easyworldbusiness.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://link.earn2me.com/dsvdQu6Y
Effective URL:
https://easyworldbusiness.com/
Submission: On January 14 via manual (January 14th 2024, 5:25:05 pm UTC) from IN — Scanned from DE

Summary HTTP 183 Redirects Behaviour Indicators

Summary

This website contacted 38 IPs in 6 countries across 24 domains to perform 183 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is easyworldbusiness.com.
TLS certificate: Issued by E1 on November 26th 2023. Valid for: 3 months.

This is the only time easyworldbusiness.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3036::ac43:bbc0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
35	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 8	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1 12	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
6	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
6 8	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
3 7	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 5	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
4	138.201.220.30 138.201.220.30	24940 (HETZNER-AS) (HETZNER-AS)
1 4	138.201.63.164 138.201.63.164	24940 (HETZNER-AS) (HETZNER-AS)
1 2	3.248.239.255 3.248.239.255	16509 (AMAZON-02) (AMAZON-02)
1	74.125.206.156 74.125.206.156	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223f:e00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2600:1f13:800... 2600:1f13:800:7781:527c:d3a1:ca7a:f29f	16509 (AMAZON-02) (AMAZON-02)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
2	91.121.248.44 91.121.248.44	16276 (OVH) (OVH)
1 2	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	24940 (HETZNER-AS) (HETZNER-AS)
1	167.233.14.134 167.233.14.134	24940 (HETZNER-AS) (HETZNER-AS)
1	35.177.87.134 35.177.87.134	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
1	18.66.147.120 18.66.147.120	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.53 99.86.4.53	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	13.42.80.79 13.42.80.79	16509 (AMAZON-02) (AMAZON-02)
183	38

1 2606:4700:3036::ac43:bbc0 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

link.earn2me.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

easyworldbusiness.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh4.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.18.2 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.64.151.101 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.171.53 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.220.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.30.220.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.164 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.164.63.201.138.clients.your-server.de

hal90006.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.248.239.255 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-239-255.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.206.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wk-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1f13:800:7781:527c:d3a1:ca7a:f29f (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.121.248.44 (France)

ASN16276 (OVH, FR)
PTR: ip44.ip-91-121-248.eu

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:d0a:2321::2 (Nuremberg, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.233.14.134 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-2.futalis.de

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.177.87.134 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-87-134.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-120.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-53.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.42.80.79 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-42-80-79.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157	339 KB
36	doubleclick.net 8 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 ad.doubleclick.net — Cisco Umbrella Rank: 163 cm.g.doubleclick.net — Cisco Umbrella Rank: 260 bid.g.doubleclick.net — Cisco Umbrella Rank: 917 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 126874	361 KB
35	easyworldbusiness.com easyworldbusiness.com	265 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	743 KB
9	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 1004 static.adsafeprotected.com — Cisco Umbrella Rank: 721 dt.adsafeprotected.com — Cisco Umbrella Rank: 719	110 KB
9	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 98	41 KB
8	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 38309 hal90006.redintelligence.net — Cisco Umbrella Rank: 193545	58 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	5 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 253	5 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	260 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	302 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 28599 api.webgains.io — Cisco Umbrella Rank: 69568	19 KB
3	medialead.de 1 redirects pv.medialead.de — Cisco Umbrella Rank: 41332 medialead.de — Cisco Umbrella Rank: 40963	851 B
3	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 336	245 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2029	21 KB
2	retailads.net 1 redirects cdn.retailads.net — Cisco Umbrella Rank: 193090	6 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	2 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 69384	3 KB
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 55633	2 KB
1	futalis.de futalis.de — Cisco Umbrella Rank: 336285	401 B
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 148117	923 B
1	googleusercontent.com lh4.googleusercontent.com — Cisco Umbrella Rank: 658	67 KB
1	earn2me.com 1 redirects link.earn2me.com	483 B
183	24

	Domain	Requested by
35	easyworldbusiness.com	easyworldbusiness.com www.google.com
27	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com easyworldbusiness.com pagead2.googlesyndication.com fw.adsafeprotected.com www.googletagservices.com
20	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com easyworldbusiness.com googleads.g.doubleclick.net
12	securepubads.g.doubleclick.net	1 redirects easyworldbusiness.com securepubads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
8	googleads.g.doubleclick.net	9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com pagead2.googlesyndication.com
8	www.google.com	1 redirects easyworldbusiness.com www.gstatic.com www.google.com tpc.googlesyndication.com
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
6	dt.adsafeprotected.com	9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
6	www.gstatic.com	www.google.com www.gstatic.com
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
5	ad.doubleclick.net	easyworldbusiness.com 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com fw.adsafeprotected.com
5	9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	hal90006.redintelligence.net	1 redirects 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com hal90006.redintelligence.net
4	hal9000.redintelligence.net	9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com hal90006.redintelligence.net
4	www.googletagservices.com	9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
4	www.googletagmanager.com	easyworldbusiness.com www.googletagmanager.com adv.office-partner.de
4	fonts.gstatic.com	fonts.googleapis.com www.google.com
3	s0.2mdn.net	9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
2	api.webgains.io	analytics.webgains.io
2	5994599.fls.doubleclick.net	1 redirects easyworldbusiness.com
2	cdn.retailads.net	1 redirects futalis.de
2	pv.medialead.de	hal90006.redintelligence.net 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
2	fw.adsafeprotected.com	1 redirects 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
2	www.googleadservices.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.googleapis.com	easyworldbusiness.com hal90006.redintelligence.net
1	adservice.google.com	5994599.fls.doubleclick.net
1	cdn.track.production.webgains.team	9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
1	analytics.webgains.io	track.webgains.com
1	medialead.de	1 redirects
1	track.webgains.com	easyworldbusiness.com
1	futalis.de	hal90006.redintelligence.net
1	adv.office-partner.de	hal90006.redintelligence.net
1	static.adsafeprotected.com	9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
1	bid.g.doubleclick.net	9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
1	lh4.googleusercontent.com	9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	link.earn2me.com	1 redirects
183	39

This site contains no links.

Subject Issuer	Validity	Valid
easyworldbusiness.com E1	`2023-11-26` - `2024-02-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
redintelligence.net R3	`2023-12-13` - `2024-03-12`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
adv.office-partner.de R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
pv.medialead.de R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
*.futalis.de R3	`2023-12-12` - `2024-03-11`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G2	`2023-05-18` - `2024-05-17`	a year	crt.sh

This page contains 23 frames:

Primary Page: https://easyworldbusiness.com/
Frame ID: B39930716B552BC0BBC4CE16EE97D9DF
Requests: 58 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfrFKQUAAAAAMzFobDZ7ZWy982lDxeps8cd1I2i&co=aHR0cHM6Ly9lYXN5d29ybGRidXNpbmVzcy5jb206NDQz&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=normal&cb=5sfxgfiaaaqf
Frame ID: 7EF1A18ECD03750431550B4975F3377B
Requests: 9 HTTP requests in this frame

Frame: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2F815E3CCB35BD66B5280B620725F5D9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3619844CFA4445BFF1CCC7504D598124
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 415B1BADD0E0EC10A408394A73CE07F3
Requests: 2 HTTP requests in this frame

Frame: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EE6BB758940EA4586985AC9748808FA5
Requests: 12 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&k=6LfrFKQUAAAAAMzFobDZ7ZWy982lDxeps8cd1I2i
Frame ID: 58E6827566AF818409C333AF2D8C0A21
Requests: 3 HTTP requests in this frame

Frame: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A3C7AC8928FBBF312DC9B8BBAF9659EC
Requests: 20 HTTP requests in this frame

Frame: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 16A0AECCE2814EC7C780FBEF7280B641
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNX8cmp62V4sRjxQ4YXlv0bAYKgVu4E8SmCnjlGYS3Vr5rk7GzRjtlprxyLakALdrM-f_sB9gcPTtdG6eqp3XINOW7lQrgON8NA5hPb2zQLPSQzqrKHOyOfNjDaaQ6Tm50S-Hve_f-Viwj3kwD4biFhXr_7s6bFoePu0cTQpQYcezANRk_DAPHqHKSYHa0KR0wqj3d2MMMBgs7zKZ0FTlfSZvbCjUA
Frame ID: D3D589F7A7EE1F37518F9FF57EDD6BBC
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGNfH7oECMAE&v=APEucNWgIaEk1jKJQ8OneFH7PpNVDAyzxjsUhiSImX_T6cw-OINaOV-DZPcM6kBy7CNxiPNeFpc8JLzKEfOxts8wL23pym4XqA
Frame ID: A68AC9DF6D3F6A8BCEA97ACF0C544001
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: A8D35A75451DE12FE2276E20C0FD7895
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 145D1BD3BEE0B8FF827DBA802FD8ECA7
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 97599F24902D5B0FF7E8F9A7BA44F36C
Requests: 3 HTTP requests in this frame

Frame: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 749525269A45D757AEA93545F6957279
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvmmQEQr6mt1gUYrOf8gAIwAQ&v=APEucNXbxbD2gvt_G6tLO6IT6L87WfQJIDvq55HyszaHWEXLMGHG7dx9V-hHAtFD2DcbDLwfl4_HbW1Dr0w0Q3LRDGG0apPh198TqXSVg_1ejRDl_fdkP1YIH2fhzqKcb3aybA7a5OWMggZ6dGRrUfsvF_DrTHiQS_j6Y5NyrcJBG6dLKihhn2D1rd5HDCvat4z014re2K3SLFG8lKqLSJRcBEQ0Zzs5gQ
Frame ID: BB7B587C64337E59339351AC12BAB1E6
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 1BE5472ECA7DCF3E7A967C58F56367D0
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 4C5F1DA295CFD504A6726BDE21C631C1
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 14ADCB6D9B5639774E8EBAD6E6AB7B81
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=14080000121236604444994012569006&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 791CEEF8547510603BD77FDB5C246EA9
Requests: 1 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3460623904
Frame ID: 5F5E423597FC328A80E7DB46CDBED3B0
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJDNkeuy3YMDFapYHgIdWJENqQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9019369846217.61
Frame ID: BC82FE20998BAEA7E382824573C43F33
Requests: 2 HTTP requests in this frame

Frame: https://hal90006.redintelligence.net/request_content.php?s=14080000121236604444994012569006&a=f6ca3706
Frame ID: 31F50DCEA3F4A885481CF7CB176094EC
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Easyworldbusiness – Mobile Specification and Mobile updates

Page URL History Show full URLs

https://link.earn2me.com/dsvdQu6Y HTTP 302
https://easyworldbusiness.com/verify/?https://blog.filepresident.com/dsvdQu6Y Page URL
https://www.google.com/url?sa=t&source=web&rct=j&url=https://easyworldbusiness.com/&ved=2ahUKEwjM1J... Page URL
https://easyworldbusiness.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

183
Requests

93 %
HTTPS

56 %
IPv6

24
Domains

39
Subdomains

38
IPs

6
Countries

2840 kB
Transfer

6884 kB
Size

26
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://link.earn2me.com/dsvdQu6Y HTTP 302
https://easyworldbusiness.com/verify/?https://blog.filepresident.com/dsvdQu6Y Page URL
https://www.google.com/url?sa=t&source=web&rct=j&url=https://easyworldbusiness.com/&ved=2ahUKEwjM1JXut4jyAhUN9nMBHf2LBJ04FBAWMAB6BAgDEAM&usg=AOvVaw2bGCDbTZm_Y4DSz3yRRmWX Page URL
https://easyworldbusiness.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://link.earn2me.com/dsvdQu6Y HTTP 302
https://easyworldbusiness.com/verify/?https://blog.filepresident.com/dsvdQu6Y

Request Chain 107

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWZ0XC4dShW2D-Ugpff9ZA&google_cver=1

Request Chain 108

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaQY7WnOtAefZAtHYnCv3wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOjYDO4lGi-1EZjHPxflQGk&google_cver=1

Request Chain 109

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMH39RmshtXjU1YqPUGqVOM&google_cver=1

Request Chain 110

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAzMTEyMzM5MDg5MzY0OTk2NA%3D%3D

Request Chain 115

https://securepubads.g.doubleclick.net/pagead/adview?ai=CUqTi7BikZc7rEcf6x_APlYGmoAyEpPOhc6HOu4e6EoXdo6fZAhABIMXwzoQBYJX68IGMB6ABvIO2_CjIAQapApxeTIt2X7I-qAMBqgSDAk_Qy0CGYVzMRJCSEips719pU-ciaUyOf_OTaUUVsdWRhUcIPRxzkc5k2K23ERe-hdRjN_EK43a4sPhIKkdgkGdFaQ5lb6l_KPJsXflE6Z4tKaIeUtqspRXHrL5fq0VIM_sUHzczhQcwK5VFABhe4fMua-BdCCm8sLWfnceDGyiWnxcclia6cOfhIpO621uRUunb133xNFlIAk4pJ3V12JtEyw3Xd9B2UslfjMrFED9IMd9g1JNetcCbA-dfC5jkD_0Qdqd3CYIo29xPLmw2ueDKi84od6ZS8WwFcN-vXQx4z2MfugGJeEhqpDd_hzTgvvReTZDKNti_fDtrxkX2DrM4ec7ABI7F6Z2NBOAEA4gFjLXLnEWSBQYIAxABGAGSBQYIGxACGAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBjeAB7y7htwDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwoQ99ATGIqj74EC0ggfCIDhgHAQARgdMgLrAjoCgEBIvf3BOlj72azqst2DA5oJvQFodHRwczovL3FvbnRvLmNvbS9kZS9vcGVuLWFuLWFjY291bnQ_dXRtX3NvdXJjZT1qZWxseWZpc2gmdXRtX21lZGl1bT1kaXNwbGF5JnV0bV9jYW1wYWlnbj1kZV9wcm9zcGVjdGluZ19nZW5lcmFsJnV0bV9jb250ZW50PXByb3NwZWN0aW9uX2NvbnRleHR1YWwmdXRtX3Rlcm09aW1hZ2VfYnVzaW5lc3MtYWNjb3VudF9uYXRpdmUtVjeACgPICwGiDAgqBgoErLqxAuINEwi4h63qst2DAxVH_REIHZWACcSwE9uPiBbIE7WkreED2BMNiBQB2BQB0BUBgBcBshceChwIABIUcHViLTMyMDY0NTY1NDY2NjQxODkYk6J7&sigh=8NM4svtIK4g&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_ea8M1wVteD6uEh3FwdNgStiUG1MybmiZn6jrdzIpjo3EzW0y_sqfUF5sVzxkcR20a4V75j_mancRUyvkIqZaFkgCMb5eRjSPEhgB&template_id=509&vt=10&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217615286517636152999%22,%22debug_reporting%22:true,%22destination%22:%22https://qonto.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210998350268%22],%2222%22:[%22true%22],%224%22:[%2201-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221338633264145077041%22}&andc=true

Request Chain 120

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 125

https://hal90006.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=ea9a6cba34&subid=&uid=a57899c26314a5d7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-NRM7BikZd3QEfnn1PIPnYCZyAWm5b2gab2TnKfJD_AuEAEgsZPteWCV-vCBjAfIAQmpApxeTIt2X7I-qAMByAObBKoEgQJP0CMxpf7TEU6fHuQ6XrbnYPf0sJ6Dn1a1Y9GgSAvoo99V_DEeuUvr6Bo-HcAesptHFzGJMBmIDzXKyUNGcb9tV6PcnXeJgFf_4YyBLesGNC-ZZCm8rhbszQe2BMC3aapn_9r8stLsK69gO313iBAvIKXU1XHEDa3eL6-KM_JpoptMJov3J8Z9d1vZtRY-or7ZFwyXSprMFqe3pQf4sy2Mdgk3QeL-QUkUvMGC-RkaaxTwyuPRYvIhIojK_okDVIbAelIrHnATtCie1iVeHAsBzlgh1JvUW_UM2rhUnABaIpRkPyQPeAFNzXNqU38AW0b2qCFAhsmBq3RCZIpE27C6scAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliA2Kzqst2DA4AKA5gLAcgLAYAMAaIMCCoGCgSsurECqg0CREXiDRMI3P-s6rLdgwMV-TNVCB0dQAZZsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_TKIKGBaHa3koNos5_w3Ae3zA_4ELGqI0GnpRh_lS_8JfbS5vmC7yxdK1Z9pTge7mgqAyK--4RwF7lAH351hliIbS0cYpTn-jpO0YAQ%26sig%3DAOD64_20UV_Wy6iIgE1sLV4PZX74BepPTQ%26client%3Dca-pub-2205121062140812%26dbm_c%3DAKAmf-CaaYTWt4aP1hPnTLnp-NN2n3OK1zPM1B2Q_xcdFIhYm5KobByXmyh45LGiGUnYT6R38OfyIKok9pPjT1SimPAGCtfc2Ke6jaEgh9WqfTN8Wf3KjuCoQukSXmY1lYg4_YqBIFY8qAbuaLvdLpV63qNrQukOj5xU2LVLVVqVeDKk29x50AQ%26cry%3D1%26dbm_d%3DAKAmf-AWzTl4NluUKgnt0HmjEzYNdZff-Y6Z_wU9CAsr2tr2vDz35Wl33ChGAavPq3Ltbyyz2hDEaqtgdlON0OCWuiGgw1Ce2MwhJQ4x0tW_e0dFph7efJBkVtCeecGzQTn4rHvEI6ckJ5rsxsSrWJ7JAcusdX6h7OFkDOk8OqjJBPMEeWxvMODcZKis5VemxUlyRIHvAKZkvP-Rm9fpzEIoXFQzTkf8J8-rL2FO_V1QknkFQTjWylw_VB9MqrPEG75k50zeRo7NXZKCjlZ3a46-d_yzsV73sLYqQ23DI7b3wGmwRlOqWTNvV38YVN2ogdWEjji0xx4aIOeegYOtRbX7tYiQUliZ6mN013On4iJdC_GxjohuYMHa6oLMbbASb3pIdwC7KcvYVv2CG6h9uJo_pNU9861wU0Ub6dTR3DyfshdW6UzCkW-0vCYOeeOIktyDnyzagITqPF8hLnkvwmNUiD3aDfBH1Z2RHJoQdhUYKMyNaXTgTvNHKUnEklWLDSpi53BTTey6cOsfpvJdYMYyFnhCS7H3InxLwI69X6Coyj1ujqUDNWjbmZyWPAZQbXu2cjVioflO%26adurl%3D&documentReferer=https%3A%2F%2Feasyworldbusiness.com%2F&ancestorOrigins=https%3A%2F%2Feasyworldbusiness.com&random=7489907850768&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90006.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=ea9a6cba34&subid=&uid=a57899c26314a5d7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-NRM7BikZd3QEfnn1PIPnYCZyAWm5b2gab2TnKfJD_AuEAEgsZPteWCV-vCBjAfIAQmpApxeTIt2X7I-qAMByAObBKoEgQJP0CMxpf7TEU6fHuQ6XrbnYPf0sJ6Dn1a1Y9GgSAvoo99V_DEeuUvr6Bo-HcAesptHFzGJMBmIDzXKyUNGcb9tV6PcnXeJgFf_4YyBLesGNC-ZZCm8rhbszQe2BMC3aapn_9r8stLsK69gO313iBAvIKXU1XHEDa3eL6-KM_JpoptMJov3J8Z9d1vZtRY-or7ZFwyXSprMFqe3pQf4sy2Mdgk3QeL-QUkUvMGC-RkaaxTwyuPRYvIhIojK_okDVIbAelIrHnATtCie1iVeHAsBzlgh1JvUW_UM2rhUnABaIpRkPyQPeAFNzXNqU38AW0b2qCFAhsmBq3RCZIpE27C6scAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliA2Kzqst2DA4AKA5gLAcgLAYAMAaIMCCoGCgSsurECqg0CREXiDRMI3P-s6rLdgwMV-TNVCB0dQAZZsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_TKIKGBaHa3koNos5_w3Ae3zA_4ELGqI0GnpRh_lS_8JfbS5vmC7yxdK1Z9pTge7mgqAyK--4RwF7lAH351hliIbS0cYpTn-jpO0YAQ%26sig%3DAOD64_20UV_Wy6iIgE1sLV4PZX74BepPTQ%26client%3Dca-pub-2205121062140812%26dbm_c%3DAKAmf-CaaYTWt4aP1hPnTLnp-NN2n3OK1zPM1B2Q_xcdFIhYm5KobByXmyh45LGiGUnYT6R38OfyIKok9pPjT1SimPAGCtfc2Ke6jaEgh9WqfTN8Wf3KjuCoQukSXmY1lYg4_YqBIFY8qAbuaLvdLpV63qNrQukOj5xU2LVLVVqVeDKk29x50AQ%26cry%3D1%26dbm_d%3DAKAmf-AWzTl4NluUKgnt0HmjEzYNdZff-Y6Z_wU9CAsr2tr2vDz35Wl33ChGAavPq3Ltbyyz2hDEaqtgdlON0OCWuiGgw1Ce2MwhJQ4x0tW_e0dFph7efJBkVtCeecGzQTn4rHvEI6ckJ5rsxsSrWJ7JAcusdX6h7OFkDOk8OqjJBPMEeWxvMODcZKis5VemxUlyRIHvAKZkvP-Rm9fpzEIoXFQzTkf8J8-rL2FO_V1QknkFQTjWylw_VB9MqrPEG75k50zeRo7NXZKCjlZ3a46-d_yzsV73sLYqQ23DI7b3wGmwRlOqWTNvV38YVN2ogdWEjji0xx4aIOeegYOtRbX7tYiQUliZ6mN013On4iJdC_GxjohuYMHa6oLMbbASb3pIdwC7KcvYVv2CG6h9uJo_pNU9861wU0Ub6dTR3DyfshdW6UzCkW-0vCYOeeOIktyDnyzagITqPF8hLnkvwmNUiD3aDfBH1Z2RHJoQdhUYKMyNaXTgTvNHKUnEklWLDSpi53BTTey6cOsfpvJdYMYyFnhCS7H3InxLwI69X6Coyj1ujqUDNWjbmZyWPAZQbXu2cjVioflO%26adurl%3D&documentReferer=https%3A%2F%2Feasyworldbusiness.com%2F&ancestorOrigins=https%3A%2F%2Feasyworldbusiness.com&random=7489907850768&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 135

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOjYDO4lGi-1EZjHPxflQGk&google_cver=1

Request Chain 136

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaQY7WnOtAefZAtHYnCv3wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOjYDO4lGi-1EZjHPxflQGk&google_cver=1

Request Chain 137

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELoPMkpDV22MSp-QHYDg9ZY&google_cver=1

Request Chain 138

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAzMTEyMzM5MDg5MzY0OTk2NA%3D%3D

Request Chain 145

https://fw.adsafeprotected.com/rfw/bgd/1928050/77879653/xbbe/creative/adj?p=APEucNViY_k48I-4NRsDLGMNOgBDUkh-9U5HHb05ae_T1kVjTYioNiY&d=CokBAKAmf-ByUdFznO4WoxpBcuIBRghykL2fQQaLyi8zndtlplMcqnSL3--W7gx3KSGyFtfZLhGbWTfAsZKDOhJNpwOLK7QrZqYq-E2feQL8C0lSXNOpQjjXgbXDU49_MyvvmoKmLn5wsIssuzBBoowk8hQ-7fdfxmaJ5ZVfhgF3yQ1MJLGQK13lDhkS-RUAoCZ_4M6cQV9BgGUFZr98KNuG1vZ1r32n7swtNFHCpnLGQO2d2T2MPaCdyA2VoTWN5G-LjTk8sxBAQfR0zsnVuFC3om0LmMKNie8Pzqf0IsQgeKyklDam1rvRc_Qva6T7JE7rix_tmljwcBAeMRZX19uSvPGL7ih3DVT0SiajQrAn1Z9waXiVmwbrrrhBqgXAqXr3g2i1Rsg5x_OcF7UPZwmP6-qgMSmgVvQC0aWDd624833ljF-HIpgPTJEsidT1uq2_EYdDPDp0PVeMzB2-yQD7iePuxFzqqz6GTuVs4QmzNuyQJCHBWOd6fbGJscmuct_RzuBIj4-1nl1SYLBhXTltn7PHsODzSwbrZuB40pAK7YkiaKW5PlrCaX1UC-Xk3icp59G14BvXYUpsZFAuj9bV9t7ZYQrZ4mxZmGu0CDoaToerxc0We3ebY_GvmYK3AfCLjp9wAj9V97H6LVHZly-HgXVwmah9wCpgRxUQlTHmcCl-2g1Q90ie60z8zxo1hnwiCcLjkPJMlLauFtPhRTw2ILGMRVkR8qqZijDu6dBe5gNymtJ4_YrFIXd63ryz2PmBiK93zD3yjdcpc601QfspEvNepks49uZpo-8n94oC18EoRaoMwdYpDPNyVC8xplSWHimFg72KdXLZ22446JJHrYCGYoVuDRXYfwqQiTwbdGgTlvbXXYEUbro8P0Q64A8pixkTlsn4yNqEgk-F491xiVPWwMnX8dUCZyUhQsloz28qvs8DE9JyxWyXvp2pqEkCPnaZ8kn0qB4Mx_qYMglQ8RshCI9DCae2niS98qKuXWzsJ4M2AE30QOEASOoAaGOGxugsHG_84Rim9pfDJTCl_n1UQQCK7v7S5NRxr6g81eYEy0swpakUd-V_DMogmLMVJXBceVU4Lto1PXXBFUPUFMDsZ-Nqn_3i42XzTp1Sm5TpqRAyGxa4KbYLShksHV7SIteUjd6spffPd-gJMIZG-yXvkGmUjxeuAEgXsFY1JRyFzF7kUoVZBu0N_BNLmixAn18fZXqgO0_WvzdyDDDDE9jO04eWOJC-BJCZK1z9YsLoMaeIIErNI4bcOX5MldE_CH_zY_P9vxrzQNAWK5d6BNvypxrH7DGMXnQ9-2O24sLBkqMppZQzjZMwJdmoEwMaKiyVvpXxmRysMZ0LGat5_xVpv8AKEOQHLWqKTyW3irZGgykQ4NvzFf49ZKb32N-p5GfFlhk7q5GYcu4jm7zB-0YcJxSFPx4Ok3Z7_BrCas1oPLGg7UKvICGf0CK3doIQd6-Zk0vZZIS0TIYrw5Q8oscSEnEaKrshM0NF0k-LmJf34XMFkk4tm03be3u3ItTI4OkZ7u5sk5FrC5_JzNdKMp0MnuaDWaTPNgTkSmb1G9vvxlDhgmctDCvlPRY-OcQgOCZ4FSwisRD8jsh2BU9nyOpjzQSlwG5DoYigIVAGQW9ghOboTj_Pw4y0OmDJdRWvotXTDLI05szkhu_OyboAZvkugpJo3Es3vYsMYK2uSvNwH-FI_HFTWXFihbz7b3E32uuLg6iLuRvYIXMTUp1AArywNVt1uGUf8M55nHdG4JagOwdXt3NosC5UgIwN_mQkUJ7787tRw0jZXuELfDMtonoMVFoG6Kh7Fv5I5X-u5rXWlRStItlESwAD8RnNHlUHHjilj08N1GqSUsBzinprghxCn1Pkz77M9aOucDrUbfHNCeNWd8KDUuFl8GtYOkB-k1AKTZMUTpD9GBtWlDzPQ6GP0HzuZEavMtrRWtKDaTx2A6sYMi8fhbzpwWIl-81O3KmL4W7T_IA0cIJ_B7MWYKPEPCtWmtRBezXTVS6YsVdW-K9HfkycwcvFhaOocdO2EmITT1275QjE-cpLCaSJzl0xO7-8ZKY9rBV6IqJJem-12axxo_5Ro7TDtrvgJHLKKYNWH6tAsm78tz93LxD0_frp2eFT7JE8pIxjTK4kvW8tZM5WYmQeJo7EQe9HmprNQnZBjuJu24mGo8izrAADKC4_c_m60lXL-kOzFpIFVs9nS4sW4YDjQyQzYx9xKStzkaMzUcPSkzbVMdupyPHI2Xc31Bzrv0rYGJmcqZ8E66DvjbkaevRBeW0Scd-onRS4k59PBMUa6YQwQXNyVmlXL_CkoX0ZGcWLJsbMUyUfVApjjY66DRTVSm9rqQ_DUbkt7YI9juTY12NHZ-x5X_w7fjzMJ4P4ynotxzIMYsaQXosSeabvpVF0s5QotZ7jaUauttId61f7PpStECaHnmnow5i15FldrvLl_a690UoIk3hu6jJ7POlnbvfuC9EdrMq4agbfXAsg_qcZZGVOG6u515383ftB07Tj1LeKNpAyITB2dn5Btkmu3GJCbO2AlybIUqHEyh65fvrwBTdAJf8SLrUmCJidQ7n7mJ96sPjzloefvnz272Z_LbAIA-I1bLR_xV6Bx6yjLVHFlJmOfW43oo6KO7BsFIkmFjND3F8rNPHbLzG_3T10t6Fs22eV6dWtcjzp8dHRdddJZLNs1UuCdEytUHcWz5i7sVvYfE-LG92ZSyGJr0oTLNNCWEAeyd8OD8n__Fv7n5RHsHmKCjewo5YMuq1qqwl1SLsnegM8rwoUbKVbxG4K73O9aGAly4eU6EVBqfbUNZ-yCwubo_6tOVq05ewIZ0pHpdLxB7sTCb2H1kbceMbS692Sc2WcnkQyV50Ou9c_zYyOjHciUlWTf0BVBDnUTF597xT24Oejzh_WgQOQxzUb6BfPup5FCPo5ROOMLsqvAB06m0k9IiNhvYmxCuzqn5o3gDfMPsx-sV86Zi8k9MtmKETGeqaawJq1qL_OOqgGzzOtX_rEyaw382pehk1AQxHXP-S4se3VlcKkYYrt8ynm3wR0wTBxIUh6jFhvUMIxmwyCWyMtJvkCFks8sRfzkTJ_8hL8hCnIfrkAy53RB9Zm5DyT_pKyBDwPGllCrjry5ouUHdGkCH17s862-67TXbhfq6LIs_4ymTLGuILvD04vy_Endo1LbKzB3S_7LjkSTC0-HM9hczAS5IclWiao8cpL173StVXNgDlCwX8IpWizD08kl0dBm8e1KIsdZ-otKAsQohTYQ1JwiDS1seSPimBn3nPtWeNrB4Mw8kXxcO_1PRAd-YANLNVqBcFwuJFBZHMr9_91eWFhJVq3TbyPCeoMZUSky-TwLjDVnUdDXzPScPczp88db2C_vT-ioNlEppAQNx2mfIkaag2oZzCM10c_PYTiTfQO_Frg91PKbQ6y8PbyAoly1UrRguJrRexjTLUoarXfsQtsJlpWOSux9uSgPA8rd6Ic2PgcZMKJtuRdOoZy5FCJ3TpqqzRqYDH35rR7_jH9GtrAFA73mRVIVmkEL476561slPkuOuUK3ZgohLoSFHLHlZx-ZB1gxGaDzDddLc4352MRWzDqL6x_KJiah3UdQ6fF9IkwGjy5YQgNcbI8fDFFGsRU6VFRJ8q4wkiLwExfChhE6QyzN3feTWc3flPgR1_Zfj0s6paUGRSYur91ytNeZZ3VvuKsalgggOhyTGogom-s0GSNOOdPfNpxeylTv37IOiZrdf7A36UB1Wbze0COV0jLjbFg0ZNV4b_KslbEnIqkxduag01FcQu16rNepFohFLyHhVx1vdN98MYKBhoKBOqmUenfv1X7qsUhAFrSNpp556CNAZYKlOsaRd5LB3WRL4AKVhWuo-_ARHKHAkqyX-lwEuLdgB_o_ibGshTY7oceB70gQHgdGlUIBBJPAC8eF_94qhryScrdiQrZCsy2pua2pXCxmMt3x_kkfGoAuO_vMETxGztVF3tGm0Z5hlpgHreoEXaddOd4rH9DH3az4MSOCmJOsckUdyFkRhgBYAE&bundleId=&ias_dspID=3&ias_campId=1015770367&ias_pubId=pub-2205121062140812&ias_chanId=1&ias_placementId=20939788496&bidurl=easyworldbusiness.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0gVpEVGY-B_bQe5pa1Z3T11&adsafe_url=https%3A%2F%2Feasyworldbusiness.com&adsafe_type=y&adsafe_url=https%3A%2F%2Feasyworldbusiness.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:3185a38d-a3fb-be44-41c9-b25a1f567cb4,c:1iv1JA,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7b546d5668-k542q,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:u1mkepA+111%7C12%7C13%7C14%7C151%7C16%7C171%7C172%7C181%7C182%7C19*.1928050-77879653%7C191%7C192,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:12,oid:d93592b3-b301-11ee-8eb9-022b52fa1f44,v:19.8.473,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNViY_k48I-4NRsDLGMNOgBDUkh-9U5HHb05ae_T1kVjTYioNiY&d=CokBAKAmf-ByUdFznO4WoxpBcuIBRghykL2fQQaLyi8zndtlplMcqnSL3--W7gx3KSGyFtfZLhGbWTfAsZKDOhJNpwOLK7QrZqYq-E2feQL8C0lSXNOpQjjXgbXDU49_MyvvmoKmLn5wsIssuzBBoowk8hQ-7fdfxmaJ5ZVfhgF3yQ1MJLGQK13lDhkS-RUAoCZ_4M6cQV9BgGUFZr98KNuG1vZ1r32n7swtNFHCpnLGQO2d2T2MPaCdyA2VoTWN5G-LjTk8sxBAQfR0zsnVuFC3om0LmMKNie8Pzqf0IsQgeKyklDam1rvRc_Qva6T7JE7rix_tmljwcBAeMRZX19uSvPGL7ih3DVT0SiajQrAn1Z9waXiVmwbrrrhBqgXAqXr3g2i1Rsg5x_OcF7UPZwmP6-qgMSmgVvQC0aWDd624833ljF-HIpgPTJEsidT1uq2_EYdDPDp0PVeMzB2-yQD7iePuxFzqqz6GTuVs4QmzNuyQJCHBWOd6fbGJscmuct_RzuBIj4-1nl1SYLBhXTltn7PHsODzSwbrZuB40pAK7YkiaKW5PlrCaX1UC-Xk3icp59G14BvXYUpsZFAuj9bV9t7ZYQrZ4mxZmGu0CDoaToerxc0We3ebY_GvmYK3AfCLjp9wAj9V97H6LVHZly-HgXVwmah9wCpgRxUQlTHmcCl-2g1Q90ie60z8zxo1hnwiCcLjkPJMlLauFtPhRTw2ILGMRVkR8qqZijDu6dBe5gNymtJ4_YrFIXd63ryz2PmBiK93zD3yjdcpc601QfspEvNepks49uZpo-8n94oC18EoRaoMwdYpDPNyVC8xplSWHimFg72KdXLZ22446JJHrYCGYoVuDRXYfwqQiTwbdGgTlvbXXYEUbro8P0Q64A8pixkTlsn4yNqEgk-F491xiVPWwMnX8dUCZyUhQsloz28qvs8DE9JyxWyXvp2pqEkCPnaZ8kn0qB4Mx_qYMglQ8RshCI9DCae2niS98qKuXWzsJ4M2AE30QOEASOoAaGOGxugsHG_84Rim9pfDJTCl_n1UQQCK7v7S5NRxr6g81eYEy0swpakUd-V_DMogmLMVJXBceVU4Lto1PXXBFUPUFMDsZ-Nqn_3i42XzTp1Sm5TpqRAyGxa4KbYLShksHV7SIteUjd6spffPd-gJMIZG-yXvkGmUjxeuAEgXsFY1JRyFzF7kUoVZBu0N_BNLmixAn18fZXqgO0_WvzdyDDDDE9jO04eWOJC-BJCZK1z9YsLoMaeIIErNI4bcOX5MldE_CH_zY_P9vxrzQNAWK5d6BNvypxrH7DGMXnQ9-2O24sLBkqMppZQzjZMwJdmoEwMaKiyVvpXxmRysMZ0LGat5_xVpv8AKEOQHLWqKTyW3irZGgykQ4NvzFf49ZKb32N-p5GfFlhk7q5GYcu4jm7zB-0YcJxSFPx4Ok3Z7_BrCas1oPLGg7UKvICGf0CK3doIQd6-Zk0vZZIS0TIYrw5Q8oscSEnEaKrshM0NF0k-LmJf34XMFkk4tm03be3u3ItTI4OkZ7u5sk5FrC5_JzNdKMp0MnuaDWaTPNgTkSmb1G9vvxlDhgmctDCvlPRY-OcQgOCZ4FSwisRD8jsh2BU9nyOpjzQSlwG5DoYigIVAGQW9ghOboTj_Pw4y0OmDJdRWvotXTDLI05szkhu_OyboAZvkugpJo3Es3vYsMYK2uSvNwH-FI_HFTWXFihbz7b3E32uuLg6iLuRvYIXMTUp1AArywNVt1uGUf8M55nHdG4JagOwdXt3NosC5UgIwN_mQkUJ7787tRw0jZXuELfDMtonoMVFoG6Kh7Fv5I5X-u5rXWlRStItlESwAD8RnNHlUHHjilj08N1GqSUsBzinprghxCn1Pkz77M9aOucDrUbfHNCeNWd8KDUuFl8GtYOkB-k1AKTZMUTpD9GBtWlDzPQ6GP0HzuZEavMtrRWtKDaTx2A6sYMi8fhbzpwWIl-81O3KmL4W7T_IA0cIJ_B7MWYKPEPCtWmtRBezXTVS6YsVdW-K9HfkycwcvFhaOocdO2EmITT1275QjE-cpLCaSJzl0xO7-8ZKY9rBV6IqJJem-12axxo_5Ro7TDtrvgJHLKKYNWH6tAsm78tz93LxD0_frp2eFT7JE8pIxjTK4kvW8tZM5WYmQeJo7EQe9HmprNQnZBjuJu24mGo8izrAADKC4_c_m60lXL-kOzFpIFVs9nS4sW4YDjQyQzYx9xKStzkaMzUcPSkzbVMdupyPHI2Xc31Bzrv0rYGJmcqZ8E66DvjbkaevRBeW0Scd-onRS4k59PBMUa6YQwQXNyVmlXL_CkoX0ZGcWLJsbMUyUfVApjjY66DRTVSm9rqQ_DUbkt7YI9juTY12NHZ-x5X_w7fjzMJ4P4ynotxzIMYsaQXosSeabvpVF0s5QotZ7jaUauttId61f7PpStECaHnmnow5i15FldrvLl_a690UoIk3hu6jJ7POlnbvfuC9EdrMq4agbfXAsg_qcZZGVOG6u515383ftB07Tj1LeKNpAyITB2dn5Btkmu3GJCbO2AlybIUqHEyh65fvrwBTdAJf8SLrUmCJidQ7n7mJ96sPjzloefvnz272Z_LbAIA-I1bLR_xV6Bx6yjLVHFlJmOfW43oo6KO7BsFIkmFjND3F8rNPHbLzG_3T10t6Fs22eV6dWtcjzp8dHRdddJZLNs1UuCdEytUHcWz5i7sVvYfE-LG92ZSyGJr0oTLNNCWEAeyd8OD8n__Fv7n5RHsHmKCjewo5YMuq1qqwl1SLsnegM8rwoUbKVbxG4K73O9aGAly4eU6EVBqfbUNZ-yCwubo_6tOVq05ewIZ0pHpdLxB7sTCb2H1kbceMbS692Sc2WcnkQyV50Ou9c_zYyOjHciUlWTf0BVBDnUTF597xT24Oejzh_WgQOQxzUb6BfPup5FCPo5ROOMLsqvAB06m0k9IiNhvYmxCuzqn5o3gDfMPsx-sV86Zi8k9MtmKETGeqaawJq1qL_OOqgGzzOtX_rEyaw382pehk1AQxHXP-S4se3VlcKkYYrt8ynm3wR0wTBxIUh6jFhvUMIxmwyCWyMtJvkCFks8sRfzkTJ_8hL8hCnIfrkAy53RB9Zm5DyT_pKyBDwPGllCrjry5ouUHdGkCH17s862-67TXbhfq6LIs_4ymTLGuILvD04vy_Endo1LbKzB3S_7LjkSTC0-HM9hczAS5IclWiao8cpL173StVXNgDlCwX8IpWizD08kl0dBm8e1KIsdZ-otKAsQohTYQ1JwiDS1seSPimBn3nPtWeNrB4Mw8kXxcO_1PRAd-YANLNVqBcFwuJFBZHMr9_91eWFhJVq3TbyPCeoMZUSky-TwLjDVnUdDXzPScPczp88db2C_vT-ioNlEppAQNx2mfIkaag2oZzCM10c_PYTiTfQO_Frg91PKbQ6y8PbyAoly1UrRguJrRexjTLUoarXfsQtsJlpWOSux9uSgPA8rd6Ic2PgcZMKJtuRdOoZy5FCJ3TpqqzRqYDH35rR7_jH9GtrAFA73mRVIVmkEL476561slPkuOuUK3ZgohLoSFHLHlZx-ZB1gxGaDzDddLc4352MRWzDqL6x_KJiah3UdQ6fF9IkwGjy5YQgNcbI8fDFFGsRU6VFRJ8q4wkiLwExfChhE6QyzN3feTWc3flPgR1_Zfj0s6paUGRSYur91ytNeZZ3VvuKsalgggOhyTGogom-s0GSNOOdPfNpxeylTv37IOiZrdf7A36UB1Wbze0COV0jLjbFg0ZNV4b_KslbEnIqkxduag01FcQu16rNepFohFLyHhVx1vdN98MYKBhoKBOqmUenfv1X7qsUhAFrSNpp556CNAZYKlOsaRd5LB3WRL4AKVhWuo-_ARHKHAkqyX-lwEuLdgB_o_ibGshTY7oceB70gQHgdGlUIBBJPAC8eF_94qhryScrdiQrZCsy2pua2pXCxmMt3x_kkfGoAuO_vMETxGztVF3tGm0Z5hlpgHreoEXaddOd4rH9DH3az4MSOCmJOsckUdyFkRhgBYAE&ias_xappb=

Request Chain 152

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=14080000121236604444994012569006&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3460623904

Request Chain 154

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9019369846217.61 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJDNkeuy3YMDFapYHgIdWJENqQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9019369846217.61

Request Chain 156

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=14080000121236604444994012569006&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=14080000121236604444994012569006&t=htlp&gdpr=1&consent=1&gdpr_consent=

183 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
easyworldbusiness.com/verify/
Redirect Chain

https://link.earn2me.com/dsvdQu6Y
https://easyworldbusiness.com/verify/?https://blog.filepresident.com/dsvdQu6Y

7 KB
3 KB

327ms
207ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://easyworldbusiness.com/verify/?https://blog.filepresident.com/dsvdQu6Y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9af48e0b5251cf0261138af500f6ac95dd0d634087d2947ec62b018fe6a76ed2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8457935ace976610-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 14 Jan 2024 17:24:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C3GSeJ5uBv0%2FLOBVgpQ93COmhL5xJ5sZECkuyX5vGv1gsM4AXmz5%2F2x0rIx6eNCgynYj4ZnA3IVGULPXG7CQ3fACALcq%2FPDnZ7FZdueWdtp5fU0WzNLg3aZE3SU83L8DCFTf3owwaIA5PmOWXeSywR2EUxs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 845793594eaf79bf-LHR
content-type: text/html; charset=iso-8859-1
date: Sun, 14 Jan 2024 17:24:58 GMT
location: https://easyworldbusiness.com/verify/?https://blog.filepresident.com/dsvdQu6Y
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nw2ImLsGQT%2B4IvP21WAq%2BcVLq1cohoQYgJJR9V95K3V3GyvQtUere4r2ak29bh6HqvZfdVEc7CGJp67IGE0wY9tdDU9v4NbQjLxN8Hn7bx4%2BJWumL1WyHJeCF8Yqi2HwWcgxYJ%2BrFPbAYclcuzZW"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 rocket-loader.min.js Show response
easyworldbusiness.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 49ms
49ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://easyworldbusiness.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: easyworldbusiness.com
URL: https://easyworldbusiness.com/verify/?https://blog.filepresident.com/dsvdQu6Y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:24:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Dec 2023 10:36:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"658bfe17-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XOf4L6pncECVaiy6g7Y035494UiZsnSem8S5J7q2MrubDReWbGTixkepNSYIoaTCwrKU4GSXF5RF2YW4roO1%2FY6f8CpIOVUPJYriO8NOKB0NB3hiWLCx%2BALXCI1bA4YYUI93K4gL%2F28sCiGoy9dyclcvtHk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8457935c18e96610-AMS
expires: Tue, 16 Jan 2024 17:24:58 GMT

GET
H2 200 url
www.google.com/ 1004 B
2 KB 168ms
82ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/url?sa=t&source=web&rct=j&url=https://easyworldbusiness.com/&ved=2ahUKEwjM1JXut4jyAhUN9nMBHf2LBJ04FBAWMAB6BAgDEAM&usg=AOvVaw2bGCDbTZm_Y4DSz3yRRmWX

Requested by

Host: easyworldbusiness.com
URL: https://easyworldbusiness.com/verify/?https://blog.filepresident.com/dsvdQu6Y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-b3fou2e3bSclZropfZW3nA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 481
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-b3fou2e3bSclZropfZW3nA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type: text/html; charset=UTF-8
date: Sun, 14 Jan 2024 17:24:59 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0= AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: unload=()
pragma: no-cache
server: gws
strict-transport-security: max-age=31536000
x-xss-protection: 0

GET
H2 200 Primary Request / Show response
easyworldbusiness.com/ 165 KB
45 KB 356ms
356ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://easyworldbusiness.com/
Requested by: Host: www.google.com
URL: https://www.google.com/url?sa=t&source=web&rct=j&url=https://easyworldbusiness.com/&ved=2ahUKEwjM1JXut4jyAhUN9nMBHf2LBJ04FBAWMAB6BAgDEAM&usg=AOvVaw2bGCDbTZm_Y4DSz3yRRmWX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eba592275d4a0b367894939fb9c14caf3b0ce94f3cee225564730f89f31de9e5

Request headers

Referer: https://www.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8457935d9bd36610-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 14 Jan 2024 17:24:59 GMT
link: <https://easyworldbusiness.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bJZF2DW3omm6rWApiOkNWYlLxtQDPb4mB%2FlcaR7Bcv1u1Mf4D%2Bh9q3fbdjZq0Dkp6qD6FpLwITYElESwKGkupli3UJF8324OmLc8indZUjOczyoJFU%2B5hds5s2OXtEwI%2BmBYcqO4SKozudKzYYFGE7f6kDs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 style.min.css
easyworldbusiness.com/wp-includes/css/dist/block-library/ 81 KB
12 KB 69ms
68ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://easyworldbusiness.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.8
Requested by: Host: easyworldbusiness.com
URL: https://easyworldbusiness.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:24:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 23 Jun 2023 01:23:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2678
etag: W/"145db-5fec1d85090d2-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NfKIaF3N0ijJzu%2FZ%2Fg7u23kXIbjiBRzTp2k5hurxPMSfZtOF%2FoZPo1BedWGWfzP%2FXmLS9pcWd4nqvG6xnTgfyA0q0uQDh4VJ1tmpgWpA%2F2zOkSU2zUOLOmjJc%2BZJMk2u%2B6XCPMh1k9DwhoZEGtGC4irN%2FEo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=16070400
cf-ray: 8457935fdfd16610-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 idblog-core.css
easyworldbusiness.com/wp-content/plugins/idblog-core/css/ 6 KB
2 KB 63ms
62ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://easyworldbusiness.com/wp-content/plugins/idblog-core/css/idblog-core.css?ver=1.0.0
Requested by: Host: easyworldbusiness.com
URL: https://easyworldbusiness.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44c5d1c14f1685bd38adfe9a418c800339ea356687ba6e1da9514be0a7df9955

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:24:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 587
cf-polished: origSize=6775
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 21 Jan 2022 11:43:22 GMT
server: cloudflare
etag: W/"1a77-5d616203c4a80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kyfSFz29InVx3Wq7o55T5kdAfYc4DwqgGkU7f00BE47gPTrmVcSjlhAfKZWLgjFsZNjrmlzIjNAPA0RpVZhPOhu2ZlvMydTu1D%2FOkAKgQ4lL7P2x9%2BKs9QfySE9eojlUz7iK8S3rYdkF54%2BKBFcGEtGvCRI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=16070400
cf-ray: 8457935fdfd26610-AMS

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 135ms
48ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito%3Aregular%2C700%2C600%2C300%26subset%3Dlatin%2C&ver=2.0.8

Requested by

Host: easyworldbusiness.com
URL: https://easyworldbusiness.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1808ac03b40beef84415cef52eb8e1fce4acc951ff8b49a566aa686306d8752d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 14 Jan 2024 17:24:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 14 Jan 2024 17:17:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Jan 2024 17:24:59 GMT

GET
H2 200 style-nonamp.css
easyworldbusiness.com/wp-content/themes/superfast/ 56 KB
12 KB 64ms
63ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://easyworldbusiness.com/wp-content/themes/superfast/style-nonamp.css?ver=2.0.8
Requested by: Host: easyworldbusiness.com
URL: https://easyworldbusiness.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d52a9a00b82c8a2eb79d9d257947bc55a7d5e4e5eed92d2ea0d51dbb91c8f1f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:24:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2678
cf-polished: origSize=67539
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 21 Jan 2022 11:43:24 GMT
server: cloudflare
etag: W/"107d3-5d616205acf00-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mL%2FScJlUkooAbqn9zDnBDIrFP0CSVJb%2BJK7WiiVdOxsW4YwuaaINqhxSVfH4QxhEWLXS60wIkyt7m4sCuyWnEz71kcIGvQqj8AclMk1%2BpI1rX78oV0zC0%2BdwrBsf6BWb0%2F%2FrEskz4T4kyl%2Be6Cj7a%2Bi0Kvg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=16070400
cf-ray: 8457935fdfd46610-AMS

GET
H2 200 style.css
easyworldbusiness.com/wp-content/themes/superfast/ 0
388 B 57ms
56ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://easyworldbusiness.com/wp-content/themes/superfast/style.css?ver=2.0.8
Requested by: Host: easyworldbusiness.com
URL: https://easyworldbusiness.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:24:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 587
cf-polished: origSize=684
alt-svc: h3=":443"; ma=86400
content-length: 0
cf-bgj: minify
last-modified: Fri, 21 Jan 2022 11:43:24 GMT
server: cloudflare
etag: "2ac-5d616205acf00-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LBU4FTteg8xlmCJDN89GX0yFSoH%2Fh3D9slL2tfobck%2B%2Fy5rLMTn%2FNUUzRPfGIQkLZZGOychqBK5x9mmkwewsteP1CDStbyd2lhINYNSD%2B2zE%2FkG0i2cKlOhIeHpMxZv4RXCrEMAzGi0rMp6w6NkIDQ6HjMY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 8457935fdfd56610-AMS

GET
H2 200 20211121_21203061.png
easyworldbusiness.com/wp-content/uploads/2021/11/ 3 KB
4 KB 73ms
73ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://easyworldbusiness.com/wp-content/uploads/2021/11/20211121_21203061.png
Requested by: Host: easyworldbusiness.com
URL: https://easyworldbusiness.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23cc30790c500807d73fcb7ddee1853ab034b560c0e12ebf57475554cbdc5f7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:24:59 GMT
cf-cache-status: HIT
last-modified: Fri, 21 Jan 2022 11:43:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6470
etag: "d5f-5d616206a1140"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mSxHGZOvakQN5avikaF4r6X0luMWABmiU66Z%2B9X6pu%2BWI2yyh7ZV4HdqJrVCvQHLkQO6Im7LjR0EOoFFJ8s6HdY2N1p14PCcayqDoCip7jCJXj1XYXluxbqnMgM%2BaMkKK0J7D76XSxuxJqAAjHp6b2kjm%2Bw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 8457935fdfd66610-AMS
alt-svc: h3=":443"; ma=86400
content-length: 3423

GET
H2 200 download-4-200x135.png
easyworldbusiness.com/wp-content/uploads/2024/01/ 10 KB
10 KB 58ms
58ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://easyworldbusiness.com/wp-content/uploads/2024/01/download-4-200x135.png
Requested by: Host: easyworldbusiness.com
URL: https://easyworldbusiness.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a7d9c1db951377487084695fb656376874dfa9c637ed36f875a0e06baa82b61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:24:59 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Jan 2024 15:53:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 587
etag: "2889-60ead8e3608c1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jf9I0mwVvix%2ByUx19lFPgdFE3Gq5dvjvgazj%2ByjRy6K4d54yDXCHm1yyJtOpHuWSFNS%2BK36Ghv5CN5e0D%2FSdntCMsWHnfvVWMq5pNrI%2FXUv%2FjJhQpzWUSteTJ3dshqZedH08uUfMMkCgCXwXLxGBki2%2FosI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 8457935fdfd76610-AMS
alt-svc: h3=":443"; ma=86400
content-length: 10377

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v26/ 38 KB
39 KB 126ms
39ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito%3Aregular%2C700%2C600%2C300%26subset%3Dlatin%2C&ver=2.0.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://easyworldbusiness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 05:26:32 GMT
x-content-type-options: nosniff
age: 475107
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39124
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:02:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 05:26:32 GMT

GET
H2 200 ElegantIcons.woff
easyworldbusiness.com/wp-content/themes/superfast/fonts/ 62 KB
63 KB 56ms
56ms Font
font/woff 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://easyworldbusiness.com/wp-content/themes/superfast/fonts/ElegantIcons.woff
Requested by: Host: easyworldbusiness.com
URL: https://easyworldbusiness.com/wp-content/themes/superfast/style-nonamp.css?ver=2.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be1825e52a0dc7df04df9322f62abe2a2f2a25d98aac186de0140dfc7f6bdcae

Request headers

Referer: https://easyworldbusiness.com/wp-content/themes/superfast/style-nonamp.css?ver=2.0.8
Origin: https://easyworldbusiness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:24:59 GMT
cf-cache-status: HIT
last-modified: Fri, 21 Jan 2022 11:43:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4188
etag: W/"f8b0-5d616205acf00-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KzePphi80Rb8wBmp1ESY0C3fNjGjUP9YnXCVG84anoupT0ZwVGZAZ3OzWn4OAHbVYrs5DQQOaa8Vpav3S8SxM5dS7Sv3jIXHNsHNBqWxLF5%2BrQwFgXl5lf7ctxPEiNsGlaHKsAZ8SOEVZMIrcdU%2FcoXc8Bg%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=16070400
cf-ray: 84579360b95f6610-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 download-77-200x135.jpeg
easyworldbusiness.com/wp-content/uploads/2024/01/ 5 KB
5 KB 76ms
74ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://easyworldbusiness.com/wp-content/uploads/2024/01/download-77-200x135.jpeg
Requested by: Host: easyworldbusiness.com
URL: https://easyworldbusiness.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10cb90710ba479927d18d6f9f9459ac42a8fbf97b4b202cb6cf53aa23dc7b4da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:24:59 GMT
cf-cache-status: HIT
last-modified: Wed, 10 Jan 2024 12:29:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5599
etag: "12fb-60e969612c72c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oN3%2BZb8gwEMnIcTPWP3Bo2Buv7CwSrPnTSadWd2N7TdLz6jGchS90%2FOie6Rv6rE8iyyMf3rFWhuOYyqQSzIeY0vf2Aw7dI%2FoYNStdVcq4FmUZWZCwMj9%2F0ymvkzVBFY%2BwyHFvEYolkgrw4sep9QbvUragbs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 84579360c9796610-AMS
alt-svc: h3=":443"; ma=86400
content-length: 4859

GET
H2 200 images-55-200x135.jpeg
easyworldbusiness.com/wp-content/uploads/2024/01/ 6 KB
7 KB 75ms
73ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://easyworldbusiness.com/wp-content/uploads/2024/01/images-55-200x135.jpeg
Requested by: Host: easyworldbusiness.com
URL: https://easyworldbusiness.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 070f9773284c9912bcaf219959bcd4c7e381f71c8c445af5187ef7f2afdf0446

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:24:59 GMT
cf-cache-status: HIT
last-modified: Tue, 09 Jan 2024 09:13:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2457
etag: "188c-60e7fbc0eb671"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PDcVkxU8LqAm7mDdXGCDO6t6SSicoqs8tv40KNfrYV08fYN%2F%2Bn8dWucgXBbwmrwu1M9q0fhadH6wnVxQLP1YlPbzkkzXQ4HqBYHc%2Fpo2rQe8ezhItYkYvoNciTDnt7esd1HPAfP8nwm4f8XiknzO8qty1D4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 84579360c97c6610-AMS
alt-svc: h3=":443"; ma=86400
content-length: 6284

GET
H2 200 download-31-200x135.jpeg
easyworldbusiness.com/wp-content/uploads/2024/01/ 4 KB
4 KB 75ms
74ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://easyworldbusiness.com/wp-content/uploads/2024/01/download-31-200x135.jpeg
Requested by: Host: easyworldbusiness.com
URL: https://easyworldbusiness.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 595af0dae21f22542e8495bfc09648401a1ab4efa650d05976008ad6702ff6df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:24:59 GMT
cf-cache-status: HIT
last-modified: Mon, 08 Jan 2024 12:31:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4188
etag: "fea-60e6e62600abd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RZGgQAkcAcHmVeTtGwEW68cmxy6pTYeh1KXgLUoU60T%2FuFveTEe%2FmAuTbv4bLVf2qzSsvKWd7qCRYjVWgmSn1MmV4ABvaEkgd9nCrWxWQzyo70xJErLHYmOQlKIbA90m1bQvk5WJ0GEtvrBvf1mLsl9sUyQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 84579360c97d6610-AMS
alt-svc: h3=":443"; ma=86400
content-length: 4074

GET
H2 200 images-25-200x135.jpeg
easyworldbusiness.com/wp-content/uploads/2024/01/ 2 KB
3 KB 76ms
75ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://easyworldbusiness.com/wp-content/uploads/2024/01/images-25-200x135.jpeg
Requested by: Host: easyworldbusiness.com
URL: https://easyworldbusiness.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a219bca5c2423e0afe056198a5e357e1f934c5ed8d2a0c765041b64c19422d37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:24:59 GMT
cf-cache-status: HIT
last-modified: Wed, 03 Jan 2024 16:03:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1105
etag: "8ba-60e0cc0cf7aba"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bumyllRsvw18bHdoo3jYVSfD0MCHhxU%2Bc0rL16M0orJFjqYbLaRHmLUUmud2JKKks%2BhcOtV%2FkW2RtYwHfU7gbmCvg3zkAFjjBmbvQA%2BmbKuODdBa0B29SoXcJNh6%2Fvxs6LtTzAqsv9vLGNh8T4CD%2FmZtGgg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 84579360c97e6610-AMS
alt-svc: h3=":443"; ma=86400
content-length: 2234

GET
H2 200 images-200x135.jpeg
easyworldbusiness.com/wp-content/uploads/2024/01/ 4 KB
5 KB 78ms
77ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://easyworldbusiness.com/wp-content/uploads/2024/01/images-200x135.jpeg
Requested by: Host: easyworldbusiness.com
URL: https://easyworldbusiness.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b14f77b0411228e15cc5b549a28c3f5e1c1e02825bb215e2d88fc6d0a0933e42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:24:59 GMT
cf-cache-status: HIT
last-modified: Tue, 02 Jan 2024 17:41:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6539
etag: "1100-60dfa017ee2c6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UNEGugMjB%2Bd5n8RI%2FNBIrZBen4v86i1%2BWLDQiCY1notFuhxUY0ZoIAixO6AGEiuRxTNZhKs25ApA104R54Mi712hZx6xbhqKOZdbKZdzVaVr44%2BUa0Bx6twQU0MlE%2BgGXlrckE8EoIivOSzrfjb0Ny2VIVc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 84579360c9846610-AMS
alt-svc: h3=":443"; ma=86400
content-length: 4352

GET
H2 200 download-2024-01-01T080412.377-200x135.jpeg
easyworldbusiness.com/wp-content/uploads/2024/01/ 6 KB
7 KB 77ms
76ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://easyworldbusiness.com/wp-content/uploads/2024/01/download-2024-01-01T080412.377-200x135.jpeg
Requested by: Host: easyworldbusiness.com
URL: https://easyworldbusiness.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd3937baeccc7db444c0e7cff2d5e3d1a314eb234d3f65cf6426f5b16a3470c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:24:59 GMT
cf-cache-status: HIT
last-modified: Mon, 01 Jan 2024 03:07:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6539
etag: "19d3-60dd9b032ccc2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3MGvlroXiTGxDxeUAcbrdrNSyMMXgzfLLSI8OxVKmsMC7%2Bydd%2BoS7dKo4fwKRLOi%2FYBaf7aXjJAalVP%2Br%2FlUiOpYRuss1LG9q1JFtlZFZEUFuusCy9hESncarRqLMp5tZtVoVIXIL7aay8jZwAxjsiPQSKk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 84579360c9876610-AMS
alt-svc: h3=":443"; ma=86400
content-length: 6611

GET
H2 200 images-3-1-200x135.png
easyworldbusiness.com/wp-content/uploads/2023/12/ 6 KB
7 KB 78ms
76ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://easyworldbusiness.com/wp-content/uploads/2023/12/images-3-1-200x135.png
Requested by: Host: easyworldbusiness.com
URL: https://easyworldbusiness.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5136430e3cb74f7eac444ad9d5a6f68fb7df2adf007f03dba382fb8f95292624

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:24:59 GMT
cf-cache-status: HIT
last-modified: Sun, 31 Dec 2023 10:12:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6538
etag: "19e1-60dcb7fb47e10"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DS6rYBpCwI9DD%2BCyeW6HvcVyxX4PgCDdpWETkNR250ct1AYNZogoYWNQOFsSadSXHtqQ1paikCz2W9yc6MlTau1wONhPmQgYFWya6pLTxeqXNMPgpKJvrMn6do9ml0Vhcymf2gmVr%2BqNxw9tjocVuVzIhLo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 84579360c9886610-AMS
alt-svc: h3=":443"; ma=86400
content-length: 6625

GET
H2 200 download-2023-12-30T132811.391-200x135.jpeg
easyworldbusiness.com/wp-content/uploads/2023/12/ 3 KB
3 KB 77ms
76ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://easyworldbusiness.com/wp-content/uploads/2023/12/download-2023-12-30T132811.391-200x135.jpeg
Requested by: Host: easyworldbusiness.com
URL: https://easyworldbusiness.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 096547792f42525df3c260bc79f8b021d9027000eff5a156d98632b0e4162401

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:24:59 GMT
cf-cache-status: HIT
last-modified: Sat, 30 Dec 2023 08:33:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4186
etag: "c20-60db6014b80a4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zbnCr1GIsqG4qEQxfSsM3WPnuh%2BjKZq364G5Gtr5aRdVcYcwlbJHniT7rD27Y%2FaRcxP6oC84aaRC9BdaJ1AE15Puov1PRV%2B1CITC%2BNpq3qByHW2dsWKRoD14gPMmXcouHBLkIRe6yDqM33EL6ytv9pjeecI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 84579360c98a6610-AMS
alt-svc: h3=":443"; ma=86400
content-length: 3104

GET
H2 200 1700818419053-200x135.jpg
easyworldbusiness.com/wp-content/uploads/2023/12/ 6 KB
6 KB 77ms
76ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://easyworldbusiness.com/wp-content/uploads/2023/12/1700818419053-200x135.jpg
Requested by: Host: easyworldbusiness.com
URL: https://easyworldbusiness.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73a47fd099a396a77cd7673b9e5078c58ec7e634004728ac5613cef68da21f61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:24:59 GMT
cf-cache-status: HIT
last-modified: Fri, 29 Dec 2023 09:52:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4185
etag: "17ad-60da2fc67587b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iWb%2Fb94Ig72KNlPy33VWyH%2F3cYSpslcYpsymYLE%2B%2B0uHuzxNoTMYCN%2BxHt5I4DLQiPvKJTMK8A%2FTvedmPR1KVGbZkjKf%2F0W0L0oyweDBTGmX170qB3eOOhfZUgEkSRqW7dA%2B%2BxOli53aOCFVtmaNNFIeGp0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 84579360c98d6610-AMS
alt-svc: h3=":443"; ma=86400
content-length: 6061

GET
H2 200 download-4-60x60.png
easyworldbusiness.com/wp-content/uploads/2024/01/ 2 KB
3 KB 75ms
74ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://easyworldbusiness.com/wp-content/uploads/2024/01/download-4-60x60.png
Requested by: Host: easyworldbusiness.com
URL: https://easyworldbusiness.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcc497c6ffcfc479bd17e1efb62a83bae1429f7856e1f7197658ca7825bc9ad7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:24:59 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Jan 2024 15:54:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5562
etag: "9e0-60ead8e551619"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rl4XD7LOfTqzNPiXc8Yhwhcb%2BuzCqWDorMJGKzyD9waavs%2BaeKUOnEmLOpt9ZlBXvYWc6HGnCXlSxHe0iCMc9stSbRzDs1irxpe3hZyFB%2BqGgSIRC8Ba8qegIOI9r19k75ne2Aw7L7ixrNeXKtKtPtP94T4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 84579360c98f6610-AMS
alt-svc: h3=":443"; ma=86400
content-length: 2528

GET
H2 200 download-77-60x60.jpeg
easyworldbusiness.com/wp-content/uploads/2024/01/ 1 KB
1 KB 76ms
75ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://easyworldbusiness.com/wp-content/uploads/2024/01/download-77-60x60.jpeg
Requested by: Host: easyworldbusiness.com
URL: https://easyworldbusiness.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 668f460a9f67e9a451a786df911fd7d1c15685198035fc48a7559081687b9c1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:24:59 GMT
cf-cache-status: HIT
last-modified: Wed, 10 Jan 2024 12:29:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 752
etag: "44a-60e9695e24119"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ihbAsojdOZ6rq2QNBnr3q6gU7hmAzBn1AACO5WksYwil2MjDjtrKeHGft9WCouDwEWYwqq%2BgfmwVYGEVMdueqCM6TCuE4HaQ4kah5hHx5FBvesnimSs45ws%2Fn%2FFWy97WvqoVK12nMhSuQU7h0Z%2FnGud7SFE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 84579360c9916610-AMS
alt-svc: h3=":443"; ma=86400
content-length: 1098

GET
H2 200 images-55-60x60.jpeg
easyworldbusiness.com/wp-content/uploads/2024/01/ 1 KB
2 KB 102ms
102ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://easyworldbusiness.com/wp-content/uploads/2024/01/images-55-60x60.jpeg
Requested by: Host: easyworldbusiness.com
URL: https://easyworldbusiness.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c592292cacd8b2d8f99a11658b5f8f79954730e38e314bad222c544a81f0ff5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:24:59 GMT
cf-cache-status: HIT
last-modified: Tue, 09 Jan 2024 09:13:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 751
etag: "597-60e7fbbd91b90"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GlAhk6X40kWd1%2F1Cc58mS0ZRRquvGNFimHUBxraGNykgzb6ehaAP26wFDKsb0l2JOlxKGzkBvaOM7bG7nZ2bWj%2Bkkc3QmT43A2rgWutCo7LE5IlV0m%2BNJJrW1MxaRvt5FP65y5b8UV%2BRswHtsqLlHL5ZH4k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 8457936109f96610-AMS
alt-svc: h3=":443"; ma=86400
content-length: 1431

GET
H2 200 download-31-60x60.jpeg
easyworldbusiness.com/wp-content/uploads/2024/01/ 969 B
1 KB 104ms
103ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://easyworldbusiness.com/wp-content/uploads/2024/01/download-31-60x60.jpeg
Requested by: Host: easyworldbusiness.com
URL: https://easyworldbusiness.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86a84ec556fc8ff8974fb47da9dcc703db91556dd070f187f298296ef59c6a10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:24:59 GMT
cf-cache-status: HIT
last-modified: Mon, 08 Jan 2024 12:32:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 751
etag: "3c9-60e6e62812f40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bHAJIuuenXv0qiW43QES2RpU%2FiNc5daW0k6IxKhicgzubEwEksUIzC7kT%2BUII1QL4TxZpbfkc%2BJ8SSQKF9JtFOLOBoNXX%2BKwZgntcgeGedgJktxSq4T2hN2OigF%2BNBgnwJ7Y8w0VGmueWQjSfsJuV5j%2FnHg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 8457936109fa6610-AMS
alt-svc: h3=":443"; ma=86400
content-length: 969

GET
H2 200 images-25-60x60.jpeg
easyworldbusiness.com/wp-content/uploads/2024/01/ 767 B
1 KB 103ms
103ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://easyworldbusiness.com/wp-content/uploads/2024/01/images-25-60x60.jpeg
Requested by: Host: easyworldbusiness.com
URL: https://easyworldbusiness.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4eedb2608ce978827e92a9aa0367b6913c6377b0047d05cb2c70cba010150cb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:24:59 GMT
cf-cache-status: HIT
last-modified: Wed, 03 Jan 2024 16:02:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 751
etag: "2ff-60e0cbe8b3d48"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WYU%2BIGgZby75xeH9ibW4NoYlnENggs90scFQy3vjStGya97RgFNhKBBq1WeAKTLDfJFmBtPzZKRc80J6fWrn9rwMpT14iGKe4f5%2F6zNIvdTzt83XdF37FlAGS%2Fi4INTLuhO7eT7br5RoJTn%2FQPCSkMcH2dw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 8457936109fb6610-AMS
alt-svc: h3=":443"; ma=86400
content-length: 767

GET
H2 200 ads.png
easyworldbusiness.com/wp-content/plugins/ad-inserter/images/ 95 B
433 B 103ms
102ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://easyworldbusiness.com/wp-content/plugins/ad-inserter/images/ads.png
Requested by: Host: easyworldbusiness.com
URL: https://easyworldbusiness.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:24:59 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Jan 2024 01:23:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1834
etag: "5f-60e28b0f15402"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Blan%2B4J4JOTaspp5xSXnl%2FgFsUITLH0uW4MEkXnC3MLcJPFbhc57O2FTmCaVIcNPXFT1Cqf%2B7Z450E9VRHzChf%2BCi9qZrhZdogkahY3nc7o1dtx0mITHvGeX7Zr%2FHb4F8JfKVi3L5ZkYiKVDJiOHuj2SOd4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 8457936109fd6610-AMS
alt-svc: h3=":443"; ma=86400
content-length: 95

GET
H2 200 rocket-loader.min.js Show response
easyworldbusiness.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 55ms
55ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://easyworldbusiness.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: easyworldbusiness.com
URL: https://easyworldbusiness.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:24:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Dec 2023 10:36:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"658bfe17-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FsXcS3WHUjV7vuO0wVt3%2BwBfhoprucW5l7vVxq531YFEdTFxYb%2Bufh7kWVQ%2FbSpx7SgAG7YJ1nKdQebDwkuvU6qoqSqFNqV28VTe1ScXzeOTyDZkMBz05Rf7ZPLWxLQYzG2GiavrhGc7Pe3cfSBAvg9Ggjc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 84579361ab836610-AMS
expires: Tue, 16 Jan 2024 17:24:59 GMT

GET
H2 200 300x250.js Show response
easyworldbusiness.com/wp-content/plugins/ad-inserter/js/ 23 B
374 B 58ms
56ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://easyworldbusiness.com/wp-content/plugins/ad-inserter/js/300x250.js?ver=2.7.33
Requested by: Host: easyworldbusiness.com
URL: https://easyworldbusiness.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 352ea4dd2d545563bef7eb0ba6d6ebfe4bc9d9e51ab00d9c925cb9e103edee63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:24:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1834
cf-polished: origSize=25
alt-svc: h3=":443"; ma=86400
content-length: 23
cf-bgj: minify
last-modified: Fri, 05 Jan 2024 01:23:10 GMT
server: cloudflare
etag: "19-60e28b0f12cf2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ko3tkiFn0KvEWZhum5cAvQBRqBF%2BIOs7UXY9My9sOZrAE1QUEvxUIUIrNlsH5HyUnvMeL2ua2MxdO0ChV6NSTM3%2FvnXmwqg%2BipCKpwlQ9d3muFCCPS2foVNGK%2BsZzKm1bN4%2B2zHaWa60RHuDBi%2BpwbeQuP0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 845793620c166610-AMS

GET
H2 200 banner.js Show response
easyworldbusiness.com/wp-content/plugins/ad-inserter/js/ 22 B
351 B 57ms
55ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://easyworldbusiness.com/wp-content/plugins/ad-inserter/js/banner.js?ver=2.7.33
Requested by: Host: easyworldbusiness.com
URL: https://easyworldbusiness.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfb2e16986e257b608b45d14396378a8f2ac6a7321c0dc2f13c66a33ec8e4a40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:24:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 583
cf-polished: origSize=24
alt-svc: h3=":443"; ma=86400
content-length: 22
cf-bgj: minify
last-modified: Fri, 05 Jan 2024 01:23:10 GMT
server: cloudflare
etag: "18-60e28b0f12cf2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TDKv44IwlhAGCnS7DysHGCJqJQjmkArVdc7ZNZQLBI0ZDbr8YbugfuuLac5hnSmZhzkvhRu5Ldstp5rRfmxThyj2slOaBR9SJwT8mFVTVHGb3EXu6cFBufGr8OiP53boEmkuf7x9aA%2BI8pDQe8kFVQ9C314%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 845793620c186610-AMS

GET
H2 200 sponsors.js Show response
easyworldbusiness.com/wp-content/plugins/ad-inserter/js/ 21 B
459 B 55ms
54ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://easyworldbusiness.com/wp-content/plugins/ad-inserter/js/sponsors.js?ver=2.7.33
Requested by: Host: easyworldbusiness.com
URL: https://easyworldbusiness.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a47d57b5e7435cf426c6c7ff1c481ff5591431e6b4025c2614deb49fc0172f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:24:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1834
alt-svc: h3=":443"; ma=86400
content-length: 21
cf-bgj: minify
last-modified: Fri, 05 Jan 2024 01:23:12 GMT
server: cloudflare
etag: "15-60e28b11468a0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NewicfgH%2FLzrwzbpvjrITpObDKHrBG%2F%2FXhjL46cSFYymAobIcs%2B%2FS3yUicWl%2B0VZAgG%2B9IaUxQxujr0ur0q%2FdpliU01QaNCN5w9bhndulodFXt6%2BjWf23uMrbjRXvnUbwyYNuRB9BmRR5ouXi%2FzGty3rBfo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 845793620c1a6610-AMS

GET
H2 200 ads.js Show response
easyworldbusiness.com/wp-content/plugins/ad-inserter/js/ 110 B
415 B 60ms
59ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://easyworldbusiness.com/wp-content/plugins/ad-inserter/js/ads.js?ver=2.7.33
Requested by: Host: easyworldbusiness.com
URL: https://easyworldbusiness.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 651cbb53c3e67a452582c597784a988f2ad5db132c709c279a23ad74b9917448

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:24:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1834
cf-polished: origSize=112
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 05 Jan 2024 01:23:10 GMT
server: cloudflare
etag: W/"70-60e28b0f1290a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G50CgjQ3hduQZwFiLs%2BHj4vnoc68TKF5DnSAoqop8DXpDFDyzKHcbmJEL1pZaac7iq9Ck1CyjVcx9gBf2iaG%2F5mFmyZLmMaEh8s2LkmetLplhnk7zRQa27UH%2Fn6DN6tIfKZAYvpaUJp97SkSbQXBqvB7DhA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 845793620c1d6610-AMS

GET
H2 200 customscript.js Show response
easyworldbusiness.com/wp-content/themes/superfast/js/ 11 KB
4 KB 58ms
57ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://easyworldbusiness.com/wp-content/themes/superfast/js/customscript.js?ver=2.0.8
Requested by: Host: easyworldbusiness.com
URL: https://easyworldbusiness.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a049f73fcbfcb0f2db50d333edcdebb1a321b07d276b39dff10cc1f0c641d023

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:24:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1834
cf-polished: origSize=12480
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 21 Jan 2022 11:43:24 GMT
server: cloudflare
etag: W/"30c0-5d616205acf00-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9sr0nDrq5BDpbov9pj8c13dWzWzeBPSq5x9nt1pzwEonJsjOp%2FRQBlpsfVXzczyORSQ7arX%2BZz3jUr0h2aSYvXpwDYNwFf6GH9uZywxCbAOaeKATtDhgFQq%2F%2BMGNtq8jw6UMNk1fP481A6eqYABL0BCE87E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 845793620c1e6610-AMS

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
29 KB 218ms
132ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: easyworldbusiness.com
URL: https://easyworldbusiness.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bcf2e204948f909ce5a349178f8284f1c79d617886ab3189c0f0845759a2214b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:24:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29330
x-xss-protection: 0
server: cafe
etag: 32 / 19736 / m202401040101 / config-hash: 6457213104751266546
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 14 Jan 2024 17:24:59 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: easyworldbusiness.com
URL: https://easyworldbusiness.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

40a77c47a61e17d7c8edd41de89eb651387c290281eaff781601d75d0fdf8fe2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:24:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sun, 14 Jan 2024 17:24:59 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 188 KB
68 KB 141ms
56ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-159534082-2

Requested by

Host: easyworldbusiness.com
URL: https://easyworldbusiness.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

590f3b9b271ea1169c670c4afca962460bf0b0079ab03173805e2fbc33bd097d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:24:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69334
x-xss-protection: 0
last-modified: Sun, 14 Jan 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 14 Jan 2024 17:24:59 GMT

GET
H2 200 wp-emoji-release.min.js Show response
easyworldbusiness.com/wp-includes/js/ 18 KB
5 KB 55ms
55ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://easyworldbusiness.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.8
Requested by: Host: easyworldbusiness.com
URL: https://easyworldbusiness.com/verify/?https://blog.filepresident.com/dsvdQu6Y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:24:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 21 Jan 2022 11:51:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6463
etag: W/"4705-5d6163f0d15c0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QxTkzxiLHMRd9OQhk97F%2BAhWhEdK9CD3q5ucjU%2FCEUO4PtH9WZTqxDKGAXEFUY34RRdIdb0l8KBKgLK8QKCmXW957MNFTWqanLkgeopUKGJECdCL9jNDY1EKxgKdAX8rneRrc1KfiRGdIlMWh%2BxMm8EZIXo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 845793620c296610-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 20211121_21203061.png
easyworldbusiness.com/wp-content/uploads/2021/11/ 3 KB
4 KB 57ms
57ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://easyworldbusiness.com/wp-content/uploads/2021/11/20211121_21203061.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23cc30790c500807d73fcb7ddee1853ab034b560c0e12ebf57475554cbdc5f7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:24:59 GMT
cf-cache-status: HIT
last-modified: Fri, 21 Jan 2022 11:43:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6470
etag: "d5f-5d616206a1140"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WMApNkvXLyILGKFQYMbc3tCy99A7zEeDHEeVxFu2687u863qLLY%2FdJ6NUB5ZIiqayrmKyFRm8iKmZx87S2fDhB03Fj9vAiaVwoQKt6dCkbp7JusNC5mJqXTdyZq8qGl0%2Bd2r0pZeTT9dJFHEbfUu8%2FeLwAE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 845793626d2e6610-AMS
alt-svc: h3=":443"; ma=86400
content-length: 3423

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ 506 KB
204 KB 126ms
40ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91088a015cd36dabb6639d0b6d08fadc57be7f1b85011f5f882d4e7a8611df31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://easyworldbusiness.com/
Origin: https://easyworldbusiness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 14:39:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9946
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207845
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jan 2025 14:39:13 GMT

GET
H2 200 jquery.min.js Show response
easyworldbusiness.com/wp-includes/js/jquery/ 87 KB
32 KB 59ms
59ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://easyworldbusiness.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: easyworldbusiness.com
URL: https://easyworldbusiness.com/verify/?https://blog.filepresident.com/dsvdQu6Y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:25:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 21 Jan 2022 11:51:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6463
etag: W/"15db1-5d6163f0d15c0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4DtA2bSw%2BaEexW3RyhJ6mNsDvhkQKctfxw9vETre6GGB8gQOVa37THMRrPRuRS5TaLpgmZga0cdtSa4bWJMQnMyZKWXqvBWPlj2ZlfaCctgZtTf946%2FM5Qq5aEMVrEbFskeXdDt6QXXTKvf1uMwNbYrYOZI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 845793635f0d6610-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
80 KB 60ms
59ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1WBWNE3NKE&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-159534082-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cf68c95012abf0cf82f23bcc69540df135a6a6018a876a43ec9e11de8e6aeab6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:25:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81548
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 14 Jan 2024 17:25:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 125ms
39ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-159534082-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 14 Jan 2024 15:48:13 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5807
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 14 Jan 2024 17:48:13 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/ 436 KB
137 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3399f73a829693c7f1b48d5165488b2794b4449ba99e71e3965416d80a19e329

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 11:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21555
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140168
x-xss-protection: 0
server: cafe
etag: 17101759845534740898
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 13 Jan 2025 11:25:45 GMT

GET
H2 200 jquery-migrate.min.js Show response
easyworldbusiness.com/wp-includes/js/jquery/ 11 KB
4 KB 56ms
56ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://easyworldbusiness.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=5.9.8
Requested by: Host: easyworldbusiness.com
URL: https://easyworldbusiness.com/verify/?https://blog.filepresident.com/dsvdQu6Y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:25:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 21 Jan 2022 11:51:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6458
etag: W/"2bd8-5d6163f0d15c0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sNrrDIJYcvc8Zg4IlNjcv%2Bw6%2FDkKmF7UOz73lo2q0onE0BkESb9CEmruiLQiBNnSj6Toy2HlUk%2BCP%2BwXgFl%2FDwTnxaHu%2FQwJb%2FQppOHrJ1EYKsyp%2BxkeXaHqijKnQJLFq3Ze6w7SulPtbtHAN8rhNj7L5ho%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 84579363cff76610-AMS
alt-svc: h3=":443"; ma=86400

POST
H2 204 collect
region1.google-analytics.com/g/ 0
258 B 171ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-1WBWNE3NKE&gtm=45je41a0v9118399040&_p=1705253099825&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1708091986.1705253100&ul=en-us&sr=1600x1200&lps=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1705253100&sct=1&seg=0&dl=https%3A%2F%2Feasyworldbusiness.com%2F&dr=https%3A%2F%2Fwww.google.com%2F&dt=Easyworldbusiness%20%E2%80%93%20Mobile%20Specification%20and%20Mobile%20updates&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1041
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1WBWNE3NKE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://easyworldbusiness.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
29 KB 122ms
122ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: easyworldbusiness.com
URL: https://easyworldbusiness.com/verify/?https://blog.filepresident.com/dsvdQu6Y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55281589cf843ddbf97b6ae12dea25fee2864f6ef68d4baad17a9618bd524ae0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:25:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29335
x-xss-protection: 0
server: cafe
etag: 503 / 19736 / m202401040101 / config-hash: 6457213104751266546
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 14 Jan 2024 17:25:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 7EF1 46 KB
29 KB 61ms
61ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfrFKQUAAAAAMzFobDZ7ZWy982lDxeps8cd1I2i&co=aHR0cHM6Ly9lYXN5d29ybGRidXNpbmVzcy5jb206NDQz&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=normal&cb=5sfxgfiaaaqf

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

34c3e884c71439b4e483b8468858ee0d046032a9e550f31b663670421c635563

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Jcim8EFebSP1JZGwFwGU8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://easyworldbusiness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Jcim8EFebSP1JZGwFwGU8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jan 2024 17:25:00 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
210 B 47ms
46ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1073950689&t=pageview&_s=1&dl=https%3A%2F%2Feasyworldbusiness.com%2F&dr=https%3A%2F%2Fwww.google.com%2F&ul=en-us&de=UTF-8&dt=Easyworldbusiness%20%E2%80%93%20Mobile%20Specification%20and%20Mobile%20updates&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=239493064&gjid=1889472125&cid=1708091986.1705253100&tid=UA-159534082-2&_gid=640154954.1705253100&_r=1&gtm=457e41a0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=580477500

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://easyworldbusiness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://easyworldbusiness.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 91 KB
42 KB 554ms
553ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3649576334493731&correlator=1947214658138576&eid=44807747&output=ldjh&gdfp_req=1&vrg=202401040101&ptt=17&impl=fif&iu_parts=22387492205%3A22914315343%2Ceasyworldbusiness.com.Banner0.1687411923&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&didk=3066427963&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1705253100226&lmt=1705253100&adxs=240&adys=456&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Feasyworldbusiness.com%2F&ref=https%3A%2F%2Fwww.google.com%2F&vis=1&psz=736x0&msz=736x0&fws=0&ohw=0&ga_vid=1708091986.1705253100&ga_sid=1705253100&ga_hid=1073950689&ga_fc=true&dlt=1705253099465&idt=739&adks=1581456992&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e23c5ba8cd1d18988704c31d02531b37c2cd5892a866fdb3400ec9edba85390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:25:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42749
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://easyworldbusiness.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 34 KB
13 KB 955ms
955ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3649576334493731&correlator=1947214658138576&eid=44807747&output=ldjh&gdfp_req=1&vrg=202401040101&ptt=17&impl=fif&iu_parts=21857590943%3A22888636799%2Ceasyworldbusiness.com%2Ceasyworldbusiness.com_300x250_4&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=336x280%7C300x250&ifi=2&didk=4284493639&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=easyworldbusiness.com&abxe=1&dt=1705253100231&adxs=240&adys=456&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=easyworldbusiness.com&loc=https%3A%2F%2Feasyworldbusiness.com%2F&ref=https%3A%2F%2Fwww.google.com%2F&vis=1&psz=736x0&msz=736x0&fws=0&ohw=0&ga_vid=1708091986.1705253100&ga_sid=1705253100&ga_hid=1073950689&ga_fc=true&dlt=1705253099465&idt=739&adks=2809350135&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f675b519b693191aa34d4c4956add5c386725d66e54de27b64c029033527712e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13076
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://easyworldbusiness.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 596 B
311 B 721ms
721ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3649576334493731&correlator=1947214658138576&eid=44807747&output=ldjh&gdfp_req=1&vrg=202401040101&ptt=17&impl=fif&iu_parts=22387492205%3A22914315343%2Ceasyworldbusiness.com.Banner0.1704114714&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C250x250%7C300x250%7C300x600%7C320x280%7C336x280%7C360x300&fluid=height&ifi=3&didk=591589492&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=easyworldbusiness.com&abxe=1&dt=1705253100233&adxs=240&adys=2267&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=easyworldbusiness.com&loc=https%3A%2F%2Feasyworldbusiness.com%2F&ref=https%3A%2F%2Fwww.google.com%2F&vis=1&psz=736x0&msz=736x0&fws=0&ohw=0&ga_vid=1708091986.1705253100&ga_sid=1705253100&ga_hid=1073950689&ga_fc=true&dlt=1705253099465&idt=739&adks=2166215810&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

237029103001ac1d3d1be41e2e8d014857ae0e2aa51e8952240b606ef5c88b01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:25:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://easyworldbusiness.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
11 KB 550ms
549ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3649576334493731&correlator=1947214658138576&eid=44807747&output=ldjh&gdfp_req=1&vrg=202401040101&ptt=17&impl=fif&iu_parts=21857590943%3A22888636799%2Ceasyworldbusiness.com%2Ceasyworldbusiness.com_300x250_3&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=336x280%7C300x250&ifi=4&didk=4284493632&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=easyworldbusiness.com&abxe=1&dt=1705253100234&adxs=240&adys=2267&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=easyworldbusiness.com&loc=https%3A%2F%2Feasyworldbusiness.com%2F&ref=https%3A%2F%2Fwww.google.com%2F&vis=1&psz=736x0&msz=736x0&fws=0&ohw=0&ga_vid=1708091986.1705253100&ga_sid=1705253100&ga_hid=1073950689&ga_fc=true&dlt=1705253099465&idt=739&adks=3333164298&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4888c86dcb1fb5729b7e172bd227fcd6efaea97451db03a828e9146ff4f94b70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:25:00 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11321
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://easyworldbusiness.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 603 B
320 B 967ms
966ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3649576334493731&correlator=1947214658138576&eid=44807747&output=ldjh&gdfp_req=1&vrg=202401040101&ptt=17&impl=fif&iu_parts=22387492205%3A22914315343%2Ceasyworldbusiness.com.Banner0.1687411817&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=5&didk=3066427236&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=easyworldbusiness.com&abxe=1&dt=1705253100235&adxs=0&adys=3621&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=easyworldbusiness.com&loc=https%3A%2F%2Feasyworldbusiness.com%2F&ref=https%3A%2F%2Fwww.google.com%2F&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&ga_vid=1708091986.1705253100&ga_sid=1705253100&ga_hid=1073950689&ga_fc=true&dlt=1705253099465&idt=739&adks=920012394&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56cfd46517ed536a9b63602c5ae4da3ce935fd311d2baad21437ce2677207806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://easyworldbusiness.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 681 B
308 B 1391ms
1391ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3649576334493731&correlator=1947214658138576&eid=44807747&output=ldjh&gdfp_req=1&vrg=202401040101&ptt=17&impl=fif&iu_parts=21857590943%3A22888636799%2Ceasyworldbusiness.com%2Ceasyworldbusiness.com_300x600_2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600%7C160x600&ifi=6&didk=2876321880&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=easyworldbusiness.com&abxe=1&dt=1705253100237&adxs=0&adys=3621&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=easyworldbusiness.com&loc=https%3A%2F%2Feasyworldbusiness.com%2F&ref=https%3A%2F%2Fwww.google.com%2F&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&ga_vid=1708091986.1705253100&ga_sid=1705253100&ga_hid=1073950689&ga_fc=true&dlt=1705253099465&idt=739&adks=1870503065&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7a3d7a668a9e8dd799889672c9fcc6bfcefa81984dd730af698e91cef17bf79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 277
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://easyworldbusiness.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 133 KB
44 KB 383ms
383ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3649576334493731&correlator=1947214658138576&eid=44807747&output=ldjh&gdfp_req=1&vrg=202401040101&ptt=17&impl=fif&iu_parts=22387492205%3A22914315343%2Ceasyworldbusiness.com.Banner0.1704883783&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C250x250%7C300x250%7C320x280%7C336x280%7C360x300&fluid=height&ifi=7&didk=3310118101&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=easyworldbusiness.com&abxe=1&dt=1705253100239&adxs=1120&adys=20&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=easyworldbusiness.com&loc=https%3A%2F%2Feasyworldbusiness.com%2F&ref=https%3A%2F%2Fwww.google.com%2F&vis=1&psz=250x0&msz=250x0&fws=0&ohw=0&ga_vid=1708091986.1705253100&ga_sid=1705253100&ga_hid=1073950689&ga_fc=true&dlt=1705253099465&idt=739&adks=2926348856&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63754ae7c0bba65eb39b523d966a94f6d8eb38983f17022006594fdd1a067a6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:25:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45389
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://easyworldbusiness.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 173ms
88ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401040101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

723da312751e1bc561e9f82e0dd74109eb57c85a6755ba7a79172d8bdd2b6bf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:25:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12328
x-xss-protection: 0

GET
H2 200 container.html Show response
9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2F81 6 KB
3 KB 202ms
76ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://easyworldbusiness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jan 2024 17:25:00 GMT
expires: Mon, 13 Jan 2025 17:25:00 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame 7EF1 55 KB
24 KB 119ms
40ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfrFKQUAAAAAMzFobDZ7ZWy982lDxeps8cd1I2i&co=aHR0cHM6Ly9lYXN5d29ybGRidXNpbmVzcy5jb206NDQz&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=normal&cb=5sfxgfiaaaqf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 11:14:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22228
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jan 2025 11:14:32 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame 7EF1 506 KB
203 KB 137ms
58ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91088a015cd36dabb6639d0b6d08fadc57be7f1b85011f5f882d4e7a8611df31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 14:39:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207845
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jan 2025 14:39:13 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 199ms
93ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:25:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 14 Jan 2024 17:25:00 GMT

GET
DATA 200
OK truncated
/ Frame 7EF1 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7EF1 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 7EF1 2 KB
2 KB 40ms
39ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 19:56:54 GMT
x-content-type-options: nosniff
age: 509286
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 15 Jan 2024 19:56:54 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7EF1 15 KB
15 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 05:31:50 GMT
x-content-type-options: nosniff
age: 561190
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Jan 2025 05:31:50 GMT

GET
H3 200 Bxq4bn_S_WQLi1emfppw4efsWzB07mtlRa5_2O6sP_s.js Show response
www.google.com/js/bg/ Frame 7EF1 17 KB
7 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/Bxq4bn_S_WQLi1emfppw4efsWzB07mtlRa5_2O6sP_s.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

071ab86e7fd2fd640b8b57a67e9a70e1e7ec5b3074ee6b6545ae7fd8eeac3ffb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfrFKQUAAAAAMzFobDZ7ZWy982lDxeps8cd1I2i&co=aHR0cHM6Ly9lYXN5d29ybGRidXNpbmVzcy5jb206NDQz&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=normal&cb=5sfxgfiaaaqf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 09:00:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 116661
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6850
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 09:00:39 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 7EF1 102 B
135 B 49ms
49ms Other
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f187dc8de7fe50f1f8825c3500b64080cc78ac39df7efd31a4b1bc562be9ca3d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfrFKQUAAAAAMzFobDZ7ZWy982lDxeps8cd1I2i&co=aHR0cHM6Ly9lYXN5d29ybGRidXNpbmVzcy5jb206NDQz&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=normal&cb=5sfxgfiaaaqf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:25:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sun, 14 Jan 2024 17:25:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3619 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://easyworldbusiness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 76218
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 20:14:42 GMT
expires: Sun, 12 Jan 2025 20:14:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 415B 829 B
559 B 49ms
49ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7cc64f86733a48402158494c0ca25872469f011546313e1773624a472df29f24

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SiyouPDwp42fiKwow8KQiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://easyworldbusiness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-SiyouPDwp42fiKwow8KQiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jan 2024 17:25:00 GMT
expires: Sun, 14 Jan 2024 17:25:00 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 container.html Show response
9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EE6B 6 KB
3 KB 40ms
40ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://easyworldbusiness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jan 2024 17:25:00 GMT
expires: Mon, 13 Jan 2025 17:25:00 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 58E6 7 KB
1 KB 52ms
52ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&k=6LfrFKQUAAAAAMzFobDZ7ZWy982lDxeps8cd1I2i

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6a42980542abcf9aaf788db1510021871dc45bfc3453165c61f4e02a9da92334

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-z8Rm6QgC4gAuY3hGXWSHPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://easyworldbusiness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-z8Rm6QgC4gAuY3hGXWSHPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jan 2024 17:25:00 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame EE6B 36 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
URL: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a16dfe9e92661a05f6798c8520a71e2f68c4675ffd6428d60e9d4fc71744dc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 23:34:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64252
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14392
x-xss-protection: 0
server: cafe
etag: 5705098247650313184
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 23:34:08 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame EE6B 24 KB
6 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
URL: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:24:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 180054
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 11 Jan 2025 15:24:06 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame EE6B 205 KB
65 KB 188ms
73ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
URL: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:25:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jan 2024 17:25:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame EE6B 23 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Host: 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
URL: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 11:25:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21552
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Jan 2024 11:25:48 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame EE6B 3 KB
1 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
URL: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 16:19:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3918
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Jan 2024 16:19:42 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame EE6B 20 KB
8 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
URL: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79489
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 19:20:11 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 415B 0
0 155ms
74ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401040101&jk=3649576334493731&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 3619 39 KB
15 KB 119ms
39ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 20:14:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76217
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 20:14:43 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame 58E6 55 KB
24 KB 39ms
39ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&k=6LfrFKQUAAAAAMzFobDZ7ZWy982lDxeps8cd1I2i

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 11:14:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22228
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jan 2025 11:14:32 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame 58E6 506 KB
203 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&k=6LfrFKQUAAAAAMzFobDZ7ZWy982lDxeps8cd1I2i

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91088a015cd36dabb6639d0b6d08fadc57be7f1b85011f5f882d4e7a8611df31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 14:39:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207845
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jan 2025 14:39:13 GMT

GET
H3 200 container.html Show response
9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A3C7 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://easyworldbusiness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jan 2024 17:25:00 GMT
expires: Mon, 13 Jan 2025 17:25:00 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 J0h9xd-8ixNQ-wzeDs1OqH-Fn4Cuq5fzdr39l4Fl6ZKL1aCnkZmUqcKp97OAQj7NzjfUWxeiH1KNluJfR4mL_6mAW9PGopIQ=w1200-h628-rj-pd-pc0x00e9e9e9
lh4.googleusercontent.com/proxy/ Frame EE6B 66 KB
67 KB 143ms
42ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/proxy/J0h9xd-8ixNQ-wzeDs1OqH-Fn4Cuq5fzdr39l4Fl6ZKL1aCnkZmUqcKp97OAQj7NzjfUWxeiH1KNluJfR4mL_6mAW9PGopIQ=w1200-h628-rj-pd-pc0x00e9e9e9

Requested by

Host: 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
URL: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b42188c56de9630887dae653af313be2fb03fa99bc6bccb7e1bbd3f14eced421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:50 GMT
x-content-type-options: nosniff
server: fife
age: 1450
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67982
x-xss-protection: 0
expires: Mon, 15 Jan 2024 17:00:50 GMT

GET
H2 200 3904229983307634281
s0.2mdn.net/simgad/ Frame EE6B 80 KB
80 KB 226ms
125ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/3904229983307634281

Requested by

Host: 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
URL: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b84495e0e00851129198a3d9676758e12767ab5315e82635cb900ddb46c41fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Sun, 12 Jan 2025 14:07:02 GMT
date: Sat, 13 Jan 2024 14:07:02 GMT
x-content-type-options: nosniff
age: 98278
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81586
x-xss-protection: 0
last-modified: Tue, 19 Dec 2023 14:10:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 container.html Show response
9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 16A0 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://easyworldbusiness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jan 2024 17:25:00 GMT
expires: Mon, 13 Jan 2025 17:25:00 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D3D5 624 B
511 B 170ms
83ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNX8cmp62V4sRjxQ4YXlv0bAYKgVu4E8SmCnjlGYS3Vr5rk7GzRjtlprxyLakALdrM-f_sB9gcPTtdG6eqp3XINOW7lQrgON8NA5hPb2zQLPSQzqrKHOyOfNjDaaQ6Tm50S-Hve_f-Viwj3kwD4biFhXr_7s6bFoePu0cTQpQYcezANRk_DAPHqHKSYHa0KR0wqj3d2MMMBgs7zKZ0FTlfSZvbCjUA

Requested by

Host: 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
URL: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jan 2024 17:25:00 GMT
expires: Sun, 14 Jan 2024 17:25:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A3C7 89 KB
31 KB 121ms
120ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
URL: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:25:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 14 Jan 2024 17:25:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A3C7 42 B
63 B 78ms
78ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DMDLC0UFFX88nknubN1vdhpzMVfQINcvlz2AnIlm0u_foXt3QIzcXcy0_bKADQcgEMgl2tcLZDtQzc1Px42HYQkQ1HoN8jkuYLalPjdAd_emDpwmU

Requested by

Host: 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
URL: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame A3C7 3 KB
1 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
URL: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 16:19:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3918
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Jan 2024 16:19:42 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame A3C7 20 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
URL: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79489
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 19:20:11 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A3C7 205 KB
65 KB 168ms
144ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
URL: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:25:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jan 2024 17:25:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A68A 0
589 B 144ms
82ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGNfH7oECMAE&v=APEucNWgIaEk1jKJQ8OneFH7PpNVDAyzxjsUhiSImX_T6cw-OINaOV-DZPcM6kBy7CNxiPNeFpc8JLzKEfOxts8wL23pym4XqA

Requested by

Host: 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
URL: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jan 2024 17:25:00 GMT
expires: Sun, 14 Jan 2024 17:25:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 16A0 23 KB
9 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Host: easyworldbusiness.com
URL: https://easyworldbusiness.com/verify/?https://blog.filepresident.com/dsvdQu6Y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 23:10:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65687
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 23:10:13 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 16A0 7 KB
3 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: easyworldbusiness.com
URL: https://easyworldbusiness.com/verify/?https://blog.filepresident.com/dsvdQu6Y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 23:10:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65687
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 23:10:13 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 16A0 0
0 184ms
84ms Fetch
image/gif 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstXUNbP6rlV4xSF6d0oAa8Ho2WkzZbVhaK4o5K0tVY2tyqyw46AbczeI_U1TPLA2BMu8osEY6EDmBgZgDcpRo3sNbTM2OH715_V0D_6izayLFgpmSa8Smb3rfy4r6avDOo7QrdsBTxNCMaKJYtYrdCA_2IyOPoGGi6Hg2CF0WijJVyiz0Jn1fzonRIIZYjQBfZD6RmneBU4fK7hMutIhxGu3O0yOOPp-Ct8Nf4yxe5qw34suoBFaRjgYypXZTm6lh2kRhZN1gyajTe5ynXfSia17_1K69EjnXyHnaFsttLwEXHRxZprl2t2uw_qXELYJzterh-N_JVC-USITJqYWIxX-MB5jLaVGKuIK8bFUhMne1jNyzE1pt_BuvJ_zyujGS6moVGoETk7A4b8CeXE9POa03o3efGKcfsDT4yglN66YAb-QBkXGFPKMhVQtGPyw0LF1A5c8Y5vG43Rsggec2r18LH1gBj5E9ZZ8rHhYfo7bJAokNh60OGL2D844aURbx4JNn0DkuNwdJEHMx1aqRDwiFZKfM75kROLpOw38k6yhUrC3yCp2qRxnjjdJHU6CJ3xvdF9pUFkPRbIwbaqYw0yXuQsO993VWEPjocYupDDbJj5123zI0yEh_C90Y_NBTcfmIffNQpwCt1Wuyk7pZxjf_eGKYqxi-XAf9j19NljsE2KFdXTDfZs8qRcI8diXBW7Q_upTebEvQSDmNZ3Uq8G8jTtKu-C98pfXf5ztjJTOMOYJoaI3OB6CkG-P-3alzY92_B3hVEFfX6SuWFdwUcN1O8q1z0C8NX-zN3mTW2Jra6FZ5sf_y1ubk2QHiI9a18uabEDHKq_x5WkM6d4cTgvl27INyok21ktzWNYT8gd40mZyVkTdCci8KUyzIpNWrMkIgKWQebpoTFGd1ViLdxD5wd3H-170l27DVMrUEThbgDCr5cxR-UCRiGbXXNTQCRhLTEL8sCB-1XPngDzbGAEDKhlZROYpp-3_lOW9lPYSzB3KSLrbjHxKC4_YqePweJIETZM3cJRixaWTU30ML2R8q7HaY8LxXSixXqCtO9HbKazBITvM7kvGlMGUsL4skHOfsNRDO5hpjJ_EAtg3MOIGK4Ys5tHCRH_W-KA8VadYjOheV_I2gkQvTU5ckObx_vIuhpfbiR1RKywureIoy9RrWjqSRsK2TXYc-Ny6zQBrS-OyRrPMNSCeP0Z32JgZD2yEGUf3uFpEG6GP2KsAjaMxRsXOqb7yFH6mLiNsa7j3QEtxqYO-xQhqXRE-mvD2xL_kaCDAbFi8PGTvQYZ_rptyl3tNc0c4nod8k1wuK05RahDulL1n4HJIzGdkBQ-JgFb-jPPTqHo5sT5MudUZGphAFVU-8zL8di_dwmn6i_j0Mzf2ghF3dbvs2OEj5f6&sai=AMfl-YTmWjmfUTL1ogP7toRuz3FtH0vGRReE5jXiuCVbiYloKPiA6kM1BpTaVN5GAh--vXizpic7LGxMwkiNYi4CYrjg_H2CwAmCWuv5-uMJsQcaBeRTm1bNDdYmNQke7pVoqs_1v9W_gJbGiAzlfqfsQutqgs4EP_1oQmeerkswERdpxp19UgyVnnDFYksjZO8gBp934ep-gpGUK-Dprvx4oebJQioE0HvhHmvOF_V0f-NUiQt-yme87x2-OdS1woumBY7R_I3mOYCsYyusZn6mJcEP3gJlPIK3mTWnAYGvvn5lAqlhG1ltnKSmwyZUMlrfMHnjzNKhTvy1p-LLUGxJFLnrdI0nl14xAlICQAePK0x8LV83RCH5ORXJy76dheAsq-P-19MIG0Shy0Ax_T6foOupDxcXKxlEqXaitXnrjkr9lCtq_E_EXN93ZY1fz8n0GKt0QbzjQ8L_EHxUhKT069w31AMDGEuHy4WZVWtn-xgjykGlNrACUusiChF0Zl1K6o8GDpO46NYNCA&sig=Cg0ArKJSzIQ-TDayV4ONEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9xb250by5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20240109.44522&arae=0&ftch=1&adurl=

Requested by

Host: easyworldbusiness.com
URL: https://easyworldbusiness.com/verify/?https://blog.filepresident.com/dsvdQu6Y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 14 Jan 2024 17:25:01 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sun, 14 Jan 2024 17:25:01 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 16A0 41 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: easyworldbusiness.com
URL: https://easyworldbusiness.com/verify/?https://blog.filepresident.com/dsvdQu6Y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 20:07:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 163032
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jan 2025 20:07:48 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 16A0 3 KB
1 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
URL: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 16:19:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3918
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Jan 2024 16:19:42 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 16A0 20 KB
8 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
URL: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79489
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 19:20:11 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 16A0 42 B
63 B 74ms
74ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A_wYyG7Pfd2RXt3smMj7Dn6lh5TV348IyueiInqN0K3NUVTuxJfGy8WoAJXc73NWPjWQcSrNiLPxZDLLIRqF3mFHBwRPUubAGto8iemZ4V3aTU-k0

Requested by

Host: 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
URL: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 16A0 205 KB
65 KB 158ms
156ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
URL: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:25:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jan 2024 17:25:00 GMT

GET
H2 200 15549555638884500589
s0.2mdn.net/simgad/ Frame 16A0 83 KB
84 KB 80ms
39ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/15549555638884500589

Requested by

Host: 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
URL: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ba5d665ac535616d69ca5dd5b84176fbae574fb419376aea1ca09a673c7eed8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Sun, 12 Jan 2025 06:00:25 GMT
date: Sat, 13 Jan 2024 06:00:25 GMT
x-content-type-options: nosniff
age: 127475
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85169
x-xss-protection: 0
last-modified: Tue, 19 Dec 2023 13:50:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3619 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?43hkZA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:25:00 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame A8D3 38 KB
13 KB 39ms
39ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 148450
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 00:10:50 GMT
expires: Sun, 12 Jan 2025 00:10:50 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 16A0 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7262e8496654ef974c3c770a0b598244498af0c5aea7f57d8a42e01040147a1a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A3C7 0
20 B 76ms
76ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5139477022389&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A3C7 0
20 B 74ms
74ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5139477022389&version=m202309260101&ct=77&x=1&cor=8071830253011320000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A3C7 20 KB
14 KB 74ms
74ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DIcU_YK04GmuC6TLn8UNhozudIUV_kgcYKvakfiE6L9zbPf3_pNtArOVbGpjfm4rGWtr7NLx_JEguwpPMX-aO1lb5UF4HJVLYh-9-JK-8hGOM6hCiZjXNUdtd-yHSp_gFUVDUfon-Q97YvvECQq3YQvelxhNI-UprUefPreAKmrhevrH4&cry=1&dbm_d=AKAmf-CWQHjvQRzi6ex1jsR9MomBcZel1z6ufQkbDCtnvj4zK4xcwhOC-ADt6eHr8yLkOn_RGslXXmdZH-a6QS_t5pt4YRF3cbWX27Zq1ed8R5OmsKi8d2DccIyeu_7ViF-jN8VqvRhp3INOr4McNnw_byrkTKVIthvNU4dXxGNNP-sejU2afQWuvE2IkdJ67HEU6776LAuIWJ6C44ebYc4ymiJ7tx8ncTlQRO1UDHpzVVoHuQBTzJ0Rln64vcfT0C2GcPtc2QCAlKPvPrRl39EtzmQrZi-ur_UAK_4Pfi0Z0fOT_xFPOxgWp2Q25J_sIEitCe8o3aSi6brqWivl0lTHuL0Ku7Ahs5uVkotgJf_120VPbYQepKhjk-t93kosKR80pcMe29aL_JlKOUySZxPbxo7UYShBJR-q4i77z9zlHTIQj3MYrHUL2SxAXEump2BXHBVkAu24hdWeEOM88PIekGOWCmUDHkGx2S_De15rB8jLwSnEaZ1WpoySGKWDYOdXUVdH8-_p9HTTYuAJRTAeHJ4_Jrk0PQd6SyO7GfZ7KY4BVHmqLCfmOOyLau8AD9rby-iGlDl8hIIERY2vuzI4mYrmPIISpqWdDsVA-6Xx2Qo0mKkVIu2BzLVu1vFvcTxf23I7SW3iry4NYW1hd661y9uY77fEcHpfWgQrYnwc0a1yivstEdUyyX54OF1UMf1F29q00nrAd7BeAwwR4q5aZddYdqdV-StRdZMqbSFCsz22nuS4mFYuWB8Kdd7eOJ0EIaAZ0NIvpU-2SEn8uTe3lnHAOArIjI33jT0RKARxMhmm12t08UErIZ3hwoH1dpQSmLNuidV17NhSYxNtDG-MTOhIp47wxdMPLdGQYsaaauFaTE4Ye6FvYTLD0FyuHe2SaKzXXg9Zbzr6U-vZtInmhj9W2omIaPiDn2fPcT-LlVQghnu9DEFDSjeDzkJrkAwwO3oWNdN2DCrEyd1vAj7eT-6BpHgvpFdD-YBHtiekKnCypVdBPu0sI03rUOh7o9FvmCNqhyZRmuDtaKwzIFvl6dqyobkMLsS9YGyFlVWMThzNmj10xSZXXa0QEQlqM8TQN1FWosBVnC_8VUpRtW4Cw4JGjZeenrnRzNDBcrn5r8tgFKhh8eX0PDKKcdYbQndqd2MD41G9U4CR1uLne0_vDJYfihTFd7YsGxbt7EnTT5OTdW55ED3bqBJzMOAm13ed4Lq0duNNn6HILB4ttR1-ujmtpieIuywBkuWtdhjcgsCi5A2qiC_N3b-spg8X_3Y9WB0zRVKMXYY3hGfrvFwEEECVZz1aVFQuHCjBZibWq-VWsZATJcZvu5bR2K3sB6T6tA4ZfDTWnlXTuzWpFXga471wSoh-MXaCNifgloiyvfGN4DDm6FU3IYO45ULOEU2BxCaAcyLLsFXF_QXRjxVzdr3v4ZEp6h0CvDvedK71vtx9qs7q0J7ACS9S0L3XxkSD5Uxuli9MMRLQu-MyWcK9IvhiEUiSETQYKm85BLmFr3xC-mgoFfb5Vnc3hp0sB3Wjh4Gv0eqGDYW75Lj_1tOzSXYUbd7iRGrBpkc9V9XoaaFt5FCE7XCmRfO2loNOL9jj6yGwb16-nRFFVtSKyQf02FxiSIXauDIIt_CxGGNzo2-J21DkqPL-X0osZaRVverY61MrKD2OmP1edyfwpF06WHxkNriWQ_Ug1DMRQCcqPa7K_SRCN_X5TfAyYVp4vmxEflqC7GDsYbMeQv0QfFHeGSXNyUw-wFIr3HiocwBXkefMvCfdqiw2qpBo230XhF3BUV3H6cZE-iY1i6Dk85cpArYyvQl2uE38rSmXRm4ievrAxxOe9_WgeND3dXQEMjTygRmG3pITadWUf7fwAL8t_7EoAZSCiku7L1dG1BF-ZDTbl87DS9S9pLxyVf8tyvheqyWRjy87t4uLGEFnYw6-BrvuvJG0pRJipjnp1k00uNzMlajGToc_vlyqNnyovJV05iWuGOsefqsZ0CZOtzV5ciqLb8df0rdFjKWmTq9orOTYtWE7edv-_kRHbEMi5HqvIrJ2rIFy0BuBj_gMJ78-jM7fL8aK4BVRq1mhG9BU5Nsv_5nC75BPLLwbwfI9h1mj-K-fvD9fk_cVkBmG2n54C32wMjoqTgT5UxiEaIGTLVaIK2KCV1mAGbYjRVlLmiV0e9Z11boeN6afzh8oC8Z5tzQAsoBu-N4CD3UqLMbWdVftvHy86yRtiGKZkLvnCufI_X-tglV_Qq2LJOUsQFK3Umj7tQQDBDOLVNk_gH7Xn281511sKz4UemY98-6sR3lfPOAdZHi6jOgXKhX0wXIIIm9BfLvjvrEJ3CHYGB0A4L6bpjYqzSBQlMInmek1PuZbsiwc031JpbwqilmE8bb9VEY_h61AHLTmcDPC5f1Z6CoUgVXDjehOXq5RpKMCWixGZwNhBzwRA1AJcxms4jUIlvj-cpdAx0I8kS9T-eVCHxeNT14rbSSaz-3vB9V9tvhZyZeF7SLGcuBfwjyh2OngRy7L7bFZIUCHxVqHUnIjRsVFydOLgi1415Vg8sWQrJvBx284rMeK43lbtg-6v6jMBu5WXKcM4z8ZK1T41YrpnBHCJx4sZr0lW9QUjB5cW79cKjx8SxtpJabpG5Mz7wUS5-bXR8KGkS12cbtk8OQer6A4J3jFa6zVxdCn06qy9y9v0wdU-4zRLte7reM2Lr_gbuXdaE5HT-tWiAnR9nK0iiLfEUMzSIUNU1Iaqbfl4XXwYj-p96ARD_GL-MkgorjQma6PEt6Hap4BLdl-sPizYGJD4ZI_oovvsNtXN7yMnyJuC9JeNVMzpTK8Kgs3HK75ycsA3KbTwaIy8h4o9cGWDOqp8hvSubh8xYriJT-Gbn9daUA75CTLK2i0UgrDVmRXm52Im6KMaV8kwFduhWKKd5ftyRnmrKIcU64D1CgbfcWSTKM1fU1sVGThghqaJ5ToPX104Dt2LxtLdK-ZhfjM8jHGp0Q4nnBmDYRoKXH5tAHr1fbF7nl0ApMZTwbapeoO1kjV5CuiQXp8GhaNxtuWDdx5JHwI-Z9s_icnfyk5kUKD3Qmy8b5mDMAJBE9-eLDGSM44rnP0COYTxg6PLgNlf80JlAG_LEvuKShpEffmWpB-oJnZtfDDfnlCNfLkhThCm5zobKI_KTDgb_5NlkAHffkocQGVD_QDr2WkXRI81tnKS-1GKgOB_qf5klZnMwEsoiUh0k4sAUmSuDyxT_ZAPo7KMvHv46-t34MIkcSW8aGZ6568NV0zl8SXTbXr4ueGEGMgOwSme-WWMkzawHzuXrIyY0eenhqxIsiSShL6XHD7KfBFWsWKO83K7LyKkhFCLophNLw_UOgKJZGfb8iG2SEa0wXFWDteSKpeiIdbjiJtvl-McoEJNqoe9U337rOuoa0eStZjxEOlOhr8tBgH2xZwRErAFxpAUOUhsut1NXjjkiaLdP5g2h4hGFqcXX2__7kpfpOUy2_IG88IxGwO0aEuWe4X57_MmIF6CmpJB3VHjl6m2htBk7tdbtsSsynuPpVMwjekzYqDT0c-9ieNI9S2vVAMSjFPdq5WDJEwG5vjDrq1TxxizuxesE-jivVy9LTlnWEBFewd5vIQhc7Y8P7I0dscVO-0Lk_2zOBHszNt4xF9wyteqSJEp-Z9QXimKmHPwOxtmkGpG1BmoWbs5dxOzi28r0sXvlJzvwHGWZh9S7OZHiYCbtzvCQKRS9iPUvhl0yXi_d3ffFTYdLkgXprczy6dBC6mDyYotep1ag_9VaJ2X2josj3uMInk0VTjUfV8GE8FjSqJ23bqi-eZfoA0Koge_c_4WU26fsXvfcw53vUzqLfC1pAQXmsJ7OrZGFu3pFxa3oSWUkaqxdaEN_ni5hCUWBaQ5SBHSJfNw_0NZzkay-aKosnLuadYVlXJPDzC3X_roA&cid=CAQSTwAvHhf_TKIKGBaHa3koNos5_w3Ae3zA_4ELGqI0GnpRh_lS_8JfbS5vmC7yxdK1Z9pTge7mgqAyK--4RwF7lAH351hliIbS0cYpTn-jpO0YAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Feasyworldbusiness.com%2F&ds=l&xdt=1&iif=1&cor=8071830253011320000&adk=2857193499&idt=144&cac=0&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63d33d54008f2f4ee2a5e579e094b036355e10b5a8dead8131c3ef8313101fdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13936
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame A8D3 39 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 20:14:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 20:14:43 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame D3D5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWZ0XC4dShW2D-Ugpff9ZA&google_cver=1

43 B
343 B

66ms
65ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWZ0XC4dShW2D-Ugpff9ZA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNX8cmp62V4sRjxQ4YXlv0bAYKgVu4E8SmCnjlGYS3Vr5rk7GzRjtlprxyLakALdrM-f_sB9gcPTtdG6eqp3XINOW7lQrgON8NA5hPb2zQLPSQzqrKHOyOfNjDaaQ6Tm50S-Hve_f-Viwj3kwD4biFhXr_7s6bFoePu0cTQpQYcezANRk_DAPHqHKSYHa0KR0wqj3d2MMMBgs7zKZ0FTlfSZvbCjUA
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B9MGAzR%2BiD8JsoBaVdixg1%2BqMUyFd6gGUPM%2BqzkLRzRSFLglUwBQkRD5Mn3YrHMVUhjEp25aEAq1FoxnYl8F%2F0gqwyzIwZ0XtBoQP3pK457XqG7xcyOV%2B15UP3QCtgCX8OwAPkKbvIcGtA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8457936a7acb6a78-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWZ0XC4dShW2D-Ugpff9ZA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D3D5
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaQY7WnOtAefZAtHYnCv3wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOjYDO4lGi-1EZjHPxflQGk&google_cver=1

43 B
776 B

75ms
75ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOjYDO4lGi-1EZjHPxflQGk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNX8cmp62V4sRjxQ4YXlv0bAYKgVu4E8SmCnjlGYS3Vr5rk7GzRjtlprxyLakALdrM-f_sB9gcPTtdG6eqp3XINOW7lQrgON8NA5hPb2zQLPSQzqrKHOyOfNjDaaQ6Tm50S-Hve_f-Viwj3kwD4biFhXr_7s6bFoePu0cTQpQYcezANRk_DAPHqHKSYHa0KR0wqj3d2MMMBgs7zKZ0FTlfSZvbCjUA
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2B9c50WQl1fwSdfyS8nC2YLGm7mTcwA7JOCN4S%2B%2BoUAyDY%2F%2BWL8nYTtMmj34LDfx6OBGYeeEDAoR6zhnwk4vi9kMxhnUNpXRsC9FCFDopMJ4fWlofZdY%2Bp%2FohE5qw9Gcgbq%2Fam8ZPyhbYA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8457936b4dbd58f6-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOjYDO4lGi-1EZjHPxflQGk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame D3D5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMH39RmshtXjU1YqPUGqVOM&google_cver=1

43 B
1007 B

46ms
46ms

Image
image/gif

37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMH39RmshtXjU1YqPUGqVOM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNX8cmp62V4sRjxQ4YXlv0bAYKgVu4E8SmCnjlGYS3Vr5rk7GzRjtlprxyLakALdrM-f_sB9gcPTtdG6eqp3XINOW7lQrgON8NA5hPb2zQLPSQzqrKHOyOfNjDaaQ6Tm50S-Hve_f-Viwj3kwD4biFhXr_7s6bFoePu0cTQpQYcezANRk_DAPHqHKSYHa0KR0wqj3d2MMMBgs7zKZ0FTlfSZvbCjUA

Protocol

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:01 GMT
an-x-request-uuid: b4540ddd-2c05-4e45-981d-0c236190bafb
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.100; 80.255.7.100; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMH39RmshtXjU1YqPUGqVOM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D3D5
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAzMTEyMzM5MDg5MzY0OTk2NA%3D%3D

170 B
243 B

50ms
49ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAzMTEyMzM5MDg5MzY0OTk2NA%3D%3D

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:01 GMT
an-x-request-uuid: 4ebd8de4-1a5d-439f-9ba4-9d1ee3fa32c7
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAzMTEyMzM5MDg5MzY0OTk2NA%3D%3D
x-proxy-origin: 80.255.7.100; 80.255.7.100; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 145D 143 B
228 B 44ms
43ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
URL: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jan 2024 16:38:21 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 16A0 0
0 77ms
77ms Fetch
image/gif 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstXUNbP6rlV4xSF6d0oAa8Ho2WkzZbVhaK4o5K0tVY2tyqyw46AbczeI_U1TPLA2BMu8osEY6EDmBgZgDcpRo3sNbTM2OH715_V0D_6izayLFgpmSa8Smb3rfy4r6avDOo7QrdsBTxNCMaKJYtYrdCA_2IyOPoGGi6Hg2CF0WijJVyiz0Jn1fzonRIIZYjQBfZD6RmneBU4fK7hMutIhxGu3O0yOOPp-Ct8Nf4yxe5qw34suoBFaRjgYypXZTm6lh2kRhZN1gyajTe5ynXfSia17_1K69EjnXyHnaFsttLwEXHRxZprl2t2uw_qXELYJzterh-N_JVC-USITJqYWIxX-MB5jLaVGKuIK8bFUhMne1jNyzE1pt_BuvJ_zyujGS6moVGoETk7A4b8CeXE9POa03o3efGKcfsDT4yglN66YAb-QBkXGFPKMhVQtGPyw0LF1A5c8Y5vG43Rsggec2r18LH1gBj5E9ZZ8rHhYfo7bJAokNh60OGL2D844aURbx4JNn0DkuNwdJEHMx1aqRDwiFZKfM75kROLpOw38k6yhUrC3yCp2qRxnjjdJHU6CJ3xvdF9pUFkPRbIwbaqYw0yXuQsO993VWEPjocYupDDbJj5123zI0yEh_C90Y_NBTcfmIffNQpwCt1Wuyk7pZxjf_eGKYqxi-XAf9j19NljsE2KFdXTDfZs8qRcI8diXBW7Q_upTebEvQSDmNZ3Uq8G8jTtKu-C98pfXf5ztjJTOMOYJoaI3OB6CkG-P-3alzY92_B3hVEFfX6SuWFdwUcN1O8q1z0C8NX-zN3mTW2Jra6FZ5sf_y1ubk2QHiI9a18uabEDHKq_x5WkM6d4cTgvl27INyok21ktzWNYT8gd40mZyVkTdCci8KUyzIpNWrMkIgKWQebpoTFGd1ViLdxD5wd3H-170l27DVMrUEThbgDCr5cxR-UCRiGbXXNTQCRhLTEL8sCB-1XPngDzbGAEDKhlZROYpp-3_lOW9lPYSzB3KSLrbjHxKC4_YqePweJIETZM3cJRixaWTU30ML2R8q7HaY8LxXSixXqCtO9HbKazBITvM7kvGlMGUsL4skHOfsNRDO5hpjJ_EAtg3MOIGK4Ys5tHCRH_W-KA8VadYjOheV_I2gkQvTU5ckObx_vIuhpfbiR1RKywureIoy9RrWjqSRsK2TXYc-Ny6zQBrS-OyRrPMNSCeP0Z32JgZD2yEGUf3uFpEG6GP2KsAjaMxRsXOqb7yFH6mLiNsa7j3QEtxqYO-xQhqXRE-mvD2xL_kaCDAbFi8PGTvQYZ_rptyl3tNc0c4nod8k1wuK05RahDulL1n4HJIzGdkBQ-JgFb-jPPTqHo5sT5MudUZGphAFVU-8zL8di_dwmn6i_j0Mzf2ghF3dbvs2OEj5f6&sai=AMfl-YTmWjmfUTL1ogP7toRuz3FtH0vGRReE5jXiuCVbiYloKPiA6kM1BpTaVN5GAh--vXizpic7LGxMwkiNYi4CYrjg_H2CwAmCWuv5-uMJsQcaBeRTm1bNDdYmNQke7pVoqs_1v9W_gJbGiAzlfqfsQutqgs4EP_1oQmeerkswERdpxp19UgyVnnDFYksjZO8gBp934ep-gpGUK-Dprvx4oebJQioE0HvhHmvOF_V0f-NUiQt-yme87x2-OdS1woumBY7R_I3mOYCsYyusZn6mJcEP3gJlPIK3mTWnAYGvvn5lAqlhG1ltnKSmwyZUMlrfMHnjzNKhTvy1p-LLUGxJFLnrdI0nl14xAlICQAePK0x8LV83RCH5ORXJy76dheAsq-P-19MIG0Shy0Ax_T6foOupDxcXKxlEqXaitXnrjkr9lCtq_E_EXN93ZY1fz8n0GKt0QbzjQ8L_EHxUhKT069w31AMDGEuHy4WZVWtn-xgjykGlNrACUusiChF0Zl1K6o8GDpO46NYNCA&sig=Cg0ArKJSzIQ-TDayV4ONEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9xb250by5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=173&vt=11&dtpt=172&dett=2&cstd=0&cisv=r20240109.44522&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: easyworldbusiness.com
URL: https://easyworldbusiness.com/verify/?https://blog.filepresident.com/dsvdQu6Y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:25:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame EE6B 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65326516e78412e19221c9fc31a6475f903ba7744e5e4bb389aa76904ecc16a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 156ms
75ms Preflight
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CUqTi7BikZc7rEcf6x_APlYGmoAyEpPOhc6HOu4e6EoXdo6fZAhABIMXwzoQBYJX68IGMB6ABvIO2_CjIAQapApxeTIt2X7I-qAMBqgSDAk_Qy0CGYVzMRJCSEips719pU-ciaUyOf_OTaUUVsdWRhUcIPRxzkc5k2K23ERe-hdRjN_EK43a4sPhIKkdgkGdFaQ5lb6l_KPJsXflE6Z4tKaIeUtqspRXHrL5fq0VIM_sUHzczhQcwK5VFABhe4fMua-BdCCm8sLWfnceDGyiWnxcclia6cOfhIpO621uRUunb133xNFlIAk4pJ3V12JtEyw3Xd9B2UslfjMrFED9IMd9g1JNetcCbA-dfC5jkD_0Qdqd3CYIo29xPLmw2ueDKi84od6ZS8WwFcN-vXQx4z2MfugGJeEhqpDd_hzTgvvReTZDKNti_fDtrxkX2DrM4ec7ABI7F6Z2NBOAEA4gFjLXLnEWSBQYIAxABGAGSBQYIGxACGAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBjeAB7y7htwDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwoQ99ATGIqj74EC0ggfCIDhgHAQARgdMgLrAjoCgEBIvf3BOlj72azqst2DA5oJvQFodHRwczovL3FvbnRvLmNvbS9kZS9vcGVuLWFuLWFjY291bnQ_dXRtX3NvdXJjZT1qZWxseWZpc2gmdXRtX21lZGl1bT1kaXNwbGF5JnV0bV9jYW1wYWlnbj1kZV9wcm9zcGVjdGluZ19nZW5lcmFsJnV0bV9jb250ZW50PXByb3NwZWN0aW9uX2NvbnRleHR1YWwmdXRtX3Rlcm09aW1hZ2VfYnVzaW5lc3MtYWNjb3VudF9uYXRpdmUtVjeACgPICwGiDAgqBgoErLqxAuINEwi4h63qst2DAxVH_REIHZWACcSwE9uPiBbIE7WkreED2BMNiBQB2BQB0BUBgBcBshceChwIABIUcHViLTMyMDY0NTY1NDY2NjQxODkYk6J7&sigh=8NM4svtIK4g&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_ea8M1wVteD6uEh3FwdNgStiUG1MybmiZn6jrdzIpjo3EzW0y_sqfUF5sVzxkcR20a4V75j_mancRUyvkIqZaFkgCMb5eRjSPEhgB&template_id=509&vt=10&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 14 Jan 2024 17:25:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame EE6B
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CUqTi7BikZc7rEcf6x_APlYGmoAyEpPOhc6HOu4e6EoXdo6fZAhABIMXwzoQBYJX68IGMB6ABvIO2_CjIAQapApxeTIt2X7I-qAMBqgSDAk_Qy0CGYVzMRJCSEips719pU-ciaUyOf_OT...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217615286517636152999%22,%22debug_reporting%22:true,%22destination%22:%22https://qonto.com%22,%22event_report_window%22:%22...

0
0

158ms
76ms

Fetch
text/css

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217615286517636152999%22,%22debug_reporting%22:true,%22destination%22:%22https://qonto.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210998350268%22],%2222%22:[%22true%22],%224%22:[%2201-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221338633264145077041%22}&andc=true

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:25:01 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"17615286517636152999","debug_reporting":true,"destination":"https://qonto.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10998350268"],"22":["true"],"4":["01-14"],"6":["true"]},"priority":"500","source_event_id":"1338633264145077041"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 14 Jan 2024 17:25:01 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 14 Jan 2024 17:25:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"17615286517636152999","debug_reporting":true,"destination":"https://qonto.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10998350268"],"22":["true"],"4":["01-14"],"6":["true"]},"priority":"500","source_event_id":"1338633264145077041"}&andc=true
access-control-allow-origin: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ad
googleads.g.doubleclick.net/dbm/ Frame EE6B 42 B
246 B 70ms
70ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DfUJbR73JEtSB90WVo2vsanJvLrhjjQug7m7SNngjD0mz94vCCfwPNM1VBLtq3eVaTZadGRhO-vOFsxTMj0pcW5ec4Q3_sY8vZhjS-pqdwo_aVr47-jAkXdjGPWdROv-rD9bzHfiMyFEtNt1MIa2EBU10QxGnjmtBqifHe0tsM2K6TM4Y&cry=1&dbm_d=AKAmf-C0aIk3YQM5ZkwHbkWm6j9jEdQGyO7sCHDQ89mVu2r4FIq1gbqfP_TAm5G_bbdCOEyC79odhgwdfY_SmitfuiaNhQWT8eHTQUliiaHoMh4bwvkSxjt5GwJRZpzh4e4ZBzCuthHzWa_3d7P4qleuGhdfs9MpuoAIxhQdLh1P2D_ql2WDd38WfQmP33W2DHIpwwCVi1cN3ckVSTbJhDjbq-kONfowlihTpeadZ4jxiQOTS_2PwLwHwlXOEGRyCSK0CJzgL7rHYH-2PrQ4ImXRuhunLhFZFlZbQk_e87sj1CYIilLIuwIkX1z5glia_QEqbfSI9CETFVNw0ixD1ub4Zd4UUd1CbzVbXUNrn2atC4BrR8_GiAqK2KFrMoEN2JA1xVELHxTGKMjnXk59GzNTLg-WyTa3eorPVtieJytEc20DmfKgf1p1u1WqRpvi73RMVdGDT12-RWiZmW-TFI8eBgX-wdKhBQhJXYKl4XHM-Us40OjfpwBG7bm_dUeSwQllGzCzCNUhISWXulASWxP2m-7tLbvEoVIcDb-f9QEUgoQ7ZBPQiNoQgTZm-Td4UvmZW0dv78lnth4A7xFNdvv4IjDU5B9zAY-7naFiPYnrzNullXXdxFz6W9whaTZJJ-NzRtqVhidXCMpcNryQHBLqVZ9E5ypgIe1YAIWItkWZqESuI2LlPswcdbCNewwNp1VkgGia-RyJjub4xk5jcUsz2xEPG9maizZPbooAx65V59XCYG27AjCMy8OmX5Dfnt0W3NIkWlPdMzgHLPsyD7To_791mLoU4kZupu280nIj7fDMDCHLW8qKXzhMo688TesQVLOuEPGV0_1Xhh4-YioNnfWEHCGZY1vaR0ftJ8YdJYGopPS_s253529u5HuSG5PFbt9AZ6X1MZzcMncml5sZlquy2v-4-KjMa99EOnfPyyQMxH0PXY3dVlJQ7PYfS_3rHQTBUgeflAOXmxZTXnRtGY1ufeOAicAahjk8Tw5qfwh6n7LfZLaMxO86fCrYvhorAcMKNV862giMxmo4YuGIjCHWgmqJi-Cm7FvH39JceP-9J4dLa1RiXx0VSEqpYm4ymjrqYcDnYBxXIwATh8Op67OjGyTQAlRDeJJDdaefxsXRUaA4RuOEp5KFoMG7_n7x5D-gIY9xa9kCcejnGlTw0sZfGCy5Yv1mv7DkkMpY7bQysz9SLnHTakP1og1yvR1iTP7b6rJXOMv1IJ3puEZwOOXUVn1o_OGmfPs_NCVCAIy1kkxc73NTIvtGEwtu7K8snA9uDyljvdMuplQsZKhothaHVwm46dInUwdYe9SmhnbT8_NK4oS9vkGv4N4Ul-yOPy4LnTBcpl5mKht2jyXAfKXGqpS0g_YXzgHkmsRj0_QxyhpYLVD32RTUI9cNGK-gjWjouhXi6g2ET5qIxTWKY6M4b_zuW4BQBO2yebz4pWh82e4w7DxEuyPQaBcyJHdt0WD-SvHHEfR-yadD-EdG45r2XejaIpJvJQ0zi2jcx8t9QWmUpXrLfga5HyEjDSbOo91Fz-R8CdWLgo3RZ5fdwCmJqLkYEqQU-QUGhThxe_GdaB4hYgqdCR9ivaOFiztrL-5kP9MWv3Bosy14YABVSEzP9Ay3nm7-MXtnG40yLO4cZH5haW-SkHez0rM5G2n84xea5L5P2bryxEaSr-xeRl4vIThCoaX3BTvJDsKqZCC6VN5ku4m-sRM2YMN3SictaB_Nav8CECc-HH4NWwPeIAwUR3xUeSoG5Iru9mRS4LudgihCDYbiObNBUEa8O2F5OgIDNXOmJ-UtAWwtcdv2t0kx7ZEDewHbrOi1u1zlJlNaVVUvLPziGaAse-9BGRZ4yDnddB3oVxrGDF9CejOLqEW8dF6zyX1CnKiRrQJdNuty6zfHT4E99d80KraeywEYHRVq6hW_3qkxR4wfZaS9b2Pj4IOflnUt32i4fVccLbHX54aw71mdfVO-bMEPQrQ3e8QdWyHaw_dSJmkdxnhfHDPmi4uqVF0_nXOvhortCngQRcOJpGCsPFl6pqiwOIgIteOQRHiS85MHClsG1BoxHTF7AcJmhKAWbphWXeUtG0oylKPKLS0Ro_DxgmrNrHyfMCcUCZCHvw92U1cGBuLCUP8zYeeJW_L_HcVzFnuRpuF-wXEyhkxM7eCAaOTkz50TvrbJuSjw9XHCG_2oSetyJAdhKRtHklWicWwSWd6Wxt_aeZc2KPKTYjkziPUngOj3aCbbflxdWD7dBPYBOTOzQWpfYJdErSDbZMlA5OE2zJ9sU-D05dcPgBVIYuvWcLEqXJcaUQbGAdsBpUmnR0ppLJ-92w3qZ8VcFsEywzd6ddQyWq0NzSrT6n4I99_y1hVNav684hbMQZypRyRkte3uTvLx8mkBuqy1GJtUjnHUhU3NrCySAyFVzNfmRSTjf4UzUQrLh-pVEdnJiBKp7gISZRJNgvJWqEQRhcAGf8AI69U9-_Ul4e8ORl1VRt3a-2bFDqbmFDa0V9C39QAaihO1MxGjj4R_ivzlRj7f5AiZyGy6DjoEyFg6th3QESpuNSe-GWicjwp_PsHe3J8HZRiDMbjBN0kEd70FAvS3GXH9Mzxnw6z6yatb1fadtBRMcC2cqa57PNLl6JWssWsiKyUecZgpl3pZ5r0mCCQ1Mpg5AcvNwv4IoZOp6P2s-dTis0QZ_BSyWXMYV-TzH6mrKAnGK6rzUfW2H7hObZ1vqDg_TgPRtJPtkL6O-44TbT9vMxVDnnCG4hs8lYS8_WXRlhlglPb3CbYC70TMJu3s9xPw50huycU_ZIrBJPd4CP9lrJ5kciFtUkV3e7j3wPIkpVViKfUb7OPdc0PbMZi-wPacTcGDBUIFN6wmpvuYA9CzqnF36jKZKjB_6Lq3E7mOm_rNegfwt2h84yr1LF0pmkjqpq0LcFoxFnr1EAP2TuQy_bf7t6oanFCohOqBIx1UJMEYR5hSuc3-dYK6GF-gracAPKEbpKkj9Fv3KiMkXvTYgVXIYefmZvHVGrAmThb98-1oKUAerb2UgS1zKn6F6omEjt4aiYlRjvrT7hLMFGtVfj2UcZeI56uZogJsjoZ28rw2WiNqkP0RU0rOpowhRSC6kmtxAZyVOdtUflUPwpTDGbyqXdueO2_FjLBxsdH8u1xPH110AjryW8kczifbq-xlo1OcPdsbboEQFuM1N1ueYkMZZM93Ge-hC9MGU9eOxy_m0_e3oPiiiCj5i5jvsJTyh-1SJJyOWBzx1G4UVI9j-zqB1tQHdtPD9nAqZfhIgvdg8yFQGsIEabE3U5i3oVZTsJjkVk0cmaIIlUJ2Ex9Sfibi9Fs3d8rEIe3BB0mDTmnL2xYuFdX1ZjnJ_ti52xl4rggkLfBTMR-TZPS2JaqGBLrzGIv1nn1haBB5KkrlBcPwVJi7t4zLV1H84i7wR-aRiRZ6T4FTbbu8sd7NUq3EHCEqFzfU3zbgTVcr26_6nqxIJLujgRyTWnILAt_giaVTTMV4P68RjlovvViNfG--7CT7fiOWbbhFPKGVrCs7tswDTU2Bnlzyf4mU3aluQcc-q8hG-hRcFasxrgMKrYHf0hzJm-4tQFcBE9AN6BoJZFqhZtv85-q_u3e0TM27fmsYkS-qB9VlLS12vxvEpgwOatxCmAWgHQU-sIi-mqd0o4EXHNqwrsRYJ14A0Skp1DvsGS6OsU3aZ7EOoUWx2lZJjz3vRs7pzjJM6PjcV3WQcmOliSIGQ6RoUdzZEJ6g8uDfTPyB1k1W3acjTff8nmbFoxqjfnFGKttTFmXYFGjoNKsinauA8NLSP5l-EKDkDB45gHINPCDotJeru6RhsmQnDnh6BATKVDlrvRE0cFDhDGCiKkgONR1DFWTRXNBPFzBQncWq_ndSxH9vLF_lVY2gW3X5o8F5Ga6SBd0YbHU86R9iOBSJ_NWCkdQBjGmRgTcYIb8NN5pW_-1hQJefVeBZWnC8h2EB_LGTnqaWBvhmENJOZGz2TgAzazUQqNuPii80DvTslilgEnUk6yFUB9c62V2cWHSTMFWPyAqn3_BhnxfeIPG9sfTuWb3xE797tDPiVBDXDWOuMkOtrMSmxNOrlLpuwQcWk0WDqz7jzJCx2sDax6gU6Gum2Vj1RfhJjJ2PGYvV81NDmygfwjxFeYNLzXm2RX2Ctlw3&cid=CAQSTgAvHhf_ea8M1wVteD6uEh3FwdNgStiUG1MybmiZn6jrdzIpjo3EzW0y_sqfUF5sVzxkcR20a4V75j_mancRUyvkIqZaFkgCMb5eRjSPEhgB&dc_exteid=31456367527324336256901289606033334&dc_pubid=4&cbvp=2

Requested by

Host: 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
URL: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame A3C7 41 KB
14 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DIcU_YK04GmuC6TLn8UNhozudIUV_kgcYKvakfiE6L9zbPf3_pNtArOVbGpjfm4rGWtr7NLx_JEguwpPMX-aO1lb5UF4HJVLYh-9-JK-8hGOM6hCiZjXNUdtd-yHSp_gFUVDUfon-Q97YvvECQq3YQvelxhNI-UprUefPreAKmrhevrH4&cry=1&dbm_d=AKAmf-CWQHjvQRzi6ex1jsR9MomBcZel1z6ufQkbDCtnvj4zK4xcwhOC-ADt6eHr8yLkOn_RGslXXmdZH-a6QS_t5pt4YRF3cbWX27Zq1ed8R5OmsKi8d2DccIyeu_7ViF-jN8VqvRhp3INOr4McNnw_byrkTKVIthvNU4dXxGNNP-sejU2afQWuvE2IkdJ67HEU6776LAuIWJ6C44ebYc4ymiJ7tx8ncTlQRO1UDHpzVVoHuQBTzJ0Rln64vcfT0C2GcPtc2QCAlKPvPrRl39EtzmQrZi-ur_UAK_4Pfi0Z0fOT_xFPOxgWp2Q25J_sIEitCe8o3aSi6brqWivl0lTHuL0Ku7Ahs5uVkotgJf_120VPbYQepKhjk-t93kosKR80pcMe29aL_JlKOUySZxPbxo7UYShBJR-q4i77z9zlHTIQj3MYrHUL2SxAXEump2BXHBVkAu24hdWeEOM88PIekGOWCmUDHkGx2S_De15rB8jLwSnEaZ1WpoySGKWDYOdXUVdH8-_p9HTTYuAJRTAeHJ4_Jrk0PQd6SyO7GfZ7KY4BVHmqLCfmOOyLau8AD9rby-iGlDl8hIIERY2vuzI4mYrmPIISpqWdDsVA-6Xx2Qo0mKkVIu2BzLVu1vFvcTxf23I7SW3iry4NYW1hd661y9uY77fEcHpfWgQrYnwc0a1yivstEdUyyX54OF1UMf1F29q00nrAd7BeAwwR4q5aZddYdqdV-StRdZMqbSFCsz22nuS4mFYuWB8Kdd7eOJ0EIaAZ0NIvpU-2SEn8uTe3lnHAOArIjI33jT0RKARxMhmm12t08UErIZ3hwoH1dpQSmLNuidV17NhSYxNtDG-MTOhIp47wxdMPLdGQYsaaauFaTE4Ye6FvYTLD0FyuHe2SaKzXXg9Zbzr6U-vZtInmhj9W2omIaPiDn2fPcT-LlVQghnu9DEFDSjeDzkJrkAwwO3oWNdN2DCrEyd1vAj7eT-6BpHgvpFdD-YBHtiekKnCypVdBPu0sI03rUOh7o9FvmCNqhyZRmuDtaKwzIFvl6dqyobkMLsS9YGyFlVWMThzNmj10xSZXXa0QEQlqM8TQN1FWosBVnC_8VUpRtW4Cw4JGjZeenrnRzNDBcrn5r8tgFKhh8eX0PDKKcdYbQndqd2MD41G9U4CR1uLne0_vDJYfihTFd7YsGxbt7EnTT5OTdW55ED3bqBJzMOAm13ed4Lq0duNNn6HILB4ttR1-ujmtpieIuywBkuWtdhjcgsCi5A2qiC_N3b-spg8X_3Y9WB0zRVKMXYY3hGfrvFwEEECVZz1aVFQuHCjBZibWq-VWsZATJcZvu5bR2K3sB6T6tA4ZfDTWnlXTuzWpFXga471wSoh-MXaCNifgloiyvfGN4DDm6FU3IYO45ULOEU2BxCaAcyLLsFXF_QXRjxVzdr3v4ZEp6h0CvDvedK71vtx9qs7q0J7ACS9S0L3XxkSD5Uxuli9MMRLQu-MyWcK9IvhiEUiSETQYKm85BLmFr3xC-mgoFfb5Vnc3hp0sB3Wjh4Gv0eqGDYW75Lj_1tOzSXYUbd7iRGrBpkc9V9XoaaFt5FCE7XCmRfO2loNOL9jj6yGwb16-nRFFVtSKyQf02FxiSIXauDIIt_CxGGNzo2-J21DkqPL-X0osZaRVverY61MrKD2OmP1edyfwpF06WHxkNriWQ_Ug1DMRQCcqPa7K_SRCN_X5TfAyYVp4vmxEflqC7GDsYbMeQv0QfFHeGSXNyUw-wFIr3HiocwBXkefMvCfdqiw2qpBo230XhF3BUV3H6cZE-iY1i6Dk85cpArYyvQl2uE38rSmXRm4ievrAxxOe9_WgeND3dXQEMjTygRmG3pITadWUf7fwAL8t_7EoAZSCiku7L1dG1BF-ZDTbl87DS9S9pLxyVf8tyvheqyWRjy87t4uLGEFnYw6-BrvuvJG0pRJipjnp1k00uNzMlajGToc_vlyqNnyovJV05iWuGOsefqsZ0CZOtzV5ciqLb8df0rdFjKWmTq9orOTYtWE7edv-_kRHbEMi5HqvIrJ2rIFy0BuBj_gMJ78-jM7fL8aK4BVRq1mhG9BU5Nsv_5nC75BPLLwbwfI9h1mj-K-fvD9fk_cVkBmG2n54C32wMjoqTgT5UxiEaIGTLVaIK2KCV1mAGbYjRVlLmiV0e9Z11boeN6afzh8oC8Z5tzQAsoBu-N4CD3UqLMbWdVftvHy86yRtiGKZkLvnCufI_X-tglV_Qq2LJOUsQFK3Umj7tQQDBDOLVNk_gH7Xn281511sKz4UemY98-6sR3lfPOAdZHi6jOgXKhX0wXIIIm9BfLvjvrEJ3CHYGB0A4L6bpjYqzSBQlMInmek1PuZbsiwc031JpbwqilmE8bb9VEY_h61AHLTmcDPC5f1Z6CoUgVXDjehOXq5RpKMCWixGZwNhBzwRA1AJcxms4jUIlvj-cpdAx0I8kS9T-eVCHxeNT14rbSSaz-3vB9V9tvhZyZeF7SLGcuBfwjyh2OngRy7L7bFZIUCHxVqHUnIjRsVFydOLgi1415Vg8sWQrJvBx284rMeK43lbtg-6v6jMBu5WXKcM4z8ZK1T41YrpnBHCJx4sZr0lW9QUjB5cW79cKjx8SxtpJabpG5Mz7wUS5-bXR8KGkS12cbtk8OQer6A4J3jFa6zVxdCn06qy9y9v0wdU-4zRLte7reM2Lr_gbuXdaE5HT-tWiAnR9nK0iiLfEUMzSIUNU1Iaqbfl4XXwYj-p96ARD_GL-MkgorjQma6PEt6Hap4BLdl-sPizYGJD4ZI_oovvsNtXN7yMnyJuC9JeNVMzpTK8Kgs3HK75ycsA3KbTwaIy8h4o9cGWDOqp8hvSubh8xYriJT-Gbn9daUA75CTLK2i0UgrDVmRXm52Im6KMaV8kwFduhWKKd5ftyRnmrKIcU64D1CgbfcWSTKM1fU1sVGThghqaJ5ToPX104Dt2LxtLdK-ZhfjM8jHGp0Q4nnBmDYRoKXH5tAHr1fbF7nl0ApMZTwbapeoO1kjV5CuiQXp8GhaNxtuWDdx5JHwI-Z9s_icnfyk5kUKD3Qmy8b5mDMAJBE9-eLDGSM44rnP0COYTxg6PLgNlf80JlAG_LEvuKShpEffmWpB-oJnZtfDDfnlCNfLkhThCm5zobKI_KTDgb_5NlkAHffkocQGVD_QDr2WkXRI81tnKS-1GKgOB_qf5klZnMwEsoiUh0k4sAUmSuDyxT_ZAPo7KMvHv46-t34MIkcSW8aGZ6568NV0zl8SXTbXr4ueGEGMgOwSme-WWMkzawHzuXrIyY0eenhqxIsiSShL6XHD7KfBFWsWKO83K7LyKkhFCLophNLw_UOgKJZGfb8iG2SEa0wXFWDteSKpeiIdbjiJtvl-McoEJNqoe9U337rOuoa0eStZjxEOlOhr8tBgH2xZwRErAFxpAUOUhsut1NXjjkiaLdP5g2h4hGFqcXX2__7kpfpOUy2_IG88IxGwO0aEuWe4X57_MmIF6CmpJB3VHjl6m2htBk7tdbtsSsynuPpVMwjekzYqDT0c-9ieNI9S2vVAMSjFPdq5WDJEwG5vjDrq1TxxizuxesE-jivVy9LTlnWEBFewd5vIQhc7Y8P7I0dscVO-0Lk_2zOBHszNt4xF9wyteqSJEp-Z9QXimKmHPwOxtmkGpG1BmoWbs5dxOzi28r0sXvlJzvwHGWZh9S7OZHiYCbtzvCQKRS9iPUvhl0yXi_d3ffFTYdLkgXprczy6dBC6mDyYotep1ag_9VaJ2X2josj3uMInk0VTjUfV8GE8FjSqJ23bqi-eZfoA0Koge_c_4WU26fsXvfcw53vUzqLfC1pAQXmsJ7OrZGFu3pFxa3oSWUkaqxdaEN_ni5hCUWBaQ5SBHSJfNw_0NZzkay-aKosnLuadYVlXJPDzC3X_roA&cid=CAQSTwAvHhf_TKIKGBaHa3koNos5_w3Ae3zA_4ELGqI0GnpRh_lS_8JfbS5vmC7yxdK1Z9pTge7mgqAyK--4RwF7lAH351hliIbS0cYpTn-jpO0YAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Feasyworldbusiness.com%2F&ds=l&xdt=1&iif=1&cor=8071830253011320000&adk=2857193499&idt=144&cac=0&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 20:07:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 163033
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jan 2025 20:07:48 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTI1MzEwMTAzNjQ3NwogIHNlcnZlcl9pcDogMTM0MDU1ODgxCiAgcHJvY2Vzc19pZDogMjI2NTQ3MjkxNwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame A3C7 0
597 B 79ms
78ms Image
image/png 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTI1MzEwMTAzNjQ3NwogIHNlcnZlcl9pcDogMTM0MDU1ODgxCiAgcHJvY2Vzc19pZDogMjI2NTQ3MjkxNwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAyOTcxNjg0Mjg0OTg5NzU4Njk3CmRlYnVnX2tleTogMTc5OTc4OTQ5OTk3ODg2ODc4ODcKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTAxLTE0IgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTE4Njg5NDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMzIyNTk3NDEKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDg3ODI0MzY5NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNjY2MDE0MjA2MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQxNjIxMjMyMAogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMS5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4yLmNvbSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo

Requested by

Host: 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
URL: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:01 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x7f040b701c997fe50000000000000000","13":"0x6374d69432606a380000000000000000","14":"0xb470e25e877960bb0000000000000000","15":"0xa51e29ccc2eaf9e80000000000000000"},"debug_key":"17997894999788687887","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"2971684284989758697"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK wmoiqux43uzw Show response
hal9000.redintelligence.net/zone/ Frame A3C7 12 KB
4 KB 132ms
40ms Script
text/html 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/wmoiqux43uzw?subid=&gdpr=&gdpr_consent=&rnd=1705253100288861&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-NRM7BikZd3QEfnn1PIPnYCZyAWm5b2gab2TnKfJD_AuEAEgsZPteWCV-vCBjAfIAQmpApxeTIt2X7I-qAMByAObBKoEgQJP0CMxpf7TEU6fHuQ6XrbnYPf0sJ6Dn1a1Y9GgSAvoo99V_DEeuUvr6Bo-HcAesptHFzGJMBmIDzXKyUNGcb9tV6PcnXeJgFf_4YyBLesGNC-ZZCm8rhbszQe2BMC3aapn_9r8stLsK69gO313iBAvIKXU1XHEDa3eL6-KM_JpoptMJov3J8Z9d1vZtRY-or7ZFwyXSprMFqe3pQf4sy2Mdgk3QeL-QUkUvMGC-RkaaxTwyuPRYvIhIojK_okDVIbAelIrHnATtCie1iVeHAsBzlgh1JvUW_UM2rhUnABaIpRkPyQPeAFNzXNqU38AW0b2qCFAhsmBq3RCZIpE27C6scAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliA2Kzqst2DA4AKA5gLAcgLAYAMAaIMCCoGCgSsurECqg0CREXiDRMI3P-s6rLdgwMV-TNVCB0dQAZZsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_TKIKGBaHa3koNos5_w3Ae3zA_4ELGqI0GnpRh_lS_8JfbS5vmC7yxdK1Z9pTge7mgqAyK--4RwF7lAH351hliIbS0cYpTn-jpO0YAQ%26sig%3DAOD64_20UV_Wy6iIgE1sLV4PZX74BepPTQ%26client%3Dca-pub-2205121062140812%26dbm_c%3DAKAmf-CaaYTWt4aP1hPnTLnp-NN2n3OK1zPM1B2Q_xcdFIhYm5KobByXmyh45LGiGUnYT6R38OfyIKok9pPjT1SimPAGCtfc2Ke6jaEgh9WqfTN8Wf3KjuCoQukSXmY1lYg4_YqBIFY8qAbuaLvdLpV63qNrQukOj5xU2LVLVVqVeDKk29x50AQ%26cry%3D1%26dbm_d%3DAKAmf-AWzTl4NluUKgnt0HmjEzYNdZff-Y6Z_wU9CAsr2tr2vDz35Wl33ChGAavPq3Ltbyyz2hDEaqtgdlON0OCWuiGgw1Ce2MwhJQ4x0tW_e0dFph7efJBkVtCeecGzQTn4rHvEI6ckJ5rsxsSrWJ7JAcusdX6h7OFkDOk8OqjJBPMEeWxvMODcZKis5VemxUlyRIHvAKZkvP-Rm9fpzEIoXFQzTkf8J8-rL2FO_V1QknkFQTjWylw_VB9MqrPEG75k50zeRo7NXZKCjlZ3a46-d_yzsV73sLYqQ23DI7b3wGmwRlOqWTNvV38YVN2ogdWEjji0xx4aIOeegYOtRbX7tYiQUliZ6mN013On4iJdC_GxjohuYMHa6oLMbbASb3pIdwC7KcvYVv2CG6h9uJo_pNU9861wU0Ub6dTR3DyfshdW6UzCkW-0vCYOeeOIktyDnyzagITqPF8hLnkvwmNUiD3aDfBH1Z2RHJoQdhUYKMyNaXTgTvNHKUnEklWLDSpi53BTTey6cOsfpvJdYMYyFnhCS7H3InxLwI69X6Coyj1ujqUDNWjbmZyWPAZQbXu2cjVioflO%26adurl%3D
Requested by: Host: 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
URL: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: dfe6f769a0eabea200aafbf6c59eccf896ae6af1b047186baf24986e750511cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 17:25:01 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4227
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 145D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

51ms
51ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
URL: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jan 2024 17:25:01 GMT
expires: Sun, 14 Jan 2024 17:25:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jan 2024 17:25:01 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A8D3 0
20 B 77ms
77ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BLNDA7BikZaWVEqmA_NUPuYuFoAIAAAAAOAHgBAI&bg=!U1ClUB_NAAaumcC-jpk7ADQBe5WfOCWBm9sY6jnbsJxi95PalqP81QzenxqZcJnTFzWDvVWgh5TykeI9d0ZRVwBnuNdIAgAAADdSAAAAAWgBBwoAVg-pqAug6NRSoHI6mpCPIrrCd7JwsZ2J7dickdvO4tVsnXOH8QXsijSOzLrdPclc-oA1DcTEur7Tgnl3vxWssPKB48PBqjFMamAkEsmr78ohMnQ3RD4amQMbV4ohgbLktYLLzYpYhKL3RH-pMEMS0EyNgMSAyJTMybvUzDIot0pvhkJeztBgU-AtLps0V2gTd8h5GaEjnkVRSAdUBs-Iy1JU7hV6dJPeM_R9Y8__8I86qi-3qcyM9lgV3u3G8QLafGTjpJGcpoeQVck_097yhYUjbNY4WSH3XKfv5BhaodiPeVduWm-v7igxZ2AomoG0cmhafbZk8WslxdAyO9AzksZQtptVNSOtLS0l4_GdgS8GWfz3eUXOL0RzOuC0eG3Tfz6RsGv8O5G46wUDOyUDx_Ui1vGPVCOlie0XDRH-ljDXOTCGctqFtetnaQozOI2P2maA2jZUwFnQgZ0XfTmSJ-zS8THHrXwiQNtnBRiegKRJH8HCrSTPP-dYVGr06EbUTx2LkH4SzPAzFWEY9pEA900oZZGrKv4Y4Yksi0w_XNtEnrEOmgwURYa7zhHwX6WuYjBkHbE3sw5jzwzcwJ4D9X3gb4ryjTIVvIY3MSfiIdboyvuXd67fqNkq9Kokfc4EcZSs5lfZF1pkNvdgE_X3j09m93ynOFWxBjoRpEQreQQLeq5Mg7c5uDOap2cjW62Y7gACqAmVCrG16mC7nZsJUSxM64dQn9JEJyI2de9bePVdsR2JgmU1kZORKLVCyLAZcTQx7vIIzdQqNWzI1HFjFGXWaWyAisRIuOdRPyXAyZknZb5qXnfK7545nJto8vUvW7gsczKqTwTI6wFR2qdyRIrdxYi0XgoNm7YpvAaNENlpmOFRYfU9z83CzZvWQXjB-88BK0tDo_w_qrdCaCqso_khc8GwoMlDffqFBIqsbFfnmoD_-GS29foUxb697EiWmORy70LUd8t0kzv4I6o0baGXlQRwNCwHc4P7C5tm21FqOvub5UMVnsaI08D15_g671m8Is541JC9sqagTtqgl24GSCDQ7gLMwmwmFaiz51vMKN2zt9LnaHdjAsWxtv_n56Fj7tuoo6i7nlFjN6q9iVZ10NovYiLZE2txUgXtbzDQsG5kTaH4fqHs3cQ4G0y-g4F9ICZK_uc8_CC0JZlZjtdmzezu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 9759 38 KB
13 KB 39ms
39ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 148451
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 00:10:50 GMT
expires: Sun, 12 Jan 2025 00:10:50 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 9759 50 KB
19 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ac0ecb01606518537c10e2ffcd6da83873f33986d2071ad676b5836608f4534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:57:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 131260
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19695
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 04:57:21 GMT

GET
H3 200 container.html Show response
9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7495 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://easyworldbusiness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jan 2024 17:25:00 GMT
expires: Mon, 13 Jan 2025 17:25:00 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

request.php Show response
hal90006.redintelligence.net/ Frame A3C7
Redirect Chain

https://hal90006.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=ea9a6cba34&subid=&uid=a57899c26314a5d7&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90006.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=ea9a6cba34&subid=&uid=a57899c26314a5d7&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

4 KB
2 KB

332ms
118ms

Script
application/x-javascript

138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90006.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=ea9a6cba34&subid=&uid=a57899c26314a5d7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-NRM7BikZd3QEfnn1PIPnYCZyAWm5b2gab2TnKfJD_AuEAEgsZPteWCV-vCBjAfIAQmpApxeTIt2X7I-qAMByAObBKoEgQJP0CMxpf7TEU6fHuQ6XrbnYPf0sJ6Dn1a1Y9GgSAvoo99V_DEeuUvr6Bo-HcAesptHFzGJMBmIDzXKyUNGcb9tV6PcnXeJgFf_4YyBLesGNC-ZZCm8rhbszQe2BMC3aapn_9r8stLsK69gO313iBAvIKXU1XHEDa3eL6-KM_JpoptMJov3J8Z9d1vZtRY-or7ZFwyXSprMFqe3pQf4sy2Mdgk3QeL-QUkUvMGC-RkaaxTwyuPRYvIhIojK_okDVIbAelIrHnATtCie1iVeHAsBzlgh1JvUW_UM2rhUnABaIpRkPyQPeAFNzXNqU38AW0b2qCFAhsmBq3RCZIpE27C6scAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliA2Kzqst2DA4AKA5gLAcgLAYAMAaIMCCoGCgSsurECqg0CREXiDRMI3P-s6rLdgwMV-TNVCB0dQAZZsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_TKIKGBaHa3koNos5_w3Ae3zA_4ELGqI0GnpRh_lS_8JfbS5vmC7yxdK1Z9pTge7mgqAyK--4RwF7lAH351hliIbS0cYpTn-jpO0YAQ%26sig%3DAOD64_20UV_Wy6iIgE1sLV4PZX74BepPTQ%26client%3Dca-pub-2205121062140812%26dbm_c%3DAKAmf-CaaYTWt4aP1hPnTLnp-NN2n3OK1zPM1B2Q_xcdFIhYm5KobByXmyh45LGiGUnYT6R38OfyIKok9pPjT1SimPAGCtfc2Ke6jaEgh9WqfTN8Wf3KjuCoQukSXmY1lYg4_YqBIFY8qAbuaLvdLpV63qNrQukOj5xU2LVLVVqVeDKk29x50AQ%26cry%3D1%26dbm_d%3DAKAmf-AWzTl4NluUKgnt0HmjEzYNdZff-Y6Z_wU9CAsr2tr2vDz35Wl33ChGAavPq3Ltbyyz2hDEaqtgdlON0OCWuiGgw1Ce2MwhJQ4x0tW_e0dFph7efJBkVtCeecGzQTn4rHvEI6ckJ5rsxsSrWJ7JAcusdX6h7OFkDOk8OqjJBPMEeWxvMODcZKis5VemxUlyRIHvAKZkvP-Rm9fpzEIoXFQzTkf8J8-rL2FO_V1QknkFQTjWylw_VB9MqrPEG75k50zeRo7NXZKCjlZ3a46-d_yzsV73sLYqQ23DI7b3wGmwRlOqWTNvV38YVN2ogdWEjji0xx4aIOeegYOtRbX7tYiQUliZ6mN013On4iJdC_GxjohuYMHa6oLMbbASb3pIdwC7KcvYVv2CG6h9uJo_pNU9861wU0Ub6dTR3DyfshdW6UzCkW-0vCYOeeOIktyDnyzagITqPF8hLnkvwmNUiD3aDfBH1Z2RHJoQdhUYKMyNaXTgTvNHKUnEklWLDSpi53BTTey6cOsfpvJdYMYyFnhCS7H3InxLwI69X6Coyj1ujqUDNWjbmZyWPAZQbXu2cjVioflO%26adurl%3D&documentReferer=https%3A%2F%2Feasyworldbusiness.com%2F&ancestorOrigins=https%3A%2F%2Feasyworldbusiness.com&random=7489907850768&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
URL: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 138.201.63.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 4cb078720f981b22937888d562b2ff6d55345e0c3be59481153c7a52e687904d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Jan 2024 17:25:01 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 14080000121236604444994012569006
Connection: close
Content-Length: 1339
Expires: Sun, 14 Jan 2024 17:25:01 +0100

Redirect headers

Pragma: no-cache
Date: Sun, 14 Jan 2024 17:25:01 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=ea9a6cba34&subid=&uid=a57899c26314a5d7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-NRM7BikZd3QEfnn1PIPnYCZyAWm5b2gab2TnKfJD_AuEAEgsZPteWCV-vCBjAfIAQmpApxeTIt2X7I-qAMByAObBKoEgQJP0CMxpf7TEU6fHuQ6XrbnYPf0sJ6Dn1a1Y9GgSAvoo99V_DEeuUvr6Bo-HcAesptHFzGJMBmIDzXKyUNGcb9tV6PcnXeJgFf_4YyBLesGNC-ZZCm8rhbszQe2BMC3aapn_9r8stLsK69gO313iBAvIKXU1XHEDa3eL6-KM_JpoptMJov3J8Z9d1vZtRY-or7ZFwyXSprMFqe3pQf4sy2Mdgk3QeL-QUkUvMGC-RkaaxTwyuPRYvIhIojK_okDVIbAelIrHnATtCie1iVeHAsBzlgh1JvUW_UM2rhUnABaIpRkPyQPeAFNzXNqU38AW0b2qCFAhsmBq3RCZIpE27C6scAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliA2Kzqst2DA4AKA5gLAcgLAYAMAaIMCCoGCgSsurECqg0CREXiDRMI3P-s6rLdgwMV-TNVCB0dQAZZsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_TKIKGBaHa3koNos5_w3Ae3zA_4ELGqI0GnpRh_lS_8JfbS5vmC7yxdK1Z9pTge7mgqAyK--4RwF7lAH351hliIbS0cYpTn-jpO0YAQ%26sig%3DAOD64_20UV_Wy6iIgE1sLV4PZX74BepPTQ%26client%3Dca-pub-2205121062140812%26dbm_c%3DAKAmf-CaaYTWt4aP1hPnTLnp-NN2n3OK1zPM1B2Q_xcdFIhYm5KobByXmyh45LGiGUnYT6R38OfyIKok9pPjT1SimPAGCtfc2Ke6jaEgh9WqfTN8Wf3KjuCoQukSXmY1lYg4_YqBIFY8qAbuaLvdLpV63qNrQukOj5xU2LVLVVqVeDKk29x50AQ%26cry%3D1%26dbm_d%3DAKAmf-AWzTl4NluUKgnt0HmjEzYNdZff-Y6Z_wU9CAsr2tr2vDz35Wl33ChGAavPq3Ltbyyz2hDEaqtgdlON0OCWuiGgw1Ce2MwhJQ4x0tW_e0dFph7efJBkVtCeecGzQTn4rHvEI6ckJ5rsxsSrWJ7JAcusdX6h7OFkDOk8OqjJBPMEeWxvMODcZKis5VemxUlyRIHvAKZkvP-Rm9fpzEIoXFQzTkf8J8-rL2FO_V1QknkFQTjWylw_VB9MqrPEG75k50zeRo7NXZKCjlZ3a46-d_yzsV73sLYqQ23DI7b3wGmwRlOqWTNvV38YVN2ogdWEjji0xx4aIOeegYOtRbX7tYiQUliZ6mN013On4iJdC_GxjohuYMHa6oLMbbASb3pIdwC7KcvYVv2CG6h9uJo_pNU9861wU0Ub6dTR3DyfshdW6UzCkW-0vCYOeeOIktyDnyzagITqPF8hLnkvwmNUiD3aDfBH1Z2RHJoQdhUYKMyNaXTgTvNHKUnEklWLDSpi53BTTey6cOsfpvJdYMYyFnhCS7H3InxLwI69X6Coyj1ujqUDNWjbmZyWPAZQbXu2cjVioflO%26adurl%3D&documentReferer=https%3A%2F%2Feasyworldbusiness.com%2F&ancestorOrigins=https%3A%2F%2Feasyworldbusiness.com&random=7489907850768&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Sun, 14 Jan 2024 17:25:01 +0100

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BB7B 624 B
245 B 83ms
83ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvmmQEQr6mt1gUYrOf8gAIwAQ&v=APEucNXbxbD2gvt_G6tLO6IT6L87WfQJIDvq55HyszaHWEXLMGHG7dx9V-hHAtFD2DcbDLwfl4_HbW1Dr0w0Q3LRDGG0apPh198TqXSVg_1ejRDl_fdkP1YIH2fhzqKcb3aybA7a5OWMggZ6dGRrUfsvF_DrTHiQS_j6Y5NyrcJBG6dLKihhn2D1rd5HDCvat4z014re2K3SLFG8lKqLSJRcBEQ0Zzs5gQ

Requested by

Host: 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
URL: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jan 2024 17:25:01 GMT
expires: Sun, 14 Jan 2024 17:25:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7495 89 KB
31 KB 117ms
117ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
URL: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 14 Jan 2024 17:25:01 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7495 42 B
63 B 76ms
74ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CYDDKA2CCr5LMHvF8S4sbhbHQ73WZ66rOb-FzBVzAWevwCMdZ-6OzxvhmFUO_EKfk6DhnUUPct036pCe8Kv8wLvzWEzZgyt_8F9p5ydxaaT94VK8A

Requested by

Host: 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
URL: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1928050/77879653/xbbe/creative/ Frame 7495 278 KB
82 KB 328ms
199ms Script
application/javascript 3.248.239.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1928050/77879653/xbbe/creative/adj?p=APEucNViY_k48I-4NRsDLGMNOgBDUkh-9U5HHb05ae_T1kVjTYioNiY&d=CokBAKAmf-ByUdFznO4WoxpBcuIBRghykL2fQQaLyi8zndtlplMcqnSL3--W7gx3KSGyFtfZLhGbWTfAsZKDOhJNpwOLK7QrZqYq-E2feQL8C0lSXNOpQjjXgbXDU49_MyvvmoKmLn5wsIssuzBBoowk8hQ-7fdfxmaJ5ZVfhgF3yQ1MJLGQK13lDhkS-RUAoCZ_4M6cQV9BgGUFZr98KNuG1vZ1r32n7swtNFHCpnLGQO2d2T2MPaCdyA2VoTWN5G-LjTk8sxBAQfR0zsnVuFC3om0LmMKNie8Pzqf0IsQgeKyklDam1rvRc_Qva6T7JE7rix_tmljwcBAeMRZX19uSvPGL7ih3DVT0SiajQrAn1Z9waXiVmwbrrrhBqgXAqXr3g2i1Rsg5x_OcF7UPZwmP6-qgMSmgVvQC0aWDd624833ljF-HIpgPTJEsidT1uq2_EYdDPDp0PVeMzB2-yQD7iePuxFzqqz6GTuVs4QmzNuyQJCHBWOd6fbGJscmuct_RzuBIj4-1nl1SYLBhXTltn7PHsODzSwbrZuB40pAK7YkiaKW5PlrCaX1UC-Xk3icp59G14BvXYUpsZFAuj9bV9t7ZYQrZ4mxZmGu0CDoaToerxc0We3ebY_GvmYK3AfCLjp9wAj9V97H6LVHZly-HgXVwmah9wCpgRxUQlTHmcCl-2g1Q90ie60z8zxo1hnwiCcLjkPJMlLauFtPhRTw2ILGMRVkR8qqZijDu6dBe5gNymtJ4_YrFIXd63ryz2PmBiK93zD3yjdcpc601QfspEvNepks49uZpo-8n94oC18EoRaoMwdYpDPNyVC8xplSWHimFg72KdXLZ22446JJHrYCGYoVuDRXYfwqQiTwbdGgTlvbXXYEUbro8P0Q64A8pixkTlsn4yNqEgk-F491xiVPWwMnX8dUCZyUhQsloz28qvs8DE9JyxWyXvp2pqEkCPnaZ8kn0qB4Mx_qYMglQ8RshCI9DCae2niS98qKuXWzsJ4M2AE30QOEASOoAaGOGxugsHG_84Rim9pfDJTCl_n1UQQCK7v7S5NRxr6g81eYEy0swpakUd-V_DMogmLMVJXBceVU4Lto1PXXBFUPUFMDsZ-Nqn_3i42XzTp1Sm5TpqRAyGxa4KbYLShksHV7SIteUjd6spffPd-gJMIZG-yXvkGmUjxeuAEgXsFY1JRyFzF7kUoVZBu0N_BNLmixAn18fZXqgO0_WvzdyDDDDE9jO04eWOJC-BJCZK1z9YsLoMaeIIErNI4bcOX5MldE_CH_zY_P9vxrzQNAWK5d6BNvypxrH7DGMXnQ9-2O24sLBkqMppZQzjZMwJdmoEwMaKiyVvpXxmRysMZ0LGat5_xVpv8AKEOQHLWqKTyW3irZGgykQ4NvzFf49ZKb32N-p5GfFlhk7q5GYcu4jm7zB-0YcJxSFPx4Ok3Z7_BrCas1oPLGg7UKvICGf0CK3doIQd6-Zk0vZZIS0TIYrw5Q8oscSEnEaKrshM0NF0k-LmJf34XMFkk4tm03be3u3ItTI4OkZ7u5sk5FrC5_JzNdKMp0MnuaDWaTPNgTkSmb1G9vvxlDhgmctDCvlPRY-OcQgOCZ4FSwisRD8jsh2BU9nyOpjzQSlwG5DoYigIVAGQW9ghOboTj_Pw4y0OmDJdRWvotXTDLI05szkhu_OyboAZvkugpJo3Es3vYsMYK2uSvNwH-FI_HFTWXFihbz7b3E32uuLg6iLuRvYIXMTUp1AArywNVt1uGUf8M55nHdG4JagOwdXt3NosC5UgIwN_mQkUJ7787tRw0jZXuELfDMtonoMVFoG6Kh7Fv5I5X-u5rXWlRStItlESwAD8RnNHlUHHjilj08N1GqSUsBzinprghxCn1Pkz77M9aOucDrUbfHNCeNWd8KDUuFl8GtYOkB-k1AKTZMUTpD9GBtWlDzPQ6GP0HzuZEavMtrRWtKDaTx2A6sYMi8fhbzpwWIl-81O3KmL4W7T_IA0cIJ_B7MWYKPEPCtWmtRBezXTVS6YsVdW-K9HfkycwcvFhaOocdO2EmITT1275QjE-cpLCaSJzl0xO7-8ZKY9rBV6IqJJem-12axxo_5Ro7TDtrvgJHLKKYNWH6tAsm78tz93LxD0_frp2eFT7JE8pIxjTK4kvW8tZM5WYmQeJo7EQe9HmprNQnZBjuJu24mGo8izrAADKC4_c_m60lXL-kOzFpIFVs9nS4sW4YDjQyQzYx9xKStzkaMzUcPSkzbVMdupyPHI2Xc31Bzrv0rYGJmcqZ8E66DvjbkaevRBeW0Scd-onRS4k59PBMUa6YQwQXNyVmlXL_CkoX0ZGcWLJsbMUyUfVApjjY66DRTVSm9rqQ_DUbkt7YI9juTY12NHZ-x5X_w7fjzMJ4P4ynotxzIMYsaQXosSeabvpVF0s5QotZ7jaUauttId61f7PpStECaHnmnow5i15FldrvLl_a690UoIk3hu6jJ7POlnbvfuC9EdrMq4agbfXAsg_qcZZGVOG6u515383ftB07Tj1LeKNpAyITB2dn5Btkmu3GJCbO2AlybIUqHEyh65fvrwBTdAJf8SLrUmCJidQ7n7mJ96sPjzloefvnz272Z_LbAIA-I1bLR_xV6Bx6yjLVHFlJmOfW43oo6KO7BsFIkmFjND3F8rNPHbLzG_3T10t6Fs22eV6dWtcjzp8dHRdddJZLNs1UuCdEytUHcWz5i7sVvYfE-LG92ZSyGJr0oTLNNCWEAeyd8OD8n__Fv7n5RHsHmKCjewo5YMuq1qqwl1SLsnegM8rwoUbKVbxG4K73O9aGAly4eU6EVBqfbUNZ-yCwubo_6tOVq05ewIZ0pHpdLxB7sTCb2H1kbceMbS692Sc2WcnkQyV50Ou9c_zYyOjHciUlWTf0BVBDnUTF597xT24Oejzh_WgQOQxzUb6BfPup5FCPo5ROOMLsqvAB06m0k9IiNhvYmxCuzqn5o3gDfMPsx-sV86Zi8k9MtmKETGeqaawJq1qL_OOqgGzzOtX_rEyaw382pehk1AQxHXP-S4se3VlcKkYYrt8ynm3wR0wTBxIUh6jFhvUMIxmwyCWyMtJvkCFks8sRfzkTJ_8hL8hCnIfrkAy53RB9Zm5DyT_pKyBDwPGllCrjry5ouUHdGkCH17s862-67TXbhfq6LIs_4ymTLGuILvD04vy_Endo1LbKzB3S_7LjkSTC0-HM9hczAS5IclWiao8cpL173StVXNgDlCwX8IpWizD08kl0dBm8e1KIsdZ-otKAsQohTYQ1JwiDS1seSPimBn3nPtWeNrB4Mw8kXxcO_1PRAd-YANLNVqBcFwuJFBZHMr9_91eWFhJVq3TbyPCeoMZUSky-TwLjDVnUdDXzPScPczp88db2C_vT-ioNlEppAQNx2mfIkaag2oZzCM10c_PYTiTfQO_Frg91PKbQ6y8PbyAoly1UrRguJrRexjTLUoarXfsQtsJlpWOSux9uSgPA8rd6Ic2PgcZMKJtuRdOoZy5FCJ3TpqqzRqYDH35rR7_jH9GtrAFA73mRVIVmkEL476561slPkuOuUK3ZgohLoSFHLHlZx-ZB1gxGaDzDddLc4352MRWzDqL6x_KJiah3UdQ6fF9IkwGjy5YQgNcbI8fDFFGsRU6VFRJ8q4wkiLwExfChhE6QyzN3feTWc3flPgR1_Zfj0s6paUGRSYur91ytNeZZ3VvuKsalgggOhyTGogom-s0GSNOOdPfNpxeylTv37IOiZrdf7A36UB1Wbze0COV0jLjbFg0ZNV4b_KslbEnIqkxduag01FcQu16rNepFohFLyHhVx1vdN98MYKBhoKBOqmUenfv1X7qsUhAFrSNpp556CNAZYKlOsaRd5LB3WRL4AKVhWuo-_ARHKHAkqyX-lwEuLdgB_o_ibGshTY7oceB70gQHgdGlUIBBJPAC8eF_94qhryScrdiQrZCsy2pua2pXCxmMt3x_kkfGoAuO_vMETxGztVF3tGm0Z5hlpgHreoEXaddOd4rH9DH3az4MSOCmJOsckUdyFkRhgBYAE&bundleId=&ias_dspID=3&ias_campId=1015770367&ias_pubId=pub-2205121062140812&ias_chanId=1&ias_placementId=20939788496&bidurl=easyworldbusiness.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0gVpEVGY-B_bQe5pa1Z3T11
Requested by: Host: 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
URL: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.239.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-239-255.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 81c929d0b0709e33c5bbd4c0b298f02933ae460a4cbe393fb7270eb4e1e0b550

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:01 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 7495 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
URL: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 16:19:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3919
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Jan 2024 16:19:42 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 7495 20 KB
8 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
URL: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79490
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 19:20:11 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7495 205 KB
65 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
URL: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:25:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jan 2024 17:25:01 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 343ms
74ms Preflight
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 14 Jan 2024 17:25:01 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9759 0
20 B 79ms
77ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BqXNU7RikZf2cAsmP9u8Plb-huAgAAAAAOAHgBAI&bg=!eXqlejXNAAZ1R9vHVUc7ADQBe5WfOGVn911vzvvLIv82IyBH_vRyXRr7-ufx9gra7g3PAbsYcp5QwCDvhvgIV3veRpttAgAAADJSAAAAAmgBBwoAI1ha4NQyTr03yHuv_TyfLvvg7Wi9CrZsl_Ygc6CW3Y4xBFSKmQMTnCEgoBL9lt_gH1KwKiVF-6jny4ZiWEdZ2aVmaFreb19QBHBRRBru-ywFQAyTjl_Rfel7DC8R9QrFOdomlawS-7nvXn4lhqh2B1FPgyDodvGx1cG5-Z6fe399sR1obqaWRwmDEE6qYPJQHQK2RAAt9WaubrTbZ552PpXHCIjgCXj0NJQ_FCbTq1cNA_nmnDbwRTL3LclUoyrrlvc2nwvmWbTxiL-rV87DdFWPLYEjmPrVkQR4aBXSy4R6Mt4U2V4yUo_8ifX7HxYKfyH4acONMNOX_nwnLTcxDregUn_gPyZDnmoVtTrUg4hKKCKtZWB2vwwpawcxxzJVEB8QMTQ3EwJDm-yRew77mecEUyO5YbYGsUZLgks8TId23-OJI09NeaI3l2sEYB67juDHrU_w9x4qBKFqDiPRmVvY795dHxfL8bDpz0Zhjrun5IAUVbxwsspuFmaiOZYOx30zXdJdhzFejJtzoWYYdxGmF1oMf0ZL4ZwTajPXiLAQkpE_BEcj9wlhfQiQi87FkeClYtB0jkj_4B8Q-qA406HKTsRfMoFl9XSgEMQVE7YLWwdGOQCsQfFJB6Fi6Z2JgzJFlLgiLoIEKdrndIsmdkUsYhAXum4xAjefZVakqQceYirQj4Cmm1z3ueFOpxTOk06WidIcf0Mz1R-CFyhsb-eHHqIEJbSMWmBlSVDq45TkNmzw0hVzRDzfZClAeiodN5U4bMDK1ljxFiIbscuJQvU1g6mrPhaQdPklN8Y8lIEz-09ayCEDEcQtbXN6blZFaCg4LZJXplqKk362sbv-SkfncIK8hgUxiZbr_hlJxjWkrntzcrcZ_7cY5KpymZhD4lzPTD-uJdvK4i-bAXyM992K7LFLJUSg1Y0o24igZtcOn7TR9w90z7R-dKEso21Uje5P1pWGFuUKF2xB_QY9HIBPC0UMGOq1wmWKX5VDEYC0TZcy2tymEhMD6blZLql5LhMUhQQofyfxJZ2YNoRM30z-xvAogp5ABhqvcLEtgs9SuAJAS9oMIGuHKdplMaCu3x1qCA6ZryZV4w

Requested by

Host: 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
URL: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame BB7B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOjYDO4lGi-1EZjHPxflQGk&google_cver=1

43 B
738 B

201ms
201ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOjYDO4lGi-1EZjHPxflQGk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvmmQEQr6mt1gUYrOf8gAIwAQ&v=APEucNXbxbD2gvt_G6tLO6IT6L87WfQJIDvq55HyszaHWEXLMGHG7dx9V-hHAtFD2DcbDLwfl4_HbW1Dr0w0Q3LRDGG0apPh198TqXSVg_1ejRDl_fdkP1YIH2fhzqKcb3aybA7a5OWMggZ6dGRrUfsvF_DrTHiQS_j6Y5NyrcJBG6dLKihhn2D1rd5HDCvat4z014re2K3SLFG8lKqLSJRcBEQ0Zzs5gQ
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QEOSxCtWKQc9lbZN3CJK9W%2FXUzjoOj0ZRPhNTOFfP%2B64ZX8W99nSxNMclHguLLq%2FP%2FmqL6FKbppItNv7hOazecm6uhxBqwm2ezsckCjri24I%2FUOX3%2Bp0YYZez3S1Lo7RyADoc8yEu6M6jg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8457936ca96d58f6-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOjYDO4lGi-1EZjHPxflQGk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame BB7B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaQY7WnOtAefZAtHYnCv3wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOjYDO4lGi-1EZjHPxflQGk&google_cver=1

43 B
734 B

71ms
70ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOjYDO4lGi-1EZjHPxflQGk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvmmQEQr6mt1gUYrOf8gAIwAQ&v=APEucNXbxbD2gvt_G6tLO6IT6L87WfQJIDvq55HyszaHWEXLMGHG7dx9V-hHAtFD2DcbDLwfl4_HbW1Dr0w0Q3LRDGG0apPh198TqXSVg_1ejRDl_fdkP1YIH2fhzqKcb3aybA7a5OWMggZ6dGRrUfsvF_DrTHiQS_j6Y5NyrcJBG6dLKihhn2D1rd5HDCvat4z014re2K3SLFG8lKqLSJRcBEQ0Zzs5gQ
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AwOv%2BOzsDdJpYTTt%2BPRcNn7JODm6UwoTPlM0psJb07n83Wu5m2Ihh4uYCR%2FakZ3MQz2j2d4HIbOLVFOuiYt0oh2cLSkUf7EBOpuVF5W8LSb%2Bsp0bnC3hFYFTWD3BsuPRb29%2F4ozAzfpmEw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8457936d1a7758f6-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOjYDO4lGi-1EZjHPxflQGk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame BB7B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELoPMkpDV22MSp-QHYDg9ZY&google_cver=1

43 B
1007 B

169ms
169ms

Image
image/gif

37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESELoPMkpDV22MSp-QHYDg9ZY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvmmQEQr6mt1gUYrOf8gAIwAQ&v=APEucNXbxbD2gvt_G6tLO6IT6L87WfQJIDvq55HyszaHWEXLMGHG7dx9V-hHAtFD2DcbDLwfl4_HbW1Dr0w0Q3LRDGG0apPh198TqXSVg_1ejRDl_fdkP1YIH2fhzqKcb3aybA7a5OWMggZ6dGRrUfsvF_DrTHiQS_j6Y5NyrcJBG6dLKihhn2D1rd5HDCvat4z014re2K3SLFG8lKqLSJRcBEQ0Zzs5gQ

Protocol

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:01 GMT
an-x-request-uuid: 19f9bc9f-1bd1-4b9a-8d7c-df2ad5456f3f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.100; 80.255.7.100; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESELoPMkpDV22MSp-QHYDg9ZY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BB7B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAzMTEyMzM5MDg5MzY0OTk2NA%3D%3D

170 B
188 B

190ms
189ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAzMTEyMzM5MDg5MzY0OTk2NA%3D%3D

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:01 GMT
an-x-request-uuid: 9cde588f-073d-4edf-aa37-4d564ac56bf2
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAzMTEyMzM5MDg5MzY0OTk2NA%3D%3D
x-proxy-origin: 80.255.7.100; 80.255.7.100; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7495 0
20 B 211ms
211ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9576791226854&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7495 0
20 B 211ms
211ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9576791226854&version=m202309260101&ct=76&x=1&cor=668751326674336900

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7495 16 KB
12 KB 217ms
217ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-At3eQfW5y4YeF3XG3vV817q3KWHA09oEHDOgTYchB8N95d3D1U1KEIEvkoqMveUF2077e1dUHSmJ_fUYkejMwfSr8Co1W9tC4qabCqygVHMDSDz-Vhh6wl1XstF5wYP-0CRI_ZEubynwqiQW6-45CgvIgREAsILkj7lpwSp4yN5o7UTMg&cry=1&dbm_d=AKAmf-ABe0pzG5nEOjMUF-slbWL9JpQ55Ov8XjebIOoZ3v2xcrMAkrh-_AzRQSvFVVwSrcr3HRV5ReHXzHTYVpdbL6HpF5B70id8TMNBt5v8t1T0UQ_L3PidS68w_k3HbCf1pP0TygL7GN3jVy_62X_mgBH6jpWcVw6z9BC-jzFAEdMC2_-RvICy1HozvHb5c2nTMQY6y1u3DYMc32T0zm52Eu9C1pnk0GQRdrYZRNzOH98qpXMvEVUIcIYAuBMuX3RDbRAnd9w94N1LbW2zw5ctFaRZ0fznjH7LlsxGxj1ZFpfqV2UuD9yApcBVd3IFumum2HlRXhYt1Tul5yEuS7TEyVlLh6HPhpIsTp-DHxX8v8OBhOlzZlJIbnOOVtxKxvbA3EsJarSishg8kH-4ioJDusAhTPnF4lnBzF-2nqAGK0x-6xJ4eFBTWBx72US3voGS5P6rvGTZqgI4fUKnqSwWf0omGcko__0Jk6qZ2UcwUMdF7mBeIKfkfhw5Dj3yd5hWDDI2JTMfXdy5Wgd_cX_50A9AJ1IpQ70mQgS6eGi8inF4nwav6BvCDvREC6jikHEnB0agtqK8INOms-7OyzDToWpbDi6dmWbwiHR7L02EDpaZadU6-c72XSVa1RsgaEuri13y-sCS_574eTFGPikcW8lWRbdRPDguOHB9v_Qh46Uenc_z0MXJu2ZZcMxmEv2bNHj0iQ0nmTXCxBXG8a9Y8_ATKl9HvW6n2vBWTxWstD3wPvsXzTms5QxRxEi9bph24Wdv4VDsAt1xQeck7z4oFhf-gf3XApjL6Y8CurEpaw23sM2ip-1FgoxhXQcOr1qqx4HQUfnXEwCfAnRPrDO1AnGzEL5Oh8WciIhZCx8f_lgW02y7t3otJL83pLH9qfrUmoGXbZI00RvYWCHNTMnt8pLoSwj5g1YJlfEtKlLkyH2312JQfZ4i-vb4RyWVZp4IDkXfl-XGHs9J3yn0YG1fGetv1YOLItYjV8Zr8EeQx5090f5OqZFPuxjH9f05GTLo1MieU6l3jBqVFf4X5rDeVGO18H2hq958s0zT0hBc6T-y4_pTzSeLgXQIf-wreEd4PRwY8RXkg5izQwUGpLJGUr5fZ-OrpFIL6Tq-r9a3nYJ5F7yzulgSzqEwdC_5G4ea2WzSatDHpKtnymWa0nMdeCjVwGGZ3KxqwsLCscmINXXMax18Z3geuq1aaViAgV6ZsqL5DsebPF4qvymHy29W2JG4_vPNOTp7R53VnTadFSSH5qRKactcV1NwxeflWWxJLJD7fqM4mYSU6Zzo5iRu0iKC2fi-Zat6TrGXb1P1IIswK05kKS6RdRP6NG-cyazj50rfNqLjOe6cM5tjnLortfUoIDC5H5eLUsCiYc3e1F2tmWQTHr7MK9wvM7P8EGo-pWPjOAoO2X6sGQDHqAKAv8q9Jb7FmJX4UF2s3jTQG8u61D_upaakjDWpbUbuzGzsP9mfIQVM8VFfryYkHiR1XrkrY2UdVVN_5gpZt50MdMYvigitg-jSjqqneAFqMlbbqGCCOjYVUK7QeoeBIOh_pz6-xaneMwWD5IL8t3mM_RrB6ZqjPrqgPgFU9mEUE9MHrTdeWwXKMd6AhLSk6OfjWUX4cxLYqcrcCDzriM6of_ACQX88DW-jqW9ePm-jrS3k_8w4gPmWLiyzl_rrU73w6cvnFxAybj1dBiiydfFFUNI3Ffr7rwbx5zkTwe-2abG7LG1zOmxvk2Q8PUcmBy8wvc0MmaVpa4qqLqK18ISK4EDPERHJc3AVOW_FAARwRI2rdWFDxqC-rPWW33fKs76sYL9ElqTWZO-bw9__6OPAau6MC6_1BNED83Z34h5XOIbbVWuci-UxMcqLiw6M81fDHDCX2cqAWm6GFMruLDD_-hxDc-BQrCtwzr2GmsVZ5t0GmOOM8nlGzEXaYUyecKu6AO7UbG_3_AD_MYG560IGpj8kMSF4-T61D-qCfbsSFN37_xANAGhRpnjc0x-Kn3SUJKpS6ggpogIisKWUJWrjW9BTKd46GhLRafG_phrzZGGFc55hkC_vViCWHeJeoLGOw0yLMog8ZxYYvHKZc8xkFWx8K-8M30SQ05mPpOYe6IogkGzKKZMpzXxTfc5WHBnHrmypfQZIuex6S6IPG8NLUKu0-_nmdXD8TUxv4Cv-RRcvBmq1W09G7dE7LX9SaMMviXbyvlDcjz5asitu1CH9PyYWGcqVivpr4B33L2Qo9fLm_xZ9_E5Ev_rUocAN7r_7Q04E2uALCSvrDFg-OBxZTaeL5MEDcifQo36ngL4XcG37--yCZQ6NnSE5VG1aty0uzJioi3w1_k1OibBH7ifPdj1i1bRyQKenQSM9znwMPP3RfQ_Oo48JAm4lZYby75BbfbsbKdMw4rt1mH_MpndWohkBGVLw0AVBJB6FRBBkmtcF7MoBJo4LhJk68rN0RZHCDUMcC8CC2CPIBhfHwbl-0uyXtYTDSR_HXPTe7Ul3AwEJ2L5LVSU_u9HgT8eOm4bMaSN7J5tdeZMyLEhBYGgSUaN-HNdGjUGuZS-vfXNWjvxHCG6HOXnf3oq_gbdMN4A_F2XY-ZT-uuMe6RFDZIGVEcKdSYGf3Z1IdlbrI6EPxahmkmXSxNf0z6FHbYBo6jP6dethNI4ZaeToj2-nrsox7kv1ng2XIN-8rV73toioNxdd464Dpki5pFmyt8ZkzDxZlz2Uy7mJgWKkvGuCGV46wmhSh98z-0J5J1520gzU8FC51ssA-WAxmfT-S8DTCHsJO2oACfRcQjJTEbx4--6R13psC3u8VKDaYVzhyQrJ6bD3aZXJAbgwtgmYia4ioHiiiO1RcKwguFbjSjA4MJ4FmUII8RGdpZuhW_l43oyd7ReOHf8yUWi8Kzn7UH422VcvAeP-Ub_olmMDkhnSUggTcJSh9kxaKSOxley47qk8Gyg_b3bIIfB_ClaeXt3XdaAAzaZTxZkIvk6Gwf1GRfFXzNkNETUVuJYdXD44QsgO9IpD8DVcQeoG1DGDRs6qhJZa9Sxg2p7A8reibTo2CN1A8Ngv_4XiUsgNRbxHMAe-rd112knTdkZlg6TAdm2Ee2qgM9VWLj-fSX-4Wr77WmNyCDuDZ9zn9qtJUEuWjA5hRxz4JwGxJ0s3kWf2Ev-WyWLOcVxq-mrLPw&cid=CAQSTwAvHhf_eKoa8knK3YkK2QrMtqbmtqVwsZjLd8f5JHxqALjv7zBE8Rs7VRd7RptGeYZaYB63qBF2nXTneKx_Qx92s-DEjgpiTrHJFHchZEYYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Feasyworldbusiness.com%2F&ds=l&xdt=1&iif=1&cor=668751326674336900&adk=3944675603&idt=129&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

052f2637ddec7c1bea990f910a20b031fd8ee7567db25b41bc3af3cb3e4496ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12345
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 165ms
165ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401040101&jk=3649576334493731&bg=!p6SlpOvNAAaumcC-jpk7ADQBe5WfOJrUB6w7YjF5feMxcS9VW3RZZwppgfW2jBpORYM3WY_69v3av6dYiUdzY31Tkhu5AgAAAClSAAAAAmgBBwoAlmVBnlWxV58lcC0a5dsOxfiIXtLGJIf3KnHdA2n0ds2xkvVfVn8gfPP1P8wzL0iN4tMVpuexrUqK8g6uzoGkqDa5rI3CPrT-fudpp6b9G44oDo2CfwsLNe6Qq9v9r7FlXFnT8WirmBl2e5ddmbzRcllEkw07PyLfX4Xj7IwF5EIZz36_iYFjH7M2vMaB1wQAS8L1on5dJJkCv17FyfFrEoryhzHK95GE5vGF6fapw3DJvjfkTxfLIDcxRh6LVFuF1gOFsAri3C08B52_TiCOVPSPVUaekKp4f8TiczJ_LtrGZP1vhesw5C1rmZ24wqZ-JjHwlwvWXKeEGar14znUSjRNxAtJzecMGIhbFmXWNmAql_mhAVus40pCgHpcvbqbVwddFjqWi7BDFLwRYu_Ov0DX8mq3bK2qqpIraB9A6nztppzIn6IDcWhf8MMLfKm32yP5IUQDf0j9OZd6hyZnmad4Z1R3QLFpQF6IGHSC9Dul5RV9gLl9mFCzh31ZZi_EMYMkk9P3ahmXhNCyHt2zFADcTqHT75m8zvdJ26XNPOWo0zItCKrUEm0eZMXFu8LUh3teN-Gv-9l30PyxaNTze0qRmaTJBIt5sRDAnqdS0F1J814qNR4GfTpoZFd-S_rnmoZQ5C0xNueDEBsHAPTf7KKRPE_tt9KYysPXN_NlsRalrp0FZJsPWn43RWQS-JLEflHLk-6ObHUGs74Rpa4J6b7MDsICLFzA5fSL_IRD0TEt8LckW5fGDVsqjFKJMIcay1H8kyPqphQ6p-moSb5AYpLOxcgnFxsitzixpvQFxGR-KoWteRtQdo1igb4sL13vqKlCARjDdm_4qZwq3RL0AxYmo-tHufvqf7H7fgkIoqmtUPAa6-bBUJcK8Vw-39AW0i8cL5dFhbjpMe4InQboWnQYyTomLFGrrLo5D8YGtuLqkXNYuc0FZa3vbPSJK0MUT-jBRkaQiXyYdRiWiG5jRWfFgDAq3cMzIn2BetZ7cMlde1Tak2s5PD0QGElxkD6uf6SgWMQpaKPZwgUuT_Wzylj5NUgu7qPkDEa_ncreMFU3MSt4mxuajFCHL1ivgdPrv2QX4Jv6nbXLLUOkrQxeextT1b118EhZ05PME6-hPinVOIbExcpym2M
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easyworldbusiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 7495 41 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-At3eQfW5y4YeF3XG3vV817q3KWHA09oEHDOgTYchB8N95d3D1U1KEIEvkoqMveUF2077e1dUHSmJ_fUYkejMwfSr8Co1W9tC4qabCqygVHMDSDz-Vhh6wl1XstF5wYP-0CRI_ZEubynwqiQW6-45CgvIgREAsILkj7lpwSp4yN5o7UTMg&cry=1&dbm_d=AKAmf-ABe0pzG5nEOjMUF-slbWL9JpQ55Ov8XjebIOoZ3v2xcrMAkrh-_AzRQSvFVVwSrcr3HRV5ReHXzHTYVpdbL6HpF5B70id8TMNBt5v8t1T0UQ_L3PidS68w_k3HbCf1pP0TygL7GN3jVy_62X_mgBH6jpWcVw6z9BC-jzFAEdMC2_-RvICy1HozvHb5c2nTMQY6y1u3DYMc32T0zm52Eu9C1pnk0GQRdrYZRNzOH98qpXMvEVUIcIYAuBMuX3RDbRAnd9w94N1LbW2zw5ctFaRZ0fznjH7LlsxGxj1ZFpfqV2UuD9yApcBVd3IFumum2HlRXhYt1Tul5yEuS7TEyVlLh6HPhpIsTp-DHxX8v8OBhOlzZlJIbnOOVtxKxvbA3EsJarSishg8kH-4ioJDusAhTPnF4lnBzF-2nqAGK0x-6xJ4eFBTWBx72US3voGS5P6rvGTZqgI4fUKnqSwWf0omGcko__0Jk6qZ2UcwUMdF7mBeIKfkfhw5Dj3yd5hWDDI2JTMfXdy5Wgd_cX_50A9AJ1IpQ70mQgS6eGi8inF4nwav6BvCDvREC6jikHEnB0agtqK8INOms-7OyzDToWpbDi6dmWbwiHR7L02EDpaZadU6-c72XSVa1RsgaEuri13y-sCS_574eTFGPikcW8lWRbdRPDguOHB9v_Qh46Uenc_z0MXJu2ZZcMxmEv2bNHj0iQ0nmTXCxBXG8a9Y8_ATKl9HvW6n2vBWTxWstD3wPvsXzTms5QxRxEi9bph24Wdv4VDsAt1xQeck7z4oFhf-gf3XApjL6Y8CurEpaw23sM2ip-1FgoxhXQcOr1qqx4HQUfnXEwCfAnRPrDO1AnGzEL5Oh8WciIhZCx8f_lgW02y7t3otJL83pLH9qfrUmoGXbZI00RvYWCHNTMnt8pLoSwj5g1YJlfEtKlLkyH2312JQfZ4i-vb4RyWVZp4IDkXfl-XGHs9J3yn0YG1fGetv1YOLItYjV8Zr8EeQx5090f5OqZFPuxjH9f05GTLo1MieU6l3jBqVFf4X5rDeVGO18H2hq958s0zT0hBc6T-y4_pTzSeLgXQIf-wreEd4PRwY8RXkg5izQwUGpLJGUr5fZ-OrpFIL6Tq-r9a3nYJ5F7yzulgSzqEwdC_5G4ea2WzSatDHpKtnymWa0nMdeCjVwGGZ3KxqwsLCscmINXXMax18Z3geuq1aaViAgV6ZsqL5DsebPF4qvymHy29W2JG4_vPNOTp7R53VnTadFSSH5qRKactcV1NwxeflWWxJLJD7fqM4mYSU6Zzo5iRu0iKC2fi-Zat6TrGXb1P1IIswK05kKS6RdRP6NG-cyazj50rfNqLjOe6cM5tjnLortfUoIDC5H5eLUsCiYc3e1F2tmWQTHr7MK9wvM7P8EGo-pWPjOAoO2X6sGQDHqAKAv8q9Jb7FmJX4UF2s3jTQG8u61D_upaakjDWpbUbuzGzsP9mfIQVM8VFfryYkHiR1XrkrY2UdVVN_5gpZt50MdMYvigitg-jSjqqneAFqMlbbqGCCOjYVUK7QeoeBIOh_pz6-xaneMwWD5IL8t3mM_RrB6ZqjPrqgPgFU9mEUE9MHrTdeWwXKMd6AhLSk6OfjWUX4cxLYqcrcCDzriM6of_ACQX88DW-jqW9ePm-jrS3k_8w4gPmWLiyzl_rrU73w6cvnFxAybj1dBiiydfFFUNI3Ffr7rwbx5zkTwe-2abG7LG1zOmxvk2Q8PUcmBy8wvc0MmaVpa4qqLqK18ISK4EDPERHJc3AVOW_FAARwRI2rdWFDxqC-rPWW33fKs76sYL9ElqTWZO-bw9__6OPAau6MC6_1BNED83Z34h5XOIbbVWuci-UxMcqLiw6M81fDHDCX2cqAWm6GFMruLDD_-hxDc-BQrCtwzr2GmsVZ5t0GmOOM8nlGzEXaYUyecKu6AO7UbG_3_AD_MYG560IGpj8kMSF4-T61D-qCfbsSFN37_xANAGhRpnjc0x-Kn3SUJKpS6ggpogIisKWUJWrjW9BTKd46GhLRafG_phrzZGGFc55hkC_vViCWHeJeoLGOw0yLMog8ZxYYvHKZc8xkFWx8K-8M30SQ05mPpOYe6IogkGzKKZMpzXxTfc5WHBnHrmypfQZIuex6S6IPG8NLUKu0-_nmdXD8TUxv4Cv-RRcvBmq1W09G7dE7LX9SaMMviXbyvlDcjz5asitu1CH9PyYWGcqVivpr4B33L2Qo9fLm_xZ9_E5Ev_rUocAN7r_7Q04E2uALCSvrDFg-OBxZTaeL5MEDcifQo36ngL4XcG37--yCZQ6NnSE5VG1aty0uzJioi3w1_k1OibBH7ifPdj1i1bRyQKenQSM9znwMPP3RfQ_Oo48JAm4lZYby75BbfbsbKdMw4rt1mH_MpndWohkBGVLw0AVBJB6FRBBkmtcF7MoBJo4LhJk68rN0RZHCDUMcC8CC2CPIBhfHwbl-0uyXtYTDSR_HXPTe7Ul3AwEJ2L5LVSU_u9HgT8eOm4bMaSN7J5tdeZMyLEhBYGgSUaN-HNdGjUGuZS-vfXNWjvxHCG6HOXnf3oq_gbdMN4A_F2XY-ZT-uuMe6RFDZIGVEcKdSYGf3Z1IdlbrI6EPxahmkmXSxNf0z6FHbYBo6jP6dethNI4ZaeToj2-nrsox7kv1ng2XIN-8rV73toioNxdd464Dpki5pFmyt8ZkzDxZlz2Uy7mJgWKkvGuCGV46wmhSh98z-0J5J1520gzU8FC51ssA-WAxmfT-S8DTCHsJO2oACfRcQjJTEbx4--6R13psC3u8VKDaYVzhyQrJ6bD3aZXJAbgwtgmYia4ioHiiiO1RcKwguFbjSjA4MJ4FmUII8RGdpZuhW_l43oyd7ReOHf8yUWi8Kzn7UH422VcvAeP-Ub_olmMDkhnSUggTcJSh9kxaKSOxley47qk8Gyg_b3bIIfB_ClaeXt3XdaAAzaZTxZkIvk6Gwf1GRfFXzNkNETUVuJYdXD44QsgO9IpD8DVcQeoG1DGDRs6qhJZa9Sxg2p7A8reibTo2CN1A8Ngv_4XiUsgNRbxHMAe-rd112knTdkZlg6TAdm2Ee2qgM9VWLj-fSX-4Wr77WmNyCDuDZ9zn9qtJUEuWjA5hRxz4JwGxJ0s3kWf2Ev-WyWLOcVxq-mrLPw&cid=CAQSTwAvHhf_eKoa8knK3YkK2QrMtqbmtqVwsZjLd8f5JHxqALjv7zBE8Rs7VRd7RptGeYZaYB63qBF2nXTneKx_Qx92s-DEjgpiTrHJFHchZEYYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Feasyworldbusiness.com%2F&ds=l&xdt=1&iif=1&cor=668751326674336900&adk=3944675603&idt=129&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 20:07:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 163033
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jan 2025 20:07:48 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 1BE5 38 KB
13 KB 39ms
39ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 148451
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 00:10:50 GMT
expires: Sun, 12 Jan 2025 00:10:50 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame 7495
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1928050/77879653/xbbe/creative/adj?p=APEucNViY_k48I-4NRsDLGMNOgBDUkh-9U5HHb05ae_T1kVjTYioNiY&d=CokBAKAmf-ByUdFznO4WoxpBcuIBRghykL2fQQaLyi8zndtlplMcqnSL3--W7gx...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNViY_k48I-4NRsDLGMNOgBDUkh-9U5HHb05ae_T1kVjTYioNiY&d=CokBAKAmf-ByUdFznO4WoxpBcuIBRghykL2fQQaLyi8zndtlplMcqnSL3--W7gx3KSGyFtfZLhGbWTfAsZKDOhJNp...

65 KB
25 KB

200ms
75ms

Script
text/javascript

74.125.206.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNViY_k48I-4NRsDLGMNOgBDUkh-9U5HHb05ae_T1kVjTYioNiY&d=CokBAKAmf-ByUdFznO4WoxpBcuIBRghykL2fQQaLyi8zndtlplMcqnSL3--W7gx3KSGyFtfZLhGbWTfAsZKDOhJNpwOLK7QrZqYq-E2feQL8C0lSXNOpQjjXgbXDU49_MyvvmoKmLn5wsIssuzBBoowk8hQ-7fdfxmaJ5ZVfhgF3yQ1MJLGQK13lDhkS-RUAoCZ_4M6cQV9BgGUFZr98KNuG1vZ1r32n7swtNFHCpnLGQO2d2T2MPaCdyA2VoTWN5G-LjTk8sxBAQfR0zsnVuFC3om0LmMKNie8Pzqf0IsQgeKyklDam1rvRc_Qva6T7JE7rix_tmljwcBAeMRZX19uSvPGL7ih3DVT0SiajQrAn1Z9waXiVmwbrrrhBqgXAqXr3g2i1Rsg5x_OcF7UPZwmP6-qgMSmgVvQC0aWDd624833ljF-HIpgPTJEsidT1uq2_EYdDPDp0PVeMzB2-yQD7iePuxFzqqz6GTuVs4QmzNuyQJCHBWOd6fbGJscmuct_RzuBIj4-1nl1SYLBhXTltn7PHsODzSwbrZuB40pAK7YkiaKW5PlrCaX1UC-Xk3icp59G14BvXYUpsZFAuj9bV9t7ZYQrZ4mxZmGu0CDoaToerxc0We3ebY_GvmYK3AfCLjp9wAj9V97H6LVHZly-HgXVwmah9wCpgRxUQlTHmcCl-2g1Q90ie60z8zxo1hnwiCcLjkPJMlLauFtPhRTw2ILGMRVkR8qqZijDu6dBe5gNymtJ4_YrFIXd63ryz2PmBiK93zD3yjdcpc601QfspEvNepks49uZpo-8n94oC18EoRaoMwdYpDPNyVC8xplSWHimFg72KdXLZ22446JJHrYCGYoVuDRXYfwqQiTwbdGgTlvbXXYEUbro8P0Q64A8pixkTlsn4yNqEgk-F491xiVPWwMnX8dUCZyUhQsloz28qvs8DE9JyxWyXvp2pqEkCPnaZ8kn0qB4Mx_qYMglQ8RshCI9DCae2niS98qKuXWzsJ4M2AE30QOEASOoAaGOGxugsHG_84Rim9pfDJTCl_n1UQQCK7v7S5NRxr6g81eYEy0swpakUd-V_DMogmLMVJXBceVU4Lto1PXXBFUPUFMDsZ-Nqn_3i42XzTp1Sm5TpqRAyGxa4KbYLShksHV7SIteUjd6spffPd-gJMIZG-yXvkGmUjxeuAEgXsFY1JRyFzF7kUoVZBu0N_BNLmixAn18fZXqgO0_WvzdyDDDDE9jO04eWOJC-BJCZK1z9YsLoMaeIIErNI4bcOX5MldE_CH_zY_P9vxrzQNAWK5d6BNvypxrH7DGMXnQ9-2O24sLBkqMppZQzjZMwJdmoEwMaKiyVvpXxmRysMZ0LGat5_xVpv8AKEOQHLWqKTyW3irZGgykQ4NvzFf49ZKb32N-p5GfFlhk7q5GYcu4jm7zB-0YcJxSFPx4Ok3Z7_BrCas1oPLGg7UKvICGf0CK3doIQd6-Zk0vZZIS0TIYrw5Q8oscSEnEaKrshM0NF0k-LmJf34XMFkk4tm03be3u3ItTI4OkZ7u5sk5FrC5_JzNdKMp0MnuaDWaTPNgTkSmb1G9vvxlDhgmctDCvlPRY-OcQgOCZ4FSwisRD8jsh2BU9nyOpjzQSlwG5DoYigIVAGQW9ghOboTj_Pw4y0OmDJdRWvotXTDLI05szkhu_OyboAZvkugpJo3Es3vYsMYK2uSvNwH-FI_HFTWXFihbz7b3E32uuLg6iLuRvYIXMTUp1AArywNVt1uGUf8M55nHdG4JagOwdXt3NosC5UgIwN_mQkUJ7787tRw0jZXuELfDMtonoMVFoG6Kh7Fv5I5X-u5rXWlRStItlESwAD8RnNHlUHHjilj08N1GqSUsBzinprghxCn1Pkz77M9aOucDrUbfHNCeNWd8KDUuFl8GtYOkB-k1AKTZMUTpD9GBtWlDzPQ6GP0HzuZEavMtrRWtKDaTx2A6sYMi8fhbzpwWIl-81O3KmL4W7T_IA0cIJ_B7MWYKPEPCtWmtRBezXTVS6YsVdW-K9HfkycwcvFhaOocdO2EmITT1275QjE-cpLCaSJzl0xO7-8ZKY9rBV6IqJJem-12axxo_5Ro7TDtrvgJHLKKYNWH6tAsm78tz93LxD0_frp2eFT7JE8pIxjTK4kvW8tZM5WYmQeJo7EQe9HmprNQnZBjuJu24mGo8izrAADKC4_c_m60lXL-kOzFpIFVs9nS4sW4YDjQyQzYx9xKStzkaMzUcPSkzbVMdupyPHI2Xc31Bzrv0rYGJmcqZ8E66DvjbkaevRBeW0Scd-onRS4k59PBMUa6YQwQXNyVmlXL_CkoX0ZGcWLJsbMUyUfVApjjY66DRTVSm9rqQ_DUbkt7YI9juTY12NHZ-x5X_w7fjzMJ4P4ynotxzIMYsaQXosSeabvpVF0s5QotZ7jaUauttId61f7PpStECaHnmnow5i15FldrvLl_a690UoIk3hu6jJ7POlnbvfuC9EdrMq4agbfXAsg_qcZZGVOG6u515383ftB07Tj1LeKNpAyITB2dn5Btkmu3GJCbO2AlybIUqHEyh65fvrwBTdAJf8SLrUmCJidQ7n7mJ96sPjzloefvnz272Z_LbAIA-I1bLR_xV6Bx6yjLVHFlJmOfW43oo6KO7BsFIkmFjND3F8rNPHbLzG_3T10t6Fs22eV6dWtcjzp8dHRdddJZLNs1UuCdEytUHcWz5i7sVvYfE-LG92ZSyGJr0oTLNNCWEAeyd8OD8n__Fv7n5RHsHmKCjewo5YMuq1qqwl1SLsnegM8rwoUbKVbxG4K73O9aGAly4eU6EVBqfbUNZ-yCwubo_6tOVq05ewIZ0pHpdLxB7sTCb2H1kbceMbS692Sc2WcnkQyV50Ou9c_zYyOjHciUlWTf0BVBDnUTF597xT24Oejzh_WgQOQxzUb6BfPup5FCPo5ROOMLsqvAB06m0k9IiNhvYmxCuzqn5o3gDfMPsx-sV86Zi8k9MtmKETGeqaawJq1qL_OOqgGzzOtX_rEyaw382pehk1AQxHXP-S4se3VlcKkYYrt8ynm3wR0wTBxIUh6jFhvUMIxmwyCWyMtJvkCFks8sRfzkTJ_8hL8hCnIfrkAy53RB9Zm5DyT_pKyBDwPGllCrjry5ouUHdGkCH17s862-67TXbhfq6LIs_4ymTLGuILvD04vy_Endo1LbKzB3S_7LjkSTC0-HM9hczAS5IclWiao8cpL173StVXNgDlCwX8IpWizD08kl0dBm8e1KIsdZ-otKAsQohTYQ1JwiDS1seSPimBn3nPtWeNrB4Mw8kXxcO_1PRAd-YANLNVqBcFwuJFBZHMr9_91eWFhJVq3TbyPCeoMZUSky-TwLjDVnUdDXzPScPczp88db2C_vT-ioNlEppAQNx2mfIkaag2oZzCM10c_PYTiTfQO_Frg91PKbQ6y8PbyAoly1UrRguJrRexjTLUoarXfsQtsJlpWOSux9uSgPA8rd6Ic2PgcZMKJtuRdOoZy5FCJ3TpqqzRqYDH35rR7_jH9GtrAFA73mRVIVmkEL476561slPkuOuUK3ZgohLoSFHLHlZx-ZB1gxGaDzDddLc4352MRWzDqL6x_KJiah3UdQ6fF9IkwGjy5YQgNcbI8fDFFGsRU6VFRJ8q4wkiLwExfChhE6QyzN3feTWc3flPgR1_Zfj0s6paUGRSYur91ytNeZZ3VvuKsalgggOhyTGogom-s0GSNOOdPfNpxeylTv37IOiZrdf7A36UB1Wbze0COV0jLjbFg0ZNV4b_KslbEnIqkxduag01FcQu16rNepFohFLyHhVx1vdN98MYKBhoKBOqmUenfv1X7qsUhAFrSNpp556CNAZYKlOsaRd5LB3WRL4AKVhWuo-_ARHKHAkqyX-lwEuLdgB_o_ibGshTY7oceB70gQHgdGlUIBBJPAC8eF_94qhryScrdiQrZCsy2pua2pXCxmMt3x_kkfGoAuO_vMETxGztVF3tGm0Z5hlpgHreoEXaddOd4rH9DH3az4MSOCmJOsckUdyFkRhgBYAE&ias_xappb=

Requested by

Host: 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
URL: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

74.125.206.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wk-in-f156.1e100.net

Software

cafe /

Resource Hash

74e43e8afd9c850f558f090dec25a5d9076f2749d6c224c6ad0eb901aa2990c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24855
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:01 GMT
server: nginx
x-server-name: app13.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNViY_k48I-4NRsDLGMNOgBDUkh-9U5HHb05ae_T1kVjTYioNiY&d=CokBAKAmf-ByUdFznO4WoxpBcuIBRghykL2fQQaLyi8zndtlplMcqnSL3--W7gx3KSGyFtfZLhGbWTfAsZKDOhJNpwOLK7QrZqYq-E2feQL8C0lSXNOpQjjXgbXDU49_MyvvmoKmLn5wsIssuzBBoowk8hQ-7fdfxmaJ5ZVfhgF3yQ1MJLGQK13lDhkS-RUAoCZ_4M6cQV9BgGUFZr98KNuG1vZ1r32n7swtNFHCpnLGQO2d2T2MPaCdyA2VoTWN5G-LjTk8sxBAQfR0zsnVuFC3om0LmMKNie8Pzqf0IsQgeKyklDam1rvRc_Qva6T7JE7rix_tmljwcBAeMRZX19uSvPGL7ih3DVT0SiajQrAn1Z9waXiVmwbrrrhBqgXAqXr3g2i1Rsg5x_OcF7UPZwmP6-qgMSmgVvQC0aWDd624833ljF-HIpgPTJEsidT1uq2_EYdDPDp0PVeMzB2-yQD7iePuxFzqqz6GTuVs4QmzNuyQJCHBWOd6fbGJscmuct_RzuBIj4-1nl1SYLBhXTltn7PHsODzSwbrZuB40pAK7YkiaKW5PlrCaX1UC-Xk3icp59G14BvXYUpsZFAuj9bV9t7ZYQrZ4mxZmGu0CDoaToerxc0We3ebY_GvmYK3AfCLjp9wAj9V97H6LVHZly-HgXVwmah9wCpgRxUQlTHmcCl-2g1Q90ie60z8zxo1hnwiCcLjkPJMlLauFtPhRTw2ILGMRVkR8qqZijDu6dBe5gNymtJ4_YrFIXd63ryz2PmBiK93zD3yjdcpc601QfspEvNepks49uZpo-8n94oC18EoRaoMwdYpDPNyVC8xplSWHimFg72KdXLZ22446JJHrYCGYoVuDRXYfwqQiTwbdGgTlvbXXYEUbro8P0Q64A8pixkTlsn4yNqEgk-F491xiVPWwMnX8dUCZyUhQsloz28qvs8DE9JyxWyXvp2pqEkCPnaZ8kn0qB4Mx_qYMglQ8RshCI9DCae2niS98qKuXWzsJ4M2AE30QOEASOoAaGOGxugsHG_84Rim9pfDJTCl_n1UQQCK7v7S5NRxr6g81eYEy0swpakUd-V_DMogmLMVJXBceVU4Lto1PXXBFUPUFMDsZ-Nqn_3i42XzTp1Sm5TpqRAyGxa4KbYLShksHV7SIteUjd6spffPd-gJMIZG-yXvkGmUjxeuAEgXsFY1JRyFzF7kUoVZBu0N_BNLmixAn18fZXqgO0_WvzdyDDDDE9jO04eWOJC-BJCZK1z9YsLoMaeIIErNI4bcOX5MldE_CH_zY_P9vxrzQNAWK5d6BNvypxrH7DGMXnQ9-2O24sLBkqMppZQzjZMwJdmoEwMaKiyVvpXxmRysMZ0LGat5_xVpv8AKEOQHLWqKTyW3irZGgykQ4NvzFf49ZKb32N-p5GfFlhk7q5GYcu4jm7zB-0YcJxSFPx4Ok3Z7_BrCas1oPLGg7UKvICGf0CK3doIQd6-Zk0vZZIS0TIYrw5Q8oscSEnEaKrshM0NF0k-LmJf34XMFkk4tm03be3u3ItTI4OkZ7u5sk5FrC5_JzNdKMp0MnuaDWaTPNgTkSmb1G9vvxlDhgmctDCvlPRY-OcQgOCZ4FSwisRD8jsh2BU9nyOpjzQSlwG5DoYigIVAGQW9ghOboTj_Pw4y0OmDJdRWvotXTDLI05szkhu_OyboAZvkugpJo3Es3vYsMYK2uSvNwH-FI_HFTWXFihbz7b3E32uuLg6iLuRvYIXMTUp1AArywNVt1uGUf8M55nHdG4JagOwdXt3NosC5UgIwN_mQkUJ7787tRw0jZXuELfDMtonoMVFoG6Kh7Fv5I5X-u5rXWlRStItlESwAD8RnNHlUHHjilj08N1GqSUsBzinprghxCn1Pkz77M9aOucDrUbfHNCeNWd8KDUuFl8GtYOkB-k1AKTZMUTpD9GBtWlDzPQ6GP0HzuZEavMtrRWtKDaTx2A6sYMi8fhbzpwWIl-81O3KmL4W7T_IA0cIJ_B7MWYKPEPCtWmtRBezXTVS6YsVdW-K9HfkycwcvFhaOocdO2EmITT1275QjE-cpLCaSJzl0xO7-8ZKY9rBV6IqJJem-12axxo_5Ro7TDtrvgJHLKKYNWH6tAsm78tz93LxD0_frp2eFT7JE8pIxjTK4kvW8tZM5WYmQeJo7EQe9HmprNQnZBjuJu24mGo8izrAADKC4_c_m60lXL-kOzFpIFVs9nS4sW4YDjQyQzYx9xKStzkaMzUcPSkzbVMdupyPHI2Xc31Bzrv0rYGJmcqZ8E66DvjbkaevRBeW0Scd-onRS4k59PBMUa6YQwQXNyVmlXL_CkoX0ZGcWLJsbMUyUfVApjjY66DRTVSm9rqQ_DUbkt7YI9juTY12NHZ-x5X_w7fjzMJ4P4ynotxzIMYsaQXosSeabvpVF0s5QotZ7jaUauttId61f7PpStECaHnmnow5i15FldrvLl_a690UoIk3hu6jJ7POlnbvfuC9EdrMq4agbfXAsg_qcZZGVOG6u515383ftB07Tj1LeKNpAyITB2dn5Btkmu3GJCbO2AlybIUqHEyh65fvrwBTdAJf8SLrUmCJidQ7n7mJ96sPjzloefvnz272Z_LbAIA-I1bLR_xV6Bx6yjLVHFlJmOfW43oo6KO7BsFIkmFjND3F8rNPHbLzG_3T10t6Fs22eV6dWtcjzp8dHRdddJZLNs1UuCdEytUHcWz5i7sVvYfE-LG92ZSyGJr0oTLNNCWEAeyd8OD8n__Fv7n5RHsHmKCjewo5YMuq1qqwl1SLsnegM8rwoUbKVbxG4K73O9aGAly4eU6EVBqfbUNZ-yCwubo_6tOVq05ewIZ0pHpdLxB7sTCb2H1kbceMbS692Sc2WcnkQyV50Ou9c_zYyOjHciUlWTf0BVBDnUTF597xT24Oejzh_WgQOQxzUb6BfPup5FCPo5ROOMLsqvAB06m0k9IiNhvYmxCuzqn5o3gDfMPsx-sV86Zi8k9MtmKETGeqaawJq1qL_OOqgGzzOtX_rEyaw382pehk1AQxHXP-S4se3VlcKkYYrt8ynm3wR0wTBxIUh6jFhvUMIxmwyCWyMtJvkCFks8sRfzkTJ_8hL8hCnIfrkAy53RB9Zm5DyT_pKyBDwPGllCrjry5ouUHdGkCH17s862-67TXbhfq6LIs_4ymTLGuILvD04vy_Endo1LbKzB3S_7LjkSTC0-HM9hczAS5IclWiao8cpL173StVXNgDlCwX8IpWizD08kl0dBm8e1KIsdZ-otKAsQohTYQ1JwiDS1seSPimBn3nPtWeNrB4Mw8kXxcO_1PRAd-YANLNVqBcFwuJFBZHMr9_91eWFhJVq3TbyPCeoMZUSky-TwLjDVnUdDXzPScPczp88db2C_vT-ioNlEppAQNx2mfIkaag2oZzCM10c_PYTiTfQO_Frg91PKbQ6y8PbyAoly1UrRguJrRexjTLUoarXfsQtsJlpWOSux9uSgPA8rd6Ic2PgcZMKJtuRdOoZy5FCJ3TpqqzRqYDH35rR7_jH9GtrAFA73mRVIVmkEL476561slPkuOuUK3ZgohLoSFHLHlZx-ZB1gxGaDzDddLc4352MRWzDqL6x_KJiah3UdQ6fF9IkwGjy5YQgNcbI8fDFFGsRU6VFRJ8q4wkiLwExfChhE6QyzN3feTWc3flPgR1_Zfj0s6paUGRSYur91ytNeZZ3VvuKsalgggOhyTGogom-s0GSNOOdPfNpxeylTv37IOiZrdf7A36UB1Wbze0COV0jLjbFg0ZNV4b_KslbEnIqkxduag01FcQu16rNepFohFLyHhVx1vdN98MYKBhoKBOqmUenfv1X7qsUhAFrSNpp556CNAZYKlOsaRd5LB3WRL4AKVhWuo-_ARHKHAkqyX-lwEuLdgB_o_ibGshTY7oceB70gQHgdGlUIBBJPAC8eF_94qhryScrdiQrZCsy2pua2pXCxmMt3x_kkfGoAuO_vMETxGztVF3tGm0Z5hlpgHreoEXaddOd4rH9DH3az4MSOCmJOsckUdyFkRhgBYAE&ias_xappb=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 4C5F 91 KB
23 KB 153ms
45ms Script
application/javascript 2600:9000:223f:e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
URL: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 9998151
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: KcQfF-cMaiX84qxjrQcOCysZelg4cAdlwZ1XWelqlzWgP8Ajne1DzA==

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 1BE5 39 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 20:14:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 20:14:43 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7495 43 B
216 B 602ms
196ms Image
image/gif 2600:1f13:800:7781:527c:d3a1:ca7a:f29f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1928050&asId=3185a38d-a3fb-be44-41c9-b25a1f567cb4&tv=%7Bc:1iv1JW,pingTime:-3,time:34,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:12%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:34,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B29~0%5D,as:%5B29~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u1mkepA+111%7C12%7C13%7C14%7C151%7C16%7C171%7C172%7C181%7C182%7C19*.1928050-77879653%7C191%7C192,idMap:19*,rmeas:1,rend:0,renddet:IMG.us,siq:12%7D&br=c
Requested by: Host: 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
URL: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:527c:d3a1:ca7a:f29f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:02 GMT
server: nginx
x-server-name: dt20.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7495 43 B
215 B 600ms
197ms Image
image/gif 2600:1f13:800:7781:527c:d3a1:ca7a:f29f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1928050&asId=3185a38d-a3fb-be44-41c9-b25a1f567cb4&tv=%7Bc:1iv1JX,pingTime:-6,time:35,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:35,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B30~0%5D,as:%5B30~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u1mkepA+111%7C12%7C13%7C14%7C151%7C16%7C171%7C172%7C181%7C182%7C19*.1928050-77879653%7C191%7C192,idMap:19*,rmeas:1,rend:0,renddet:IMG.us,siq:12%7D&tpiLookup=ao:easyworldbusiness.com*&br=c
Requested by: Host: 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
URL: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:527c:d3a1:ca7a:f29f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:02 GMT
server: nginx
x-server-name: dt21.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 / Show response
adv.office-partner.de/ Frame 14AD 930 B
923 B 132ms
39ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=ea9a6cba34&subid=&uid=a57899c26314a5d7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-NRM7BikZd3QEfnn1PIPnYCZyAWm5b2gab2TnKfJD_AuEAEgsZPteWCV-vCBjAfIAQmpApxeTIt2X7I-qAMByAObBKoEgQJP0CMxpf7TEU6fHuQ6XrbnYPf0sJ6Dn1a1Y9GgSAvoo99V_DEeuUvr6Bo-HcAesptHFzGJMBmIDzXKyUNGcb9tV6PcnXeJgFf_4YyBLesGNC-ZZCm8rhbszQe2BMC3aapn_9r8stLsK69gO313iBAvIKXU1XHEDa3eL6-KM_JpoptMJov3J8Z9d1vZtRY-or7ZFwyXSprMFqe3pQf4sy2Mdgk3QeL-QUkUvMGC-RkaaxTwyuPRYvIhIojK_okDVIbAelIrHnATtCie1iVeHAsBzlgh1JvUW_UM2rhUnABaIpRkPyQPeAFNzXNqU38AW0b2qCFAhsmBq3RCZIpE27C6scAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliA2Kzqst2DA4AKA5gLAcgLAYAMAaIMCCoGCgSsurECqg0CREXiDRMI3P-s6rLdgwMV-TNVCB0dQAZZsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_TKIKGBaHa3koNos5_w3Ae3zA_4ELGqI0GnpRh_lS_8JfbS5vmC7yxdK1Z9pTge7mgqAyK--4RwF7lAH351hliIbS0cYpTn-jpO0YAQ%26sig%3DAOD64_20UV_Wy6iIgE1sLV4PZX74BepPTQ%26client%3Dca-pub-2205121062140812%26dbm_c%3DAKAmf-CaaYTWt4aP1hPnTLnp-NN2n3OK1zPM1B2Q_xcdFIhYm5KobByXmyh45LGiGUnYT6R38OfyIKok9pPjT1SimPAGCtfc2Ke6jaEgh9WqfTN8Wf3KjuCoQukSXmY1lYg4_YqBIFY8qAbuaLvdLpV63qNrQukOj5xU2LVLVVqVeDKk29x50AQ%26cry%3D1%26dbm_d%3DAKAmf-AWzTl4NluUKgnt0HmjEzYNdZff-Y6Z_wU9CAsr2tr2vDz35Wl33ChGAavPq3Ltbyyz2hDEaqtgdlON0OCWuiGgw1Ce2MwhJQ4x0tW_e0dFph7efJBkVtCeecGzQTn4rHvEI6ckJ5rsxsSrWJ7JAcusdX6h7OFkDOk8OqjJBPMEeWxvMODcZKis5VemxUlyRIHvAKZkvP-Rm9fpzEIoXFQzTkf8J8-rL2FO_V1QknkFQTjWylw_VB9MqrPEG75k50zeRo7NXZKCjlZ3a46-d_yzsV73sLYqQ23DI7b3wGmwRlOqWTNvV38YVN2ogdWEjji0xx4aIOeegYOtRbX7tYiQUliZ6mN013On4iJdC_GxjohuYMHa6oLMbbASb3pIdwC7KcvYVv2CG6h9uJo_pNU9861wU0Ub6dTR3DyfshdW6UzCkW-0vCYOeeOIktyDnyzagITqPF8hLnkvwmNUiD3aDfBH1Z2RHJoQdhUYKMyNaXTgTvNHKUnEklWLDSpi53BTTey6cOsfpvJdYMYyFnhCS7H3InxLwI69X6Coyj1ujqUDNWjbmZyWPAZQbXu2cjVioflO%26adurl%3D&documentReferer=https%3A%2F%2Feasyworldbusiness.com%2F&ancestorOrigins=https%3A%2F%2Feasyworldbusiness.com&random=7489907850768&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Sun, 14 Jan 2024 17:25:01 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Sun, 21 Jan 2024 17:25:01 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2 200 e99aace94e6e5873881d3400993e1e7e Show response
pv.medialead.de/trck/epv/ Frame 791C 0
327 B 290ms
63ms Document
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=14080000121236604444994012569006&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=ea9a6cba34&subid=&uid=a57899c26314a5d7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-NRM7BikZd3QEfnn1PIPnYCZyAWm5b2gab2TnKfJD_AuEAEgsZPteWCV-vCBjAfIAQmpApxeTIt2X7I-qAMByAObBKoEgQJP0CMxpf7TEU6fHuQ6XrbnYPf0sJ6Dn1a1Y9GgSAvoo99V_DEeuUvr6Bo-HcAesptHFzGJMBmIDzXKyUNGcb9tV6PcnXeJgFf_4YyBLesGNC-ZZCm8rhbszQe2BMC3aapn_9r8stLsK69gO313iBAvIKXU1XHEDa3eL6-KM_JpoptMJov3J8Z9d1vZtRY-or7ZFwyXSprMFqe3pQf4sy2Mdgk3QeL-QUkUvMGC-RkaaxTwyuPRYvIhIojK_okDVIbAelIrHnATtCie1iVeHAsBzlgh1JvUW_UM2rhUnABaIpRkPyQPeAFNzXNqU38AW0b2qCFAhsmBq3RCZIpE27C6scAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliA2Kzqst2DA4AKA5gLAcgLAYAMAaIMCCoGCgSsurECqg0CREXiDRMI3P-s6rLdgwMV-TNVCB0dQAZZsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_TKIKGBaHa3koNos5_w3Ae3zA_4ELGqI0GnpRh_lS_8JfbS5vmC7yxdK1Z9pTge7mgqAyK--4RwF7lAH351hliIbS0cYpTn-jpO0YAQ%26sig%3DAOD64_20UV_Wy6iIgE1sLV4PZX74BepPTQ%26client%3Dca-pub-2205121062140812%26dbm_c%3DAKAmf-CaaYTWt4aP1hPnTLnp-NN2n3OK1zPM1B2Q_xcdFIhYm5KobByXmyh45LGiGUnYT6R38OfyIKok9pPjT1SimPAGCtfc2Ke6jaEgh9WqfTN8Wf3KjuCoQukSXmY1lYg4_YqBIFY8qAbuaLvdLpV63qNrQukOj5xU2LVLVVqVeDKk29x50AQ%26cry%3D1%26dbm_d%3DAKAmf-AWzTl4NluUKgnt0HmjEzYNdZff-Y6Z_wU9CAsr2tr2vDz35Wl33ChGAavPq3Ltbyyz2hDEaqtgdlON0OCWuiGgw1Ce2MwhJQ4x0tW_e0dFph7efJBkVtCeecGzQTn4rHvEI6ckJ5rsxsSrWJ7JAcusdX6h7OFkDOk8OqjJBPMEeWxvMODcZKis5VemxUlyRIHvAKZkvP-Rm9fpzEIoXFQzTkf8J8-rL2FO_V1QknkFQTjWylw_VB9MqrPEG75k50zeRo7NXZKCjlZ3a46-d_yzsV73sLYqQ23DI7b3wGmwRlOqWTNvV38YVN2ogdWEjji0xx4aIOeegYOtRbX7tYiQUliZ6mN013On4iJdC_GxjohuYMHa6oLMbbASb3pIdwC7KcvYVv2CG6h9uJo_pNU9861wU0Ub6dTR3DyfshdW6UzCkW-0vCYOeeOIktyDnyzagITqPF8hLnkvwmNUiD3aDfBH1Z2RHJoQdhUYKMyNaXTgTvNHKUnEklWLDSpi53BTTey6cOsfpvJdYMYyFnhCS7H3InxLwI69X6Coyj1ujqUDNWjbmZyWPAZQbXu2cjVioflO%26adurl%3D&documentReferer=https%3A%2F%2Feasyworldbusiness.com%2F&ancestorOrigins=https%3A%2F%2Feasyworldbusiness.com&random=7489907850768&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript; charset=utf-8
date: Sun, 14 Jan 2024 17:25:02 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
vary: Origin

GET
H2

200

htlp Show response
futalis.de/ Frame 5F5E
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=14080000121236604444994012569006&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3460623904

350 B
401 B

135ms
37ms

Document
text/html

167.233.14.134
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3460623904
Requested by: Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=ea9a6cba34&subid=&uid=a57899c26314a5d7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-NRM7BikZd3QEfnn1PIPnYCZyAWm5b2gab2TnKfJD_AuEAEgsZPteWCV-vCBjAfIAQmpApxeTIt2X7I-qAMByAObBKoEgQJP0CMxpf7TEU6fHuQ6XrbnYPf0sJ6Dn1a1Y9GgSAvoo99V_DEeuUvr6Bo-HcAesptHFzGJMBmIDzXKyUNGcb9tV6PcnXeJgFf_4YyBLesGNC-ZZCm8rhbszQe2BMC3aapn_9r8stLsK69gO313iBAvIKXU1XHEDa3eL6-KM_JpoptMJov3J8Z9d1vZtRY-or7ZFwyXSprMFqe3pQf4sy2Mdgk3QeL-QUkUvMGC-RkaaxTwyuPRYvIhIojK_okDVIbAelIrHnATtCie1iVeHAsBzlgh1JvUW_UM2rhUnABaIpRkPyQPeAFNzXNqU38AW0b2qCFAhsmBq3RCZIpE27C6scAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliA2Kzqst2DA4AKA5gLAcgLAYAMAaIMCCoGCgSsurECqg0CREXiDRMI3P-s6rLdgwMV-TNVCB0dQAZZsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_TKIKGBaHa3koNos5_w3Ae3zA_4ELGqI0GnpRh_lS_8JfbS5vmC7yxdK1Z9pTge7mgqAyK--4RwF7lAH351hliIbS0cYpTn-jpO0YAQ%26sig%3DAOD64_20UV_Wy6iIgE1sLV4PZX74BepPTQ%26client%3Dca-pub-2205121062140812%26dbm_c%3DAKAmf-CaaYTWt4aP1hPnTLnp-NN2n3OK1zPM1B2Q_xcdFIhYm5KobByXmyh45LGiGUnYT6R38OfyIKok9pPjT1SimPAGCtfc2Ke6jaEgh9WqfTN8Wf3KjuCoQukSXmY1lYg4_YqBIFY8qAbuaLvdLpV63qNrQukOj5xU2LVLVVqVeDKk29x50AQ%26cry%3D1%26dbm_d%3DAKAmf-AWzTl4NluUKgnt0HmjEzYNdZff-Y6Z_wU9CAsr2tr2vDz35Wl33ChGAavPq3Ltbyyz2hDEaqtgdlON0OCWuiGgw1Ce2MwhJQ4x0tW_e0dFph7efJBkVtCeecGzQTn4rHvEI6ckJ5rsxsSrWJ7JAcusdX6h7OFkDOk8OqjJBPMEeWxvMODcZKis5VemxUlyRIHvAKZkvP-Rm9fpzEIoXFQzTkf8J8-rL2FO_V1QknkFQTjWylw_VB9MqrPEG75k50zeRo7NXZKCjlZ3a46-d_yzsV73sLYqQ23DI7b3wGmwRlOqWTNvV38YVN2ogdWEjji0xx4aIOeegYOtRbX7tYiQUliZ6mN013On4iJdC_GxjohuYMHa6oLMbbASb3pIdwC7KcvYVv2CG6h9uJo_pNU9861wU0Ub6dTR3DyfshdW6UzCkW-0vCYOeeOIktyDnyzagITqPF8hLnkvwmNUiD3aDfBH1Z2RHJoQdhUYKMyNaXTgTvNHKUnEklWLDSpi53BTTey6cOsfpvJdYMYyFnhCS7H3InxLwI69X6Coyj1ujqUDNWjbmZyWPAZQbXu2cjVioflO%26adurl%3D&documentReferer=https%3A%2F%2Feasyworldbusiness.com%2F&ancestorOrigins=https%3A%2F%2Feasyworldbusiness.com&random=7489907850768&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.233.14.134 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-2.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Sun, 14 Jan 2024 17:25:01 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3460623904
p3p: policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache
xphp81: true

GET
H2 200 link.html Show response
track.webgains.com/ Frame A3C7 2 KB
2 KB 198ms
92ms Script
text/html 35.177.87.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=14080000121236604444994012569006&nw=1
Requested by: Host: easyworldbusiness.com
URL: https://easyworldbusiness.com/verify/?https://blog.filepresident.com/dsvdQu6Y
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.177.87.134 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-177-87-134.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 28ec9cac19ef2010ce5d36fd2321f607a9f914bdf4602b9deee6fa604448d16c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:25:01 GMT
last-modified: Sun, 14 Jan 2024 17:25:01 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sun, 14 Jan 2024 17:26:01 GMT

GET
H2

200

activityi;dc_pre=CJDNkeuy3YMDFapYHgIdWJENqQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9019369846217.61 Show response
5994599.fls.doubleclick.net/ Frame BC82
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9019369846217.61?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJDNkeuy3YMDFapYHgIdWJENqQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9019369846217.61?

390 B
326 B

83ms
83ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CJDNkeuy3YMDFapYHgIdWJENqQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9019369846217.61?

Requested by

Host: easyworldbusiness.com
URL: https://easyworldbusiness.com/verify/?https://blog.filepresident.com/dsvdQu6Y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

25dfe3db83e6f96ee6a574647ae75831d1201c47bd5528e59778e6dd260300ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 217
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jan 2024 17:25:02 GMT
expires: Sun, 14 Jan 2024 17:25:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jan 2024 17:25:01 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJDNkeuy3YMDFapYHgIdWJENqQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9019369846217.61?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal90006.redintelligence.net/ Frame 31F5 7 KB
2 KB 118ms
40ms Document
text/html 138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90006.redintelligence.net/request_content.php?s=14080000121236604444994012569006&a=f6ca3706
Requested by: Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=ea9a6cba34&subid=&uid=a57899c26314a5d7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-NRM7BikZd3QEfnn1PIPnYCZyAWm5b2gab2TnKfJD_AuEAEgsZPteWCV-vCBjAfIAQmpApxeTIt2X7I-qAMByAObBKoEgQJP0CMxpf7TEU6fHuQ6XrbnYPf0sJ6Dn1a1Y9GgSAvoo99V_DEeuUvr6Bo-HcAesptHFzGJMBmIDzXKyUNGcb9tV6PcnXeJgFf_4YyBLesGNC-ZZCm8rhbszQe2BMC3aapn_9r8stLsK69gO313iBAvIKXU1XHEDa3eL6-KM_JpoptMJov3J8Z9d1vZtRY-or7ZFwyXSprMFqe3pQf4sy2Mdgk3QeL-QUkUvMGC-RkaaxTwyuPRYvIhIojK_okDVIbAelIrHnATtCie1iVeHAsBzlgh1JvUW_UM2rhUnABaIpRkPyQPeAFNzXNqU38AW0b2qCFAhsmBq3RCZIpE27C6scAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliA2Kzqst2DA4AKA5gLAcgLAYAMAaIMCCoGCgSsurECqg0CREXiDRMI3P-s6rLdgwMV-TNVCB0dQAZZsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_TKIKGBaHa3koNos5_w3Ae3zA_4ELGqI0GnpRh_lS_8JfbS5vmC7yxdK1Z9pTge7mgqAyK--4RwF7lAH351hliIbS0cYpTn-jpO0YAQ%26sig%3DAOD64_20UV_Wy6iIgE1sLV4PZX74BepPTQ%26client%3Dca-pub-2205121062140812%26dbm_c%3DAKAmf-CaaYTWt4aP1hPnTLnp-NN2n3OK1zPM1B2Q_xcdFIhYm5KobByXmyh45LGiGUnYT6R38OfyIKok9pPjT1SimPAGCtfc2Ke6jaEgh9WqfTN8Wf3KjuCoQukSXmY1lYg4_YqBIFY8qAbuaLvdLpV63qNrQukOj5xU2LVLVVqVeDKk29x50AQ%26cry%3D1%26dbm_d%3DAKAmf-AWzTl4NluUKgnt0HmjEzYNdZff-Y6Z_wU9CAsr2tr2vDz35Wl33ChGAavPq3Ltbyyz2hDEaqtgdlON0OCWuiGgw1Ce2MwhJQ4x0tW_e0dFph7efJBkVtCeecGzQTn4rHvEI6ckJ5rsxsSrWJ7JAcusdX6h7OFkDOk8OqjJBPMEeWxvMODcZKis5VemxUlyRIHvAKZkvP-Rm9fpzEIoXFQzTkf8J8-rL2FO_V1QknkFQTjWylw_VB9MqrPEG75k50zeRo7NXZKCjlZ3a46-d_yzsV73sLYqQ23DI7b3wGmwRlOqWTNvV38YVN2ogdWEjji0xx4aIOeegYOtRbX7tYiQUliZ6mN013On4iJdC_GxjohuYMHa6oLMbbASb3pIdwC7KcvYVv2CG6h9uJo_pNU9861wU0Ub6dTR3DyfshdW6UzCkW-0vCYOeeOIktyDnyzagITqPF8hLnkvwmNUiD3aDfBH1Z2RHJoQdhUYKMyNaXTgTvNHKUnEklWLDSpi53BTTey6cOsfpvJdYMYyFnhCS7H3InxLwI69X6Coyj1ujqUDNWjbmZyWPAZQbXu2cjVioflO%26adurl%3D&documentReferer=https%3A%2F%2Feasyworldbusiness.com%2F&ancestorOrigins=https%3A%2F%2Feasyworldbusiness.com&random=7489907850768&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: c3d48180e0f38399f185f6bc9436b7c3b20b52b2f90aa880dca2aec8eb6d0183

Request headers

Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2123
Content-Type: text/html; charset=utf-8
Date: Sun, 14 Jan 2024 17:25:01 GMT
Expires: Sun, 14 Jan 2024 17:25:01 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H2

200

e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame A3C7
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=14080000121236604444994012569006&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=14080000121236604444994012569006&t=htlp&gdpr=1&consent=1&gdpr_consent=

43 B
360 B

138ms
63ms

Image
image/gif

91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=14080000121236604444994012569006&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
URL: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:25:02 GMT
attribution-reporting-register-source: {"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 43
proxy-host: pv.medialead.de

Redirect headers

location: https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=14080000121236604444994012569006&t=htlp&gdpr=1&consent=1&gdpr_consent=
date: Sun, 14 Jan 2024 17:25:01 GMT
server: nginx
content-length: 138
content-type: text/html

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7495 43 B
215 B 595ms
198ms Image
image/gif 2600:1f13:800:7781:527c:d3a1:ca7a:f29f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1928050&asId=3185a38d-a3fb-be44-41c9-b25a1f567cb4&tv=%7Bc:1iv1K5,pingTime:-2,time:43,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:506,beZ:507,mfA:509,cmA:509,inA:510,inZ:512,prA:512,prZ:515,si:518,poA:519,poZ:534,cmZ:534,mfZ:534,loA:541,loZ:542,ltA:548,ltZ:548%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:12%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:43,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B38~0%5D,as:%5B38~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u1mkepA+111%7C12%7C13%7C14%7C151%7C16%7C171%7C172%7C181%7C182%7C19*.1928050-77879653%7C191%7C192,idMap:19*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,siq:12,sinceFw:30,readyFired:false%7D&br=c
Requested by: Host: 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
URL: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:527c:d3a1:ca7a:f29f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:02 GMT
server: nginx
x-server-name: dt22.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
DATA 200
OK truncated
/ Frame A3C7 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 91218ae38d7670eef757df8d16a30eead9b7bbb428c8712abf67a7ada3a9c98e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1BE5 0
20 B 78ms
78ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bw9QG7RikZfmnIt20juwPzMiqwAQAAAAAOAHgBAI&bg=!kJOlk9zNAAaumcC-jpk7ADQBe5WfOMaNSw_IQ4_r2XkkqXcAIRp6eFa8XMXfPVVyAUozmCaZJ6kOM8dZ58PANkVlXLcLAgAAACpSAAAAAWgBBwoASRpk_Mwr06ow1Z-oppOj1X9rdAuECyY9Te1qTDyOQBg5F4BPRPu4Sdw4Z6d740GYAcWY_dQDe8HXGlj-0nyj6HBm9t37wVsDmWiZAwNQ7bDJtpZWCq6-wrTtQCgmFimCAGBKZSxr-g5_0WujU4fuVtAkGBvPru9EDJCRTHVlyCKUWt31hI32n-sJxZpF59LlHLy0HmiFlWqapT0vo22F8O07nUWiLgVhLkVXGtBNIgJmI8WATCBSk78XlFd3cEkw3Kk2M0eeP7xBGnPeGnlecUKXjEIC4qu47SnS8sHNK8u49wpoLa9Ke5yAyQEgZY2CvQFft1w6wuSlFWWl88l8_MVO8LqbDaygFhJbhTnkZuK3g6mLlHl8KNBnwEM-O9fXRMqoy1qPzpnu4W1UnerWJqIU0oFN1ZdTh6E_wei8CRlQYKRnM2j5mmO2P21Y15enwtRunWSSdvy-HgZLM0NaRcFxesf-fdg2w5SDBEVHoyyNcmapg98Heto-QceDEjEIrq1WlWs_d31zMNNbX-40XIdj2Pw0mqCxxuiSbF6Em50L9J3xgjkP3H3yM9DijyIpaBPQg_znAX7LX0b2WSJL86PfYue5TPm_nF_pB5Q7ZqclTGs7OkXr8GefSjofcvRHQbqiiREqbAnCjJ1V-6JFFFbXRhxTYfUeRw5wOD-Qq1IQeIi-r1YsK2M3SUg5FVEvtAhMls7Va8s7ExUooUiC7YQcPehsfJU0JqdsgCztS6t_PkTh5aZ5QTVZHNjZCDNgGpWAQUoNQ7VeuIo8kLWmTLXjfS5pfE2Gy2evt9PgSiYBRkhtYi4nRDyaPv9N_aZ1mcxSJ32Lqtg9120f61ZgHstuETKUzGPe_iEhFWw6DmiKwnizkew_dQCabBEUn8hQyB6JzClVeV1f-UgJI_KxHYRgTzs9JQI-d8j60HRHH2igRgW6UaPCXRvRV-ZeBSwa4e5tltChVNieI0bMgd-Tlu7N48TrsswdnmvPqaqPQPneYV_i-Ezs1YMmZvWZWBlx7crFHuG40nm4-tsVQJIHNEcNsIk9rxRizPpfeUtY0x4hlr6kiOiHC0zkBaMT3DL4VlqUfmsZfc5_FCXI8ZZm4gontV1VEcgaj0sT7RzkkYA

Requested by

Host: 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
URL: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 31F5 5 KB
779 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=14080000121236604444994012569006&a=f6ca3706

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90006.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 14 Jan 2024 17:25:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 14 Jan 2024 15:38:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Jan 2024 17:25:01 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 31F5 16 KB
16 KB 119ms
40ms Image
image/png 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=14080000121236604444994012569006&a=f6ca3706
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 67f81a21986a03bd313b5f4f7784fa492e8651d1f42122f925ac506d966c1e58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90006.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 17:25:01 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16513
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 31F5 17 KB
17 KB 119ms
41ms Image
image/png 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by: Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=14080000121236604444994012569006&a=f6ca3706
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 14bfa07cdc6568cb2ab82060a58c1405bd3cbd8ea13e0d81ece5548af3a7f875

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90006.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 17:25:01 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16984
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 31F5 13 KB
13 KB 120ms
41ms Image
image/png 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=14080000121236604444994012569006&a=f6ca3706
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 5917214bc177a41767c64de2756e0e1723c222cd8b33fb7f5171354003b7705a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90006.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 17:25:01 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 12997
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 14AD 177 KB
63 KB 50ms
49ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d719896ac200872f531043728d5e14302df3019a4c0a8f2b4223f9a92fcbfe7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:25:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64569
x-xss-protection: 0
last-modified: Sun, 14 Jan 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 14 Jan 2024 17:25:01 GMT

GET
H/1.1 200
OK viewability Show response
hal90006.redintelligence.net/ Frame 31F5 0
150 B 118ms
40ms Script
text/html 138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90006.redintelligence.net/viewability?s=14080000121236604444994012569006&a=f589249e&vb=m
Requested by: Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=14080000121236604444994012569006&a=f6ca3706
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90006.redintelligence.net/request_content.php?s=14080000121236604444994012569006&a=f6ca3706
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 17:25:02 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 31F5 14 KB
15 KB 39ms
39ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90006.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 17:27:45 GMT
x-content-type-options: nosniff
age: 172636
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jan 2025 17:27:45 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 31F5 15 KB
15 KB 43ms
43ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90006.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:49:59 GMT
x-content-type-options: nosniff
age: 462902
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 08:49:59 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame A3C7 54 KB
19 KB 156ms
44ms Script
application/javascript 18.66.147.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=14080000121236604444994012569006&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-120.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5ca4b5260e5b7a45b242e3c117e96451cb1d43563baee057f0d609548a112db7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 16:24:12 GMT
content-encoding: gzip
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jan 2024 16:01:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 3651
x-amz-server-side-encryption: AES256
etag: W/"1885e2f5560c2347761a6db4984ea717"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: iPU6K-1411aF2DxKLabyfAeptk-VqXjIiQ9AlkF45WshPMDykiJ2YQ==

GET
H2 200 1x1_0.png
cdn.track.production.webgains.team/7121/ Frame A3C7 3 KB
3 KB 136ms
39ms Image
image/png 99.86.4.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1705253401&Signature=AhPXo3FBAKWQGIGzjAw7UbKTX2cTxbZta-WDGMyNJR9QL3bUUW-mA~nZInUWYWzzL9~h~eO~GD7M-KJsah6jF6ncvKfAcrE3CN6cBjk0mYN7hD5qvKq1uPQB-gy0zIvGEIhsEhFOa~Zc8NTJ1Wm6RTt2HsfrATjRGfYVS1aOummAltXvaxwou9r4wu90vXsihEteydDbUMFrpRZbW4gUcT6ekr3FrSJUfEiltxBHwabKVUkNbqG9bNcqdOTbSi4FZfUAidYQ04f0iV6eCA1RTNq-FphNnqyrBVM1-W7hiELj3iOohVw4AXJd9V~KWASCtGeU-Gp49ppivDzryPaEvQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
URL: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-53.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: null
date: Sun, 14 Jan 2024 09:14:49 GMT
via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 29415
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: e1fpFwGxruX88EYwQ73rzyIiHyLvyppu6ExyGs9S-iNaLrVhBWFN4w==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 14AD 276 KB
91 KB 47ms
46ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a17e0198f255c454e33a043a7009de3129cc041c7221971b5f02237b2d8168af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:25:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93443
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 14 Jan 2024 17:25:02 GMT

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame 5F5E 5 KB
5 KB 37ms
37ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3460623904
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:25:02 GMT
last-modified: Wed, 05 Apr 2023 20:14:46 GMT
server: Apache
etag: "1416-5f89c717cdc2f"
content-type: application/javascript
xphp81: true
accept-ranges: bytes
content-length: 5142

GET
H2 200 dc_pre=CJDNkeuy3YMDFapYHgIdWJENqQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9019369846217.61
adservice.google.com/ddm/fls/z/ Frame BC82 42 B
401 B 183ms
77ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJDNkeuy3YMDFapYHgIdWJENqQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9019369846217.61

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJDNkeuy3YMDFapYHgIdWJENqQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9019369846217.61?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 7495 31 KB
12 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1928050/77879653/xbbe/creative/adj?p=APEucNViY_k48I-4NRsDLGMNOgBDUkh-9U5HHb05ae_T1kVjTYioNiY&d=CokBAKAmf-ByUdFznO4WoxpBcuIBRghykL2fQQaLyi8zndtlplMcqnSL3--W7gx3KSGyFtfZLhGbWTfAsZKDOhJNpwOLK7QrZqYq-E2feQL8C0lSXNOpQjjXgbXDU49_MyvvmoKmLn5wsIssuzBBoowk8hQ-7fdfxmaJ5ZVfhgF3yQ1MJLGQK13lDhkS-RUAoCZ_4M6cQV9BgGUFZr98KNuG1vZ1r32n7swtNFHCpnLGQO2d2T2MPaCdyA2VoTWN5G-LjTk8sxBAQfR0zsnVuFC3om0LmMKNie8Pzqf0IsQgeKyklDam1rvRc_Qva6T7JE7rix_tmljwcBAeMRZX19uSvPGL7ih3DVT0SiajQrAn1Z9waXiVmwbrrrhBqgXAqXr3g2i1Rsg5x_OcF7UPZwmP6-qgMSmgVvQC0aWDd624833ljF-HIpgPTJEsidT1uq2_EYdDPDp0PVeMzB2-yQD7iePuxFzqqz6GTuVs4QmzNuyQJCHBWOd6fbGJscmuct_RzuBIj4-1nl1SYLBhXTltn7PHsODzSwbrZuB40pAK7YkiaKW5PlrCaX1UC-Xk3icp59G14BvXYUpsZFAuj9bV9t7ZYQrZ4mxZmGu0CDoaToerxc0We3ebY_GvmYK3AfCLjp9wAj9V97H6LVHZly-HgXVwmah9wCpgRxUQlTHmcCl-2g1Q90ie60z8zxo1hnwiCcLjkPJMlLauFtPhRTw2ILGMRVkR8qqZijDu6dBe5gNymtJ4_YrFIXd63ryz2PmBiK93zD3yjdcpc601QfspEvNepks49uZpo-8n94oC18EoRaoMwdYpDPNyVC8xplSWHimFg72KdXLZ22446JJHrYCGYoVuDRXYfwqQiTwbdGgTlvbXXYEUbro8P0Q64A8pixkTlsn4yNqEgk-F491xiVPWwMnX8dUCZyUhQsloz28qvs8DE9JyxWyXvp2pqEkCPnaZ8kn0qB4Mx_qYMglQ8RshCI9DCae2niS98qKuXWzsJ4M2AE30QOEASOoAaGOGxugsHG_84Rim9pfDJTCl_n1UQQCK7v7S5NRxr6g81eYEy0swpakUd-V_DMogmLMVJXBceVU4Lto1PXXBFUPUFMDsZ-Nqn_3i42XzTp1Sm5TpqRAyGxa4KbYLShksHV7SIteUjd6spffPd-gJMIZG-yXvkGmUjxeuAEgXsFY1JRyFzF7kUoVZBu0N_BNLmixAn18fZXqgO0_WvzdyDDDDE9jO04eWOJC-BJCZK1z9YsLoMaeIIErNI4bcOX5MldE_CH_zY_P9vxrzQNAWK5d6BNvypxrH7DGMXnQ9-2O24sLBkqMppZQzjZMwJdmoEwMaKiyVvpXxmRysMZ0LGat5_xVpv8AKEOQHLWqKTyW3irZGgykQ4NvzFf49ZKb32N-p5GfFlhk7q5GYcu4jm7zB-0YcJxSFPx4Ok3Z7_BrCas1oPLGg7UKvICGf0CK3doIQd6-Zk0vZZIS0TIYrw5Q8oscSEnEaKrshM0NF0k-LmJf34XMFkk4tm03be3u3ItTI4OkZ7u5sk5FrC5_JzNdKMp0MnuaDWaTPNgTkSmb1G9vvxlDhgmctDCvlPRY-OcQgOCZ4FSwisRD8jsh2BU9nyOpjzQSlwG5DoYigIVAGQW9ghOboTj_Pw4y0OmDJdRWvotXTDLI05szkhu_OyboAZvkugpJo3Es3vYsMYK2uSvNwH-FI_HFTWXFihbz7b3E32uuLg6iLuRvYIXMTUp1AArywNVt1uGUf8M55nHdG4JagOwdXt3NosC5UgIwN_mQkUJ7787tRw0jZXuELfDMtonoMVFoG6Kh7Fv5I5X-u5rXWlRStItlESwAD8RnNHlUHHjilj08N1GqSUsBzinprghxCn1Pkz77M9aOucDrUbfHNCeNWd8KDUuFl8GtYOkB-k1AKTZMUTpD9GBtWlDzPQ6GP0HzuZEavMtrRWtKDaTx2A6sYMi8fhbzpwWIl-81O3KmL4W7T_IA0cIJ_B7MWYKPEPCtWmtRBezXTVS6YsVdW-K9HfkycwcvFhaOocdO2EmITT1275QjE-cpLCaSJzl0xO7-8ZKY9rBV6IqJJem-12axxo_5Ro7TDtrvgJHLKKYNWH6tAsm78tz93LxD0_frp2eFT7JE8pIxjTK4kvW8tZM5WYmQeJo7EQe9HmprNQnZBjuJu24mGo8izrAADKC4_c_m60lXL-kOzFpIFVs9nS4sW4YDjQyQzYx9xKStzkaMzUcPSkzbVMdupyPHI2Xc31Bzrv0rYGJmcqZ8E66DvjbkaevRBeW0Scd-onRS4k59PBMUa6YQwQXNyVmlXL_CkoX0ZGcWLJsbMUyUfVApjjY66DRTVSm9rqQ_DUbkt7YI9juTY12NHZ-x5X_w7fjzMJ4P4ynotxzIMYsaQXosSeabvpVF0s5QotZ7jaUauttId61f7PpStECaHnmnow5i15FldrvLl_a690UoIk3hu6jJ7POlnbvfuC9EdrMq4agbfXAsg_qcZZGVOG6u515383ftB07Tj1LeKNpAyITB2dn5Btkmu3GJCbO2AlybIUqHEyh65fvrwBTdAJf8SLrUmCJidQ7n7mJ96sPjzloefvnz272Z_LbAIA-I1bLR_xV6Bx6yjLVHFlJmOfW43oo6KO7BsFIkmFjND3F8rNPHbLzG_3T10t6Fs22eV6dWtcjzp8dHRdddJZLNs1UuCdEytUHcWz5i7sVvYfE-LG92ZSyGJr0oTLNNCWEAeyd8OD8n__Fv7n5RHsHmKCjewo5YMuq1qqwl1SLsnegM8rwoUbKVbxG4K73O9aGAly4eU6EVBqfbUNZ-yCwubo_6tOVq05ewIZ0pHpdLxB7sTCb2H1kbceMbS692Sc2WcnkQyV50Ou9c_zYyOjHciUlWTf0BVBDnUTF597xT24Oejzh_WgQOQxzUb6BfPup5FCPo5ROOMLsqvAB06m0k9IiNhvYmxCuzqn5o3gDfMPsx-sV86Zi8k9MtmKETGeqaawJq1qL_OOqgGzzOtX_rEyaw382pehk1AQxHXP-S4se3VlcKkYYrt8ynm3wR0wTBxIUh6jFhvUMIxmwyCWyMtJvkCFks8sRfzkTJ_8hL8hCnIfrkAy53RB9Zm5DyT_pKyBDwPGllCrjry5ouUHdGkCH17s862-67TXbhfq6LIs_4ymTLGuILvD04vy_Endo1LbKzB3S_7LjkSTC0-HM9hczAS5IclWiao8cpL173StVXNgDlCwX8IpWizD08kl0dBm8e1KIsdZ-otKAsQohTYQ1JwiDS1seSPimBn3nPtWeNrB4Mw8kXxcO_1PRAd-YANLNVqBcFwuJFBZHMr9_91eWFhJVq3TbyPCeoMZUSky-TwLjDVnUdDXzPScPczp88db2C_vT-ioNlEppAQNx2mfIkaag2oZzCM10c_PYTiTfQO_Frg91PKbQ6y8PbyAoly1UrRguJrRexjTLUoarXfsQtsJlpWOSux9uSgPA8rd6Ic2PgcZMKJtuRdOoZy5FCJ3TpqqzRqYDH35rR7_jH9GtrAFA73mRVIVmkEL476561slPkuOuUK3ZgohLoSFHLHlZx-ZB1gxGaDzDddLc4352MRWzDqL6x_KJiah3UdQ6fF9IkwGjy5YQgNcbI8fDFFGsRU6VFRJ8q4wkiLwExfChhE6QyzN3feTWc3flPgR1_Zfj0s6paUGRSYur91ytNeZZ3VvuKsalgggOhyTGogom-s0GSNOOdPfNpxeylTv37IOiZrdf7A36UB1Wbze0COV0jLjbFg0ZNV4b_KslbEnIqkxduag01FcQu16rNepFohFLyHhVx1vdN98MYKBhoKBOqmUenfv1X7qsUhAFrSNpp556CNAZYKlOsaRd5LB3WRL4AKVhWuo-_ARHKHAkqyX-lwEuLdgB_o_ibGshTY7oceB70gQHgdGlUIBBJPAC8eF_94qhryScrdiQrZCsy2pua2pXCxmMt3x_kkfGoAuO_vMETxGztVF3tGm0Z5hlpgHreoEXaddOd4rH9DH3az4MSOCmJOsckUdyFkRhgBYAE&bundleId=&ias_dspID=3&ias_campId=1015770367&ias_pubId=pub-2205121062140812&ias_chanId=1&ias_placementId=20939788496&bidurl=easyworldbusiness.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0gVpEVGY-B_bQe5pa1Z3T11&adsafe_url=https%3A%2F%2Feasyworldbusiness.com&adsafe_type=y&adsafe_url=https%3A%2F%2Feasyworldbusiness.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:3185a38d-a3fb-be44-41c9-b25a1f567cb4,c:1iv1JA,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7b546d5668-k542q,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:u1mkepA+111%7C12%7C13%7C14%7C151%7C16%7C171%7C172%7C181%7C182%7C19*.1928050-77879653%7C191%7C192,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:12,oid:d93592b3-b301-11ee-8eb9-022b52fa1f44,v:19.8.473,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 23:27:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64673
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11885
x-xss-protection: 0
server: cafe
etag: 16863283086342074828
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 23:27:09 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 7495 11 KB
4 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 23:05:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65956
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 23:05:46 GMT

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 7495 0
0 83ms
82ms Fetch
image/gif 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjst0BL-n28bIcMtM6gb0uvVMTzS0PJwZWKup0eKYtMdzz2GhGY_Vqtypx8E4aXDev3u8_yZh8VU1o9ridVU8TDnhnNBQslSheHQg4rpZZNZsDWG2gfWfjjDOWfpZSJOMxC8fDQ3Ekzc8YDgeV6YRCfGN_ra2xSdQ9hWn8zCBxU63-yEbn1Tlu4t_1GeXHkSdBNtG01X5fozd3L9B6hKHxTCfrS7BQm36xj2qewJXqA&sai=AMfl-YSa-OuMhHD7ucMQ4Z6FTdynBrzeLPU3VAEPtY2rGoKnc6ZB7FB3DpGn4WYuvtjR4HELZ6Mf_ko0hqwn2sx9F9UX0NyouC5s1Ymu1K_poBs0RYoAJPlVxpefjfnCVF2y05DFifzVXgKivAvjjmOpV_zuh4I-&sig=Cg0ArKJSzJYFosyKTtZ9EAE&uach_m=%5BUACH%5D&cry=1&crd=aHR0cHM6Ly9jaXNjby5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20240109.39086&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:25:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 2683172822607153252
s0.2mdn.net/simgad/ Frame 7495 81 KB
81 KB 41ms
41ms Image
image/jpeg 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/2683172822607153252?sqp=uqWu0g0ICPoBEKwCQGQ&rs=AOga4qlK5jlFazG_4UvAb7vSb5PeaxRRKw

Requested by

Host: 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
URL: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

sffe /

Resource Hash

3385165faa59603f6583f48afb76e1c1364b81c6076170e74308b23ef4fc3026

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 12:38:36 GMT
x-content-type-options: nosniff
age: 189986
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83103
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 07:09:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 11 Jan 2025 12:38:36 GMT

GET
DATA 200
OK truncated
/ Frame 7495 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 988ba4a77e5cfba48c3c3a682da541389deae0952c6a6fdf9138d04f0a4f9f04

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 16A0 42 B
174 B 79ms
79ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvq2my0dKQcAVFcmQSBPJkYj3Xep8QpiC33rRG8I-jO7jruT0OpLiiBknAsRC5WU6sZlHdnSodOVzNGzIaDQs_mKgST3_oxdbEMtSwtzUJeVxWRPbP57gZ77cKEyTZFfFGQ8pC9lsqwl7Zb2Qhh-rA8j-5H&sai=AMfl-YTHOcYqLGWVm6Yk8qM2ybcTINRI5aUJ8aXX_uZP-nu5Bb6QGPa3nZd8kTCO-wx6v4QG8lKdKfjnPOuSj4uLA1OoqnAvgkwHVuBUubpE9N-QGyXuLhv1filQ9hWB8JeJEwf6rYKaotBRA-6FP_XWlQ&sig=Cg0ArKJSzErnKoMztqqNEAE&cid=CAQSTwAvHhf_4pQfQbEZWP_NfHJOFpXbCK2NZmScy8GTTSxWEmyGt14XAwCUka3qLyeRfUAK0jL9z7AxiYj86jt9upm8xctFUwN_VCEGYbrp-W4YAQ&id=lidar2&mcvt=1005&p=456,458,706,758&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1581456992&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705253100820&rpt=263&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7495 43 B
215 B 196ms
196ms Image
image/gif 2600:1f13:800:7781:527c:d3a1:ca7a:f29f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1928050&asId=3185a38d-a3fb-be44-41c9-b25a1f567cb4&tv=%7Bc:1iv1QK,pingTime:-10,time:456,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjIxNiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1705253102162%7C%7C987c1ba7bb38930b67b43aca32787496%7C%7Cacc8ce73e974315fdfcc4ebb5f3c527d%7C%7Cd225d93316ae888b1afb5f1e93bba29a%7C%7C8a5ca5a2ea7d659e0d095053fd1ab831%7C%7Ce6fdbe782696aba8d74bd7bcc035248b%7C%7C1824c50d56057501630d46b5f9134e47%7C%7C5ff8f990a308d5f41162eb9e9cd86a36%7C%7C1663701684%7D
Requested by: Host: 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
URL: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:527c:d3a1:ca7a:f29f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:02 GMT
server: nginx
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 7495 0
0 78ms
77ms Fetch
image/gif 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjst0BL-n28bIcMtM6gb0uvVMTzS0PJwZWKup0eKYtMdzz2GhGY_Vqtypx8E4aXDev3u8_yZh8VU1o9ridVU8TDnhnNBQslSheHQg4rpZZNZsDWG2gfWfjjDOWfpZSJOMxC8fDQ3Ekzc8YDgeV6YRCfGN_ra2xSdQ9hWn8zCBxU63-yEbn1Tlu4t_1GeXHkSdBNtG01X5fozd3L9B6hKHxTCfrS7BQm36xj2qewJXqA&sai=AMfl-YSa-OuMhHD7ucMQ4Z6FTdynBrzeLPU3VAEPtY2rGoKnc6ZB7FB3DpGn4WYuvtjR4HELZ6Mf_ko0hqwn2sx9F9UX0NyouC5s1Ymu1K_poBs0RYoAJPlVxpefjfnCVF2y05DFifzVXgKivAvjjmOpV_zuh4I-&sig=Cg0ArKJSzJYFosyKTtZ9EAE&uach_m=%5BUACH%5D&cry=1&crd=aHR0cHM6Ly9jaXNjby5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=110&vt=11&dtpt=109&dett=2&cstd=0&cisv=r20240109.39086&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:25:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7495 43 B
215 B 287ms
287ms Image
image/gif 2600:1f13:800:7781:527c:d3a1:ca7a:f29f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1928050&asId=3185a38d-a3fb-be44-41c9-b25a1f567cb4&tv=%7Bc:1iv1S8,time:542,type:e,im:%7Bpci:%7Btdr:503%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:542,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B537~0%5D,as:%5B537~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u1mkepA+111%7C12%7C13%7C14%7C151%7C16%7C171%7C172%7C181%7C182%7C19*.1928050-77879653%7C191%7C192,idMap:19*,rmeas:1,rend:1,renddet:IMG.qs,siq:12,sis:356%7D&br=c
Requested by: Host: 9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
URL: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:527c:d3a1:ca7a:f29f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:02 GMT
server: nginx
x-server-name: dt16.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame A3C7 16 B
209 B 101ms
101ms Fetch
application/json 13.42.80.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.42.80.79 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-42-80-79.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 14 Jan 2024 17:25:02 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 156ms
45ms Preflight 13.42.80.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.42.80.79 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-42-80-79.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sun, 14 Jan 2024 17:25:02 GMT
server: nginx

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7495 42 B
64 B 78ms
77ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu2-oyf1K14UgzSQqNxK4P1EfOy8LylURNk7AETNEEQRdn7koId9AUWID_QiaHbZJcXk2FqLj7Ikqd-ss433vXlkOUzxOLDrIlB-fRwb4EhANjYSDEC-LJTKD1P1rIQgJ9L-B6uS8PHK0zPOvbyCqJ_NNVG&sai=AMfl-YQAIiUNPvXZDHvies9R2aadQ_EuwbLOeDajr9r4ixd2ZSspMouKFE_6gER9PWgqGT4PogrnrmclVrRVmfTO35EZU7_5vBLnmMNWAGzd3qc6Oj4ebiR1yad3gUuSad1D1J_z-vgP9E6lpvWb-Dy78A&sig=Cg0ArKJSzKw0zwsXK1wZEAE&cid=CAQSTwAvHhf_eKoa8knK3YkK2QrMtqbmtqVwsZjLd8f5JHxqALjv7zBE8Rs7VRd7RptGeYZaYB63qBF2nXTneKx_Qx92s-DEjgpiTrHJFHchZEYYAQ&id=lidar2&mcvt=1000&p=1039,458,1289,758&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=0.64&if=1&vu=1&app=0&itpl=20&adk=2809350135&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705253101200&rpt=970&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A3C7 0
20 B 74ms
74ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5139477022389&version=m202309260101&ct=77&x=1&cor=8071830253011320000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7495 0
20 B 74ms
73ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9576791226854&version=m202309260101&ct=76&x=1&cor=668751326674336900

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7495 43 B
215 B 197ms
196ms Image
image/gif 2600:1f13:800:7781:527c:d3a1:ca7a:f29f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1928050&asId=3185a38d-a3fb-be44-41c9-b25a1f567cb4&tv=%7Bc:1iv2ne,pingTime:1,time:2470,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:12%7D,%7Bpiv:64,vs:pp,r:,t:1470%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:1470,n:0,pp:1000,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1465~0,0~50%5D,as:%5B1465~300.250%5D%7D%7D,%7Bsl:pp,t:1470,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:64,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~50%5D,as:%5B1000~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:289,fm:u1mkepA+111%7C12%7C13%7C14%7C151%7C16%7C171%7C172%7C181%7C182%7C19*.1928050-77879653%7C191%7C192,idMap:19*,rmeas:1,rend:1,renddet:IMG.qs,siq:12,sis:356%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:527c:d3a1:ca7a:f29f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:25:04 GMT
server: nginx
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
easyworldbusiness.com/	1969-12-31 23:59:59	Name: cap_y Value: 10
easyworldbusiness.com/	1970-01-20 17:40:53	Name: JSON_fetch Value: https://blog.filepresident.com/dsvdQu6Y
.google.com/	1970-01-21 03:10:39	Name: __Secure-ENID Value: 17.SE=iRwQBq-09wzb31gl9Ow94touYcZxRDWBPksZ-XeFOxjf3TD5aDde4eFxZ-SMhGtcOf0U9ymKR6B0xlE3-X-0E5bReHlxweP4WJ0PHm22iLhZ9B2L29u6-6ioQuCLiOVvDMNPTcHlTxlYpFzRJW8vO712K3MTeoFIe5bKFzGvVvE
.google.com/	1970-01-21 03:16:53	Name: CONSENT Value: PENDING+877
.easyworldbusiness.com/	1970-01-21 03:16:53	Name: _ga_1WBWNE3NKE Value: GS1.1.1705253100.1.0.1705253100.0.0.0
.easyworldbusiness.com/	1970-01-21 03:16:53	Name: _ga Value: GA1.2.1708091986.1705253100
.easyworldbusiness.com/	1970-01-20 17:42:19	Name: _gid Value: GA1.2.640154954.1705253100
.easyworldbusiness.com/	1970-01-20 17:40:53	Name: _gat_gtag_UA_159534082_2 Value: 1
.doubleclick.net/	1970-01-21 03:02:29	Name: IDE Value: AHWqTUke9IO533s2C3ng9PNTdSfQZ9vHyVk74cwQIQiZC4joyZnE0sFqnLWEmpBE0dY
.doubleclick.net/	1970-01-20 22:00:05	Name: APC Value: AfxxVi7rFs9t9zqSbg8WZUlZgykbTmo6RychDD_xKLHgQfSP9fu5_g
.adnxs.com/	1970-01-20 19:50:29	Name: uuid2 Value: 1031123390893649964
.doubleclick.net/	1970-01-20 18:24:05	Name: ar_debug Value: 1
.casalemedia.com/	1970-01-21 02:26:29	Name: CMID Value: ZaQY7WnOtAefZAtHYnCv3wAA
.casalemedia.com/	1970-01-20 19:50:29	Name: CMPS Value: 1159
.casalemedia.com/	1970-01-20 19:50:29	Name: CMPRO Value: 1159
.doubleclick.net/	1970-01-20 17:40:56	Name: DSID Value: NO_DATA
.redintelligence.net/	1970-01-20 19:50:29	Name: 8lcfmzhxc8d6_uid Value: e4597825e28c201b
.adnxs.com/	1970-01-21 03:16:53	Name: XANDR_PANID Value: B1kPQg8d8jNNQeUzHrJExKX14tRf08RkpXb0qdZEaquxu67vF7bEGumSn4rJRTKTNoEWx9_7jZKiaQV8KLy6Uulgbiy7qXmeJg4Wn7kdCus.
.adnxs.com/	1970-01-20 19:50:29	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?hsYfy0!]tbPl1M>e)ZlrFUfJ+tGXxo<M]qC`NT5ErSe/5nHT3Pv=Aja9YvpeI)DxLa3If)y3KL9D3I?+V[^WsD
.doubleclick.net/	1970-01-20 17:40:54	Name: test_cookie Value: CheckForPermission
.easyworldbusiness.com/	1970-01-21 03:02:29	Name: __gads Value: ID=ebb79a17e5272f4d:T=1705253100:RT=1705253100:S=ALNI_MbvGuIdI-6F97AC2PeNOdMmwhsY3A
.easyworldbusiness.com/	1970-01-21 03:02:29	Name: __gpi Value: UID=00000d417a9d5601:T=1705253100:RT=1705253100:S=ALNI_MYY9dpVZzJr9_bSsV3frgynHXxq9g
.googleadservices.com/	1970-01-20 19:50:29	Name: ar_debug Value: 1
.retailads.net/	1970-01-20 18:24:05	Name: ppb2172 Value: 3460623904
.office-partner.de/	1970-01-21 03:16:53	Name: source Value: {"webgains_webgains":{"timestamp":1705253101993,"clickCookie":false}}
.futalis.de/	1970-01-20 19:07:17	Name: raSIDb Value: 3460623904

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
9349b74a25a03291135896f630c2af6a.safeframe.googlesyndication.com
ad.doubleclick.net
adservice.google.com
adv.office-partner.de
analytics.webgains.io
api.webgains.io
bid.g.doubleclick.net
cdn.retailads.net
cdn.track.production.webgains.team
cm.g.doubleclick.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
easyworldbusiness.com
fonts.googleapis.com
fonts.gstatic.com
futalis.de
fw.adsafeprotected.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal90006.redintelligence.net
ib.adnxs.com
lh4.googleusercontent.com
link.earn2me.com
medialead.de
pagead2.googlesyndication.com
pv.medialead.de
region1.google-analytics.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.adsafeprotected.com
tpc.googlesyndication.com
track.webgains.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
13.42.80.79
138.201.220.30
138.201.63.164
142.250.184.198
142.250.185.130
142.250.74.198
167.233.14.134
172.217.18.2
172.64.151.101
18.66.147.120
2001:4860:4802:32::36
2001:4860:4802:34::178
2600:1f13:800:7781:527c:d3a1:ca7a:f29f
2600:9000:223f:e00:8:48e:53c0:93a1
2606:4700:3036::ac43:bbc0
2a00:1450:4001:802::2001
2a00:1450:4001:802::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::2008
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::2006
2a00:1450:4001:831::2001
2a00:1450:4001:831::2003
2a01:4f8:d0a:2321::2
2a06:98c1:3120::3
2a0b:4d07:101::1
3.248.239.255
35.177.87.134
37.252.171.53
74.125.206.156
91.121.248.44
94.23.99.218
99.86.4.53
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
052f2637ddec7c1bea990f910a20b031fd8ee7567db25b41bc3af3cb3e4496ce
070f9773284c9912bcaf219959bcd4c7e381f71c8c445af5187ef7f2afdf0446
071ab86e7fd2fd640b8b57a67e9a70e1e7ec5b3074ee6b6545ae7fd8eeac3ffb
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
096547792f42525df3c260bc79f8b021d9027000eff5a156d98632b0e4162401
0ac0ecb01606518537c10e2ffcd6da83873f33986d2071ad676b5836608f4534
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10cb90710ba479927d18d6f9f9459ac42a8fbf97b4b202cb6cf53aa23dc7b4da
14bfa07cdc6568cb2ab82060a58c1405bd3cbd8ea13e0d81ece5548af3a7f875
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1808ac03b40beef84415cef52eb8e1fce4acc951ff8b49a566aa686306d8752d
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
237029103001ac1d3d1be41e2e8d014857ae0e2aa51e8952240b606ef5c88b01
23cc30790c500807d73fcb7ddee1853ab034b560c0e12ebf57475554cbdc5f7c
25dfe3db83e6f96ee6a574647ae75831d1201c47bd5528e59778e6dd260300ea
28ec9cac19ef2010ce5d36fd2321f607a9f914bdf4602b9deee6fa604448d16c
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3385165faa59603f6583f48afb76e1c1364b81c6076170e74308b23ef4fc3026
3399f73a829693c7f1b48d5165488b2794b4449ba99e71e3965416d80a19e329
34c3e884c71439b4e483b8468858ee0d046032a9e550f31b663670421c635563
352ea4dd2d545563bef7eb0ba6d6ebfe4bc9d9e51ab00d9c925cb9e103edee63
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3ba5d665ac535616d69ca5dd5b84176fbae574fb419376aea1ca09a673c7eed8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
40a77c47a61e17d7c8edd41de89eb651387c290281eaff781601d75d0fdf8fe2
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
44c5d1c14f1685bd38adfe9a418c800339ea356687ba6e1da9514be0a7df9955
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4888c86dcb1fb5729b7e172bd227fcd6efaea97451db03a828e9146ff4f94b70
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cb078720f981b22937888d562b2ff6d55345e0c3be59481153c7a52e687904d
4eedb2608ce978827e92a9aa0367b6913c6377b0047d05cb2c70cba010150cb8
5136430e3cb74f7eac444ad9d5a6f68fb7df2adf007f03dba382fb8f95292624
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55281589cf843ddbf97b6ae12dea25fee2864f6ef68d4baad17a9618bd524ae0
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56cfd46517ed536a9b63602c5ae4da3ce935fd311d2baad21437ce2677207806
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
590f3b9b271ea1169c670c4afca962460bf0b0079ab03173805e2fbc33bd097d
5917214bc177a41767c64de2756e0e1723c222cd8b33fb7f5171354003b7705a
595af0dae21f22542e8495bfc09648401a1ab4efa650d05976008ad6702ff6df
5a47d57b5e7435cf426c6c7ff1c481ff5591431e6b4025c2614deb49fc0172f5
5ca4b5260e5b7a45b242e3c117e96451cb1d43563baee057f0d609548a112db7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63754ae7c0bba65eb39b523d966a94f6d8eb38983f17022006594fdd1a067a6f
63d33d54008f2f4ee2a5e579e094b036355e10b5a8dead8131c3ef8313101fdf
651cbb53c3e67a452582c597784a988f2ad5db132c709c279a23ad74b9917448
65326516e78412e19221c9fc31a6475f903ba7744e5e4bb389aa76904ecc16a4
668f460a9f67e9a451a786df911fd7d1c15685198035fc48a7559081687b9c1e
67f81a21986a03bd313b5f4f7784fa492e8651d1f42122f925ac506d966c1e58
6a16dfe9e92661a05f6798c8520a71e2f68c4675ffd6428d60e9d4fc71744dc7
6a42980542abcf9aaf788db1510021871dc45bfc3453165c61f4e02a9da92334
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
723da312751e1bc561e9f82e0dd74109eb57c85a6755ba7a79172d8bdd2b6bf9
7262e8496654ef974c3c770a0b598244498af0c5aea7f57d8a42e01040147a1a
73a47fd099a396a77cd7673b9e5078c58ec7e634004728ac5613cef68da21f61
74e43e8afd9c850f558f090dec25a5d9076f2749d6c224c6ad0eb901aa2990c5
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7a7d9c1db951377487084695fb656376874dfa9c637ed36f875a0e06baa82b61
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7c592292cacd8b2d8f99a11658b5f8f79954730e38e314bad222c544a81f0ff5
7cc64f86733a48402158494c0ca25872469f011546313e1773624a472df29f24
81c929d0b0709e33c5bbd4c0b298f02933ae460a4cbe393fb7270eb4e1e0b550
86a84ec556fc8ff8974fb47da9dcc703db91556dd070f187f298296ef59c6a10
8b84495e0e00851129198a3d9676758e12767ab5315e82635cb900ddb46c41fe
91088a015cd36dabb6639d0b6d08fadc57be7f1b85011f5f882d4e7a8611df31
91218ae38d7670eef757df8d16a30eead9b7bbb428c8712abf67a7ada3a9c98e
988ba4a77e5cfba48c3c3a682da541389deae0952c6a6fdf9138d04f0a4f9f04
9af48e0b5251cf0261138af500f6ac95dd0d634087d2947ec62b018fe6a76ed2
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
9e23c5ba8cd1d18988704c31d02531b37c2cd5892a866fdb3400ec9edba85390
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a049f73fcbfcb0f2db50d333edcdebb1a321b07d276b39dff10cc1f0c641d023
a17e0198f255c454e33a043a7009de3129cc041c7221971b5f02237b2d8168af
a219bca5c2423e0afe056198a5e357e1f934c5ed8d2a0c765041b64c19422d37
a7a3d7a668a9e8dd799889672c9fcc6bfcefa81984dd730af698e91cef17bf79
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14f77b0411228e15cc5b549a28c3f5e1c1e02825bb215e2d88fc6d0a0933e42
b42188c56de9630887dae653af313be2fb03fa99bc6bccb7e1bbd3f14eced421
bcf2e204948f909ce5a349178f8284f1c79d617886ab3189c0f0845759a2214b
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
be1825e52a0dc7df04df9322f62abe2a2f2a25d98aac186de0140dfc7f6bdcae
c3d48180e0f38399f185f6bc9436b7c3b20b52b2f90aa880dca2aec8eb6d0183
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
cf68c95012abf0cf82f23bcc69540df135a6a6018a876a43ec9e11de8e6aeab6
d52a9a00b82c8a2eb79d9d257947bc55a7d5e4e5eed92d2ea0d51dbb91c8f1f9
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d719896ac200872f531043728d5e14302df3019a4c0a8f2b4223f9a92fcbfe7f
dd3937baeccc7db444c0e7cff2d5e3d1a314eb234d3f65cf6426f5b16a3470c6
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
dfb2e16986e257b608b45d14396378a8f2ac6a7321c0dc2f13c66a33ec8e4a40
dfe6f769a0eabea200aafbf6c59eccf896ae6af1b047186baf24986e750511cb
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eba592275d4a0b367894939fb9c14caf3b0ce94f3cee225564730f89f31de9e5
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f187dc8de7fe50f1f8825c3500b64080cc78ac39df7efd31a4b1bc562be9ca3d
f675b519b693191aa34d4c4956add5c386725d66e54de27b64c029033527712e
fcc497c6ffcfc479bd17e1efb62a83bae1429f7856e1f7197658ca7825bc9ad7

easyworldbusiness.com Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

183 Requests

93 %HTTPS

56 %IPv6

24 Domains

39 Subdomains

38 IPs

6 Countries

2840 kBTransfer

6884 kBSize

26 Cookies

0 Outgoing links

Page URL History

Redirected requests

183 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

easyworldbusiness.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

183
Requests

93 %
HTTPS

56 %
IPv6

24
Domains

39
Subdomains

38
IPs

6
Countries

2840 kB
Transfer

6884 kB
Size

26
Cookies

183 HTTP transactions
6 data transactions