobQAABMAAAAAB&google_cver=1&google_gid=CAESENes1VS4-woIzoEwJDFgayw&google_push=AYg5qPIunDqhxeB6edhNbDKwp5KqxpH1NmseNmZFrJamrADIQTCUS6ctLDUe6QX3gbjadE6kAMdyK5gMFR07a7IPLJuRM_5lQw Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ag.innovid.com
beacon.krxd.net
cdn.krxd.net
cm.g.doubleclick.net
cms.quantserve.com
code.createjs.com
consumer.krxd.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i2.tcafe2a.com
ib.adnxs.com
image6.pubmatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
rtb.openx.net
s0.2mdn.net
tcafe2a.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.tcafe2a.com
cm.g.doubleclick.net
142.250.185.130
142.250.186.34
151.101.130.133
151.101.66.133
185.64.190.78
2.18.234.21
216.58.212.130
2606:4700:20::681a:b19
2606:4700:20::ac43:49e4
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:801::2004
2a00:1450:4001:801::2008
2a00:1450:4001:802::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:812::2006
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2001
2a02:26f0:6c00::210:ba2a
2a05:d01c:1d8:8101:fca3:6f47:214a:2d54
35.186.253.211
37.252.172.123
52.30.186.249
54.73.238.193
69.173.151.100
00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8
04ce0a5208b5305f1cea20d2e424d0c8db27b62800f66bac532954e2f7084f36
080fa5cd8b92ebd7e51a5b5ce76fa3c17dc3eedeefe722773d2d64aaaf8fad77
09b8ff1678987ed790d4f097d38ee6b8d02f6ca83955a5b8d251fff927cd25d7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc2f3839afea6bf1d7530dc61e7cb595228f9598bf231889d8753412fa9216f
0cc9a53c43b5d342a78e7f239ff52ebe9ade5bd13a447be7fd8effad3f79f23b
0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7
0e444d1682648a41af23f384c2141339689aee3466c97635b264b952d1b5c1cd
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12aeaec4f074adea1ca05a57628b6fd64fd53b49b5a4a1102c90e0b8df0320e1
131ab7c7e4cc22b1db218604dbe4cfaa3fee6a71e30d12f72dc48194e7a972ec
13666bd244fcfcfab04ad0f9fdb336ba669987d543c41d36d3c31d3a0b1738dd
1ab827e705a51d3cdbf288ee3cc416d19585e7e5a503686139481963dfc8ae9b
1c16d201a9100daacb04cf145129a08cb61e6c06afe4c81f9d63eb7090718c12
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f
2a0bf272b52fb14a5292f8b719a95a139884621bd133fbf082822efd20921654
2ad78566ca94b92591aa7491da171b3ec522d502d28b7143362605885fc0b834
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b4e1648db2aba557e6097d6b9a816e1f75e5603deb8c530fa21c93278bce487
2c8bc75edeb602e266c7e0e6ee39307dbcd9fa2a1ee1ae7e8fce4514a6d70b65
2cde4a9fab4c5dd31a96b36e89a83ce9c257d3dd695942c70f2bdce1a4a40489
328b0f9f13ba6f2a63381d66446d24f582abf7ce8c4f6b33a922beaabf2842bb
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3784ce956bd1a25b970cdf94d4aee382cd0b64440c957e6ac44c8def4a696ec3
3ba9ef701d9006a9c79d610a7a78f93338f6a64db385739546c51367ba78cc63
40a1b3366662d4c052b65b0e7842e3e7f78c4514afb3b4a387f550108ecdab03
484c7811e1205e42e2491695decc1300a0db84f279958d0b18d44b4c8bd5d101
49f979ac50b53b5d9cf8e02365a52be245aafaa57cd694601c8061fde7e0f7a0
4a7d3003dd6cc75811dc57e142fc25d553d9a6703bfb2c08191b7aed56fa0344
4af766357875fa073683e141403faf5ee5b42ff7c32e5b79960f17e3f52c3b09
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4de10bb7ed622654b08c43570d01d619e368da8e2218c88374f184ff2f66f09a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
569eca2b1d81b5a364c5841174fe53aa9cc930f827d6a7cc6231eb5125e51d88
580d8f009c94d106ddae46932424554466fb022a772adbf7af079a6e71f0ab6f
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4
5c2f6c5d5cd0fe0ecfa24b844f841c8a73d8baaafb827ec413afa41335aa1c47
5d6e1a2955ab529844a2913966d8b629c54a52cd8567032355eb85ad6c01f714
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7478062c5e8339571a6ae1eec48dc7edba9e2c0b2962ead8e2e1f5743ef003ae
75ef924f82598eef26e7346816df5e0ab3a56229b8f60943b66986b87dbf36d0
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b77cf0785a5a8ac4651c1494d6bfb9f416886b58f6aaefb293d0a10619a6234
7c310a100b2bb38cd97a6ed696abe3dd3556b707607d207a13b838cd89f73e78
8496cf84c90a41aca1a2bcceef7f14993d593e748452d180f06d0d1fdf1d6153
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
87ebcc07b15df6ed5c9ab089437f53696f7ff9551933e1b4fed4ee9f0caacf43
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
8972399d9f8eb3a960ee2654c797afd696766963a26c00701aff31cc258ba15c
8d0a6031ac60ee6b1d15ea9d927bbb8bc5180b01579be92cd043bb741d1676fd
93b514c952637d2f37412aa4d368008a812180728d2733b2d1191d4bbe986b4a
9436d1c1cfe022a2f8a94be49f4ce0b3456b4326a26b3ff7e5d4fd38799b4327
980b7c3657c19191a6eec108682f5d3dcb01c1c30a6ce4d379ab53db82549b13
985cdc0de44e6a5354f4e2954d964e96fa3062818d9f0e9bc67ed8f1862b0dec
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ae60c96048d5c10f7b525f5ad6daf855e35d97945b433f8b9163716ba73abd2
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a3218ca5aa39fe65775045426e6f38aa3b2d9e0e9b651578897a83b410f7f7f7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa8c8958693d97e5212211e343045f51a449b4ff65cd347752e7061bf2ee008c
ae0c04f97ad979437002c8d7a3952846e58cb52ddebc83a6f3b3ae86caeedcce
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b45030f96320f1503af252ab0d39dd70ba0c10e4d9ab3ab47899bdf735d8c5ae
ba51ae4560976dcdce11ca289fb4d57e588ab5d199d3b7b6ee374b93b110af55
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bbfd7c4aaf868da615aecd6176e627f63694bb3e1901223dcc2a658b12d7b0a2
bfed40bd7ac9544c000cb5d67851dfb7526c4aad1e603c6998c7fc53ff40934b
c4a8e9b5c8793f83ddcf0387337aa17eb13b047510257c4a080ad4a336bdd045
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc5fca409590dca039e15024e5cd10e7d1688abe1d9031bf378e670f1c5c9279
cf573597aea23b7bdb09e42dcdc7b54838cebfe1910c637cd33330446f7e6035
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
d92bbe554c2740bd61ec469f3ab0832f449db651ecb364ba0ef9e34ff54aa865
df187fc437a09095e84d517cc3688ee8403447c3192cfd350f5821a88b99fded
dffb7a20884f53b92d7e2caaaeb53493b627abfc59c0d5c81e3f11a69cdb3d8a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e8a90594cc8c2796c488059c7ee25ce6cc9de27c7ac359ee680b50a2bf438da6
e8dc09e4ddc3c326ef6341498e7e8e70af3a848713429b909be53c947b43da10
e8f81a2978ed5e79bf74b0a700dcf4599ca2222a19aedde0018f68b9f7407c0d
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
eeb2f0aa6f3278df99747b59b7056bf210a5b0fc7dedf7e682467b8cb21fba77
eec33e6be9c5ef4ae13d39748154d81e6ad74e4f755806b99bc5af17bc01880b
eeda6f6208cf7226321ea4ff61ec9b93fde032d5dd25cff49a4941fbca6b2816
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f28639dc07afdde1de496894a3fccf10ad829a29c83dbd7fcad9af8e8963fd39
f5265b438fdbc5b1fc090c7b0f049c20b39ddfaeb22cef3ed5abbc98f6c0062a
f8495b6296b7d16296e49e7bfa5c51448b958bb7e42106ed4cf93399dacd4ad6
feb5efe08c478e22f7bdd40516caeddb9727e11d1aaa7071c18caf686087c948
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

tcafe2a.com Open in urlscan Pro 2606:4700:20::681a:b19 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

119 Requests

55 %HTTPS

57 %IPv6

22 Domains

30 Subdomains

26 IPs

4 Countries

8631 kBTransfer

10263 kBSize

19 Cookies

0 Outgoing links

Redirected requests

119 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

tcafe2a.com Open in urlscan Pro
2606:4700:20::681a:b19 Public Scan

Screenshot
Live screenshot

Full Image

119
Requests

55 %
HTTPS

57 %
IPv6

22
Domains

30
Subdomains

26
IPs

4
Countries

8631 kB
Transfer

10263 kB
Size

19
Cookies

119 HTTP transactions
1 data transactions