helopal.club Open in urlscan Pro
2606:4700:3035::6815:5c4b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://helopal.club/
Effective URL:
https://helopal.club/
Submission: On October 18 via api (October 18th 2023, 4:38:38 am UTC) from US — Scanned from DE

Summary HTTP 283 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 56 IPs in 9 countries across 38 domains to perform 283 HTTP transactions. The main IP is 2606:4700:3035::6815:5c4b, located in United States and belongs to CLOUDFLARENET, US. The main domain is helopal.club.
TLS certificate: Issued by GTS CA 1P5 on September 3rd 2023. Valid for: 3 months.

This is the only time helopal.club was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3034::ac43:be40	13335 (CLOUDFLAR...) (CLOUDFLARENET)
26	2606:4700:303... 2606:4700:3035::6815:5c4b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
50	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:225... 2600:9000:225e:2800:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3036::6815:5707	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 10	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:6000:f:a31d:75c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c0a::9b	15169 (GOOGLE) (GOOGLE)
6	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
3	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
3	147.75.84.158 147.75.84.158	54825 (PACKET) (PACKET)
3	37.157.5.133 37.157.5.133	198622 (ADFORM) (ADFORM)
3	2602:803:c003... 2602:803:c003:200::43	26667 (RUBICONPR...) (RUBICONPROJECT)
6	212.77.99.29 212.77.99.29	12827 (WIRTUALNA...) (WIRTUALNAPOLSKA GDANSK)
1	2606:4700::68... 2606:4700::6812:1691	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:2250:3400:a:e047:753:6381	16509 (AMAZON-02) (AMAZON-02)
1	65.9.66.122 65.9.66.122	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 5	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	63.33.97.132 63.33.97.132	16509 (AMAZON-02) (AMAZON-02)
1	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
3	2602:803:c003... 2602:803:c003:200::37	26667 (RUBICONPR...) (RUBICONPROJECT)
2	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
3 6	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
3 3	193.135.9.129 193.135.9.129	48314 (IP-PROJECTS) (IP-PROJECTS)
3 3	217.79.187.54 217.79.187.54	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
4	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:809::2006	15169 (GOOGLE) (GOOGLE)
8	95.101.149.233 95.101.149.233	16625 (AKAMAI-AS) (AKAMAI-AS)
6	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
4	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3	2600:9000:205... 2600:9000:2057:2200:7:dde5:8880:93a1	16509 (AMAZON-02) (AMAZON-02)
27	52.218.29.128 52.218.29.128	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
3	212.77.98.32 212.77.98.32	12827 (WIRTUALNA...) (WIRTUALNAPOLSKA GDANSK)
283	56

1 2606:4700:3034::ac43:be40 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

helopal.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2606:4700:3035::6815:5c4b (United States)

ASN13335 (CLOUDFLARENET, US)

helopal.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.helopal.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225e:2800:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:5707 (United States)

ASN13335 (CLOUDFLARENET, US)

fun-dare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:6000:f:a31d:75c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.optad360.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebase.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.5.133 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c003:200::43 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 212.77.99.29 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: ssp.wp.pl

ssp.wp.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1691 (United States)

ASN13335 (CLOUDFLARENET, US)

cadmus.script.ac	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:3400:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.33.97.132 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-97-132.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c003:200::37 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

beacon-ams3.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.18.2 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.135.9.129 (Germany) 3 redirects

ASN48314 (IP-PROJECTS, DE)

ads.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 217.79.187.54 (Germany) 3 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: cm43.as.net

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:809::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2057:2200:7:dde5:8880:93a1 (United States)

ASN16509 (AMAZON-02, US)

joyn.kr-adstudios.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 52.218.29.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1-r-w.amazonaws.com

joyn-creative-hosting.s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 212.77.98.32 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: wpcdn.pl

std.wpcdn.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
74	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157	682 KB
34	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214 stats.g.doubleclick.net — Cisco Umbrella Rank: 98 cm.g.doubleclick.net — Cisco Umbrella Rank: 255 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 443	361 KB
27	amazonaws.com joyn-creative-hosting.s3-eu-west-1.amazonaws.com	345 KB
27	helopal.club 1 redirects helopal.club cdn.helopal.club	858 KB
18	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 563 beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 9971 eus.rubiconproject.com — Cisco Umbrella Rank: 662 token.rubiconproject.com — Cisco Umbrella Rank: 504	66 KB
12	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 344	380 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	412 KB
6	wp.pl ssp.wp.pl — Cisco Umbrella Rank: 9056	1 KB
6	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 913	1 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42 region1.google-analytics.com — Cisco Umbrella Rank: 2250	21 KB
6	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 405 firebase.googleapis.com — Cisco Umbrella Rank: 4176 firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 536 fonts.googleapis.com — Cisco Umbrella Rank: 49	34 KB
5	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 478 mug.criteo.com — Cisco Umbrella Rank: 2541	8 KB
5	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 373	31 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	112 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	352 KB
5	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 250	42 KB
4	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 402	865 B
4	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 7541 invstatic101.creativecdn.com — Cisco Umbrella Rank: 2587	2 KB
3	wpcdn.pl std.wpcdn.pl — Cisco Umbrella Rank: 9994	88 KB
3	kr-adstudios.com joyn.kr-adstudios.com	260 KB
3	adsafety.net 3 redirects cm.adsafety.net — Cisco Umbrella Rank: 21747	4 KB
3	smartstream.tv 3 redirects ads.smartstream.tv — Cisco Umbrella Rank: 28871	2 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1906 google-bidout-d.openx.net — Cisco Umbrella Rank: 1919	669 B
3	adform.net adx.adform.net — Cisco Umbrella Rank: 4617	3 KB
3	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1090	540 B
3	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200 www.googleadservices.com — Cisco Umbrella Rank: 153	605 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1164 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1073	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1156 id5-sync.com — Cisco Umbrella Rank: 470	30 KB
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 1696	26 KB
2	optad360.io get.optad360.io — Cisco Umbrella Rank: 34089	226 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2931	3 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 728	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2118	8 KB
1	script.ac cadmus.script.ac — Cisco Umbrella Rank: 2049	436 B
1	optad360.net cdn.optad360.net — Cisco Umbrella Rank: 55116	3 KB
1	fun-dare.com fun-dare.com	12 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1183	10 KB
283	38

	Domain	Requested by
50	pagead2.googlesyndication.com	helopal.club pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
27	joyn-creative-hosting.s3-eu-west-1.amazonaws.com	joyn.kr-adstudios.com helopal.club
25	helopal.club	1 redirects helopal.club
20	tpc.googlesyndication.com	googleads.g.doubleclick.net 7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com helopal.club tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com
12	s0.2mdn.net	helopal.club s0.2mdn.net
11	securepubads.g.doubleclick.net	get.optad360.io securepubads.g.doubleclick.net 7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com www.googletagservices.com
10	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com helopal.club
8	eus.rubiconproject.com	7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com eus.rubiconproject.com get.optad360.io
7	www.googletagservices.com	googleads.g.doubleclick.net 7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com s0.2mdn.net
6	googleads4.g.doubleclick.net	helopal.club
6	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
6	ssp.wp.pl	get.optad360.io
6	onetag-sys.com	get.optad360.io
5	cdn.jsdelivr.net	get.optad360.io securepubads.g.doubleclick.net 7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com
5	www.googletagmanager.com	helopal.club www.googletagmanager.com
5	cdnjs.cloudflare.com	helopal.club
4	token.rubiconproject.com	eus.rubiconproject.com
4	match.adsrvr.org	googleads.g.doubleclick.net get.optad360.io
4	gum.criteo.com	1 redirects static.criteo.net get.optad360.io
4	7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	www.gstatic.com	helopal.club googleads.g.doubleclick.net
3	std.wpcdn.pl	ssp.wp.pl
3	joyn.kr-adstudios.com	s0.2mdn.net
3	cm.adsafety.net	3 redirects
3	ads.smartstream.tv	3 redirects
3	beacon-ams3.rubiconproject.com	helopal.club
3	fastlane.rubiconproject.com	get.optad360.io
3	adx.adform.net	get.optad360.io
3	prebid.a-mo.net	get.optad360.io
3	prebid-eu.creativecdn.com	get.optad360.io
3	region1.google-analytics.com	www.googletagmanager.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googleadservices.com	helopal.club
2	oajs.openx.net	1 redirects helopal.club
2	firebaseinstallations.googleapis.com	www.gstatic.com
2	script.4dex.io	get.optad360.io script.4dex.io
2	firebase.googleapis.com	www.gstatic.com
2	cdn.helopal.club	helopal.club
2	get.optad360.io	helopal.club get.optad360.io
1	www.google.com	tpc.googlesyndication.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	fonts.gstatic.com	fonts.googleapis.com
1	mug.criteo.com	helopal.club
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cadmus.script.ac	script.4dex.io
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn.optad360.net	helopal.club
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	fun-dare.com	helopal.club
1	maxcdn.bootstrapcdn.com	helopal.club
1	ajax.googleapis.com	helopal.club
283	59

This site contains links to these domains. Also see Links.

Domain
en.optad360.com
www.facebook.com
t.me

Subject Issuer	Validity	Valid
helopal.club GTS CA 1P5	`2023-09-03` - `2023-12-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.optad360.io Amazon RSA 2048 M02	`2023-09-17` - `2024-10-15`	a year	crt.sh
fun-dare.com E1	`2023-09-26` - `2023-12-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.optad360.net Amazon RSA 2048 M02	`2023-06-26` - `2024-07-24`	a year	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.a-mo.net R3	`2023-10-06` - `2024-01-04`	3 months	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.wp.pl RapidSSL TLS RSA CA G1	`2023-03-09` - `2024-03-14`	a year	crt.sh
cadmus.script.ac E1	`2023-09-02` - `2023-12-01`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-09-25` - `2023-12-24`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-08-26` - `2023-11-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
*.id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
www.kr-adstudios.com Amazon RSA 2048 M01	`2023-02-05` - `2024-03-05`	a year	crt.sh
*.s3-eu-west-1.amazonaws.com Amazon RSA 2048 M01	`2023-07-10` - `2024-05-31`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.wpcdn.pl RapidSSL TLS RSA CA G1	`2023-05-06` - `2024-05-17`	a year	crt.sh

This page contains 38 frames:

Primary Page: https://helopal.club/
Frame ID: BA303532EE65B6C5A1459CCAF317A566
Requests: 100 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html
Frame ID: 0965B27DE8BBA51A366A4E0167E6E6D8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1696164081359292&output=html&adk=1812271804&adf=3025194257&lmt=1697596710&plat=4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l&format=0x0&url=https%3A%2F%2Fhelopal.club%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697603909835&bpp=20&bdt=219&idt=430&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6787739617880&frm=20&pv=2&ga_vid=1230205288.1697603910&ga_sid=1697603910&ga_hid=900965420&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077327%2C44801484%2C44805113%2C44805533%2C44805680%2C44805931%2C31078802&oid=2&pvsid=1716816904784909&tmod=277465322&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=463
Frame ID: D1ED666A7D9EB9C23D0B2F9428D13814
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1696164081359292&output=html&h=280&slotname=3067619107&adk=2984494112&adf=54630664&pi=t.ma~as.3067619107&w=1200&fwrn=4&fwrnh=100&lmt=1697596710&rafmt=1&format=1200x280&url=https%3A%2F%2Fhelopal.club%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697603909855&bpp=42&bdt=239&idt=500&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6787739617880&frm=20&pv=1&ga_vid=1230205288.1697603910&ga_sid=1697603910&ga_hid=900965420&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3800&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077327%2C44801484%2C44805113%2C44805533%2C44805680%2C44805931%2C31078802&oid=2&pvsid=1716816904784909&tmod=277465322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=5g6Kzy3PtD&p=https%3A//helopal.club&dtd=506
Frame ID: DA2C4DA08B8BC905B2089AF8C787AAB0
Requests: 14 HTTP requests in this frame

Frame: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6927201418ACE20D77AC29D3015CBF5A
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=helopal.club
Frame ID: C3DC05C799DDE7B9CB515DA4AF51D98B
Requests: 2 HTTP requests in this frame

Frame: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CDCA7F701B1B6F43FEB1ED7FD5BE699C
Requests: 8 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 25FEEE086B3EEF253944A0964ABF2498
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKijpQIQ2M6oAhjYubJvMAE&v=APEucNWE0I7--y0Jy0PsVjT5uF5ZIlqEeK8GhCYfYQ63Vt_5frlH9fLJr-zUfxesb13hDW_QjpPx8VMTiqnUgmrxTSzzgpqOYuRc_s9yR_7Nl6EwW-weMmk
Frame ID: CD5488D0B3CE140B7491291C3B8D9D12
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 5CA358195C866096C6F9C6199D07BEE1
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/p04HFUVHB2kdNiXzU6p470k3by9Z9P4MzDHJjw8x7-0.js
Frame ID: 0C986F3F1655705976D85FA6E11E1B21
Requests: 1 HTTP requests in this frame

Frame: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6124278511E81A1D09FC9722AD7B28BC
Requests: 8 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=de
Frame ID: B25F69CAC217DE228E121A53391F2C09
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8DA27AAEDC10CA0AB790B3A4DA44E164
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKijpQIQ2M6oAhjY1LJvMAE&v=APEucNVpHgfRvEG8Nj4DYqTnuwW9OhrU_1awioKLAuubT4FG0ZqU_MxLvV7go2_rVk_MpyM4okp4JOqAMWRR_T9ysTAkEF2DNNGbHVGCHrexz6VwebyidnA
Frame ID: 7C3992555E159FE671028D7C58121593
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: A31F5196A3AC850AAC59C4AA092416EA
Requests: 16 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2640407557734353404/index.html?e=69&leftOffset=0&topOffset=0&c=7pHkeEeYyj&t=1&renderingType=2&ev=01_250
Frame ID: AF7C9021F049DF085185A036E2139C9F
Requests: 9 HTTP requests in this frame

Frame: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E2125A7A11837031EE32503A49BC3AC6
Requests: 8 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=de
Frame ID: 61B73E09EB4B4AF5337C0D6C8617323E
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4336193642047629408/index.html?e=69&leftOffset=0&topOffset=0&c=y24UithB9e&t=1&renderingType=2&ev=01_250
Frame ID: 54C3DFF1DDC5179303D2817E9756B5AC
Requests: 23 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AC8081C3A149FC34EEFAA84BB602290E
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKijpQIQ2M6oAhiK2LJvMAE&v=APEucNVoiKkMZYUxk7UGAE9FdNnfc9V5D5vIVSVRRd10715NQGNvTg48pcCvVxspMXVqfV1rcJmwbsbxo35ti6xTKFFLCiKd7hlKICfZP8q7PKmfYQrpyyk
Frame ID: 014D6DA474AB59EADBA05AB743E5A6CE
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: DB595123D1C10EB2A0F0E549D7F80A3E
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
Frame ID: BDAED2E80452EC238ED8EBD5D869F72C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=de
Frame ID: 1F290A7C365E99A8581F034935240D86
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
Frame ID: 265EAAC718788F86A57F32340D4CDAAE
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13944426607783107273/index.html?e=69&leftOffset=0&topOffset=0&c=2dcXIlifOo&t=1&renderingType=2&ev=01_250
Frame ID: 0A0EF3FF335D17C1BC6637A61CF3CE6F
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EC27B48884FC7EC3E995F008B5A73C48
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 001B0EA8269753BAAD7BC7BBA9AF0F65
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0D45995A219F23787F5206B1E3E61E7F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
Frame ID: 2C69E9B2CA59BA75D115BDF9DF831D23
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1697603910821&gdpr=0
Frame ID: 5BA52885C487FA797D6CDFB02C0A9F16
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: 7AF4A47D59D9FC98032B4CE27CA500E6
Requests: 3 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=77635991577424360000&sn=mc_adapter
Frame ID: FF59294BE7074C494C950BFAF65EBEB2
Requests: 2 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=77635991577424360000&sn=mc_adapter
Frame ID: E30FB88D31F15CD0755B258FB2D7A2E0
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1697603910823&gdpr=0
Frame ID: EB3E7733B7885F995EEFEC96BC0F6F50
Requests: 1 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=77635991577424360000&sn=mc_adapter
Frame ID: 2F4E3B1BAC748AD1E68DA8B841B71F37
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1697603910822&gdpr=0
Frame ID: F7FDAFDA239A69E18F17389106D7A401
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Play Friendship Quiz - Helopal.club

Page URL History Show full URLs

http://helopal.club/ HTTP 301
https://helopal.club/ Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

283
Requests

98 %
HTTPS

62 %
IPv6

38
Domains

59
Subdomains

56
IPs

9
Countries

4476 kB
Transfer

10472 kB
Size

32
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://en.optad360.com/?utm_source=branding&utm_medium=display&utm_campaign=helopal.club

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Helopal-108792500944931/

Search URL Search Domain Scan URL

URL: https://t.me/social_fun_club

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://helopal.club/ HTTP 301
https://helopal.club/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 104

https://oajs.openx.net/esp?url=https%3A%2F%2Fhelopal.club%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fhelopal.club%2F&rid=esp&cc=1

Request Chain 111

https://gum.criteo.com/sid/json?origin=publishertagids&domain=helopal.club&sn=ChromeSyncframe&so=0&topUrl=helopal.club&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=RjtRT3xxTUQ0NkVVWTdQeHg2S3VIMHVDemViOXJTNFp3QWtVTDMybEZaUGZKZ1FsTDhmT3AzVzJENEVLWmkzZkdNVWM1a0RWMnRtbjhqN3R4VklrM0szMWpiWUt0dFRzQjl5cUFkaGpsK0tCMENZWk1vbllSRmdRTm1LTmVBNENmYWFPcmJrYTBVaTFEeHIyOENFQUtyYXZvVHpYN2pmdzFRUUhtamFIT25tUFRQdU0vZEwyZENLejlSdU11bS9ta1BVT0F4UWZaMUQ5THcxaUkrWWp3K0NNaDJFK0JocXUzTCtKeWs0b3gyaXRSa2JRUTRoa3JUSlRCZkZyby93cjRQaXRvYjkyYXRzajFKNG1La0h1cGt4eXd3dz09fA&cppv=2

Request Chain 125

https://googleads.g.doubleclick.net/pagead/adview?ai=CGNRdRmEvZcL5F92V1PIPspKikAWAuYLEcdP8qcK2D2QQASDJtI5-YJXikIKgB6AB0_Gm5APIAQmoAwHIA8sEqgTQAU_QG6_aenY8Zxi1DjOFViQsKHh86mxKo7OmRQE5GQrKz1kOg0zFEup8UpQHZQ61zQ6gqnVQ7Qx8ujU8BeYwsnremxrvhDxln-Y0A5tjNGxcyQ0aSJUKTppPjj9gmKhcB-OUvCGDOg2kosrXmMpBtHwLp99LdNSMY9wGvpK8YbNuwDzSmy-VPvj9lPGCWKldVnorInNfKX9JrnHWIOrLl93JIIisUBL3b9OUVjfVojUZ1cn55VXVdDtnXz-455_hWzOqgPI3eZZ0keqphBut82vABMWVra7uA4gF8Yna-zuSBQQIBBgBkgUECAUYBKAGLoAHlY7ZG6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEJ2lA9IIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCTBodHRwczovL3d3dy5hZGFwdGVkbWluZC5jb20vTWF0aC1Xb3Jrc2hlZXRzLmh0bWyACgHICwHYEwyIFAPQFQGYFgGAFwGyFxwKGggAEhRwdWItMTY5NjE2NDA4MTM1OTI5MhgA&sigh=dtn0EnIxGrQ&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaNwpJ1-W0OY_Ea3hHTpGHFL-BiEc8UrUbS9d0KqN3tBiXy20pOU1wMhRo3Nwlg_ao6IyGYrPXNXs0CJj5Jkczpveym_ElvyQkYAQ&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22670985143857465475%22,%22debug_reporting%22:true,%22destination%22:%22https://adaptedmind.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221015658707%22],%224%22:[%2210-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227071431440801584193%22}&andc=true

Request Chain 126

https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
https://ads.smartstream.tv/cm/?cmsrc=dcm&gdpr=0&google_gid=CAESEFxXWXqFfG1D_wggB_mDRMM&google_cver=1 HTTP 302
https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEFxXWXqFfG1D_wggB_mDRMM&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=aa822fe5bc27b70eee9d257ef690feec&uid=aa822fe5bc27b70eee9d257ef690feec&data[stv][idt_did_status]=added&gdpr_consent=&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=

Request Chain 151

https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
https://ads.smartstream.tv/cm/?cmsrc=dcm&gdpr=0&google_gid=CAESEIxJoMi-VvXs6PmVRr77wb8&google_cver=1 HTTP 302
https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEIxJoMi-VvXs6PmVRr77wb8&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=aa822fe5bc27b70eee9d257ef690feec&uid=aa822fe5bc27b70eee9d257ef690feec&data[stv][idt_did_status]=not_changed&gdpr_consent=&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=

Request Chain 194

https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
https://ads.smartstream.tv/cm/?cmsrc=dcm&gdpr=0&google_gid=CAESEPhGznIyo_GIE6KGgkQ-L0c&google_cver=1 HTTP 302
https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEPhGznIyo_GIE6KGgkQ-L0c&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=aa822fe5bc27b70eee9d257ef690feec&uid=aa822fe5bc27b70eee9d257ef690feec&data[stv][idt_did_status]=not_changed&gdpr_consent=&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=

283 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
helopal.club/
Redirect Chain

http://helopal.club/
https://helopal.club/

38 KB
11 KB

358ms
328ms

Document
text/html

2606:4700:3035::6815:5c4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helopal.club/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d77a063e02cae32cb17a65d6c0c8a8b4139d0be2d29ef6e5863ab44d03bfea00

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 817e17910b041a6d-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 18 Oct 2023 04:38:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BO6%2FykLABVJFA0G2OInl4MSksZDO8x3E%2FXCzx0EOcv%2BVV9B5m0RT1tFZT9R%2FVhkk4YtjTrlqrafJ8zH5%2B2iamoFruW4sfb3U9SpEFH9ToBRaTf1TKsyGKJ9xfgq2sOPIUdT4MC2gQ3%2FuiKs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent

Redirect headers

CF-RAY: 817e1790cbc29bbe-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Wed, 18 Oct 2023 04:38:29 GMT
Expires: Wed, 18 Oct 2023 05:38:29 GMT
Location: https://helopal.club/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FmGNzlGJehfHggzws8Zv83Z9J3FjziYO3kXZycpEPUDAPsGGIsM8dVyWt4io35BBjA5bFRrqRpQoFt%2BIcurSq0jPNy601j6caY31KTVVzCzFMv5fJ0FFPc%2F3jRqKZOdL6kMS%2FYs3YEyK7WI%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
50 KB 138ms
89ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9de813b6a85af64423fb0398c80b65cd85a6e2acd163d48b1f6d47b9ba1c8b70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51031
x-xss-protection: 0
server: cafe
etag: 3911798124906294411
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 04:38:29 GMT

GET
H2 200 spectre.min.css
helopal.club/stylesheets/ 42 KB
10 KB 23ms
20ms Stylesheet
text/css 2606:4700:3035::6815:5c4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helopal.club/stylesheets/spectre.min.css
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddb3aa9142a5007f984815fe8383a9d6bca2e369f19496f68025b230b4953584

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 19 Jan 2020 07:26:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3335
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ByXM8IXWxQTOxi6nBZGHxAAesAoVA6UXLF3AAyRFZTtuD9MpOU4VBEv3d%2BI4f1R3FuLntPNHot04BKAbUr8%2BGX9pS%2BF9uUxt8L%2B%2FhDCcKs5Z%2FR3V4d0XZIJH9%2F70c9vzso6mP4%2FWJAHVWM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=432000
cf-ray: 817e17932c7d1a6d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 spectre-exp.min.css
helopal.club/stylesheets/ 18 KB
4 KB 19ms
16ms Stylesheet
text/css 2606:4700:3035::6815:5c4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helopal.club/stylesheets/spectre-exp.min.css
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b66fea64ce1ae1040340f5762d97a31187aaf1ec2c8a28a532b0c82622c6df3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 19 Jan 2020 07:26:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3335
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rc2uTSUCRSYDAvin%2F0a339UhWfuKk%2FymRc7XZI6ZmuI%2F3bbEqEjhYj9PHRxim8JoSM5naB%2F%2FK7Ut9JQse8BM%2FmDvCCrsvlzW3c9MNLjf5z5olMXXLFYaUWllDM1t4GQbXdVQJzOxWc2jgSU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=432000
cf-ray: 817e17932c7e1a6d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 spectre-icons.min.css
helopal.club/stylesheets/ 9 KB
2 KB 24ms
21ms Stylesheet
text/css 2606:4700:3035::6815:5c4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helopal.club/stylesheets/spectre-icons.min.css
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f36198740d2dd79a44002dcf7eebe2c43ab6b5c3ffd60b7e71dd31a7c43872b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 19 Jan 2020 07:26:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4842
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zV2M2lCY5%2FmWtpiX1%2F%2BxW2NlNBHocmiyL0mfEO5FnYI%2BOCaOBmcU7Xdzz2u0jcwaPbENbnMDlkwAzs4dF1gAJPNhGyPzUvKAmhwX72jsgLzYUBwTz1EGJzDHkRto5kR95AkxOzKRlOHH4nw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=432000
cf-ray: 817e17932c7f1a6d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
helopal.club/stylesheets/ 4 KB
1 KB 26ms
23ms Stylesheet
text/css 2606:4700:3035::6815:5c4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helopal.club/stylesheets/style.css
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0c71bee455ba91e5aa859abf3961d7e57c1c00cb85def124dfa1d8f53069d47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:29 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sun, 19 Jan 2020 07:26:14 GMT
server: cloudflare
age: 4842
cf-polished: origSize=4926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DtC1XjaxQJaI4OwXDnC9ByNQUxKnGuxCB%2BIO3CNsK9CdFKUMbTBTENWowZMteGpqWFWBI910wU%2BO%2Bq5dNwau8Q4XDLyxtMwogg3O%2BMCeWqiCZ5Q3ZOyCUfH53nbXNTBvAcPzBKRkItr%2BSSo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=432000
cf-ray: 817e17932c811a6d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 main.css
helopal.club/stylesheets/ 7 KB
2 KB 30ms
27ms Stylesheet
text/css 2606:4700:3035::6815:5c4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helopal.club/stylesheets/main.css
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec50c9a8d51925986413f726c63b107ff51502b5f44e49f54807c6d3427757ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:29 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sun, 19 Jan 2020 07:26:14 GMT
server: cloudflare
age: 4842
cf-polished: origSize=10580
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VzeEdf2fXircOOJQ14P2aqZU%2F9BkaJ9J9p9UeU6XiSgl4Evkr%2FsG0XS23k9La3aGt5QsiTB%2FSGU7PYAlT0aLh6WIaUfTv5wYXtNpCuZgZbBTCWqny6IVl9MBsod9SSAd%2FGPnX3Mxhl%2F%2BK50%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=432000
cf-ray: 817e17932c821a6d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/ 100 KB
19 KB 78ms
32ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://helopal.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2800786
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 18778
last-modified: Wed, 02 Aug 2023 21:01:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64cac444-495a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ocz8qOBTwo9Cm4QufU5FuzpY2nMXkX%2Fq1dH5XWUa7n1g3z%2FEi2RUnyOFiJuksw9PwbxWAhRe02gRVbvmfAXGhPAv8AQlg5wT2%2FiAAsBZgskssISbeL%2BrzCBwW0I8IVU1dDjmqGxYazpSCmkEBy1X9E95"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 817e17937a479a30-FRA
expires: Mon, 07 Oct 2024 04:38:29 GMT

GET
H2 200 bootstrap.min.css
helopal.club/stylesheets/ 139 KB
21 KB 24ms
22ms Stylesheet
text/css 2606:4700:3035::6815:5c4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helopal.club/stylesheets/bootstrap.min.css
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9fa1b78af612f835e36c2b7e759d15aa574851f2fb7dd556542af5c4ae2d4ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 19 Jan 2020 07:26:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4842
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t9eWIzgju2p6KjccEnP1XWMFOQn8zI0TO3KPD8gBBzJ4951VSs1B9%2FhPP76NBs%2BXKXtg%2FLs6ilKVhFp5n034NNEbv%2BzRnc2Gypn24gVtQfUuofJJ77bNpfVLWQ2oJrs8A7J9YfSDkkASD6I%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=432000
cf-ray: 817e17932c831a6d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-confirm.min.css
cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.2/ 22 KB
3 KB 70ms
31ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.2/jquery-confirm.min.css

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9809a9d6fe844649e678fda81d91b9dd6d4bfb339d495b0cdb95af999e14f9f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3494697
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2881
last-modified: Thu, 22 Jun 2023 11:06:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942b19-b41"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EZ7PsAemXsavRTo1C4Fv8vBBl9l%2BuCobggZf%2BSqg0VLo2I%2BMpzNkTXOFn5qdgcDcj%2BwfMi7cteh4M8T7BcWUYhjcUwqMNH6PhLIPiaDImVcaDo5FqzzvCgi6fFijf8cb1%2FOjg3Fe4l9WyrBMdkC3kJre"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 817e17936e37bb47-FRA
expires: Mon, 07 Oct 2024 04:38:29 GMT

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ 70 KB
4 KB 71ms
32ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5402543
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4220
last-modified: Thu, 22 Jun 2023 10:45:16 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "6494263c-107c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=llPvyRYNPa7uWzyG50ksOkDrcEcg%2B1WY3ETaBBnC9jpQ98h5uc7Ak9qKbDsOmlVmcnkIVdGYN1%2BNdzekKnaqlPI0RtFC08FJFAJ1O7LapFFYMmkC0zGsIs9Q0UeetfEsVp2oaAtP7PU%2BbAk8IrBoldc4"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 817e17936e39bb47-FRA
expires: Mon, 07 Oct 2024 04:38:29 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 89ms
7ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 15:39:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Oct 2024 15:39:59 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/ 35 KB
10 KB 124ms
22ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/bootstrap.min.js

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 617, 617
age: 22375256
cdn-cachedat: 2021-06-01 19:39:17
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:58 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: cc9c4f0d341b28a2bf97da1ba3da67e8
timing-allow-origin: *
cdn-requestcountrycode: US
cf-ray: 817e1793c85618d5-FRA
cdn-requestpullsuccess: True

GET
H2 200 jquery-confirm.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.2/ 27 KB
7 KB 55ms
17ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.2/jquery-confirm.min.js

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d14cf552496ba4036ec2a27b334679e2388e13f199c25a76101482eac970ea3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 14378208
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6362
last-modified: Mon, 04 May 2020 16:11:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec1-6cf8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LtYuJ50gEvIdzJpN0zLNN%2FNI55AzxXa1qqQ2I4ooRLTJ24HLmfJUrSoBww9l9FomBw4xb9EOdkPnDUQAEKmPrKcJ6B7WBCX0kW592AHhsfR5LN2J3zKHqgKbruezELxh9Mb0e2a5wlbS1K02WxNbyBI6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 817e17936e3abb47-FRA
expires: Mon, 07 Oct 2024 04:38:29 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 130 KB
50 KB 57ms
17ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-176069477-1

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

72fbb7c612a676239f953f504b6afacc2f22cbb156e24a36bfb34ccf3718009a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 50980
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 18 Oct 2023 04:38:29 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 185 KB
67 KB 58ms
18ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-136873609-1

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ee67f42e9aae1732dbba115d5ffda31f887048c6774a6e7af5b9e473ad87cde8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68359
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 18 Oct 2023 04:38:29 GMT

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/1850e43d-e81d-4f01-b19c-f7b9b055e252/ 279 KB
60 KB 84ms
7ms Script
application/javascript 2600:9000:225e:2800:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/1850e43d-e81d-4f01-b19c-f7b9b055e252/plugin.min.js
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:2800:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 29974111dc4da2acedbd2eaadc317a3f55f71d219e2c67b661152f9f2ebad6c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 03:43:46 GMT
content-encoding: gzip
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
last-modified: Mon, 16 Oct 2023 11:35:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 3284
x-amz-server-side-encryption: AES256
etag: W/"3fbc3f735f0563f076df6b3d05cad30f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: HJZsH4bcBI8buefU72-yKEjJtNKCU5pD_4i7JtyB8tbf7PNQhsklMw==

GET
H2 200 1623528814.helopal-club.png
helopal.club/site_logo/ 4 KB
4 KB 16ms
14ms Image
image/png 2606:4700:3035::6815:5c4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helopal.club/site_logo/1623528814.helopal-club.png
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcfeb4b89a5cda13c5da8db61507eea441ddd4d4cb1e5a84f91d456cea251b7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:29 GMT
cf-cache-status: HIT
last-modified: Sat, 12 Jun 2021 20:13:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4841
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aanjilirKKybyezGGkaVUmj8nV6xPXg0bNr%2Bi3SSWPga5H05mZps%2FsZh6m4C979AeAcMCRjyiWCuKfz6uVoQLddep%2Bo7Ns6f%2FxDtejNTi1%2BPXqUc6TnQR838DT8hRKk1z%2B2w7MVEQ76ICIM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 817e17932c841a6d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3997

GET
H2 200 best-friend-award-2-1642431865-1044d2c3-1e81-4852-8bff-352dcfa83551.png
cdn.helopal.club/images/ 309 KB
310 KB 79ms
30ms Image
image/png 2606:4700:3035::6815:5c4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.helopal.club/images/best-friend-award-2-1642431865-1044d2c3-1e81-4852-8bff-352dcfa83551.png
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bcc32a5bd2678766a21faf6b68941eaf9fe1fc9c7168a091af3ef81c1738f50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:29 GMT
x-amz-version-id: do0YZFwpRk6lhbsdaAM2LzzfRn2srhZs
via: 1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA6-C1
age: 3334
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 316686
last-modified: Mon, 17 Jan 2022 15:04:26 GMT
server: cloudflare
etag: "98213a542d36a029931ddfc74bee83be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MB%2FKlUOv9GfmIcPzNbeUaLmux%2BUhG8PriGtB6HhEPMz6Sn2M1ejmDt2ViOcCC1%2B6uBXqrNPW77oHyPoSgDPWL8TpFe5GsdC5s8CRfA%2FxLCqUke3vt1vllr%2F2lmcWsnRZbBPPjL7UDVtBakHOGMI5"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 817e17937cb91a6d-FRA
x-amz-cf-id: fEOPwRPFmYZ8fzu5a_CKhpEX7eKgMbZpx3XEduwCLrIeZ364sWtWsw==

GET
H3 200 1623667520.how-many-friends-love-and-hate-you-small.jpg
helopal.club/quiz_banner/ 21 KB
22 KB 38ms
36ms Image
image/jpeg 2606:4700:3035::6815:5c4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helopal.club/quiz_banner/1623667520.how-many-friends-love-and-hate-you-small.jpg
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13aa444747a569e25f79d16b3870a9715735f0bfb98e395447f1dbc979c78be0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:29 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Jun 2021 10:45:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2839
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rgw6ZQGDJIE9fUejDKw3rdAYZuBDLAynj1SegtB7lM1OVR52g%2F2xZooeM5PpFCv2dsnthwTiKFiRtg%2FUXx7ZOAbiZUAi41FBz6bcCzE2sYAXVHGy%2B1UckTHi0%2BbiDzaG%2FOk1LF%2BpOpjW9P4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 817e17937f9c5b4a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 21785

GET
H3 200 1622809937.b.jpg
helopal.club/quiz_banner/ 17 KB
17 KB 15ms
14ms Image
image/jpeg 2606:4700:3035::6815:5c4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helopal.club/quiz_banner/1622809937.b.jpg
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 387fa76a18c1e2dcc5db9d10f530ac9c419faa94becd7bedafaf8d05521c32c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:29 GMT
cf-cache-status: HIT
last-modified: Fri, 04 Jun 2021 12:32:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1982
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5PjbCmr1BMEhFQ6%2BJYzM5uRoAEWZAYngPi83%2Bb9%2FlFGLmSaer9K09j7K56LAP6FdbSiSJ5ZTDt3JEPw9ViIQSL3lZFPnx6DD8VDHRsDttIF6IT7rHndzHQGp9MT929%2BXzxs4WXXSwWOLK2Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 817e1793efcd5b4a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 17439

GET
H3 200 1622810191.e.jpg
helopal.club/quiz_banner/ 16 KB
16 KB 19ms
18ms Image
image/jpeg 2606:4700:3035::6815:5c4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helopal.club/quiz_banner/1622810191.e.jpg
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ab4a49144b0899c87c607eba0952310f2790e06bf4cd6ba025fa8f4dea93052

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:29 GMT
cf-cache-status: HIT
last-modified: Fri, 04 Jun 2021 12:36:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1982
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vM%2FYCTGt4V193FOUAq3wmU2PSGny5GHQzL7qc1CmkqWlK9T9qZSAwgRTHnj4TRPOcImvsangeTUw88ChOUHy8i7bSPu083mr%2Byr15rzq%2Ftu5TRCG8G1%2FJQGMtz0rmsr9yvASXtm89O1nWcE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 817e1793efce5b4a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 16244

GET
H3 200 1622809962.a.jpg
helopal.club/quiz_banner/ 16 KB
16 KB 17ms
16ms Image
image/jpeg 2606:4700:3035::6815:5c4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helopal.club/quiz_banner/1622809962.a.jpg
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73060bc634e7d84fa78d9e5b0b0d188c9e0e84dce0172f8042bba2b180886099

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:29 GMT
cf-cache-status: HIT
last-modified: Fri, 04 Jun 2021 12:32:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1981
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wah6RKxVitANPO6ZFGSdjvwgUmCWn9f%2BVfUfxh2feHyn3vFLMFnGMtJ0DNDgEpN3loND5xbmOLs%2BtjjZuexDDKu5a%2Fh23FCWe5hvPPceNtf4nXKQwGzlatQmtJHfq1CqzJeBPUXCkVcpil8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 817e17941ff15b4a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15893

GET
H3 200 1622809982.f.jpg
helopal.club/quiz_banner/ 24 KB
25 KB 20ms
18ms Image
image/jpeg 2606:4700:3035::6815:5c4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helopal.club/quiz_banner/1622809982.f.jpg
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7a44b79476282023aa69f375fb648558a8913635c9350fdcca4ef79a876d70b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:29 GMT
cf-cache-status: HIT
last-modified: Fri, 04 Jun 2021 12:33:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1981
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xa%2F8pCQMdW2VT%2BkXrsMeXshxGc7W0R9ZaJxNEHroTdFhT8QtQDPrlHAAeePzOD2burFcg%2BjLOveI3JmHdVSLPhU3wXQ863AWWmzqMgitjR%2FsXVTpMNPsdbxVJ1kSCAfYdYnx7evndK9XyI8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 817e17941ff25b4a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 24808

GET
H3 200 1622810009.g.jpg
helopal.club/quiz_banner/ 15 KB
15 KB 19ms
17ms Image
image/jpeg 2606:4700:3035::6815:5c4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helopal.club/quiz_banner/1622810009.g.jpg
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e01a0575080f66e28f68c7d43dd12195d569a2172bdf786643945e3589b055b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:29 GMT
cf-cache-status: HIT
last-modified: Fri, 04 Jun 2021 12:33:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1981
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zl5MoBfJlNz6B755Nv0uH8dGINK9B6%2BUGcG9l7IYs7VjJZ3cHr7rC1xwroWIO1UhabO2tsWtFkwG8F1RhMq0nNSBZ9%2BJjDum81clLhBxBUYgw1dYJDp9YNjsVHO0h5qdMUo1jk2vmFoeub8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 817e17941ff35b4a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15020

GET
H3 200 1623160044.true-friends.png
helopal.club/quiz_banner/ 61 KB
62 KB 26ms
25ms Image
image/png 2606:4700:3035::6815:5c4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helopal.club/quiz_banner/1623160044.true-friends.png
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72035cff2a2b4aa0eee6fa22c60e429cd23e12a43f811edce39f999134dfdb08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:29 GMT
cf-cache-status: HIT
last-modified: Tue, 08 Jun 2021 13:47:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1981
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6xmVsSa3R38mAndBPropNMntRbxJgkUyV3hEosXP1VnyglDswkTHrtrFc4ONAByWanplAS6UKGEkunFOVF%2BByrNNF6ifRG%2BmViHAtWBDLmxr5IqeRplh37Oluv%2F9QOIY4UtuSzODFAqzlYQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 817e17941ff45b4a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 62964

GET
H3 200 anonym-eng-1694244024-fbd92fcf-4241-402f-95a4-c12a2e3f87bc.png
cdn.helopal.club/images/ 55 KB
55 KB 37ms
35ms Image
image/png 2606:4700:3035::6815:5c4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.helopal.club/images/anonym-eng-1694244024-fbd92fcf-4241-402f-95a4-c12a2e3f87bc.png
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29aaec486617fb3efbf0d98e6034ad1a8eb5d82734e2aed02ab7de37fc1be9d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:29 GMT
x-amz-version-id: ANqBqgXEubcEvtJobs1s5IhOiWNekHxs
via: 1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA60-P3
age: 1982
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 56105
last-modified: Sat, 09 Sep 2023 07:20:26 GMT
server: cloudflare
etag: "d7b230fd17d40c7746570ed5cc95a5a2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ru929zpLxJ%2BE%2FQ%2F%2BKJXXAbrxIa5VoXpGaGoR7rwSKofiPCOC8oE0VEcfXLc%2BGD9porwEDd21U7MMk6bRJpn9CaXfc5ye4DLNYKe8Ywx8FYJMLy7bmTCpb1PSUbScmdWqfh%2B13sZGdeYAx0SCau%2BJ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 817e17941ff65b4a-FRA
x-amz-cf-id: fetR08zbXukgv-9tyCmE54l5xGa9hxiTisAQ7Y1FWkdhfHAvCVgWdg==

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
50 KB 77ms
59ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1696164081359292

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83a5d8d794019a0b7b6e4c788ef3c914c88f0c02471a61d18da26e12523d6c2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://helopal.club/
Origin: https://helopal.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50881
x-xss-protection: 0
server: cafe
etag: 16149814315166014487
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 04:38:29 GMT

GET
H3 200 facebook.png
helopal.club/ 580 B
1 KB 35ms
34ms Image
image/png 2606:4700:3035::6815:5c4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helopal.club/facebook.png
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6079a677b4ff727c225559facad29c7a945d060fa5cd637ac76b4ee55d21f471

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:29 GMT
cf-cache-status: HIT
last-modified: Sun, 19 Jan 2020 07:26:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1981
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NhtHVbymOiymJT%2FLRFsxOkNDQZHJ4bgi0oPcxkwFYTQGcXQdPzZGAAJ4wWozH1tu1%2FZNPjEBk6NXHbfWEltyXvkxh%2B7ThyvC1cT9of%2F2eW9r8O8muVpz0VrIXxr%2BNcIfszKXvI%2FMsQaxPBM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 817e17941ff85b4a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 580

GET
H3 200 join-us-in-telegram.jpg
helopal.club/img/ 10 KB
10 KB 35ms
35ms Image
image/jpeg 2606:4700:3035::6815:5c4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helopal.club/img/join-us-in-telegram.jpg
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce766614a0ce7850d90a574b9919975a0f77949da3c33f850b41852a774cd33f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:29 GMT
cf-cache-status: HIT
last-modified: Mon, 16 Nov 2020 12:20:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1107
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HJHPbw%2B0cZ4NT%2B%2F0lpKOJ8E1IngRFAa2HhOG8Yrqo%2FLyIEQkeSHuvfZ7RQTuFzCfdz8uiLi6Jdkon7v0GmkRHJmB33orNnedLy7aWe3ITe6JWAbSO102ez7elJaTSfsgTh2dCGogs0XX7eE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 817e17941ff95b4a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 9799

GET
H3 200 clipboard.min.js Show response
helopal.club/ 10 KB
4 KB 25ms
24ms Script
application/javascript 2606:4700:3035::6815:5c4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helopal.club/clipboard.min.js
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60fc4511f1c0ccb8fd9f64fed945c028634245420d93405ec69a6e8e2561447d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 19 Jan 2020 07:26:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2014
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NFx04z0SnNb%2Ff4WeXziQgx5gYBOdT2hjMxFiY4fucObnRoINV%2FOvHuxlDKCViIPsQCxq1uN0fzQkNOvJcljoMWQqJHeKUpl5rrczk0u7elCHndFM0bhLLPE9yY2gNUsLLziG0VYwVlvkqyY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=432000
cf-ray: 817e17940fe15b4a-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 howler.min.js Show response
cdnjs.cloudflare.com/ajax/libs/howler/2.2.1/ 35 KB
9 KB 14ms
13ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/howler/2.2.1/howler.min.js

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67a620b02e2a8b2f28d34ee63509828125c4992f021adcf05e2eabcf23ff6621

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://helopal.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 21193969
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8506
last-modified: Sun, 25 Oct 2020 15:34:29 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f959b05-8bf8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ytoh%2BnLvsl7Aw%2FflvnSC9jPFNQzN3FltMJ8eYUSfFWV7IpGipGgZ4tkfjbnH49Ea2uolxnCGU8j%2FuyPnV9IqgmwJP9kOb9Je6UKEbw0GeD9eNAP2cdeYnwXuXfYVUOnlWyQ2TP5OVwvC5aMoze%2B4%2Fu%2Fl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 817e17940ac89a30-FRA
expires: Mon, 07 Oct 2024 04:38:29 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310120101/ 394 KB
134 KB 69ms
69ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1696164081359292&plah=helopal.club&bust=31078802

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e90978a44f8c4ac993ebe81fd5336f5a546a7be5b7fb3c279fff395507049496

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136741
x-xss-protection: 0
server: cafe
etag: 9526728749842247631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 04:38:29 GMT

GET
H2 200 qbg.png
fun-dare.com/site_logo/ 11 KB
12 KB 65ms
15ms Image
image/png 2606:4700:3036::6815:5707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fun-dare.com/site_logo/qbg.png
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:5707 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fdd68fb302111aa20d2544c139144e3e43ff45e7f46af9ecd6005dcbb1f24f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:29 GMT
cf-cache-status: HIT
last-modified: Wed, 02 Jun 2021 15:04:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2017
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9VfGgCqx8kAgqxw%2Bt5ti%2FZHn4xY6iAbSDvI3n6kHm85ifWu0gneyM4Il%2BfWq3UFav43d09hmOI%2By4T8dlMW0nYCCkQ2KY%2F4KmCifym7JPPUoBO5hL4jlTVTVENGBu5CTsKoYJ9CNGYpIwxI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 817e1794dc829c00-FRA
alt-svc: h3=":443"; ma=86400
content-length: 11290

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/ Frame 0965 10 KB
5 KB 37ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://helopal.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 68908
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 09:30:01 GMT
etag: 2603938475786422795
expires: Tue, 31 Oct 2023 09:30:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 206 correct.mp3
helopal.club/sounds/ 16 KB
16 KB 32ms
31ms Media
audio/mpeg 2606:4700:3035::6815:5c4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helopal.club/sounds/correct.mp3
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b36ccb3fa489753610fcbf8f4cfe4021cd1ee7b6159d8a17eabaa92b3e3d8094

Request headers

Referer: https://helopal.club/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 18 Oct 2023 04:38:30 GMT
cf-cache-status: HIT
last-modified: Sat, 05 Jun 2021 10:38:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1981
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6LH%2BwN3j5ZnCfX5nfzRj2GcrVY73HYt61h7Gh5Jaq2j5sq4yLg8PuR2FpHb4JfAYbT%2FGBA0WsjoGk97aWrp8U%2FekAyrhgNPD4kyhqmE%2BGtl8KfqMpBx2trwd17xnyby1IRKFa6fpMkjtiRA%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
Content-Range: bytes 0-15124/15125
cache-control: max-age=432000
cf-ray: 817e179608c25b4a-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 15125

GET
H3 200 wrong.mp3
helopal.club/sounds/ 79 KB
79 KB 27ms
27ms Media
audio/mpeg 2606:4700:3035::6815:5c4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helopal.club/sounds/wrong.mp3
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aab452cf9898bd79f2252623197fa5c45f5c64dd82a203b7259235e6e4f8965f

Request headers

Referer: https://helopal.club/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 18 Oct 2023 04:38:30 GMT
cf-cache-status: HIT
last-modified: Sat, 05 Jun 2021 10:38:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6848
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pAhiZpwxXXcSvJ7XAGuBRT%2BzuWS7lyQQc9LH%2FCIrq65er%2BTBipqrtIkAHAYTgmPGMnOO0NULwrqSr2iK5YHU9bxwDI6c5eml3NoRxb4US6dObD4xqfSaLoZKRquA2Rsrz0D1byUGORKhoY0%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
cache-control: max-age=432000
cf-ray: 817e179618c55b4a-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 206 proceed.mp3
helopal.club/sounds/ 26 KB
26 KB 43ms
42ms Media
audio/mpeg 2606:4700:3035::6815:5c4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helopal.club/sounds/proceed.mp3
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c8409dcad2e8d36ca28ef173376dee1e565758442050715742bfdbb08c92cad

Request headers

Referer: https://helopal.club/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 18 Oct 2023 04:38:30 GMT
cf-cache-status: HIT
last-modified: Sat, 05 Jun 2021 10:38:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6848
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=baqCQj4lUM8xBCVNwQoKTN0EU9DPt%2F6V0t3fWWvc0kFWvsKWErPX6UliQ60h7Mu7gTT1Y6T8JxPsIYvg9ztdXGYjAYPUqQd1JAWj1G6ttdeTxx%2BBwUh6FqCyTjgkVCfjg9xtI2bxe4fp4EI%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
Content-Range: bytes 0-23798/23799
cache-control: max-age=432000
cf-ray: 817e179618c65b4a-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 23799

GET
H3 206 error.mp3
helopal.club/sounds/ 20 KB
21 KB 28ms
28ms Media
audio/mpeg 2606:4700:3035::6815:5c4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helopal.club/sounds/error.mp3
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68c82d2c77388cab6da0584fcd1539d002ad095de31d9f80937aae0ca6cb15af

Request headers

Referer: https://helopal.club/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 18 Oct 2023 04:38:30 GMT
cf-cache-status: HIT
last-modified: Sat, 05 Jun 2021 10:38:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1981
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aQd5l837d2Ian%2FMO%2B6q%2B%2F2lVweGE4E6hduNwkiPy5%2B7W1aH05ZRgCLJFtHjcyfQGXNpXWA3jeVMCKvOR1hfkw3TQ%2Fpdi%2Ff2LErXXG%2BxooFjUf8kKwoO21tSK5LwuquIyXIif59j239I4yTY%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
Content-Range: bytes 0-18978/18979
cache-control: max-age=432000
cf-ray: 817e179618c95b4a-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 18979

GET
H3 200 skip.mp3
helopal.club/sounds/ 79 KB
79 KB 29ms
28ms Media
audio/mpeg 2606:4700:3035::6815:5c4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helopal.club/sounds/skip.mp3
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aab452cf9898bd79f2252623197fa5c45f5c64dd82a203b7259235e6e4f8965f

Request headers

Referer: https://helopal.club/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 18 Oct 2023 04:38:30 GMT
cf-cache-status: HIT
last-modified: Sat, 05 Jun 2021 10:38:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1981
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2HBPwpxJDrcILRVR0l37ut8TnDGymjQj2bXGIqkY08FlZjCe2KAx%2FCRDDjNBFaQLyo8OpEhTcJ%2FmvdDhCyzfOieC%2BCrA3p%2FqUbjLbIpZN5zLhA8MkS0JsWr72o9ei8IwV3gK6RoHUnMnvPc%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
cache-control: max-age=432000
cf-ray: 817e179618ca5b4a-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 206 delete.mp3
helopal.club/sounds/ 26 KB
26 KB 45ms
45ms Media
audio/mpeg 2606:4700:3035::6815:5c4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helopal.club/sounds/delete.mp3
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bd8b93147a25b894ae2f92584a545693838c3f910eab31999b22d50bca4aa6d

Request headers

Referer: https://helopal.club/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 18 Oct 2023 04:38:30 GMT
cf-cache-status: HIT
last-modified: Sat, 05 Jun 2021 10:38:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1981
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yofhnCHCMntpiAefdSUeH5JZLlMfsV%2FhsCq8p3NyJbOQsCWFUHZmZaxT542tbdRNGWi2b5dgS7gqAB1Qg7ibQWKIyJPKXbjkRx%2FsNqO7XhEZIlX1W%2FygLMlFjO7DlgyYwQRfgOasriLn2FQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
Content-Range: bytes 0-24191/24192
cache-control: max-age=432000
cf-ray: 817e179618cb5b4a-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 24192

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/9.9.1/ 86 KB
19 KB 45ms
16ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/9.9.1/firebase-app.js

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e87a0a4ea67100ecf0073972c688d535b91b6742d8f54017013b978ce2c18d57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://helopal.club/
Origin: https://helopal.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 04:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 432605
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19565
x-xss-protection: 0
last-modified: Fri, 22 Jul 2022 16:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 12 Oct 2024 04:28:25 GMT

GET
H2 200 firebase-analytics.js Show response
www.gstatic.com/firebasejs/9.9.1/ 112 KB
25 KB 37ms
8ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/9.9.1/firebase-analytics.js

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45d48e1d7e27224461b0b699f702ad07ca66ff00da3e98408c23b7de03a64c19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://helopal.club/
Origin: https://helopal.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 05:24:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 342827
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24944
x-xss-protection: 0
last-modified: Fri, 22 Jul 2022 16:01:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 13 Oct 2024 05:24:43 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/9.9.1/ 104 KB
20 KB 43ms
15ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/9.9.1/firebase-messaging.js

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8e0f42bb7544f3b80a70a365cda8be4758b8c434aa31d6b13612c5f55b76d2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://helopal.club/
Origin: https://helopal.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 11:53:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60275
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20223
x-xss-protection: 0
last-modified: Fri, 22 Jul 2022 16:01:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Oct 2024 11:53:55 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
605 B 47ms
15ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=helopal.club&callback=_gfp_s_&client=ca-pub-1696164081359292

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1696164081359292&plah=helopal.club&bust=31078802

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4bb6bd2b131cdae1bf698a0c13cd23eb2b91f27d50e24fdeb1515339c15f20b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D1ED 0
179 B 86ms
85ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1696164081359292&output=html&adk=1812271804&adf=3025194257&lmt=1697596710&plat=4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l&format=0x0&url=https%3A%2F%2Fhelopal.club%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697603909835&bpp=20&bdt=219&idt=430&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6787739617880&frm=20&pv=2&ga_vid=1230205288.1697603910&ga_sid=1697603910&ga_hid=900965420&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077327%2C44801484%2C44805113%2C44805533%2C44805680%2C44805931%2C31078802&oid=2&pvsid=1716816904784909&tmod=277465322&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=463

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://helopal.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 Oct 2023 04:38:30 GMT
expires: Wed, 18 Oct 2023 04:38:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 241 KB
83 KB 25ms
24ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VWZGSQLZ5T&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-176069477-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

979b99e32814f4fd44975ad2903bf5098df7c6ed12e242e43cd9f03fcb237adb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85092
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 18 Oct 2023 04:38:30 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 33ms
8ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-176069477-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 18 Oct 2023 03:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2928
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 18 Oct 2023 05:49:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
79 KB 17ms
16ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WEZNDFHJK0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-136873609-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

91d5a56675357a940d9edf46814fe727d64336de50574120e89cb9a2f8654cdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80298
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 18 Oct 2023 04:38:30 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DA2C 128 KB
41 KB 626ms
625ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1696164081359292&output=html&h=280&slotname=3067619107&adk=2984494112&adf=54630664&pi=t.ma~as.3067619107&w=1200&fwrn=4&fwrnh=100&lmt=1697596710&rafmt=1&format=1200x280&url=https%3A%2F%2Fhelopal.club%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697603909855&bpp=42&bdt=239&idt=500&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6787739617880&frm=20&pv=1&ga_vid=1230205288.1697603910&ga_sid=1697603910&ga_hid=900965420&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3800&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077327%2C44801484%2C44805113%2C44805533%2C44805680%2C44805931%2C31078802&oid=2&pvsid=1716816904784909&tmod=277465322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=5g6Kzy3PtD&p=https%3A//helopal.club&dtd=506

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c38d2a9ebeab797164a400564c4c9c21d264ab20d7d70ff90e7f04904ca93caf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://helopal.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42307
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 Oct 2023 04:38:30 GMT
expires: Wed, 18 Oct 2023 04:38:30 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 90 KB
29 KB 114ms
29ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/1850e43d-e81d-4f01-b19c-f7b9b055e252/plugin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddc2d609d673db58fccf8b464694c78531fbd944870dd25ae3a2cf8176bfa4cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29507
x-xss-protection: 0
server: cafe
etag: 930 / 19648 / m202310120101 / config-hash: 14883833089962685804
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 04:38:30 GMT

GET
H2 200 prebid7.36.3.js Show response
get.optad360.io/sf/ 520 KB
165 KB 9ms
9ms Script
application/javascript 2600:9000:225e:2800:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid7.36.3.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/1850e43d-e81d-4f01-b19c-f7b9b055e252/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:2800:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7559ba45677beff9ea485d64ab945d4a29a460c9319f20f8b131051629a1a67a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 18:50:32 GMT
content-encoding: gzip
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
last-modified: Mon, 03 Apr 2023 08:32:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 5392079
etag: W/"0a921f4d0ab6e1dce1061b3c4ed313ce"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=360000000
x-amz-cf-id: QE5ykDXrq4N1KcK3_j8NxpiaR9Vl4oYZf_bgQA21WJdcWbMsk89-aA==

GET
H2 200 branding-ads.svg
cdn.optad360.net/icons/ 7 KB
3 KB 84ms
8ms Image
image/svg+xml 2600:9000:206f:6000:f:a31d:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.optad360.net/icons/branding-ads.svg
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:6000:f:a31d:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 00:50:58 GMT
content-encoding: gzip
via: 1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jun 2022 12:02:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 877653
etag: W/"b0a3aa2e09d4ddd83150d7bd3347c5c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=360000000
x-amz-cf-id: ZGOCHdMXbzrsg9d6Q8Leux9JY3O6eBxTuz8ntnHy9Q5uQwboVV119w==

GET
H2 200 webConfig Show response
firebase.googleapis.com/v1alpha/projects/-/apps/1:478958754494:web:7d6b77a9cd316f195b9cef/ 262 B
379 B 26ms
25ms Fetch
application/json 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:478958754494:web:7d6b77a9cd316f195b9cef/webConfig

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/9.9.1/firebase-analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6f8bfefec2cd703c79b6f039fa4091160c9ff5a67d9d3b7d159924304517d869

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://helopal.club/
x-goog-api-key: AIzaSyDHcMOju22-gYCaa1f3BVFqAFpu8C8D6vY
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://helopal.club
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 190
x-xss-protection: 0

OPTIONS
H2 200 webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:478958754494:web:7d6b77a9cd316f195b9cef/ Frame 0
0 75ms
21ms Preflight
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:478958754494:web:7d6b77a9cd316f195b9cef/webConfig

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-api-key
Access-Control-Request-Method: GET
Origin: https://helopal.club
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-headers: x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://helopal.club
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 18 Oct 2023 04:38:30 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 42ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-VWZGSQLZ5T&gtm=45je3ag0&_p=900965420&cid=1230205288.1697603910&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1697603910&sct=1&seg=0&dl=https%3A%2F%2Fhelopal.club%2F&dt=Play%20Friendship%20Quiz%20-%20Helopal.club&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VWZGSQLZ5T&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://helopal.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
204 B 16ms
15ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=900965420&t=pageview&_s=1&dl=https%3A%2F%2Fhelopal.club%2F&ul=en-us&de=UTF-8&dt=Play%20Friendship%20Quiz%20-%20Helopal.club&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1121284425&gjid=2027475765&cid=1230205288.1697603910&tid=UA-176069477-1&_gid=705716074.1697603911&_r=1&gtm=457e3ag0&jsscut=1&z=1425662978

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://helopal.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 15ms
14ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=900965420&t=pageview&_s=1&dl=https%3A%2F%2Fhelopal.club%2F&ul=en-us&de=UTF-8&dt=Play%20Friendship%20Quiz%20-%20Helopal.club&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1637086224&gjid=104786415&cid=1230205288.1697603910&tid=UA-136873609-1&_gid=705716074.1697603911&_r=1&gtm=457e3ag0&jsscut=1&z=121159820

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://helopal.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 14ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-WEZNDFHJK0&gtm=45je3ag0&_p=900965420&cid=1230205288.1697603910&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1697603910&sct=1&seg=0&dl=https%3A%2F%2Fhelopal.club%2F&dt=Play%20Friendship%20Quiz%20-%20Helopal.club&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WEZNDFHJK0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://helopal.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 80ms
26ms XHR
application/json 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231018

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8eeb1635a65d8bf0fd57b195c3c3ec1fc05584505c44661285676cb4d1fdac58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 18 Oct 2023 04:38:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2259
x-jsd-version: 1.0.1846
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-jnb7025-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"63d-mf6Jq3pq5Pep+IG9QS9yw9aK9Xk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oTEQpvVRKLeddAX4vtXGKLYECYcZ8riEM2J0c09MXvsR%2BVDSVB3%2Bvl4xrv%2FDnkeAqjicWjubUdE1BlCkFeOSm%2F3k2ABzFogAoVwH%2FbvW4klcZJuqVA%2FWx377Y962s036iQF1Qslqkz3xSDm56OA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 817e179a4aa99ba1-FRA

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 4 KB
2 KB 47ms
15ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f16e60d0a12528f9b2d792b1cd1882ce614afdf96f43a3deaa7e17279410771

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 04:38:30 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Mon, 02 Oct 2023 15:19:34 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 1343746
ETag: W/"4689fed115ceb1ec0446e336376eed1e"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hEkLJFKXE%2B2CeL7LlG2ooS8qxCzIy0VzwWcSMA6iG81RCkB5LiJZi%2F6gFECZph1Cw5IiiJqcQsXA4CA2TJFV4eiW2ZfimB%2FJQWLQ467yleIE%2BR2EJBXiX4wpK7ij%2FZh%2BwV2Uazk%2BlXSSeBNM"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 817e179a39c09a23-FRA

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
344 B 77ms
20ms XHR
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-136873609-1&cid=1230205288.1697603910&jid=1637086224&gjid=104786415&_gid=705716074.1697603911&_u=YADAAUABAAAAACAAI~&z=1608693872

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 18 Oct 2023 04:38:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://helopal.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
359 B 54ms
8ms XHR
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://helopal.club
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
174 B 77ms
20ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://helopal.club
date: Wed, 18 Oct 2023 04:38:30 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
133 B 101ms
17ms XHR
text/plain 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://helopal.club
date: Wed, 18 Oct 2023 04:38:30 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
server: envoy
vary: origin, Accept-Encoding

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
529 B 147ms
36ms XHR
text/plain 37.157.5.133
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://helopal.club
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 12 KB
6 KB 221ms
116ms XHR
application/json 2602:803:c003:200::43
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20988&site_id=513654&zone_id=3082760&size_id=43&alt_size_ids=117&gdpr=0&rp_schain=1.0,1!optad360.com,8436870,1,,,&eid_pubcid.org=344bdfa0-8b77-4d5e-931e-969dfb8c6d20%5E1&rf=https%3A%2F%2Fhelopal.club%2F&kw=Smart%2Cfriendship%2Cchallenge%2CMake%2Cquiz%2CFriendshipDare%2CDare2022%2CLoveDare2022&tg_i.page=https%3A%2F%2Fhelopal.club%2F&tg_i.domain=helopal.club&tk_flint=pbjs_lite_v7.36.0&x_source.tid=9c53b9e4-771e-4d8f-847f-82f8e172114a&l_pb_bid_id=104d1a433ef598e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.42561078376637074
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 8fcbbc78f17b4f6268a82ba0b61689d1d7b87767b915c6177bc1ae4b3bbd3479

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:30 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://helopal.club
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
17 B 179ms
32ms XHR
text/plain 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?bdver=5.7&pbver=7.36.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://helopal.club
date: Wed, 18 Oct 2023 04:38:30 GMT
access-control-allow-credentials: true
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
server: nginx
vary: Origin
accept-ch-lifetime: 604800

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 12 KB
6 KB 215ms
118ms XHR
application/json 2602:803:c003:200::43
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20988&site_id=513654&zone_id=3082760&size_id=9&alt_size_ids=8%2C10%2C14%2C48%2C126&gdpr=0&rp_schain=1.0,1!optad360.com,8436870,1,,,&eid_pubcid.org=344bdfa0-8b77-4d5e-931e-969dfb8c6d20%5E1&rf=https%3A%2F%2Fhelopal.club%2F&kw=Smart%2Cfriendship%2Cchallenge%2CMake%2Cquiz%2CFriendshipDare%2CDare2022%2CLoveDare2022&tg_i.page=https%3A%2F%2Fhelopal.club%2F&tg_i.domain=helopal.club&tk_flint=pbjs_lite_v7.36.0&x_source.tid=574f9d38-1e2b-4072-a841-02df1e48d352&l_pb_bid_id=1459d8f7377c5a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8419425786515973
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 4cffc9a04778a9a1f5fbd78ae1ff0d174da62c3c5fe3402524d0c6b014229de5

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:30 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://helopal.club
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
17 B 173ms
33ms XHR
text/plain 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?bdver=5.7&pbver=7.36.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://helopal.club
date: Wed, 18 Oct 2023 04:38:30 GMT
access-control-allow-credentials: true
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
server: nginx
vary: Origin
accept-ch-lifetime: 604800

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
359 B 40ms
18ms XHR
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://helopal.club
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
530 B 128ms
36ms XHR
text/plain 37.157.5.133
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://helopal.club
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
274 B 77ms
15ms XHR
text/plain 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://helopal.club
date: Wed, 18 Oct 2023 04:38:30 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
server: envoy
vary: origin, Accept-Encoding

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 40ms
19ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://helopal.club
date: Wed, 18 Oct 2023 04:38:30 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
174 B 40ms
20ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://helopal.club
date: Wed, 18 Oct 2023 04:38:30 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
133 B 73ms
24ms XHR
text/plain 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://helopal.club
date: Wed, 18 Oct 2023 04:38:30 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
server: envoy
vary: origin, Accept-Encoding

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
360 B 12ms
7ms XHR
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://helopal.club
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
172 B 153ms
31ms XHR
text/plain 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?bdver=5.7&pbver=7.36.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://helopal.club
date: Wed, 18 Oct 2023 04:38:30 GMT
access-control-allow-credentials: true
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
server: nginx
vary: Origin
accept-ch-lifetime: 604800

POST
H2 200 openrtb Show response
adx.adform.net/adx/ 2 KB
2 KB 156ms
82ms XHR
application/json 37.157.5.133
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

1d65751ea786e47bfeb679bce1780acaa67db5e79a083c29fb7513f1bb4f67e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 18 Oct 2023 04:38:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://helopal.club
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 12 KB
6 KB 208ms
135ms XHR
application/json 2602:803:c003:200::43
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20988&site_id=513654&zone_id=3082760&size_id=2&alt_size_ids=39%2C55&gdpr=0&rp_schain=1.0,1!optad360.com,8436870,1,,,&eid_pubcid.org=344bdfa0-8b77-4d5e-931e-969dfb8c6d20%5E1&rf=https%3A%2F%2Fhelopal.club%2F&kw=Smart%2Cfriendship%2Cchallenge%2CMake%2Cquiz%2CFriendshipDare%2CDare2022%2CLoveDare2022&tg_i.page=https%3A%2F%2Fhelopal.club%2F&tg_i.domain=helopal.club&tk_flint=pbjs_lite_v7.36.0&x_source.tid=cbb9ebb9-9fb7-4ee2-98ba-7e782630de77&l_pb_bid_id=36b81a6b712703&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6103300142313179
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 8923adacdbe69eb5774799761d1554a44ef02a9958ba011b70aaea4c192ee26f

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:30 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://helopal.club
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/ 421 KB
132 KB 14ms
11ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f9c72ef22efe8a0e095464ab57ea0d5b6c24fa0abcd9439a1ffe1f522cca92a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 15:25:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47561
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134870
x-xss-protection: 0
server: cafe
etag: 11169537383484699631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 16 Oct 2024 15:25:49 GMT

GET
H2 200 script.js Show response
cadmus.script.ac/dahhc4ozyvjm6/ 3 B
436 B 85ms
14ms Script
application/javascript 2606:4700::6812:1691
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:30 GMT
last-modified: Mon, 01 Jan 2018 00:00:00 GMT
server: cloudflare
age: 0
etag: W/"601055f6a0c6408859f97b5f0a84bdb88441a80e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=259200,stale-while-revalidate=86400,stale-if-error=259200
cf-ray: 817e179b29775c14-FRA
content-length: 3

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 75 KB
24 KB 36ms
18ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f56a3556c45543861a8dd9b9bc9b65b1f9d64fbb7dfc03fdb416faf36356db3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 04:38:30 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1097850
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 02 Oct 2023 15:19:33 GMT
Server: cloudflare
ETag: W/"0680a0a53dae661d4707e1cc0f6bc95a"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m5C6Q4YKq1S3j6tKBhfZwCUMu8nYqdrDHl9Tuhs%2BKNoO%2BEd2GGrJyzo22XDzDdSJfNvFzPSoeerv2AFVKNPrxIQTxGMQQj7wz76kBGa%2FEQ9b%2Fw%2BaxISdJ%2Fs1VdKEGqsVVItxXeqYHVxwVbuM"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 817e179adce79be6-FRA

POST
H2 200 installations Show response
firebaseinstallations.googleapis.com/v1/projects/helopal-ae713/ 624 B
679 B 307ms
306ms Fetch
application/json 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/helopal-ae713/installations

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/9.9.1/firebase-analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3511cc8c30068d7344fee4be5dd1b275db58bba7a6eb04b7dc8de7398b469feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://helopal.club/
x-goog-api-key: AIzaSyDHcMOju22-gYCaa1f3BVFqAFpu8C8D6vY
accept-language: de-DE,de;q=0.9
x-firebase-client: eyJ2ZXJzaW9uIjoyLCJoZWFydGJlYXRzIjpbeyJhZ2VudCI6ImZpcmUtY29yZS8wLjcuMjkgZmlyZS1jb3JlLWVzbTIwMTcvMC43LjI5IGZpcmUtanMvIGZpcmUtanMtYWxsLWNkbi85LjkuMSBmaXJlLWlpZC8wLjUuMTIgZmlyZS1paWQtZXNtMjAxNy8wLjUuMTIgZmlyZS1hbmFseXRpY3MvMC44LjAgZmlyZS1hbmFseXRpY3MtZXNtMjAxNy8wLjguMCBmaXJlLWZjbS8wLjkuMTYgZmlyZS1mY20tZXNtMjAxNy8wLjkuMTYiLCJkYXRlcyI6WyIyMDIzLTEwLTE4Il19XX0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type: application/json

Response headers

date: Wed, 18 Oct 2023 04:38:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://helopal.club
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 489
x-xss-protection: 0

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/helopal-ae713/ Frame 0
0 89ms
23ms Preflight
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/helopal-ae713/installations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-firebase-client,x-goog-api-key
Access-Control-Request-Method: POST
Origin: https://helopal.club
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-firebase-client,x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://helopal.club
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 18 Oct 2023 04:38:30 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 200 KB
73 KB 18ms
17ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z45V12ZWF9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-176069477-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0056b03b40f8ad674e55c222c7f27fe05c84f853c5c9b8f45541d4c954ac334c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74611
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 18 Oct 2023 04:38:30 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 50ms
8ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 19:33:05 GMT
content-encoding: gzip
age: 2019925
x-guploader-uploadid: ADPycdsxLlKLCVb5W3Djj1V0MEZiayMLPqEhV9H3fgXZaELS3ccW0PQo2-GKz1rWI_UNhL9w3-cScigVqDHesSZuOcxycA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Mon, 23 Sep 2024 19:33:05 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 58ms
17ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

5a0e0bff8aff490cd3817c0f945e120780bd2148eb66f8179899bb4c999fc762

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 11 Oct 2023 08:53:04 GMT
server: nginx
etag: W/"65266270-a892"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 19 Oct 2023 04:38:30 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 139 KB
30 KB 68ms
18ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfea5e5db4c526a9c86debd0154807b4eaddf36281a55cb3f622e441e5054dc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:30 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 16 Oct 2023 11:34:12 GMT
server: cloudflare
x-amz-request-id: 1R7PYGM3YMBZ0CPP
age: 2757
etag: W/"e5bbc80dac7ff8597f5b639831f48d87"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 817e179b9d909950-FRA
x-amz-id-2: EJ2HVQSlhiEdgUeFb5IYHfn2POQ2AQ6E9u8ha05Ygzm0aoVLOYos6L0Isu+tOtq8e8rjJx2JQaM=

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 86ms
7ms Script
text/javascript 2600:9000:2250:3400:a:e047:753:6381
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:3400:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: tte_Zq9MCmRAYf9XeFwo9sUIgrBbXCUY
Date: Tue, 17 Oct 2023 05:16:05 GMT
Via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 84147
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Wed, 06 Sep 2023 03:40:59 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: B4wPwNgoNS00lBmC-I_MLGp7ZJ0-cWCwcRebR2tk99PUMtUihLod9w==

GET
H3 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 38ms
26ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3018
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vHge8h1umhuFGey0hw%2BR2hl8u%2FAovg5MslWun%2Ft6LQtnqdprNcN8g4TQEN2FKb8y0FtILe2w5YnKcGxGRH5ntAC7k%2FSb3RWZmzFwXFQlNCz6rTRmuufUuoO%2FONxB%2Fab6bCJQbCOemvAFZt7ZP0w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 817e179b59ed3a9c-FRA

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 47ms
7ms Script
text/javascript 65.9.66.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 02:45:52 GMT
content-encoding: gzip
via: 1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 6759
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 3bZ_GDMinj1shqN6ui7we3j1IOU1oIWXCqZ4wFPBjPdAKjw8BQgx7w==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 63ms
23ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:30 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: d9ff39a57339bfad54ef765fa1529f5e
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 15ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z45V12ZWF9&gtm=45je3ag0&_p=900965420&_fid=fgehj1Koeu3fJeheuiuh6I&cid=1230205288.1697603910&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697603910&sct=1&seg=0&dl=https%3A%2F%2Fhelopal.club%2F&dt=Play%20Friendship%20Quiz%20-%20Helopal.club&en=page_view&_fv=1&_ss=1&_ee=1&ep.origin=firebase
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z45V12ZWF9&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://helopal.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 267ms
266ms Fetch
text/plain 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1716816904784909&correlator=1702673304926283&eid=31078743&output=ldjh&gdfp_req=1&vrg=202310120101&ptt=17&impl=fif&iu_parts=121764058%3A23001273585%2Chelopal.club%2Chelopal.club_o3b_display_adi_o3b_atf&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x100%7C320x50%7C360x100%7C360x50%7C700x100%7C700x90&ifi=3&sfv=1-0-40&sc=1&cookie=ID%3D0d224b80fd2bdd81-22775d7febe200d9%3AT%3D1697603910%3ART%3D1697603910%3AS%3DALNI_MbTiIMU-DA3ZiYviePejxnAGo5OxQ&gpic=UID%3D00000c9b99125073%3AT%3D1697603910%3ART%3D1697603910%3AS%3DALNI_Ma3n6FfbTRXuVOZkT4KrUgCmgVyhw&abxe=1&dt=1697603911009&lmt=1697596711&adxs=640&adys=111&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fhelopal.club%2F&vis=1&psz=0x0&msz=320x0&fws=644&ohw=1600&ga_vid=1230205288.1697603910&ga_sid=1697603910&ga_hid=900965420&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYg_rPiLQxSABSAghkEhkKCnB1YmNpZC5vcmcYg_rPiLQxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGIP6z4i0MUgAUgIIZBIXCghydGJob3VzZRiD-s-ItDFIAFICCGQSGQoKdWlkYXBpLmNvbRiD-s-ItDFIAFICCGQSFAoFb3BlbngYgvrPiLQxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiD-s-ItDFIAFICCGQ.&dlt=1697603909616&idt=1274&prev_scp=hb_bidder%3Drubicon%26hb_adid%3D38185e4d7028736%26hb_pb%3D5.50&adks=3030833609&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e24798bf685c8dd3ab867dd639df81cd17524c8959f41db978a66208ae4ab47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11988
x-xss-protection: 0
google-lineitem-id: 6378823869
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138446985826
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://helopal.club
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6927 6 KB
3 KB 117ms
17ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://helopal.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Oct 2023 04:38:31 GMT
expires: Thu, 17 Oct 2024 04:38:31 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 563ms
563ms Fetch
text/plain 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1716816904784909&correlator=1702673304926283&eid=31078743&output=ldjh&gdfp_req=1&vrg=202310120101&ptt=17&impl=fif&iu_parts=121764058%3A23001273585%2Chelopal.club%2Chelopal.club_o3b_display_si_o3b_s1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600%7C300x300%7C200x600%7C120x600%7C160x600%7C250x250&ifi=4&sfv=1-0-40&sc=1&cookie=ID%3D0d224b80fd2bdd81-22775d7febe200d9%3AT%3D1697603910%3ART%3D1697603910%3AS%3DALNI_MbTiIMU-DA3ZiYviePejxnAGo5OxQ&gpic=UID%3D00000c9b99125073%3AT%3D1697603910%3ART%3D1697603910%3AS%3DALNI_Ma3n6FfbTRXuVOZkT4KrUgCmgVyhw&abxe=1&dt=1697603911037&lmt=1697596711&adxs=1280&adys=161&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fhelopal.club%2F&vis=1&psz=0x-1&msz=300x-1&fws=644&ohw=1600&ga_vid=1230205288.1697603910&ga_sid=1697603910&ga_hid=900965420&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYg_rPiLQxSABSAghkEhkKCnB1YmNpZC5vcmcYg_rPiLQxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGIP6z4i0MUgAUgIIZBIXCghydGJob3VzZRiD-s-ItDFIAFICCGQSGQoKdWlkYXBpLmNvbRiD-s-ItDFIAFICCGQSFAoFb3BlbngYgvrPiLQxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiD-s-ItDFIAFICCGQ.&dlt=1697603909616&idt=1274&prev_scp=hb_bidder%3Drubicon%26hb_adid%3D39c8aface1bd149%26hb_pb%3D6.30&adks=682913543&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1997552d3c8a1f4db50fe3a28b01295a434612a3d7985da6ecd1715cc86ed270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12000
x-xss-protection: 0
google-lineitem-id: 6370363833
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138446278896
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://helopal.club
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame DA2C 14 KB
2 KB 40ms
16ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1696164081359292&output=html&h=280&slotname=3067619107&adk=2984494112&adf=54630664&pi=t.ma~as.3067619107&w=1200&fwrn=4&fwrnh=100&lmt=1697596710&rafmt=1&format=1200x280&url=https%3A%2F%2Fhelopal.club%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697603909855&bpp=42&bdt=239&idt=500&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6787739617880&frm=20&pv=1&ga_vid=1230205288.1697603910&ga_sid=1697603910&ga_hid=900965420&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3800&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077327%2C44801484%2C44805113%2C44805533%2C44805680%2C44805931%2C31078802&oid=2&pvsid=1716816904784909&tmod=277465322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=5g6Kzy3PtD&p=https%3A//helopal.club&dtd=506

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 18 Oct 2023 04:38:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 02:59:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 18 Oct 2023 04:38:31 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame DA2C 2 KB
973 B 79ms
9ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:37:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54073
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 13:37:18 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame DA2C 23 KB
9 KB 18ms
10ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:36:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54140
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 13:36:11 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame DA2C 3 KB
1 KB 17ms
9ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 19:59:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31125
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 19:59:46 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame DA2C 20 KB
9 KB 77ms
8ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 13:36:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DA2C 187 KB
59 KB 62ms
22ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dad6108f296670c871d8e0037a1b3dbf7c8a8d0ad7f21205b0a70288526539ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697483867094811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Oct 2023 04:38:31 GMT

GET
H3 200 ccbada329de78be299cbea1a52c9a584.js Show response
www.gstatic.com/mysidia/ Frame DA2C 35 KB
14 KB 30ms
10ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 09:30:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 241706
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14787
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:09:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 13 Jan 2024 09:30:05 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 874ms
872ms Fetch
text/plain 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1716816904784909&correlator=1702673304926283&eid=31078743&output=ldjh&gdfp_req=1&vrg=202310120101&ptt=17&impl=fif&iu_parts=121764058%3A23001273585%2Chelopal.club%2Chelopal.club_o3b_display_sf_o3b&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C750x100%7C970x90&ifi=5&sfv=1-0-40&sc=1&cookie=ID%3D0d224b80fd2bdd81-22775d7febe200d9%3AT%3D1697603910%3ART%3D1697603910%3AS%3DALNI_MbTiIMU-DA3ZiYviePejxnAGo5OxQ&gpic=UID%3D00000c9b99125073%3AT%3D1697603910%3ART%3D1697603910%3AS%3DALNI_Ma3n6FfbTRXuVOZkT4KrUgCmgVyhw&abxe=1&dt=1697603911067&lmt=1697596711&adxs=436&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fhelopal.club%2F&vis=1&psz=0x-1&msz=728x-1&fws=644&ohw=1600&ga_vid=1230205288.1697603910&ga_sid=1697603910&ga_hid=900965420&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYg_rPiLQxSABSAghkEhkKCnB1YmNpZC5vcmcYifvPiLQxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGIP6z4i0MUgAUgIIZBIXCghydGJob3VzZRiD-s-ItDFIAFICCGQSGQoKdWlkYXBpLmNvbRiD-s-ItDFIAFICCGQSFAoFb3BlbngYgvrPiLQxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiD-s-ItDFIAFICCGQ.&dlt=1697603909616&idt=1274&prev_scp=hb_bidder%3Drubicon%26hb_adid%3D40f46e884db3562%26hb_pb%3D5.20&adks=2962252032&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0684d99ed84155f7ef828f8f372b1a840c8db925fb39e4abb6c41eea6bb61ef4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11967
x-xss-protection: 0
google-lineitem-id: 6381726173
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138446278896
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://helopal.club
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fhelopal.club%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fhelopal.club%2F&rid=esp&cc=1

85 B
203 B

121ms
120ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fhelopal.club%2F&rid=esp&cc=1
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 81a8627ab6e4b8cdb43e314614583d0cde0db4a252b4a0a9d80aac984df410b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:31 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-QzfOf/ueNKxI/XjI9B8z3wnPPkM"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://helopal.club
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Wed, 18 Oct 2023 04:38:31 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://helopal.club
location: /esp?url=https%3A%2F%2Fhelopal.club%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame C3DC 15 KB
6 KB 52ms
17ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=helopal.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://helopal.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 18 Oct 2023 04:38:30 GMT
server: Kestrel
server-processing-duration-in-ticks: 292419
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
332 B 142ms
33ms XHR
application/json 63.33.97.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.97.132 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-97-132.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 3ddb3df02c775166e71ca796946cebb19845067dcc47a6a50a40e52d5edebcb9

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:31 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://helopal.club
cache-control: no-cache
x-server: 10.45.9.32
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
228 B 73ms
7ms XHR
text/plain 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://helopal.club
date: Wed, 18 Oct 2023 04:38:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/5122559541938659049/ Frame DA2C 20 KB
21 KB 32ms
29ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5122559541938659049/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f771e014a043e11cb820b26dc433bff0403017d8a36c694972577126e5b926a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 07:38:08 GMT
x-content-type-options: nosniff
age: 75623
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20950
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 03:33:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 16 Oct 2024 07:38:08 GMT

GET
DATA 200
OK truncated
/ Frame DA2C 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame DA2C 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

sid Show response
mug.criteo.com/ Frame C3DC
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=helopal.club&sn=ChromeSyncframe&so=0&topUrl=helopal.club&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=RjtRT3xxTUQ0NkVVWTdQeHg2S3VIMHVDemViOXJTNFp3QWtVTDMybEZaUGZKZ1FsTDhmT3AzVzJENEVLWmkzZkdNVWM1a0RWMnRtbjhqN3R4VklrM0szMWpiWUt0dFRzQjl5cUFkaGpsK0tCMENZWk1vbllSRmdRTm1LTm...

425 B
648 B

17ms
14ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=RjtRT3xxTUQ0NkVVWTdQeHg2S3VIMHVDemViOXJTNFp3QWtVTDMybEZaUGZKZ1FsTDhmT3AzVzJENEVLWmkzZkdNVWM1a0RWMnRtbjhqN3R4VklrM0szMWpiWUt0dFRzQjl5cUFkaGpsK0tCMENZWk1vbllSRmdRTm1LTmVBNENmYWFPcmJrYTBVaTFEeHIyOENFQUtyYXZvVHpYN2pmdzFRUUhtamFIT25tUFRQdU0vZEwyZENLejlSdU11bS9ta1BVT0F4UWZaMUQ5THcxaUkrWWp3K0NNaDJFK0JocXUzTCtKeWs0b3gyaXRSa2JRUTRoa3JUSlRCZkZyby93cjRQaXRvYjkyYXRzajFKNG1La0h1cGt4eXd3dz09fA&cppv=2

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

02c1c93d946a3fe716c4e6cc090f89ec590d826b9a80ff01fb28903bd4471dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:30 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1256065
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:31 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=RjtRT3xxTUQ0NkVVWTdQeHg2S3VIMHVDemViOXJTNFp3QWtVTDMybEZaUGZKZ1FsTDhmT3AzVzJENEVLWmkzZkdNVWM1a0RWMnRtbjhqN3R4VklrM0szMWpiWUt0dFRzQjl5cUFkaGpsK0tCMENZWk1vbllSRmdRTm1LTmVBNENmYWFPcmJrYTBVaTFEeHIyOENFQUtyYXZvVHpYN2pmdzFRUUhtamFIT25tUFRQdU0vZEwyZENLejlSdU11bS9ta1BVT0F4UWZaMUQ5THcxaUkrWWp3K0NNaDJFK0JocXUzTCtKeWs0b3gyaXRSa2JRUTRoa3JUSlRCZkZyby93cjRQaXRvYjkyYXRzajFKNG1La0h1cGt4eXd3dz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 260175
content-length: 0
expires: 0

GET
H2 200 container.html Show response
7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CDCA 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://helopal.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Oct 2023 04:38:31 GMT
expires: Thu, 17 Oct 2024 04:38:31 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame DA2C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bcd2bbb5192d04be61a02d8b82796473b089f797523d99c2deb435990e394e31

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame DA2C 33 KB
34 KB 34ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 344070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Oct 2024 05:04:01 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame CDCA 24 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com
URL: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 16:05:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 563571
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 10 Oct 2024 16:05:40 GMT

GET
H3 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame CDCA 26 KB
10 KB 21ms
16ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: 7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com
URL: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5819
x-jsd-version: 1.16.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230064-FRA, cache-jnb7024-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6HoX8Q8GOc0rrbCv8P5FBMJCKvz3lBKLoNrnslMbtbiCtYU%2Fr9qfT44tVUI%2B0bSjKr9Jt8IevHd5VxwZkQFEM2N8HyTQtYmgQGHKJXyfjiioy79toro3gLP7%2B5iecGWGu9h762Jp9C3lGKqyWhY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 817e179e5ce53a9c-FRA

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CDCA 187 KB
59 KB 21ms
16ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com
URL: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dad6108f296670c871d8e0037a1b3dbf7c8a8d0ad7f21205b0a70288526539ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697483867094811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Oct 2023 04:38:31 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 25FE 0
176 B 55ms
16ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://helopal.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Wed, 18 Oct 2023 04:38:31 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CDCA 0
0 46ms
45ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvchyZODgTAnXidHkbkyPuUDMttJox7Yq_orwE9HVuEYbw2NovDSq5F6IOte_j7uYvJTJNdd5V1TWYKIqaDZNhmp16EkJ34hXX4TGx6Niz_dNtyz7cHOipHhwtrj3MdpW9JBfzaOtccrFkQztAwR4YpU7OpqCGN9Z6FTat0wZ2IEoCR4m84fHgGf2poGQ9aCuQ7napAO6uhH4RXokmCh1Fh1PDcyBpbxzGIYdIKRcDn8hHbPLV42GaC1trfCjgEyT5-nHz8ZiIlgmUwoT_0qk0KNJPEXG8l1Cy0g0SkuL_PKVo5qE2DpyaKkUyqRjU7V7pJ_yxUwLwYDl9rane60-OHu2LzN8g-llvNXoGUd9_SMerP4k6k0B-Xvdwgg1idYsl1rxuLnb_teR7h_yQdaoUm3w&sai=AMfl-YSCgvgqMsA0_SzdP4rEarhL0bduTYfjaSf_cDKM1r9FO4W-Mi7IzeCf6uMoEWqCE0svnIBpH8qRmdC17m0_vcFKFBs0E4DWKuHGDBCT---4SQWQNFo4fvtNfXboZw&sig=Cg0ArKJSzHYxh-WUeuIDEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com
URL: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame CD54 281 B
124 B 21ms
20ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKijpQIQ2M6oAhjYubJvMAE&v=APEucNWE0I7--y0Jy0PsVjT5uF5ZIlqEeK8GhCYfYQ63Vt_5frlH9fLJr-zUfxesb13hDW_QjpPx8VMTiqnUgmrxTSzzgpqOYuRc_s9yR_7Nl6EwW-weMmk

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0f95dcad4811c2b85289326687f5e63764a1a24b5f8bd2d4ad59da3858f7992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 104
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 Oct 2023 04:38:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5CA3 89 KB
31 KB 88ms
86ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 04:38:31 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5CA3 42 B
63 B 42ms
40ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BSUErgDiqrf2R54l7vAUSCubI5pvGq4EFCJkIGhpD4Zx7s82Meqr3lUCWawopQjJ_9V7qBwcyULdeX-PIkIkFmpruZ1B1l01OdHFfsp-WiW9oNn10

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5CA3 0
20 B 43ms
41ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11000819067449115846&x=8&ct=76

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4503b2a1-12cc-4483-99d1-7fd9451fc9a2
beacon-ams3.rubiconproject.com/beacon/d/ Frame 5CA3 43 B
227 B 178ms
25ms Image
image/avif 2602:803:c003:200::37
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-ams3.rubiconproject.com/beacon/d/4503b2a1-12cc-4483-99d1-7fd9451fc9a2?oo=0&accountId=20988&siteId=513654&zoneId=3082760&sizeId=43&e=6A1E40E384DA563B0FAED2A44D537DF25AF6B7F6C9FA93682D1B80D29D5A956CF4E563D6A718CD6D29DC489095D018D17A3220A15E3EC91D63D405E159908E1920DA991D981DB70CE5BE4D12C720EB390E493E48E3522B642BBA5679C2938ECA82C5A163D70281A509A38685E1C4B4709B42EF2CB64172681A237193F571B70E4E6FC96756E5E5718102D475F9FDD60A38DEB212177AC81CC16C05D77FFC91CDDE3A00CB968DE6074CE8FD03B415DD00E972C1C78829E23A8F88AEA1C40F6239

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2602:803:c003:200::37 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:31 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/avif
cache-control: private, max-age=0, no-cache
content-length: 43
x-xss-protection: 1; mode=block
expires: 01 Jan 1970 10:00:00 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame DA2C
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CGNRdRmEvZcL5F92V1PIPspKikAWAuYLEcdP8qcK2D2QQASDJtI5-YJXikIKgB6AB0_Gm5APIAQmoAwHIA8sEqgTQAU_QG6_aenY8Zxi1DjOFViQsKHh86mxKo7OmRQE5GQrKz1kOg0zFEup...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22670985143857465475%22,%22debug_reporting%22:true,%22destination%22:%22https://adaptedmind.com%22,%22event_report_window%22...

0
0

57ms
40ms

Fetch
text/css

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22670985143857465475%22,%22debug_reporting%22:true,%22destination%22:%22https://adaptedmind.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221015658707%22],%224%22:[%2210-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227071431440801584193%22}&andc=true

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:31 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"670985143857465475","debug_reporting":true,"destination":"https://adaptedmind.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1015658707"],"4":["10-18"],"6":["true"]},"priority":"500","source_event_id":"7071431440801584193"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 18 Oct 2023 04:38:31 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 18 Oct 2023 04:38:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"670985143857465475","debug_reporting":true,"destination":"https://adaptedmind.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1015658707"],"4":["10-18"],"6":["true"]},"priority":"500","source_event_id":"7071431440801584193"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame CD54
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm&gdpr=0
https://ads.smartstream.tv/cm/?cmsrc=dcm&gdpr=0&google_gid=CAESEFxXWXqFfG1D_wggB_mDRMM&google_cver=1
https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEFxXWXqFfG1D_wggB_mDRMM&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=aa822fe5bc27b70eee9d257ef690feec&uid=aa822fe5bc27b70eee9d257ef690f...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=

70 B
149 B

99ms
30ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKijpQIQ2M6oAhjYubJvMAE&v=APEucNWE0I7--y0Jy0PsVjT5uF5ZIlqEeK8GhCYfYQ63Vt_5frlH9fLJr-zUfxesb13hDW_QjpPx8VMTiqnUgmrxTSzzgpqOYuRc_s9yR_7Nl6EwW-weMmk
Protocol: H2
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:31 GMT
server: Kestrel
content-length: 70
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Wed, 18 Oct 2023 04:38:31 GMT
Last-Modified: Wed, 18 Oct 2023 04:38:31 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Cache-Control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection: keep-alive
Expires: Mon, 28 Jul 1997 05:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame CD54 170 B
409 B 83ms
17ms Image
image/png 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm&gdpr=0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKijpQIQ2M6oAhjYubJvMAE&v=APEucNWE0I7--y0Jy0PsVjT5uF5ZIlqEeK8GhCYfYQ63Vt_5frlH9fLJr-zUfxesb13hDW_QjpPx8VMTiqnUgmrxTSzzgpqOYuRc_s9yR_7Nl6EwW-weMmk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame CDCA 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9d806bcf26d8c92ced7094729531da33548645bcddb24d9a545fe97ba013e29

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 p04HFUVHB2kdNiXzU6p470k3by9Z9P4MzDHJjw8x7-0.js Show response
pagead2.googlesyndication.com/bg/ Frame 0C98 37 KB
14 KB 17ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/p04HFUVHB2kdNiXzU6p470k3by9Z9P4MzDHJjw8x7-0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a74e0715454707691d3625f353aa78ef49376f2f59f4fe0ccc31c98f0f31efed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 22:08:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 541780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14689
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Oct 2024 22:08:51 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5CA3 0
20 B 44ms
44ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=575134538454&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5CA3 0
20 B 42ms
41ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=575134538454&version=m202309260101&ct=76&x=8&cor=11000819067449117000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5CA3 95 KB
39 KB 70ms
66ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AlSh8rlZ6_8y4kjRSIC8cvnxcQT-OEq6Asn1sFzIeCTSyypnAHOaUpTPILY9USfyiM98kp2ZIMrQzNL21dxcFg9wyhgLw09l-Jwo57gnxyJDIWEseE2kQxcHW_bbhI34qf-cq42OXnwjvg8oi8k1JiZbXACvELxg6jmegx6Lb7pKBrEVs&dbm_d=AKAmf-AJhCm3nQ3WML-ImJX7Wil8C7G-dy7Ng7JhLT_Mj58zBWFKA5xK524TMe8-XwhhPxzNN7Byhlnz-6UbW_R5uBO36uJN2KPGzJ3WXgdWk_j7yI80QGQ8-2lK8p8Sjfe-YpXis97YM0lKtZAxD2JesutZG0F-sR8thkHss8f90Qp53ysuMjrTgAK7NsqQTndqgbXSdoICNOyNn35K6b417S4vFUP1DFoo55cUvKahiUl-DjnrfI8t3P_g2Y-PVf17UhhYi_lTxBRNTiFua1Yl1ttwuzCQ3HM5CfnUSIy1F06bG-Wx1a9dxU72fT0cyMg-aIDrBpiKSr-hQdRwZ-ZZM-3mDGT2CS5U7wRzejj-n4ODZ1F0YChPUw0OSjCbdYitcuNxTMSk6bb-Wk18mos-WPkah-_WZ3Vn2ulO9WqAGIuFqFmHs-tA-P98s91qXWcMc1sGHsz-liMVLeA6wAWvLYJ7VRxYbQ8I80Nz4gllDnzzf7mgiEOtTsPxe-_cCIRl2OwcCCE6dMYXTYilMXvK5e6QycFEkhO4EQlUt34aMIQFOpNOapCUme21vr1epwLQXF0Vu4Cr3RoVHDKclW9S4G2YkrEzGafZUzh_GPpcc-UOIGVSxU4ntvxoEgbihTQxP9shWsK0fJ3Um8cZBPEpB5frJorLLyaKk9811PGLarAkbp9asGQCVbdCu4718V83t4bhf00UYqYo0frrgWUwJ4DscTll4IWK_U_RIQjKcLUDrnEv2LTtsxraV-4P7oKGfwSbdpYhA1HcBn55_VQOuMV-tzVbXqaKYfif47skXm8muHo1TF0LLiEmiE6bf-08EHWlJcYBcmFci6HszFULuTe0nA8tCnlAfEen9z4rcb75prZFQRiwNrCd7pskOeYbCC9topYlFdZcWQyvczzVLgbQu78AWbTzbdbjesHyaN5Aj4IesHOhVWCQUyOs_ofaAvLX-Jy84R0aqP121ZQ7mbcYH3iev_sD9hM13l7Ipr5eCp-DTyUogRRCaj0iY2g6gJOITDpaWFlfVBP1-bTgU4Sm7yjtUc-iwl_PvI8pmZQ2i8MH0Zv_IBvis0h04DWP8POUNIHWtRSSdBVJjD3sdC6_N3JUtb0HPhz97h4-24M43wLa_uRXjizxaJNKMLRoqm1lPXMsN6mt9teLfK09c-bXzNIAZY9L46zckehdYQdXg99RBwySCGKGlAN6RH796v74V9VKaPP10rw4fMbshbGoIlEAhzTG5S6UCcWRGngr6oVAGBpZL19lzB8MCCQb05Ey69hm3ignYhZ6WRXIj_hDOtDBpMwMwXG-OZaUZLq66XRB9_hppBszKPm0t1sbMSlE4Z1NQzB_dOOqRAYdOhvbnCk-6PeR8qc9rIXtHhJyeJqTsPqHsGnBDii6iN7lsJGO6FLnbeEbXDWwwp0WlbXyF1w8FLG3XHXS1H4XyjLAK-VplJikOwkyFii7H-B10Cao8G2ZJBd2-M21c8RyR6wIwcIsSkt2d-2kAi-eihdLfJaOCtaJ9Owt7fU4f9GKw3pM6PQeF4IYcT3-ctEPTwdzX56dBPNSGGSF0cA21iG8vrt9U2puyr_LMnxFnkqbGnfjHFDIOjMRQ97ij39sG-i0kOdzjcQ3Df9jCRDqzVJys-LEFbLemIksQc2c97AOjlaNDAQJR80aDjDAroTia7bGHb7vghl-p9w1F7PGON0Lt9FbW3dWW69_wsfM5fUhXApJyitc_VanNCWTeEJoTfBAQ96hwsGbtEeVYTi3gndRArLmoSKnwDz1m-HLmeFQHZFNUTr1fya13gbG7huw1ZecjDuaN3gwoL-n6nelPXbZ_FL4Hpv8TYSLVITKfc-EAs6SwS6nwfsVVnr4bNVU0c2etLUab5QQgTAHJFsA6wcBxqknuXq1jNW8woRH3NCREpgboX78gnmkd4sEVCMfpjBuSsN1mi10eT_i5MvykPgkGntZ-rBLv88fDr0J1vx7uuUWyRsvlXigO8NVpvziQ7ujLtbgpoxu38KHnqK5waBZOApshLm7xqqm26hQ3wzxhte_TBD-kwNHfsJkD-q6pYdwZVEBHc8p2-q96yy1IWIaPcQHvYZaeKTxb89u7y54uSdQbJoIV38By3qJeYiwr6Zy_bKRq8PyNvkmCOVBE9S54l1tdO66W4kV8g0N8HmIwLEtz-HZxKDn0iux-1a4oipt9lZ0qDBJPWutIw3b-YWlvdM7BKKLJXnpy16APkHhKzGG-wVU_5tScZWspHmMY3n1jYx8w3NPUlwBcsIvwxCd0nFaSna3aIU2HibCPIP7fi0eqMpVKgOXrXWvsFM2JTKnKQ5SsT9jV-aueOuETSfAVDTr82gNqGwYgMP3-5bH9pLaFRX0nXzHGmF8wabXXb681YeoEwXAvFJKueE14T3SSKRv5Chxj2Xc0zvv6e8F8ckTTaFRlR5Q0PV7hXgQ2oc04CYU95rqbHnsRI5jtbv7njbXotEF1F0uNkkQiG81LQfajS5-gkqSzzM6kvWZ9TgXrOlrby4fq6HO7wPeJBZ6vzfPnoqvsP7TDTbGueRkLsHlSA77gsFesEOEnTtF8RMh-RAVFG87k0QiVvfwHaFNaFarJiQIANl1fiSNv-jOd9qcsjLV2nJyGoKT-MkQWdMxQ9mbunzxxVejBXeCqx-tKq5iNM9EaKJYFME7p-3Ffui-U6jJqMFgqJ2ZI7ZHmkysCNBarTHhNw4MFQG_26VNBc2r5enAiSGCHjTSnQr5wEh1RzUR8JQ7el6cQ4TXiFscl6UMBZMOuv7abIVMZAACHQcXyy_vvAM7uXqcgLivFBxgPuWH0ugarWwkWSoZBtNcOYSrtz8AO9vD9Fl0KMo6CT-tszP9_ekrdfoPZ7zjfUnEdM5xyqihaZysQjxumO4fo1cOrHpGziy9Pf_fbF4GNEgKL2PkOXFDpC7bta9gN8Fnnog_DqXLz8xQg2FxrjUJ23qF3ORhdgtn_56BLh0k9PnnYBh9Zns3IAqehRF9zQZpGKNmGE88Yt947OcjkMc9pqIjBcIVDa07b2INVZP9Z8sYw0-YZDUovyWEtxx5oMchDc7QJPlMU4HFg_-TPFFh5EIEQno1sHKU89Wlfkf0sHZVVYDhirnIi9WHBxYvOH7cLOLK7Bvw0SM9-e6q_KiRbr4dOQg4I-9tUutF6l7sBrKvjz8Fh7yF1DVFx6akLk26NSNLMeRJL3v1KO0N95taNNEDsJeyuXdccZSYQ4DEo5SSF027VVQWsjGFraYriiAq4PJNm4if7_MsTPP_3Z_0Z_vRHLSrH-o2eV2n7iP86k-MGJA9xiz45zr6wBe8Wbb2_9P-7aJRIkOcgJjSXukgxfkajNkM4sjfJ5FobSrsTS1mLcGcpXLJ6Mm7CQLBxIOxC7ik3AhkVprjVg9i4CasZnk7-akTYU3D9YG_frLJzX_4pnT-IBhPPElIYnAZFhF37S_l3UPzfcg4ooiNCxTyhboJ2g&pr=8%3A0F4FD25423233A07&cid=CAQSMgDICaaN0XXQR63DIFtN6NrKvMSaTqUX7WNYwKcRtUtt3WiW930vE-K8DgX9gvVa0ZJyGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fhelopal.club%2F&ds=l&xdt=1&iif=1&cor=11000819067449117000&adk=4058864940&idt=98&cac=0&dtd=22

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f658c1f35864e339fa616cce27839c4220cfaf4ffcc9144165d0c5889dcdf60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39681
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 117ms
40ms Preflight
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 18 Oct 2023 04:38:31 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6124 6 KB
3 KB 9ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://helopal.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Oct 2023 04:38:31 GMT
expires: Thu, 17 Oct 2024 04:38:31 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 5CA3 172 KB
61 KB 70ms
14ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
Origin: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:29:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58160
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Oct 2023 12:29:11 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 5CA3 11 KB
4 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AlSh8rlZ6_8y4kjRSIC8cvnxcQT-OEq6Asn1sFzIeCTSyypnAHOaUpTPILY9USfyiM98kp2ZIMrQzNL21dxcFg9wyhgLw09l-Jwo57gnxyJDIWEseE2kQxcHW_bbhI34qf-cq42OXnwjvg8oi8k1JiZbXACvELxg6jmegx6Lb7pKBrEVs&dbm_d=AKAmf-AJhCm3nQ3WML-ImJX7Wil8C7G-dy7Ng7JhLT_Mj58zBWFKA5xK524TMe8-XwhhPxzNN7Byhlnz-6UbW_R5uBO36uJN2KPGzJ3WXgdWk_j7yI80QGQ8-2lK8p8Sjfe-YpXis97YM0lKtZAxD2JesutZG0F-sR8thkHss8f90Qp53ysuMjrTgAK7NsqQTndqgbXSdoICNOyNn35K6b417S4vFUP1DFoo55cUvKahiUl-DjnrfI8t3P_g2Y-PVf17UhhYi_lTxBRNTiFua1Yl1ttwuzCQ3HM5CfnUSIy1F06bG-Wx1a9dxU72fT0cyMg-aIDrBpiKSr-hQdRwZ-ZZM-3mDGT2CS5U7wRzejj-n4ODZ1F0YChPUw0OSjCbdYitcuNxTMSk6bb-Wk18mos-WPkah-_WZ3Vn2ulO9WqAGIuFqFmHs-tA-P98s91qXWcMc1sGHsz-liMVLeA6wAWvLYJ7VRxYbQ8I80Nz4gllDnzzf7mgiEOtTsPxe-_cCIRl2OwcCCE6dMYXTYilMXvK5e6QycFEkhO4EQlUt34aMIQFOpNOapCUme21vr1epwLQXF0Vu4Cr3RoVHDKclW9S4G2YkrEzGafZUzh_GPpcc-UOIGVSxU4ntvxoEgbihTQxP9shWsK0fJ3Um8cZBPEpB5frJorLLyaKk9811PGLarAkbp9asGQCVbdCu4718V83t4bhf00UYqYo0frrgWUwJ4DscTll4IWK_U_RIQjKcLUDrnEv2LTtsxraV-4P7oKGfwSbdpYhA1HcBn55_VQOuMV-tzVbXqaKYfif47skXm8muHo1TF0LLiEmiE6bf-08EHWlJcYBcmFci6HszFULuTe0nA8tCnlAfEen9z4rcb75prZFQRiwNrCd7pskOeYbCC9topYlFdZcWQyvczzVLgbQu78AWbTzbdbjesHyaN5Aj4IesHOhVWCQUyOs_ofaAvLX-Jy84R0aqP121ZQ7mbcYH3iev_sD9hM13l7Ipr5eCp-DTyUogRRCaj0iY2g6gJOITDpaWFlfVBP1-bTgU4Sm7yjtUc-iwl_PvI8pmZQ2i8MH0Zv_IBvis0h04DWP8POUNIHWtRSSdBVJjD3sdC6_N3JUtb0HPhz97h4-24M43wLa_uRXjizxaJNKMLRoqm1lPXMsN6mt9teLfK09c-bXzNIAZY9L46zckehdYQdXg99RBwySCGKGlAN6RH796v74V9VKaPP10rw4fMbshbGoIlEAhzTG5S6UCcWRGngr6oVAGBpZL19lzB8MCCQb05Ey69hm3ignYhZ6WRXIj_hDOtDBpMwMwXG-OZaUZLq66XRB9_hppBszKPm0t1sbMSlE4Z1NQzB_dOOqRAYdOhvbnCk-6PeR8qc9rIXtHhJyeJqTsPqHsGnBDii6iN7lsJGO6FLnbeEbXDWwwp0WlbXyF1w8FLG3XHXS1H4XyjLAK-VplJikOwkyFii7H-B10Cao8G2ZJBd2-M21c8RyR6wIwcIsSkt2d-2kAi-eihdLfJaOCtaJ9Owt7fU4f9GKw3pM6PQeF4IYcT3-ctEPTwdzX56dBPNSGGSF0cA21iG8vrt9U2puyr_LMnxFnkqbGnfjHFDIOjMRQ97ij39sG-i0kOdzjcQ3Df9jCRDqzVJys-LEFbLemIksQc2c97AOjlaNDAQJR80aDjDAroTia7bGHb7vghl-p9w1F7PGON0Lt9FbW3dWW69_wsfM5fUhXApJyitc_VanNCWTeEJoTfBAQ96hwsGbtEeVYTi3gndRArLmoSKnwDz1m-HLmeFQHZFNUTr1fya13gbG7huw1ZecjDuaN3gwoL-n6nelPXbZ_FL4Hpv8TYSLVITKfc-EAs6SwS6nwfsVVnr4bNVU0c2etLUab5QQgTAHJFsA6wcBxqknuXq1jNW8woRH3NCREpgboX78gnmkd4sEVCMfpjBuSsN1mi10eT_i5MvykPgkGntZ-rBLv88fDr0J1vx7uuUWyRsvlXigO8NVpvziQ7ujLtbgpoxu38KHnqK5waBZOApshLm7xqqm26hQ3wzxhte_TBD-kwNHfsJkD-q6pYdwZVEBHc8p2-q96yy1IWIaPcQHvYZaeKTxb89u7y54uSdQbJoIV38By3qJeYiwr6Zy_bKRq8PyNvkmCOVBE9S54l1tdO66W4kV8g0N8HmIwLEtz-HZxKDn0iux-1a4oipt9lZ0qDBJPWutIw3b-YWlvdM7BKKLJXnpy16APkHhKzGG-wVU_5tScZWspHmMY3n1jYx8w3NPUlwBcsIvwxCd0nFaSna3aIU2HibCPIP7fi0eqMpVKgOXrXWvsFM2JTKnKQ5SsT9jV-aueOuETSfAVDTr82gNqGwYgMP3-5bH9pLaFRX0nXzHGmF8wabXXb681YeoEwXAvFJKueE14T3SSKRv5Chxj2Xc0zvv6e8F8ckTTaFRlR5Q0PV7hXgQ2oc04CYU95rqbHnsRI5jtbv7njbXotEF1F0uNkkQiG81LQfajS5-gkqSzzM6kvWZ9TgXrOlrby4fq6HO7wPeJBZ6vzfPnoqvsP7TDTbGueRkLsHlSA77gsFesEOEnTtF8RMh-RAVFG87k0QiVvfwHaFNaFarJiQIANl1fiSNv-jOd9qcsjLV2nJyGoKT-MkQWdMxQ9mbunzxxVejBXeCqx-tKq5iNM9EaKJYFME7p-3Ffui-U6jJqMFgqJ2ZI7ZHmkysCNBarTHhNw4MFQG_26VNBc2r5enAiSGCHjTSnQr5wEh1RzUR8JQ7el6cQ4TXiFscl6UMBZMOuv7abIVMZAACHQcXyy_vvAM7uXqcgLivFBxgPuWH0ugarWwkWSoZBtNcOYSrtz8AO9vD9Fl0KMo6CT-tszP9_ekrdfoPZ7zjfUnEdM5xyqihaZysQjxumO4fo1cOrHpGziy9Pf_fbF4GNEgKL2PkOXFDpC7bta9gN8Fnnog_DqXLz8xQg2FxrjUJ23qF3ORhdgtn_56BLh0k9PnnYBh9Zns3IAqehRF9zQZpGKNmGE88Yt947OcjkMc9pqIjBcIVDa07b2INVZP9Z8sYw0-YZDUovyWEtxx5oMchDc7QJPlMU4HFg_-TPFFh5EIEQno1sHKU89Wlfkf0sHZVVYDhirnIi9WHBxYvOH7cLOLK7Bvw0SM9-e6q_KiRbr4dOQg4I-9tUutF6l7sBrKvjz8Fh7yF1DVFx6akLk26NSNLMeRJL3v1KO0N95taNNEDsJeyuXdccZSYQ4DEo5SSF027VVQWsjGFraYriiAq4PJNm4if7_MsTPP_3Z_0Z_vRHLSrH-o2eV2n7iP86k-MGJA9xiz45zr6wBe8Wbb2_9P-7aJRIkOcgJjSXukgxfkajNkM4sjfJ5FobSrsTS1mLcGcpXLJ6Mm7CQLBxIOxC7ik3AhkVprjVg9i4CasZnk7-akTYU3D9YG_frLJzX_4pnT-IBhPPElIYnAZFhF37S_l3UPzfcg4ooiNCxTyhboJ2g&pr=8%3A0F4FD25423233A07&cid=CAQSMgDICaaN0XXQR63DIFtN6NrKvMSaTqUX7WNYwKcRtUtt3WiW930vE-K8DgX9gvVa0ZJyGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fhelopal.club%2F&ds=l&xdt=1&iif=1&cor=11000819067449117000&adk=4058864940&idt=98&cac=0&dtd=22

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:43:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53680
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 13:43:51 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 5CA3 30 KB
11 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52871
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11602
x-xss-protection: 0
server: cafe
etag: 2362517075893974484
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 13:57:20 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5CA3 41 KB
13 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 12:26:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 490323
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 12:26:28 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame B25F 281 B
554 B 71ms
8ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=de
Requested by: Host: 7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com
URL: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 18 Oct 2023 04:38:31 GMT
ETag: "4014f-119-6051b805b8000"
Last-Modified: Mon, 11 Sep 2023 20:52:16 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 6124 24 KB
6 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com
URL: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 16:05:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 563571
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 10 Oct 2024 16:05:40 GMT

GET
H3 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 6124 26 KB
10 KB 18ms
18ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: 7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com
URL: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5819
x-jsd-version: 1.16.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230064-FRA, cache-jnb7024-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iljZB96IJxHAUad%2FrniWymzExpeYt6FeQKmRe5PHdim5h6DzsprC6VkbgPEu9Vi28jqQ%2FxyykgSMEMylvD8X%2BXZmST43HqwUdJ%2BvKy33m3VshiZXmlA3kRp2xSNentinw6V8hOlF4qRwIEnZiOw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 817e17a02eda3a9c-FRA

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6124 187 KB
59 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com
URL: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dad6108f296670c871d8e0037a1b3dbf7c8a8d0ad7f21205b0a70288526539ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697483867094811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Oct 2023 04:38:31 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8DA2 22 KB
8 KB 23ms
8ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 421183
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 13 Oct 2023 07:38:48 GMT
expires: Sat, 12 Oct 2024 07:38:48 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6124 0
0 48ms
45ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst9gD0vRebzE3OuFmOoWySDM-QdcHQLzX15-3gNrOfB58EvCfuNxHzvYfivmQ02BIG05OA9BpJdv9GWUqljHV1K4l4R6OhvlTY_3nXz5lwHRVLYdJmhKfGFVCcE3AwPc9BTPVsgjr4UriktwF82SilHNib5coo3UyGTz1KyDAs9dfVwauI8h7WaO0PmVfGZo22ZRDx4JwfPwjUAHB4i47nHldvsP0LzZuSvATU9WdcVBfzkwwQMjL1NkaDPGCtxVGFRzJFA3FFAmhX-ZPbbr8UuTf7qy5lgPn3Ji1qHyS6s0sm8gpdWGCb-HnWI3Lb-HKBkraYmaFuP98xwauEVu4dgTuPgQzDFeBAIncX0x11VjPDoG8Va21Y3rveFoZvamVUBeBN8V88sV6fJ41vWRDw&sai=AMfl-YTtW_5Ry9dR7cDlwrx2rp5-CmcqTY62fojdTYv62AxO322wAl80rZI4aBOHD4v3BjmwGj_gdASp9Yc-fQnC3QS5QijiMLMd3z6YGVsy4Fe9thlwM_T3WeCFBHFZkw&sig=Cg0ArKJSzAxlPIfxaSpIEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com
URL: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7C39 281 B
124 B 26ms
24ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKijpQIQ2M6oAhjY1LJvMAE&v=APEucNVpHgfRvEG8Nj4DYqTnuwW9OhrU_1awioKLAuubT4FG0ZqU_MxLvV7go2_rVk_MpyM4okp4JOqAMWRR_T9ysTAkEF2DNNGbHVGCHrexz6VwebyidnA

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0f95dcad4811c2b85289326687f5e63764a1a24b5f8bd2d4ad59da3858f7992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 104
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 Oct 2023 04:38:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A31F 89 KB
31 KB 73ms
71ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 04:38:31 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A31F 42 B
63 B 43ms
40ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cz5o8L3bWZS-7y0PVOcRQ9gg79HDQ6defMhAzJMnsh3_nGcPzREga813K3F9t0hMqjUTTmP7yR6ACH-rfflA263X9VLLcw9TxpU0OcIZAA7LS_J7M

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A31F 0
20 B 43ms
41ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9471882600525046499&x=8&ct=76

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 e58879d3-84c4-4cc8-b603-b2ca5765e5a9
beacon-ams3.rubiconproject.com/beacon/d/ Frame A31F 43 B
75 B 27ms
25ms Image
image/avif 2602:803:c003:200::37
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-ams3.rubiconproject.com/beacon/d/e58879d3-84c4-4cc8-b603-b2ca5765e5a9?oo=0&accountId=20988&siteId=513654&zoneId=3082760&sizeId=8&e=6A1E40E384DA563BDFC9A5857DCF39C85CCC0C813EBBB5E2A81588C2E0576288641297D0A4B7E85A75FA0F5E371830947A3220A15E3EC91D63D405E159908E1920DA991D981DB70CE5BE4D12C720EB390E493E48E3522B6499CF482C5FC89636A123E7D86D1D12F293823D3662DBF14D68C0DE4C28909EC208E1C4D6CCDE971369A8906358651F331CE14D843FCD12B0CE919BD8634C032D00ED03C464A60A229D36C4B4168EE03344F1CADDF07735C6CF84B47EA4AEF640

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2602:803:c003:200::37 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:31 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/avif
cache-control: private, max-age=0, no-cache
content-length: 43
x-xss-protection: 1; mode=block
expires: 01 Jan 1970 10:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame B25F 41 KB
11 KB 11ms
11ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=de
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 6b0ed5d45b45f3593ce12f5311c4e636ed31736ebf1710849f949c430d24bc25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 04:38:31 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Oct 2023 19:59:52 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=55294
Connection: keep-alive
Content-Length: 11123
Expires: Wed, 18 Oct 2023 20:00:05 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 7C39
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm&gdpr=0
https://ads.smartstream.tv/cm/?cmsrc=dcm&gdpr=0&google_gid=CAESEIxJoMi-VvXs6PmVRr77wb8&google_cver=1
https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEIxJoMi-VvXs6PmVRr77wb8&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=aa822fe5bc27b70eee9d257ef690feec&uid=aa822fe5bc27b70eee9d257ef690f...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=

70 B
148 B

31ms
31ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKijpQIQ2M6oAhjY1LJvMAE&v=APEucNVpHgfRvEG8Nj4DYqTnuwW9OhrU_1awioKLAuubT4FG0ZqU_MxLvV7go2_rVk_MpyM4okp4JOqAMWRR_T9ysTAkEF2DNNGbHVGCHrexz6VwebyidnA
Protocol: H2
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:31 GMT
server: Kestrel
content-length: 70
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Wed, 18 Oct 2023 04:38:31 GMT
Last-Modified: Wed, 18 Oct 2023 04:38:31 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Cache-Control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection: keep-alive
Expires: Mon, 28 Jul 1997 05:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 7C39 170 B
232 B 17ms
17ms Image
image/png 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm&gdpr=0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKijpQIQ2M6oAhjY1LJvMAE&v=APEucNVpHgfRvEG8Nj4DYqTnuwW9OhrU_1awioKLAuubT4FG0ZqU_MxLvV7go2_rVk_MpyM4okp4JOqAMWRR_T9ysTAkEF2DNNGbHVGCHrexz6VwebyidnA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5CA3 187 KB
59 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dad6108f296670c871d8e0037a1b3dbf7c8a8d0ad7f21205b0a70288526539ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697483867094811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Oct 2023 04:38:31 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/2640407557734353404/ Frame AF7C 10 KB
2 KB 32ms
15ms Document
text/html 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2640407557734353404/index.html?e=69&leftOffset=0&topOffset=0&c=7pHkeEeYyj&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e5b02b59f528a8a8aae44d9335d6548dcd7c4b0407f9233d8039ea867aa85a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2431
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Oct 2023 04:38:31 GMT
expires: Thu, 17 Oct 2024 04:38:31 GMT
last-modified: Thu, 17 Aug 2023 15:57:17 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5CA3 0
0 99ms
50ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsso3KJ_42tr23TFA57FLc_vqJXwUiXs9jS716fL5pQQ_kqxuSANL2Xfr5UP1ZGOzL3Y7w1_XiQLontX4W1epxVSOcwXlVx8dwEQZVvpfgutgbBuVXGXpDU8kveFzztS3mVKWQk1DcKjEfVem14re7Wc8Jj1aFEzhpsmtT00c5F1SpMO2nZr7FivWdO_JU5koQDhI0HbgLrRCgxs4T04qrD_FYuPH4ym2rs2vq3A5Lx8Y1UWk2_LExF-zxmJipP_zlLztL6P3jMVtRD1FYYysgJyTF6L3MNpDoIVLuWw4NQ9614qFW93iwif9PuNFxg7ceL75TSCcDxf5i_pnzbfQE_tXOyQ9jxX_JNgztTHvJY0upN9_gbyxx30VFx8cxSKYoq7ugSnNS0VAshq5547TzRMtk66kDKl8RHVfO-0vWEvXLFGGQS4W9zqLoPv-eP3E_rcBKzNTIDmst4eX7Jp1QSOyn6sPcxzZfJBHWIsOdhWVGNV_xkvhX7MgYAYnAL4_DU3Kp_LePKTHOmpnkvS3LWCSTrNek1zdmFOCdtFFIZD_iXrKTZpWRJA-SAyG461B36tKp6bieHWTlsVjhwyBBMjSw274HoAkmCoZm68ubtEyS0-ruwwjq3zTKFu2UqbPifQjdAtHZaDedzGhqZVbLGwGtT085egodVjKPMGolmBgI05rMTTZXKGEgIjlqT3B7sWGt5Dj0dCR_YRLnuL7g2WEeo6vCD5GdPDRA7vaDOVZSLpsWHyIjSLNNC52dIb8ETlhVPMGKhT-H91q26WSwVEngw0UmdYvw-3HsarlUcCOrp5mC6CIR1gvNaYM2Ak-RPfIxjHl6-Cv_STx9wfSOUVQ9SSRy_nJX60uHKecbDNJIyvbis3IxEBi4Oi_BJx_HpTdHQst_iYIl347j4WsjkYrQhHxlL40ZMyvUb-mKDcyNTC8EOdUPWCtWAXI7pcVRH-QckkPXSs7K1D4eTHtqOoPI4GqhzQHd26aldFLnbCrbL96sbWtV19s23Z__0eUV2e47sHg8pEtCXtHWzHQwpTzubNguMZHeoYmJ9-7FKL1p1lYbVJX9W_jMEzcFq2xjEBZzcBVUszN8qtqeXLmeKnvSaFZEoYy4GW-ALvR6JuVbDDk3NkASeTQxOb4hT0cAXx0XrIAoo4lN_HA-YyPLqBuBPX7eUFMY2ynCJbc6EukDcuPGnC9S4aVX-eFWfIP-OW_U2tklVcXG9_xbpuQgnrDwEI6XeAqH6uyzxoKOFZyzf05TIklrbkpdey-BAVkcSn&sai=AMfl-YQ6YQcLGWivszbaVt2HkoYWO3k8B169ZC-etPudvTyoI1PfAqeEJ6QXCDiYYwbDChVDGLfiy1Yjn3tWqdBMUzyj-i3dqA8cW1haHx1zSgXFvhoNszyO1bCsoccaFnM-WrBukmgY4tI4kptA34CtHAo263E39C6gP2tT4lpy2lZaloZhsrBF_bBz1Vy6kFgIVxplrDsWktqp66AMxNuPRldixSIp4H749b1AGZwjQzvW8sUI8A1fMaT2gR7igJBOjoRa3876mdWjaH7my6P-&sig=Cg0ArKJSzM1ILPTnoMk5EAE&uach_m=[UACH]&pr=8:0F4FD25423233A07&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=166&cbvp=1&cstd=154&cisv=r20231004.51695&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 18 Oct 2023 04:38:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6124 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0437ecea3d443d3ca9c7537bf99ca24baa798b6f7fa49cd96d4488f825328cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 p04HFUVHB2kdNiXzU6p470k3by9Z9P4MzDHJjw8x7-0.js Show response
pagead2.googlesyndication.com/bg/ Frame 8DA2 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/p04HFUVHB2kdNiXzU6p470k3by9Z9P4MzDHJjw8x7-0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a74e0715454707691d3625f353aa78ef49376f2f59f4fe0ccc31c98f0f31efed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 22:08:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 541780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14689
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Oct 2024 22:08:51 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame B25F 7 B
380 B 50ms
8ms XHR
application/json 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?gdpr=0
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A31F 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1669173070798&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A31F 0
20 B 41ms
40ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1669173070798&version=m202309260101&ct=76&x=8&cor=9471882600525046000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A31F 95 KB
39 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D1tVDOBtWi5BuTPGEBsN_0RlmiOMXP16DAWG01eeSC8QZ_RhOpYocpFG5CaKZg1uWspiA5EcSmnMP59yNChcYdQjY-AmhPY1Icw2Xb0k4NizXt12t6GuXnmwngOLL_Pc20WTHTwynX1VpEiTwdOI0Dpfxrr-rr0nyyysM70WzHeCFA-Lo&dbm_d=AKAmf-B1VVk-ml3_s1F_e6jy2v6bXGfjZry8iH6aHtXH8H4E1Gjy9Wot_QI2-zF0qdW01z1KFje8EDXjaQBu6vALhmZ2bmLvzUqhtrXdmR9NbM6iH7M-Ks49P3SE_PwsyU5YsWHlO-XCQtbmrWnwJ9NyQggi_bRwnUKXbQ6i0t9Vowa2S89P-lcYlzrDKnNVhLU1-LG-Jcrr_N-QxnMAxlnVWAanVjIMlqlLcQYhsYrVZ-zA5Odad3dDlRU-5g8CdPYxx3GMDR3eqtlKOuJwFLIY3yBBwHFUE7mdDYAHy6roSCOy7Gw_q3qtTvxE6lSOwsR9tfQdCLfv5KfY5eIZ-Ii9rmwCcvpGpj0sYkP1igAayH0y0IwoLtMNsGFmzZs6UjP7PtN7FZpnCTv9K6EFvrYs6JBQOSxffMy49PlyVeetrmwtOfgoeNOuG0_zpqCxHytKIXFYhOpH_agNtx1a1UCMOSWFFKAOHZj8049fy00mngvosHgYvLvHpCOsVfYvyBmAb9rtABHDFlhEqqDh8zIwNu0nZRif0mroJ0Nvxb0CI6kX5k34Cc1vbCOA_a1E3qweQHgp8giCG3LKMh2zr2iqhQwe_JDZFtixz73owAtmqkbtxYob51LY97HvTJ_hk2DHbiJboANwXXlRPqV5h7B_97Kgrk33b4Q9MS1u_DkOpkxy31B8rrFpFRjV3APGNVvX0YMkXVekyHWpq9nV1cRn0iDtO3u7QRK07TO-iEhQN8uyRI3i2BOmImY3w2FnxOxxpBY2rlRCU9zFKajOxvnZasNBWctWAycy4KNa8CmUjU7rEKYseXiKjZN1JVlM4j3okkje2Jdbpww7TJgT7B5ypy6kQ0P8ivOGqakeprV_0-Q7NgW4XKvlYjJcexzVURP96v-mN6gd5GUmmu3Aivfvri2KAzX6HafNrIU8XwRRFuZdBSeo4xsfeWLhznfE4D9gbH83_YKFHN-BkSToXXQLIXputkJvTvXENedgxyJaNPLXtTQD2fcN13Das3Xq8yizzF20SvqJ-4QlbrrSZdfx_akF_M0hKTzH4_6kCa0VYcSOnub67nBTQpj5JmRZdeMS17DWO4ax8FT_cpOXrdS_tk1osOW3MNBEBR4G2JBiSbH0cNpM7tfKz1MRCSLA9s2KfWpEJbNPeUvQf2y7x6VkDyGSgBXJD1CJAUMn3_G5Yz2qoPfYJ4QXlnFebsyOHY17hzVjmqj0CelFVThKhL9UcW4MmbVjb6CGSgbDDLitnv7u_urUmjE5ef2WI1AVmpFOuqL-HqgLGsI0egT8QP9x3cwpxZPgePqZS46wZuOz2mOtep2v6-Uj-MgBrCFD6IgU1N2auqTfd0PUNW1Io8Q79FmCkigHkdMyGiapWy-5eQv-bYqR5x3PzipQeyErW9karD2yWXABVGmSwEIz4YEkPf7j_Z3kwBgR88HXBGt83kTLgp8wi3pHsIaqdg-9g90tO2yYj-GOMaR9ScsRbptWi2yWT3P8AXevXCxvZVaH2hmBvdJIvTQcAj87DqZ7-XOffBHdwE5DamJb9spqo3nXuY4qIWzbDNjH4MQKAYJvHXp38zilutGB0GS8fyM_DIxElaIKMqk4C364ujx0f-CU73Z-VxLKaCzdTlatPGEnUCglK6YJ5ahy7Hc_80vfAI1C41kADrnlOFljJ1Hg-RxaRbQxzgUWM2KtnurDrQYTL3DTKO_RcCv42gHgwKtmUOxmOpImOnOMhr3kkx5hirZGxW0gSxiKWB8pZq5AUTiy0mXiB86cEWmy5Oc4S76kPyQ6RkZGof6csuqH38YTjfBva61UhTZCaS5Umg8aw0_VnxSL0agJnx3961b51dwn0pQUAVF9oXzYXgj-QiHQ7eVKPyQFb76f2X_NHGowJH6F2LFrXlAOz4ECbgxulWBbniBAEbSN-Bl3vqYOtvXmyHQvzz9H4N0axUAKB_-n8g3b2xrhSTyW4fUrZFrpS4tbEXb3fYqYPClJx0I4ul27UsPWFu7GKos2X0vb8NrYTnToBO2WpeaWS0OjyOt_0cY8DiWrUU0zvrsHFKC-V6KNMWCxjCr7crm77RK62uuEe3zy238dYS8C27l1tKli0r3BJMRmLezJPnz_oicKlxcz6QlC5E95wNVHMk9guuZ31xTY09A2RgHj67UMQjARB4OdUPIs4XHEiBYm9Rce1-yxRE1Www9ymul2jwGOzr76cFlKkn6BRm3gWNdGZAq7anvUVqCC2JlzclT7e6ZMMJNLqOQ2kQ2fv8h7CL1VY9WRfYzRDv11TrcsyCcKledPI1f1BWe_aXxTcsU08mQsniDA8aACaHpdVhpJ0nTS11LS-EcdWuMQY-mk_JIuyLFus3ZILNAsrLD7s57hrbPEYAzvOIH55B5fx0h7icJo_iO2PFBO8lLnO5iVfn-FpNYrfzey12rP1owmutMwrQKuEaDBG_pIP6O6bP5xO3VP88xMhxuAMLE1FdpkqkavI01kld5kb51ljYH0GFG_wZK7qxLJlWH_USJ2ezkNkgJS_7Nsb-PvMzi_aFp86jPKVhEevYaabjYBsL8d1B3BmuD-ORu0lYLc_g4HBMOBOw4lGEEUvBWVnX8EmalDd9YLoFsxnZLYE6a68Sf_yuBBM8YPaxMA6jQBpLTGoGGio4qmnRxZrwwcZ8jXNHXioBTOGiulFsgVUu4kZn6cpSp_r-I5pjedxho6spsmCHlkt-3rnPKHd6LS3z6N7ObdLaE82Mmvv4Dz8Gep14bOET06H4bZgcrJzUblBtTgPaZBGNLWazU27koaTYmVAVguWum349ji6p4JkLIhLVqZ8Rla_LI4O34tLdB59C_ei8KCHWIhZL2DEdZp1RlvVSBgxR0K_IXIE0jlwOkPT5xwngynkioEzGCCNCgpjmVBmbS2LimBpGCoyaPjf_5eX_1xQ0ZnrKfwswiz9Fe6oo3KlWHDnAJaqcyxCbax7XFp6h0-p3BGdgvGZUxBeC0dVmFSt4ab11mc7ylADV4K9cdNA9uo9hssmZSYvThsk37e3C6uh9lgMSKS_tMRC7GhyMenyVlpOO7DPTBde3G0VTt_YK70-5iyMDE3sgJTA7E41Os-faCWuVYWrT_aUiXt7F9w7aL8VycKc_IePy-ebE39_C23hlC3kUXZnTdXAv4Sq2pccDLgA986N1daVqUr6xz29YPvLl89jU6gORinZV0_a8IY8mjmrY0padmPSanze0k6DIo6edMtqiqFpS0s02hSjqdOEsK-fXhTkm6UMZ1JS5UzwTZcFXxHrXafcVyQ_BxtGb6hyjBmClMF0WH0aRCoQGpUji9fVWRVFT13lFWLkLr4GUTr1EtpkKR_wW8PBl8gN8fjH0P7ehHI_9btcjiMV754CalDQDrSIMau2dF5XXF5L8ss4vbIzXNJvq-zSWsyUBjy1lJL_skPhpICo6mEgz_nyoifFA2z0Wa3SPqTJtLeTWT3Oi09a_lw-6KiVXGBjA&pr=8%3ACC6FC1AB0E8D57C9&cid=CAQSMgDICaaNomkGapErcyAS_4LyvVBZbiNGKOMks1XwsYzPkASSSPDUk1rn0yHp2A7TXi3fGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fhelopal.club%2F&ds=l&xdt=1&iif=1&cor=9471882600525046000&adk=3030632&idt=81&cac=0&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a503064915d06ea540d57bcbce6c01c12ed0da0f26ec33ea25b135594a127db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39498
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame AF7C 57 KB
23 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2640407557734353404/index.html?e=69&leftOffset=0&topOffset=0&c=7pHkeEeYyj&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2640407557734353404/index.html?e=69&leftOffset=0&topOffset=0&c=7pHkeEeYyj&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Oct 2023 04:38:31 GMT

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame AF7C 120 KB
41 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2640407557734353404/index.html?e=69&leftOffset=0&topOffset=0&c=7pHkeEeYyj&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2640407557734353404/index.html?e=69&leftOffset=0&topOffset=0&c=7pHkeEeYyj&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 08:25:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72808
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Oct 2023 08:25:03 GMT

GET
H2 200 polite.js Show response
joyn.kr-adstudios.com/img/banner-js/ Frame AF7C 86 KB
87 KB 93ms
16ms Script
application/javascript 2600:9000:2057:2200:7:dde5:8880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://joyn.kr-adstudios.com/img/banner-js/polite.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2640407557734353404/index.html?e=69&leftOffset=0&topOffset=0&c=7pHkeEeYyj&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:2200:7:dde5:8880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f56cf558e4526ba5116061cca5bdffdb159449245b4d202251e29ad1b7ffbfde

Security Headers

Name	Value
Content-Security-Policy	default-src https: gap: ws: 'unsafe-eval' 'unsafe-inline'; img-src * 'self' data: https:; font-src 'self' data:
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 05:25:53 GMT
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src https: gap: ws: 'unsafe-eval' 'unsafe-inline'; img-src * 'self' data: https:; font-src 'self' data:
strict-transport-security: max-age=63072000; includeSubdomains;
age: 83559
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 88197
x-xss-protection: 1; mode=block
last-modified: Fri, 13 Oct 2023 12:00:00 GMT
server: AmazonS3
etag: "be0097968a4b98b9427d98c7c07f9716"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
x-amz-cf-id: m6FZbQ83HF27QjRki4bdIZivVEocNveuclgYzeHEyyd1ZvKqKHLUDw==

GET
H3 200 container.html Show response
7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E212 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://helopal.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Oct 2023 04:38:31 GMT
expires: Thu, 17 Oct 2024 04:38:31 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame A31F 172 KB
60 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
Origin: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:29:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58160
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Oct 2023 12:29:11 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame A31F 11 KB
4 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D1tVDOBtWi5BuTPGEBsN_0RlmiOMXP16DAWG01eeSC8QZ_RhOpYocpFG5CaKZg1uWspiA5EcSmnMP59yNChcYdQjY-AmhPY1Icw2Xb0k4NizXt12t6GuXnmwngOLL_Pc20WTHTwynX1VpEiTwdOI0Dpfxrr-rr0nyyysM70WzHeCFA-Lo&dbm_d=AKAmf-B1VVk-ml3_s1F_e6jy2v6bXGfjZry8iH6aHtXH8H4E1Gjy9Wot_QI2-zF0qdW01z1KFje8EDXjaQBu6vALhmZ2bmLvzUqhtrXdmR9NbM6iH7M-Ks49P3SE_PwsyU5YsWHlO-XCQtbmrWnwJ9NyQggi_bRwnUKXbQ6i0t9Vowa2S89P-lcYlzrDKnNVhLU1-LG-Jcrr_N-QxnMAxlnVWAanVjIMlqlLcQYhsYrVZ-zA5Odad3dDlRU-5g8CdPYxx3GMDR3eqtlKOuJwFLIY3yBBwHFUE7mdDYAHy6roSCOy7Gw_q3qtTvxE6lSOwsR9tfQdCLfv5KfY5eIZ-Ii9rmwCcvpGpj0sYkP1igAayH0y0IwoLtMNsGFmzZs6UjP7PtN7FZpnCTv9K6EFvrYs6JBQOSxffMy49PlyVeetrmwtOfgoeNOuG0_zpqCxHytKIXFYhOpH_agNtx1a1UCMOSWFFKAOHZj8049fy00mngvosHgYvLvHpCOsVfYvyBmAb9rtABHDFlhEqqDh8zIwNu0nZRif0mroJ0Nvxb0CI6kX5k34Cc1vbCOA_a1E3qweQHgp8giCG3LKMh2zr2iqhQwe_JDZFtixz73owAtmqkbtxYob51LY97HvTJ_hk2DHbiJboANwXXlRPqV5h7B_97Kgrk33b4Q9MS1u_DkOpkxy31B8rrFpFRjV3APGNVvX0YMkXVekyHWpq9nV1cRn0iDtO3u7QRK07TO-iEhQN8uyRI3i2BOmImY3w2FnxOxxpBY2rlRCU9zFKajOxvnZasNBWctWAycy4KNa8CmUjU7rEKYseXiKjZN1JVlM4j3okkje2Jdbpww7TJgT7B5ypy6kQ0P8ivOGqakeprV_0-Q7NgW4XKvlYjJcexzVURP96v-mN6gd5GUmmu3Aivfvri2KAzX6HafNrIU8XwRRFuZdBSeo4xsfeWLhznfE4D9gbH83_YKFHN-BkSToXXQLIXputkJvTvXENedgxyJaNPLXtTQD2fcN13Das3Xq8yizzF20SvqJ-4QlbrrSZdfx_akF_M0hKTzH4_6kCa0VYcSOnub67nBTQpj5JmRZdeMS17DWO4ax8FT_cpOXrdS_tk1osOW3MNBEBR4G2JBiSbH0cNpM7tfKz1MRCSLA9s2KfWpEJbNPeUvQf2y7x6VkDyGSgBXJD1CJAUMn3_G5Yz2qoPfYJ4QXlnFebsyOHY17hzVjmqj0CelFVThKhL9UcW4MmbVjb6CGSgbDDLitnv7u_urUmjE5ef2WI1AVmpFOuqL-HqgLGsI0egT8QP9x3cwpxZPgePqZS46wZuOz2mOtep2v6-Uj-MgBrCFD6IgU1N2auqTfd0PUNW1Io8Q79FmCkigHkdMyGiapWy-5eQv-bYqR5x3PzipQeyErW9karD2yWXABVGmSwEIz4YEkPf7j_Z3kwBgR88HXBGt83kTLgp8wi3pHsIaqdg-9g90tO2yYj-GOMaR9ScsRbptWi2yWT3P8AXevXCxvZVaH2hmBvdJIvTQcAj87DqZ7-XOffBHdwE5DamJb9spqo3nXuY4qIWzbDNjH4MQKAYJvHXp38zilutGB0GS8fyM_DIxElaIKMqk4C364ujx0f-CU73Z-VxLKaCzdTlatPGEnUCglK6YJ5ahy7Hc_80vfAI1C41kADrnlOFljJ1Hg-RxaRbQxzgUWM2KtnurDrQYTL3DTKO_RcCv42gHgwKtmUOxmOpImOnOMhr3kkx5hirZGxW0gSxiKWB8pZq5AUTiy0mXiB86cEWmy5Oc4S76kPyQ6RkZGof6csuqH38YTjfBva61UhTZCaS5Umg8aw0_VnxSL0agJnx3961b51dwn0pQUAVF9oXzYXgj-QiHQ7eVKPyQFb76f2X_NHGowJH6F2LFrXlAOz4ECbgxulWBbniBAEbSN-Bl3vqYOtvXmyHQvzz9H4N0axUAKB_-n8g3b2xrhSTyW4fUrZFrpS4tbEXb3fYqYPClJx0I4ul27UsPWFu7GKos2X0vb8NrYTnToBO2WpeaWS0OjyOt_0cY8DiWrUU0zvrsHFKC-V6KNMWCxjCr7crm77RK62uuEe3zy238dYS8C27l1tKli0r3BJMRmLezJPnz_oicKlxcz6QlC5E95wNVHMk9guuZ31xTY09A2RgHj67UMQjARB4OdUPIs4XHEiBYm9Rce1-yxRE1Www9ymul2jwGOzr76cFlKkn6BRm3gWNdGZAq7anvUVqCC2JlzclT7e6ZMMJNLqOQ2kQ2fv8h7CL1VY9WRfYzRDv11TrcsyCcKledPI1f1BWe_aXxTcsU08mQsniDA8aACaHpdVhpJ0nTS11LS-EcdWuMQY-mk_JIuyLFus3ZILNAsrLD7s57hrbPEYAzvOIH55B5fx0h7icJo_iO2PFBO8lLnO5iVfn-FpNYrfzey12rP1owmutMwrQKuEaDBG_pIP6O6bP5xO3VP88xMhxuAMLE1FdpkqkavI01kld5kb51ljYH0GFG_wZK7qxLJlWH_USJ2ezkNkgJS_7Nsb-PvMzi_aFp86jPKVhEevYaabjYBsL8d1B3BmuD-ORu0lYLc_g4HBMOBOw4lGEEUvBWVnX8EmalDd9YLoFsxnZLYE6a68Sf_yuBBM8YPaxMA6jQBpLTGoGGio4qmnRxZrwwcZ8jXNHXioBTOGiulFsgVUu4kZn6cpSp_r-I5pjedxho6spsmCHlkt-3rnPKHd6LS3z6N7ObdLaE82Mmvv4Dz8Gep14bOET06H4bZgcrJzUblBtTgPaZBGNLWazU27koaTYmVAVguWum349ji6p4JkLIhLVqZ8Rla_LI4O34tLdB59C_ei8KCHWIhZL2DEdZp1RlvVSBgxR0K_IXIE0jlwOkPT5xwngynkioEzGCCNCgpjmVBmbS2LimBpGCoyaPjf_5eX_1xQ0ZnrKfwswiz9Fe6oo3KlWHDnAJaqcyxCbax7XFp6h0-p3BGdgvGZUxBeC0dVmFSt4ab11mc7ylADV4K9cdNA9uo9hssmZSYvThsk37e3C6uh9lgMSKS_tMRC7GhyMenyVlpOO7DPTBde3G0VTt_YK70-5iyMDE3sgJTA7E41Os-faCWuVYWrT_aUiXt7F9w7aL8VycKc_IePy-ebE39_C23hlC3kUXZnTdXAv4Sq2pccDLgA986N1daVqUr6xz29YPvLl89jU6gORinZV0_a8IY8mjmrY0padmPSanze0k6DIo6edMtqiqFpS0s02hSjqdOEsK-fXhTkm6UMZ1JS5UzwTZcFXxHrXafcVyQ_BxtGb6hyjBmClMF0WH0aRCoQGpUji9fVWRVFT13lFWLkLr4GUTr1EtpkKR_wW8PBl8gN8fjH0P7ehHI_9btcjiMV754CalDQDrSIMau2dF5XXF5L8ss4vbIzXNJvq-zSWsyUBjy1lJL_skPhpICo6mEgz_nyoifFA2z0Wa3SPqTJtLeTWT3Oi09a_lw-6KiVXGBjA&pr=8%3ACC6FC1AB0E8D57C9&cid=CAQSMgDICaaNomkGapErcyAS_4LyvVBZbiNGKOMks1XwsYzPkASSSPDUk1rn0yHp2A7TXi3fGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fhelopal.club%2F&ds=l&xdt=1&iif=1&cor=9471882600525046000&adk=3030632&idt=81&cac=0&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:43:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53680
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 13:43:51 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame A31F 30 KB
11 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52871
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11602
x-xss-protection: 0
server: cafe
etag: 2362517075893974484
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 13:57:20 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A31F 41 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 12:26:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 490323
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 12:26:28 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 61B7 281 B
554 B 18ms
17ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=de
Requested by: Host: 7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com
URL: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 18 Oct 2023 04:38:31 GMT
ETag: "4014f-119-6051b805b8000"
Last-Modified: Mon, 11 Sep 2023 20:52:16 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 61B7 41 KB
11 KB 9ms
9ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=de
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 6b0ed5d45b45f3593ce12f5311c4e636ed31736ebf1710849f949c430d24bc25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 04:38:32 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Oct 2023 19:59:52 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=55293
Connection: keep-alive
Content-Length: 11123
Expires: Wed, 18 Oct 2023 20:00:05 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame E212 24 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com
URL: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 16:05:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 563572
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 10 Oct 2024 16:05:40 GMT

GET
H3 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame E212 26 KB
10 KB 15ms
15ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: 7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com
URL: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5820
x-jsd-version: 1.16.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230064-FRA, cache-jnb7024-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2IFurRj6Et4OqxQR3HQmMg%2B4y%2BL7VWegw%2FB662NOvM4YjhjWFXPlGrN881BiThY30mIDeEv%2FTtCXceUIMRiIpIxdB6Ag7GFbpAAHY1GiXNKN1orpNGWQTKQD2DUb1gb1b5n3sPXBqbp9VfzMeh4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 817e17a218a33a9c-FRA

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E212 187 KB
59 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com
URL: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dad6108f296670c871d8e0037a1b3dbf7c8a8d0ad7f21205b0a70288526539ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697483867094811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Oct 2023 04:38:32 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5CA3 0
0 46ms
45ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsso3KJ_42tr23TFA57FLc_vqJXwUiXs9jS716fL5pQQ_kqxuSANL2Xfr5UP1ZGOzL3Y7w1_XiQLontX4W1epxVSOcwXlVx8dwEQZVvpfgutgbBuVXGXpDU8kveFzztS3mVKWQk1DcKjEfVem14re7Wc8Jj1aFEzhpsmtT00c5F1SpMO2nZr7FivWdO_JU5koQDhI0HbgLrRCgxs4T04qrD_FYuPH4ym2rs2vq3A5Lx8Y1UWk2_LExF-zxmJipP_zlLztL6P3jMVtRD1FYYysgJyTF6L3MNpDoIVLuWw4NQ9614qFW93iwif9PuNFxg7ceL75TSCcDxf5i_pnzbfQE_tXOyQ9jxX_JNgztTHvJY0upN9_gbyxx30VFx8cxSKYoq7ugSnNS0VAshq5547TzRMtk66kDKl8RHVfO-0vWEvXLFGGQS4W9zqLoPv-eP3E_rcBKzNTIDmst4eX7Jp1QSOyn6sPcxzZfJBHWIsOdhWVGNV_xkvhX7MgYAYnAL4_DU3Kp_LePKTHOmpnkvS3LWCSTrNek1zdmFOCdtFFIZD_iXrKTZpWRJA-SAyG461B36tKp6bieHWTlsVjhwyBBMjSw274HoAkmCoZm68ubtEyS0-ruwwjq3zTKFu2UqbPifQjdAtHZaDedzGhqZVbLGwGtT085egodVjKPMGolmBgI05rMTTZXKGEgIjlqT3B7sWGt5Dj0dCR_YRLnuL7g2WEeo6vCD5GdPDRA7vaDOVZSLpsWHyIjSLNNC52dIb8ETlhVPMGKhT-H91q26WSwVEngw0UmdYvw-3HsarlUcCOrp5mC6CIR1gvNaYM2Ak-RPfIxjHl6-Cv_STx9wfSOUVQ9SSRy_nJX60uHKecbDNJIyvbis3IxEBi4Oi_BJx_HpTdHQst_iYIl347j4WsjkYrQhHxlL40ZMyvUb-mKDcyNTC8EOdUPWCtWAXI7pcVRH-QckkPXSs7K1D4eTHtqOoPI4GqhzQHd26aldFLnbCrbL96sbWtV19s23Z__0eUV2e47sHg8pEtCXtHWzHQwpTzubNguMZHeoYmJ9-7FKL1p1lYbVJX9W_jMEzcFq2xjEBZzcBVUszN8qtqeXLmeKnvSaFZEoYy4GW-ALvR6JuVbDDk3NkASeTQxOb4hT0cAXx0XrIAoo4lN_HA-YyPLqBuBPX7eUFMY2ynCJbc6EukDcuPGnC9S4aVX-eFWfIP-OW_U2tklVcXG9_xbpuQgnrDwEI6XeAqH6uyzxoKOFZyzf05TIklrbkpdey-BAVkcSn&sai=AMfl-YQ6YQcLGWivszbaVt2HkoYWO3k8B169ZC-etPudvTyoI1PfAqeEJ6QXCDiYYwbDChVDGLfiy1Yjn3tWqdBMUzyj-i3dqA8cW1haHx1zSgXFvhoNszyO1bCsoccaFnM-WrBukmgY4tI4kptA34CtHAo263E39C6gP2tT4lpy2lZaloZhsrBF_bBz1Vy6kFgIVxplrDsWktqp66AMxNuPRldixSIp4H749b1AGZwjQzvW8sUI8A1fMaT2gR7igJBOjoRa3876mdWjaH7my6P-&sig=Cg0ArKJSzM1ILPTnoMk5EAE&uach_m=[UACH]&pr=8:0F4FD25423233A07&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=356&vt=11&dtpt=190&dett=3&cstd=154&cisv=r20231004.51695&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CDCA 0
0 58ms
43ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXcXtHg5nH8VvRkXR5S0c4pQcAQf8RqVXSgRcs0-zj9ibtW7vuhAYR5WwH0LeULMu1YILCSToQG9XDHDh53cukBeIV__Ifk8v-2mrNNN37cwo8LjyUx29_1Ii1LBI5e18xpfUrggJy8vxitBsFxGFyXS6FKS2NT4dLH16_O6qRsebs5vi-5R-PtYCPmJaFvD8mmqLAFf0lqWQK4iofH9XJmVoO5qEOjuvem8dUkFkJ9rKUakpPwpDH6FdnJ6hXsAPAtzV6CBEyVgQfcZ6WyW1KQOK-dvtGEpPbpGTQcZthCSYMml9FPgSH9045b13GN4Sn3VXL87xqk7yQPWTiYyl3bNcrt40aUkn6yacYwre1F0pr8WaE-NW0J3pJQdHlptLPnwjla6S94gDWVfoMGH4ZsCp3&sai=AMfl-YQeTk6vot67pJP5RY4AvhpoTyE1qWJZHMSc17fNMXhEnSzE-YMHwgGO2FYxkLxVNaQfUEfd5jCRugG9ntdxNp6k8jISdiBwZj16fBA99tfiql28vZkixHqXHL4muw&sig=Cg0ArKJSzDsMOIAZTuWxEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 18 Oct 2023 04:38:32 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A31F 187 KB
59 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dad6108f296670c871d8e0037a1b3dbf7c8a8d0ad7f21205b0a70288526539ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697483867094811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Oct 2023 04:38:32 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/4336193642047629408/ Frame 54C3 10 KB
2 KB 15ms
15ms Document
text/html 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4336193642047629408/index.html?e=69&leftOffset=0&topOffset=0&c=y24UithB9e&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

970dad574ea42ac2781b6457dd1ed2416c7aebd32c09669566d0cc8a20f82251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2432
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Oct 2023 04:38:32 GMT
expires: Thu, 17 Oct 2024 04:38:32 GMT
last-modified: Thu, 17 Aug 2023 15:57:19 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A31F 0
0 54ms
53ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstpD3aBxW9Oe3T9Iz9oqv7XJj_EkLUKnjpg_z_4s0pKBBVj97eKyTi9D6pVMitRVCvVr0kR-pqx_eiJxiBjCx0aAk_FISOHEMRS_Mal_yOCRbTy88srOXblXl2slE8POvy7ejb_Gx2-KLeUSef7wqrOR9TrCcUFfxwMZfiUzS20Rlyd3a6i4omBn83LlzHqRlqDDMItf4ZrQdRcbYwaqGeN8MSJTWOQV_xHtq1yrUqGm2_BSm3UcX5Ryw598VEUEevmJT_DdO9Unb584e3nw--NbduysafPzGsIEl7lzvSmiNN52-A4GUryjq20ZOpd_LW7rNI0tFVOBAHRlDQW9E396DzQ-uVVDu0eJNb9exiIFGWx6xims4XjnPbtGwbQgurNx4YYysqXp3s91AJ2whb3EatXLOr28Jav9NmNJ0v5PE2g00THf7-LSlFK9xT0M_OCH7Zv1O0hocsl8fjUsRH61bk9LHmTWUVo75VIxU5b4nbBvjDVk9D-1yhAGmkC9Ob4fT_X48an2gctNgb7wftkOh-AHEGEHMfS2tEfSteWMOtlifLA6hSvcHEPidiC6r6n6bmzbzEpaGjP4Fl5O5HCbuxnVDPrBmwMntJ3zeWe5_QPvOKDaCVCJAt6YnJB4KHz5Nud0s31HGH3oWtPP-qq-LrGbTXySQyT2xDpIFDldP5VdSRUzMa3A3KgebxEHm7WujwM407L077yeZk__q6p87IpaSgjHVeO0FAteMJJlSVqMYrdlqKC684mp2Vhm-vZMtmzi80VsIv9sglzDedT54Tw4WiR3NVmGTzCK0zKS-34-GSOcfp4D6jagQYU2GVcqbFpyShH2-ZX_z7HkQXyZ8O_ZWmarFsAFYatr6_3Ih50AXGrb_40HS2N9i8yKJQO_4ju_CUpgU7GahOB-yY5ZWbOA8OLXq9nN917Z3Bs0pwiEKvV6aO2WF57LSKEIST-hPyWSoEKE3TzKqWcXl1hmwLa7F49Cra4i7NwFJav9qSOfl5FfF2t08imrbjoUJuaN5ix2FRmhaNeu8vh9GwcQ6kmy5MgJZDtIjycFEvWEicZaFirFCSH5W7ZzhE1Hj9y1vrgZ9l9GTwCAewRp_yPkJiQNgIvKe_BmXctfUYfBWV3_wQWHtGp4qORL60wrdNKOBRwECsis_47ugXA66ZCT1Awim4sfguxBUA9uc3fKpzcf875lobsSwk_xr0L6zSSWGbWNIprodn9BmyyYsWHqT6Ghw8Vl7IZXO0DlpUzD2WYaAeuPvgCQT_ikEj-kl0HunE&sai=AMfl-YQkVv0gXcPqlonfajiKjjX_dAFIBoh8Ihy6fqQ5IOr_-OfZ7WPhn933nOTBYpf938G6L1kBcpb3FdGfft21PJAWHNyuGRDOd2PjsMskNjsau9lLWohHo9S_HYLZD7witrYbIhOwZo8V80PDR_Wxm1F1pYsVo9U8aDrdOavT-b2ba8ZCTPI2zQlQYLG3O7xQel-qOaPh9GZ3WkcHe_yTVAotq6gUPlA4gB-Wo_FYap95GAXmi0-y83p_kLpgcEVosxOcqMeWXt_x-KTO5KYI&sig=Cg0ArKJSzLldVkZtl3QIEAE&uach_m=[UACH]&pr=8:CC6FC1AB0E8D57C9&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=79&cbvp=1&cstd=73&cisv=r20231004.23718&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 18 Oct 2023 04:38:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 61B7 7 B
380 B 9ms
9ms XHR
application/json 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?gdpr=0
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E212 0
0 47ms
47ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss7UUd4u_nByzqH0dLSuBX6Xh8LfSownPRgzSFpwbO5ln-UfOlQ8H-Lrr0uDFa9SxRxJUC747-lM9aHwxN5M0ci7W45z6h_XYt33bYrlCZxDJ85KzQM2LhpqqRt_kXzPtMn3TXUbZt__QBeIQjWl4S9nHOVH8se4E0mpFPvyP-94sLnFhkjjC5gQkhNb0A3e40YXHw8CVxhaNPZ2uTV2NYCWLvnmNeI1Xpc9VCb_21c-X79F30HcVhYYmrPIWDDFnbzCqE_wK1kpxNly0Cy2-DhQBlN1ctUfWz8FFOPDuTVwrEn0KU1jr9u1ukjai0Q7Ww7oGX06Vo1AgWs0jochvdQzsv-Pepu0yVluOq8pMsjPQDyzS98__CRtp7JvK-VcXa6Xh27sa9ZObtlTLY&sai=AMfl-YRUA-CPRNyPAuxNs_6E8QB6DdhSkzUA0XqSRlAkHwiNMjkUC0btyq7NAF8_5qnPj1RSWMBosLLQ8dYu1QIGXo1pcMDH7vecpV7mUbsebnpCe_aglG1wqwbbCrQphw&sig=Cg0ArKJSzE2AFY7An-o0EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com
URL: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame AC80 22 KB
8 KB 8ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 421184
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 13 Oct 2023 07:38:48 GMT
expires: Sat, 12 Oct 2024 07:38:48 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 54C3 57 KB
23 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4336193642047629408/index.html?e=69&leftOffset=0&topOffset=0&c=y24UithB9e&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4336193642047629408/index.html?e=69&leftOffset=0&topOffset=0&c=y24UithB9e&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Oct 2023 04:38:32 GMT

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 54C3 120 KB
41 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4336193642047629408/index.html?e=69&leftOffset=0&topOffset=0&c=y24UithB9e&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4336193642047629408/index.html?e=69&leftOffset=0&topOffset=0&c=y24UithB9e&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 08:25:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72809
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Oct 2023 08:25:03 GMT

GET
H2 200 polite.js Show response
joyn.kr-adstudios.com/img/banner-js/ Frame 54C3 86 KB
87 KB 9ms
8ms Script
application/javascript 2600:9000:2057:2200:7:dde5:8880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://joyn.kr-adstudios.com/img/banner-js/polite.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4336193642047629408/index.html?e=69&leftOffset=0&topOffset=0&c=y24UithB9e&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:2200:7:dde5:8880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f56cf558e4526ba5116061cca5bdffdb159449245b4d202251e29ad1b7ffbfde

Security Headers

Name	Value
Content-Security-Policy	default-src https: gap: ws: 'unsafe-eval' 'unsafe-inline'; img-src * 'self' data: https:; font-src 'self' data:
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 01:27:37 GMT
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src https: gap: ws: 'unsafe-eval' 'unsafe-inline'; img-src * 'self' data: https:; font-src 'self' data:
strict-transport-security: max-age=63072000; includeSubdomains;
age: 83560
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 88197
x-xss-protection: 1; mode=block
last-modified: Fri, 13 Oct 2023 12:00:00 GMT
server: AmazonS3
etag: "be0097968a4b98b9427d98c7c07f9716"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
x-amz-cf-id: y63PZfEnyk1KaPHpZdyUVeHVgvmKRu5lGAREZM6huiylpKxCIVGm9g==

GET
DATA 200
OK truncated
/ Frame E212 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6cdf83dd219f818664b987ea62981282c89efa6c4ee9be37c330b73d19b4a97

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 014D 281 B
124 B 24ms
21ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKijpQIQ2M6oAhiK2LJvMAE&v=APEucNVoiKkMZYUxk7UGAE9FdNnfc9V5D5vIVSVRRd10715NQGNvTg48pcCvVxspMXVqfV1rcJmwbsbxo35ti6xTKFFLCiKd7hlKICfZP8q7PKmfYQrpyyk

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0f95dcad4811c2b85289326687f5e63764a1a24b5f8bd2d4ad59da3858f7992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 104
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 Oct 2023 04:38:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame DB59 89 KB
31 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 04:38:32 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame DB59 42 B
63 B 44ms
43ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bg9ZS7VavttDXjzrsW2e7m_UhiEnt0tVt3bLPP3U5-XUgozoBqIq_VvnuJn_nlRH4r402_cHF3mWjS4OVPe66wsb1imvgUcZEnBzlVOXFyi7wTivY

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DB59 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10174283688875601737&x=8&ct=76

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 a0d4963a-bab6-4c0c-bef1-7e7c932e5866
beacon-ams3.rubiconproject.com/beacon/d/ Frame DB59 43 B
75 B 27ms
26ms Image
image/avif 2602:803:c003:200::37
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-ams3.rubiconproject.com/beacon/d/a0d4963a-bab6-4c0c-bef1-7e7c932e5866?oo=0&accountId=20988&siteId=513654&zoneId=3082760&sizeId=2&e=6A1E40E384DA563B798B900830FE96C52E42B33FD0440FCD5677EC6A4AD6BBD34851DB26D8F6EA986EC1E109B620A3617A3220A15E3EC91D42A7720F0A92F9A420DA991D981DB70CE5BE4D12C720EB390E493E48E3522B6422AA9F476103117BE0760B81F3E32B36A4C8D34D25336BAD0CB182C8D259A6B9450216846D1125462605645952F60178C430655AF29FEACD7F9005273B2575145351B2FA77D9F98DB080DBB031FEDEF7ECF026A38A5AB0C56B2F7A472A9561F0E82A954C1004678A

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2602:803:c003:200::37 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:31 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/avif
cache-control: private, max-age=0, no-cache
content-length: 43
x-xss-protection: 1; mode=block
expires: 01 Jan 1970 10:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame AF7C 8 KB
6 KB 23ms
23ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f11f3c9efe0a774cb3b1c1cc0edab18d7eb247f0e1092c020d77d84c06d5848a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5830
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8DA2 0
20 B 45ms
44ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6ssOR2EvZYPGJa3ox_APvKGFiA4AAAAAOAHgBAI&bg=!y8ilyIfNAAZy-tsgUvo7ADQBe5WfOAUuWg0ejMrkJBhwC6HSsQkslxoncI0ltirSJj15aBRpk051DXTLwMkxVqx_SZXvAgAAAQtSAAAACWgBB5kDjnigzr1DAP_4-HRCnBXcPTeIZ2m5qfQKxkMERXy9HdGrTCaf2Fas8v-jN2VjfJmP2wm9qcArFNIQCbnvCGfMa_pu81rBFlQcHuo_yJYUoj5QBlOCj9a5vg5qZstfcDsfHH8xcNlRh7Q_Q76VbpWX9t2b49EK-7kYn8JrZLXMRA1nc-2tXcOBdKSJEPXhAvWdCdoasHGh3pFwA0vhPaHw7xwmpO5OPbKqg3DS80pCw0UDhOmwmMdmehVCS0DCNISpTbppL2rr-HXmfB8wngTSYoLnf8evN3dLV83u383qngMkTEj_aufVI75XcphWLGWNC7BaBlDe_uvMb2ACsfvXFMBrjiAcMPPBo74FgN-fEVtK4GcKHlV2eDszDeTnJNpmyPh1CagicRd3uXPYeQFwztjAn9waCUBcpX0q0pxO63_dvgIkAxuL1p6OZ2s8YdM2q-LXzihD4kJW3A3DOYM3Jn2VscwDBQtaJsbmpkg7jhtKrl0F38zLLPTX8kKMmQmMWGCByN-n5ndd5q1ln7nOwtb2GNFA7O3ABoISmgtTYcn5Xvg1iDjHwYuwm_I25te7IbQvEXjKY3u1RCflhfEJDEoAPipOvYLg7WCIDoNCLmUxtWflohVLu-Y-8FnEEzTIl4R-zedLOZK4em0cvkUjcIyG3692mkbOsXzdJEmkY-9InanNGeOm3ltnIO1XFmefcrySVUXDgboBDeeFw86bhLiBdbUy_vW2duCrzNNc6r3AqFe87miwrCYBLsUlWI40MGPzp64R-DfVA9zu86foIuYmF1j9cXYurIT8x6ENl2LDMBM_5ujHgrhEJfJtb2R545si2lOpPKqy6K_NCLou-TyFYH3VbT9pdxzUuyNPxHUchAtIXKcuXtb3IGYyoHflv6R5gZB_Vdu_KSg8sg7j6e3j6STzDRqBKlSU0KwPsGNcFx6s61eGcGaYyR1HgacWnad5KVcr73Ot90DCs5Kot5OCW6-0Xi-qKrJZLdoMAEUk_1bjteTYgBMq-FxrSgQKlGs_xnSOhv0sj_xsGJWSMJbCy7FC1sQ7_b8-SMZ7voBN2pfRbBYho9ZsA-fV1dvkrg3Kxq-i1aqJhT7X0vtfMCREvWDMRXZd7KGnbnr8SgB7t0uru8FszFJHcEVsb4Fk9StmKApi0Gt3pUYSKVvd0ESzpYWAit_LfCfHSOJOUQg4sSydhoc3j22adSTBhnI

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 014D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm&gdpr=0
https://ads.smartstream.tv/cm/?cmsrc=dcm&gdpr=0&google_gid=CAESEPhGznIyo_GIE6KGgkQ-L0c&google_cver=1
https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEPhGznIyo_GIE6KGgkQ-L0c&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=aa822fe5bc27b70eee9d257ef690feec&uid=aa822fe5bc27b70eee9d257ef690f...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=

70 B
148 B

31ms
31ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKijpQIQ2M6oAhiK2LJvMAE&v=APEucNVoiKkMZYUxk7UGAE9FdNnfc9V5D5vIVSVRRd10715NQGNvTg48pcCvVxspMXVqfV1rcJmwbsbxo35ti6xTKFFLCiKd7hlKICfZP8q7PKmfYQrpyyk
Protocol: H2
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:32 GMT
server: Kestrel
content-length: 70
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Wed, 18 Oct 2023 04:38:32 GMT
Last-Modified: Wed, 18 Oct 2023 04:38:32 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Cache-Control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection: keep-alive
Expires: Mon, 28 Jul 1997 05:00:00 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 014D 170 B
188 B 24ms
23ms Image
image/png 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm&gdpr=0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKijpQIQ2M6oAhiK2LJvMAE&v=APEucNVoiKkMZYUxk7UGAE9FdNnfc9V5D5vIVSVRRd10715NQGNvTg48pcCvVxspMXVqfV1rcJmwbsbxo35ti6xTKFFLCiKd7hlKICfZP8q7PKmfYQrpyyk

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK logo-joyn.svg Show response
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/sender/ Frame AF7C 864 B
1 KB 165ms
61ms Fetch
image/svg+xml 52.218.29.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/sender/logo-joyn.svg
Requested by: Host: joyn.kr-adstudios.com
URL: https://joyn.kr-adstudios.com/img/banner-js/polite.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.29.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8695956c55e8679652a5e34279fbcf353078c3883143582a847b8a26a50a3774

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 04:38:33 GMT
Last-Modified: Mon, 04 May 2020 20:14:51 GMT
Server: AmazonS3
x-amz-request-id: 914F0AQ8R5GX18QC
ETag: "4cfbd49bbe5134d80e544db8176b5503"
Access-Control-Max-Age: 0
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Allow-Origin: *
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 864
x-amz-id-2: NfUM3Hn93aDTHgVUg/SIq6tW+YClBawffTSg/XZ3FgooK9wlhz4fIyxhOQxJmm2D8fYOlu+mnrg=

GET
H/1.1 200
OK baseanimation_tt.js Show response
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/javascript/ Frame AF7C 27 KB
27 KB 168ms
65ms Script
application/javascript 52.218.29.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/javascript/baseanimation_tt.js
Requested by: Host: joyn.kr-adstudios.com
URL: https://joyn.kr-adstudios.com/img/banner-js/polite.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.29.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: aa29256ffbb7f6569f59f813ff865fc1a0f13e4a1d33609814dfe16c80a5f5d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 04:38:33 GMT
Last-Modified: Fri, 13 Oct 2023 12:02:56 GMT
Server: AmazonS3
x-amz-request-id: 914F0AT9SY0S777E
ETag: "c6e0acc97fa49c380939b5e40f782951"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 27665
x-amz-id-2: coKGN+MHCFv0yH3HKkIeA6Mko8A7B4oThd7onOeZv9QJHZM6qRahTXefDhiWXSiQJJZbj4OOFQ4=

GET
H3 200 p04HFUVHB2kdNiXzU6p470k3by9Z9P4MzDHJjw8x7-0.js Show response
pagead2.googlesyndication.com/bg/ Frame AC80 37 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/p04HFUVHB2kdNiXzU6p470k3by9Z9P4MzDHJjw8x7-0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a74e0715454707691d3625f353aa78ef49376f2f59f4fe0ccc31c98f0f31efed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 22:08:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 541781
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14689
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Oct 2024 22:08:51 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame AF7C 17 KB
6 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 04:38:32 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A31F 0
0 50ms
47ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstpD3aBxW9Oe3T9Iz9oqv7XJj_EkLUKnjpg_z_4s0pKBBVj97eKyTi9D6pVMitRVCvVr0kR-pqx_eiJxiBjCx0aAk_FISOHEMRS_Mal_yOCRbTy88srOXblXl2slE8POvy7ejb_Gx2-KLeUSef7wqrOR9TrCcUFfxwMZfiUzS20Rlyd3a6i4omBn83LlzHqRlqDDMItf4ZrQdRcbYwaqGeN8MSJTWOQV_xHtq1yrUqGm2_BSm3UcX5Ryw598VEUEevmJT_DdO9Unb584e3nw--NbduysafPzGsIEl7lzvSmiNN52-A4GUryjq20ZOpd_LW7rNI0tFVOBAHRlDQW9E396DzQ-uVVDu0eJNb9exiIFGWx6xims4XjnPbtGwbQgurNx4YYysqXp3s91AJ2whb3EatXLOr28Jav9NmNJ0v5PE2g00THf7-LSlFK9xT0M_OCH7Zv1O0hocsl8fjUsRH61bk9LHmTWUVo75VIxU5b4nbBvjDVk9D-1yhAGmkC9Ob4fT_X48an2gctNgb7wftkOh-AHEGEHMfS2tEfSteWMOtlifLA6hSvcHEPidiC6r6n6bmzbzEpaGjP4Fl5O5HCbuxnVDPrBmwMntJ3zeWe5_QPvOKDaCVCJAt6YnJB4KHz5Nud0s31HGH3oWtPP-qq-LrGbTXySQyT2xDpIFDldP5VdSRUzMa3A3KgebxEHm7WujwM407L077yeZk__q6p87IpaSgjHVeO0FAteMJJlSVqMYrdlqKC684mp2Vhm-vZMtmzi80VsIv9sglzDedT54Tw4WiR3NVmGTzCK0zKS-34-GSOcfp4D6jagQYU2GVcqbFpyShH2-ZX_z7HkQXyZ8O_ZWmarFsAFYatr6_3Ih50AXGrb_40HS2N9i8yKJQO_4ju_CUpgU7GahOB-yY5ZWbOA8OLXq9nN917Z3Bs0pwiEKvV6aO2WF57LSKEIST-hPyWSoEKE3TzKqWcXl1hmwLa7F49Cra4i7NwFJav9qSOfl5FfF2t08imrbjoUJuaN5ix2FRmhaNeu8vh9GwcQ6kmy5MgJZDtIjycFEvWEicZaFirFCSH5W7ZzhE1Hj9y1vrgZ9l9GTwCAewRp_yPkJiQNgIvKe_BmXctfUYfBWV3_wQWHtGp4qORL60wrdNKOBRwECsis_47ugXA66ZCT1Awim4sfguxBUA9uc3fKpzcf875lobsSwk_xr0L6zSSWGbWNIprodn9BmyyYsWHqT6Ghw8Vl7IZXO0DlpUzD2WYaAeuPvgCQT_ikEj-kl0HunE&sai=AMfl-YQkVv0gXcPqlonfajiKjjX_dAFIBoh8Ihy6fqQ5IOr_-OfZ7WPhn933nOTBYpf938G6L1kBcpb3FdGfft21PJAWHNyuGRDOd2PjsMskNjsau9lLWohHo9S_HYLZD7witrYbIhOwZo8V80PDR_Wxm1F1pYsVo9U8aDrdOavT-b2ba8ZCTPI2zQlQYLG3O7xQel-qOaPh9GZ3WkcHe_yTVAotq6gUPlA4gB-Wo_FYap95GAXmi0-y83p_kLpgcEVosxOcqMeWXt_x-KTO5KYI&sig=Cg0ArKJSzLldVkZtl3QIEAE&uach_m=[UACH]&pr=8:CC6FC1AB0E8D57C9&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=359&vt=11&dtpt=280&dett=3&cstd=73&cisv=r20231004.23718&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6124 0
0 51ms
49ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstOA0JR776chEGTk1nPYHu2AP7q7TzYDB1_1YPsuy8NrZUYnOtgbt6kCxW-iFc8FT44CNv_R_4m4QjmNLwAynoosRGV29aC8LpXBvpXuxOAyJ7wiq82njJmVWpfSgaf-YLzWpUOiIPmdTu1awV8Eq0L8UxOs5EjabdCm5pCY6vu6HKNSS039-jz5uA_z67fpCLjstznNrU8LCLcSUh6yVr6PskHRe5mjs3qctOgd_cYyngENoSZ1lyF4wKvmDRAwEGhmh0vEyCse8EpuigpwnmKZ8tpm51MS7FwBaYciJySKpHCBRVAWn_FYmu2x8JHlWjxjQqSSfHn_k8pxFQbbtj-tZIN6VTXB26Ca0Fq15xBNfSm45de5b8iiz-0UKckHKcARAId_618Saa4U5uAI_bXag&sai=AMfl-YSRs2JH5AVOx2u5R79MNRPc5fogdipeUiWCLB3b259SZIXnIUJkcNfO108L5tIo_5BkCRtg5mtzXu39bZZ2bJb-EHUo9eIDL8evdiL5Rs9Fs7_IC_mECFa4uhumlA&sig=Cg0ArKJSzKXaXjvvVEAEEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 18 Oct 2023 04:38:32 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DB59 0
20 B 41ms
40ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2274741573279&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DB59 0
20 B 41ms
40ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2274741573279&version=m202309260101&ct=76&x=8&cor=10174283688875602000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame DB59 95 KB
39 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D2us4e2L-Py07UzwBSYhnVsyvm-VhqARedTa21Hj5xnVhTnQCW4dQfP-JybmHtNrbeZ5PBcH_M0ZUtaw76BzoLPhzsy0gKiFcyvXAZPr78M2DLK24bSgJstrGO1jT6kK2j0v0Htfeigu3MxZIKQ55EhmPssvh1g0nRHBWXHDue1RhIEdpXKfOj0CpN-ImqkrZ-ngsI0ifj_C3lfX8q1gGhWerVAA&dbm_d=AKAmf-B7LLrpgfWM0JTDdGjL-n4gT-bUknlefdSwwUCssajRgw1ToOQmvIZ_WPz5HEHtM6yeoimhyoO0SKvZhE3kVRebejWFwjVlHHabPPunOO4wRk1LLwbPJ4MM5iCbbTN6GLxf2xh3fNeX--SbvPhL1R50k3MHVdGOupdWZqa1zTBfPShtYse7docfQYch4K1-RoaGK1-CPnPlO7aFDZzIFKr7frAt-6Dwy0YfKVeQ1-9OWO8pQUDgpV28wkPGgl7YfNY71fe1syGJBj4iv71FSZBsSysJcQYz5J8PGF_x2lKpC0cuvbCXyKo3HrU3tiMVaGZFYJnXBL3bTMmy5BZxKvE3uE_dZ7CP9wWlFdTCCZm4UcY7tTnX9wpgoraWI_VTp1YhHbGttboA-KN6mVS7_m0AZ2sWuQRakgTmivG4cHy4-sjiyPavb_bOREPOjps1Ul8x3c-AeUWPrA_81116DFqjPSBvrPH0jkqNTcV80uQ45iAQ_3riKxfGttk4EB5ndhj-gj3b4oNVA32Z1jacIYmBlCTFQ5pOsxMDu3-R00atqKVWPudZk7LBb-ZpDrVywsUr6UFotkFXk4s6hzdS0RlkRKHd8SzKRBx2RUCqLWLvEn6DCz7xXqzyhWVfS8usmZlPvxuOJyaqQWMIpjln6L6m7nRiaJ4h2aBjyGiWqKau55xJhJEfQz220s2dk8PRMgHF8pxh_Ig-lWw-SVVH9xU0NkGT3WYgekJOdL7k7rqXRA55k99u4pWXdFnHdfBr0Wdq7lo2xjo57mUywkqVsaL9OMFIK4BKnnWWiePqqD0tlyJjv-xa-t33_uPl_4s7TxrUizZ0guHNWwShOX00x7vCyIsNPuvxN-bO88MoDErI4Lu8W1XeCL8V2mUDZKBMSf135qekeNmWIuyP8mz1ZN1gRDVfkcOsfJ3hzMzKqqDRLpKGmzZlkhQ8b9k4lVO_BhOYErc-wgbJvQfmJqbCgOpB1I5vAagxRdXicz01z0Q4Hr3nS5EFQwdpCGBSR2_vS1IiK_YEW2QMjl4jo7rrcecDlZAVk25m65cibA9F02z86OlGwV4SWlbAfXrVu81B-MiioHJlhVfFrBnDF5zZGyZZLqRv3DlYUG1njeyaNwM7IS0OnPVnO1EAgvUA9uedN927TXmykpXxwbZScFcPqDX9ng90SkgepOmeWvbuOjLBcQhJRaLoFtC3QcLztJLJD0OTm-ViCZ-Jei2dzSlBfLbYoCKwKs2bcSOGp33vnBw9jBj4NvHLZkziFTwuLve4Qc3nnU2K4fvnkuSjJ7NdBifHKaHaTcdZ1oYkhm2ZW4YpJO8cQ5E9mJ8F1prauBg2u9x_nSwbTqVOz925bDFQ44g8ZXtHWhSt0oSD7YTqqo3Swz1pWxlir2lvkLE7ZhZg0-lO4WIUsTJdozpKnozvRPnkjDct8FS9CQCwqPPG4awcBKndYDsq77WZPi43ppPCECwSCqGbGDA0SpUzoxZ6GBWTGuhq6M_A053GgRAXRb3fUtvm8SsF_xchrJdpLFTk1sysnHuAOzvrNOSc6l7XCuzPP8OmO1qomkNu44L5Ax-GLuAAIodbjaS-G4gRxD5Fw-V79MHjBmR0znUhlHP77HflkNgqfDsLBSU75NNSO8T0Wcy9_Lse62BqPCGqrMvh1eACdPtVeunjGDFgwBYNs6RNqRgsEQYTVtdlQXGkHLLARE7w611_QeFUgqWSJAcCSSL-C5xX3s_kYnBYId9hGrLgO3xr7IoLL-mPPF11RhqqmWRgMNgJDI26A91bAsgC_i_8mj71EhJYIagJZNobWFrMk5tfP5Rhd5AvFOQVGCHF0ibBkr28V2J_OzDnZ8qFFW03mkZCTAaF0q0_-XHoIxSrCK-_LJwQvXmM1vtE-1peq3ig7gJ41T_p7g-bJkXTTETemVWNSU-Bbo-7m6wNlFiD5savPD_RDUbVWz40RbHsc76-ggho8ZGG_S_pF7FodN7CIa7Xig_PGNcW4w90f6octVW3cgRWTLHW6UGI2XNI79Er8S9SGQ8NzyGWP15sF7s6Zk1eSSiMIhePN4fyG3rrLi5RLT26rKdMIZdpo_hP89NN6prI9hHtgTZOaeseM1G7hqmTEb1RMFQDE_lSfmvCM5azxdZopvT06Vs4tzxVkm0BRsnZwM_a55j5aWo70LVm8cMpG9QhOe6kHBCGz8IFuSzyB0pfgNXjpxZT6JdCLmJljnvltynWQunx91yGnoYzXPqw-4uz35FnibaMyhvH1p4kpsnBoX2JnJOi-ibm7KJYiiSAUx1mJGEYAJIYbjPsHOVrDIMbUQ4OtPDbtbQHRZSaaR6QN4MLoGctKVMYHs1-KIcmZO1gsJROpU7ZnzNM50RXbJ2H-BVonNtveq5tVtxO1CEMtjAXepuqvdfzAfJ3DARC-Mlb6Qj7p1gbcL4ZeXQ3G8-JwhYat2B9Cou_0OqzyIfZop9u4RozYWWqW9OdmFKtNCp9CYO_nAVL8RzfOlSY6ktZBq4CU2EB7SxPL1dOXVblmi-e5v0HhbXU8ANGr3YBnsW-cPIapFwfnYEtxYwLcaKe8Avu3y8VMY5DEQycIZM4bopQpWb5XZKAtg6g01PfUVaZCRauIwMDy7wsN0k4rnAnG47iONfbaMm2vJHiQDkY7RruKOwE2AtaVu9NbGXIkoBzTdBLTPdOktc9Y9NDQQQ8MkoEw6RKAYJIF8SIHf3PLQiBulGTiigjPyVVAD_VkYN2JMIfMEYcXNTKruMSLlnwesG8hyS_6O1khunRrQ7mOHAbGysVkRKyzV_WndNONZBByn-R4UE0N6DcP6TE2CMFijbZKPO7h4AfdBN5p3tZgYjo1WbhaFelXv5wXDXqKokIXz7sKjrlc2jsJycb0t4DhmHLrtAMn1-Q9EsgaL4Mw3UKBIg2MycLlhIojBKWdfpYaSVBn3HBhxwNLh2Hffm_mLMy55ZrnlEd0FF7Ux3SBG5RdMZ_XN8rmGUePIJO8VuxOzVdJwpzWnWDxzp_U5yIuFE2Rlp37EIwFHejmqbg4mEl312dWHC_zUgMVnCtn8rOefaRrqqzdNw9UYfSWkY6sTDeOtYbbdaHwMwNLbaiO3C9PFnDeP0pZJKnBDAnBcgzPhB8j3HktqhsSH7u8LwqL-3cFxqvvtcBQYzm-FBH4oW3HreDXHr_AOXMGZHyIOgGzTkAVOigmUl-1Gwfv8jTNe2yb8mEO2GTGUqpCVnytY5rNkOA5pEP222Z7ewT-IeJPaJOjV8w02PXE_j6S43j-YXV3EhNpvXfTnHdOwL0RRCyuR6A3Xt-c2TGmsdTu4YMAqr_ibXWFMUh_dgU43WWw2sa8rMTkyNk-YRVRUkOEutvvT-zyRb-ZuWxiUpjdtEbrlTBz1IYPKMYP7Fs836SAwSd1cajRA8WYDwmDqW_AGHQx5tYuivzInuh6GT5eUX944gJCzGXAI-TJgGIyRofNQwlcJIMifzLcaBE08k_oVwGMbIiDsHlz7LHhlnkhXfniB75O9bC7t07jbvg&pr=8%3AD2A27CF6C0A8A09D&cid=CAQSMgDICaaNUZ3Tm8SrXwQuMFnlRxmxMHVog46kmlR5PYs47TQyukl3KEbbJ42w4ZBVaSwkGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fhelopal.club%2F&ds=l&xdt=1&iif=1&cor=10174283688875602000&adk=250276038&idt=72&cac=0&dtd=10

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4f79e61f29ff578eac7fe01db9c651959c12df03ac71d7937c3a4ce461777f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39760
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 54C3 7 KB
6 KB 30ms
30ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba709a25d3fd849530bad81bec563d72fb697369b8246e5835630e87c22962d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5783
x-xss-protection: 0

GET
H3 200 4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js Show response
pagead2.googlesyndication.com/bg/ Frame BDAE 37 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 18:13:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37491
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14648
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Oct 2024 18:13:41 GMT

GET
H/1.1 200
OK logo-joyn.svg Show response
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/sender/ Frame 54C3 864 B
1 KB 105ms
41ms Fetch
image/svg+xml 52.218.29.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/sender/logo-joyn.svg
Requested by: Host: joyn.kr-adstudios.com
URL: https://joyn.kr-adstudios.com/img/banner-js/polite.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.29.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8695956c55e8679652a5e34279fbcf353078c3883143582a847b8a26a50a3774

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 04:38:33 GMT
Last-Modified: Mon, 04 May 2020 20:14:51 GMT
Server: AmazonS3
x-amz-request-id: 9144052BZHYEVFMF
ETag: "4cfbd49bbe5134d80e544db8176b5503"
Access-Control-Max-Age: 0
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Allow-Origin: *
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 864
x-amz-id-2: LIeQzg2Ghj4xNbhbGo7rMB0iceEg6kRfRh/5fZaYcNI5VhpK2ph5LQPKNQWfG4nOaDOeVBoNlm4=

GET
H/1.1 200
OK baseanimation_ss.js Show response
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/javascript/ Frame 54C3 30 KB
30 KB 129ms
66ms Script
application/javascript 52.218.29.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/javascript/baseanimation_ss.js
Requested by: Host: joyn.kr-adstudios.com
URL: https://joyn.kr-adstudios.com/img/banner-js/polite.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.29.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: ab0a1cf5ba89fad9aeb1d7350394fa5f40b9ecc33ce6fd41a83363c9ba91e48c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 04:38:33 GMT
Last-Modified: Fri, 13 Oct 2023 12:02:57 GMT
Server: AmazonS3
x-amz-request-id: 9141FT8XGTTM3SHH
ETag: "c592b9eb3a2091aa3a2d82a6b170baed"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 30590
x-amz-id-2: 2nIZSBXA0Yn491rWEknekgL0LSFDSAWT8Nrx5h7R4YazhlkV6FgLIb5oarEp0fuFOo3jz6cxTTc=

GET
H/1.1 200
OK teaser3_@1.5x.jpg
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_piwy8x8l4vi/120x600/ Frame 54C3 19 KB
19 KB 133ms
70ms Image
image/jpeg 52.218.29.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_piwy8x8l4vi/120x600/teaser3_@1.5x.jpg?v=2023101863832400
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.29.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: e548457c5b2ad6a7da8f4250ceca1f691905ecaf8ce7517dc85d44b1bc2a9379

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 04:38:33 GMT
Last-Modified: Thu, 01 Apr 2021 15:47:03 GMT
Server: AmazonS3
x-amz-request-id: 914BKR7YYK7DF73J
ETag: "773649eab456f28e18b1602b30958d83"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 19365
x-amz-id-2: LXq5XjgBEwIBpO6GgQEKBcYR93NM+/Vhxtd7vYpTr89BOuVvFSYHICa5NUpQl5LNZSXLXiIUqC4=

GET
H/1.1 200
OK teaser3_@1.5x.jpg
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_pixd5fbc0jj/120x600/ Frame 54C3 18 KB
18 KB 150ms
81ms Image
image/jpeg 52.218.29.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_pixd5fbc0jj/120x600/teaser3_@1.5x.jpg?v=2023101863832400
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.29.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: c467ecd77623a3ab812b54c440efa053e264e69575af330d3bf0d7bb5e6ee9a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 04:38:33 GMT
Last-Modified: Mon, 20 Sep 2021 15:09:13 GMT
Server: AmazonS3
x-amz-request-id: 914F90AMTMAP2EXP
ETag: "15f5ef627df0f778a2de0ec73313a900"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 17925
x-amz-id-2: 7I0ljNoRZOkGFZ1K21OLTrEBYrbmMf2H0i5Uo3K0Zbi/zEXKtejOxAUSLs2szuYif3/gaLhTKmo=

GET
H/1.1 200
OK teaser3_@1.5x.jpg
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_pixbsqdr53i/120x600/ Frame 54C3 22 KB
23 KB 153ms
84ms Image
image/jpeg 52.218.29.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_pixbsqdr53i/120x600/teaser3_@1.5x.jpg?v=2023101863832400
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.29.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5b71b98288bbced7b50c8e14771866c926319b392eaaf03856a03b0bab98542c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 04:38:33 GMT
Last-Modified: Mon, 20 Sep 2021 15:16:49 GMT
Server: AmazonS3
x-amz-request-id: 914EARC1QPCFARPM
ETag: "2b1f3cf60ad5fb72f295f9ca18de22dc"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 22722
x-amz-id-2: G/aaAYJdt22VXKP2nV7sJbfZtTMT+PqcoZrcEYC8+RdWOsDeym/xbg1zi/ud4zWnO8Ip/Md29Us=

GET
H/1.1 200
OK logo.png
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_piwy8x8l4vi/ Frame 54C3 4 KB
4 KB 125ms
56ms Image
image/png 52.218.29.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_piwy8x8l4vi/logo.png
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.29.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 35ec7fcf1d99f0070159fd6ad151d6db1e94aca98318885f8aef04b53dd990ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 04:38:33 GMT
Last-Modified: Tue, 04 Jul 2023 12:52:00 GMT
Server: AmazonS3
x-amz-request-id: 9147PM9XD1A34A20
ETag: "c30f17f663be38b2c16ea173441d955f"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4118
x-amz-id-2: d/+JiJ0u23HWphwVaFP69kPFIgEzNCGWj7O0ECDrN2PZLwrwenPBjeCv2oB2i01aPvPkDLEptdo=

GET
H/1.1 200
OK logo.png
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_pixd5fbc0jj/ Frame 54C3 5 KB
6 KB 72ms
59ms Image
image/png 52.218.29.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_pixd5fbc0jj/logo.png
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.29.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 411bb50a88203cebdc77dda1b1de833c042a639f1c7233ca046360bc12172aa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 04:38:33 GMT
Last-Modified: Tue, 04 Jul 2023 12:52:05 GMT
Server: AmazonS3
x-amz-request-id: 9148X82XZAY8YXW9
ETag: "bf3874f437697022d65a1cc8efcd3bec"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 5511
x-amz-id-2: R5Q09rO+/lx9UY8Kr+Q5u/u8x1WmGp4Zs1ZSnrG04Waq9+eqbIUfl1AfOVcygdU6otsTeq2BtVQ=

GET
H/1.1 200
OK logo.png
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_pixbsqdr53i/ Frame 54C3 35 KB
35 KB 68ms
67ms Image
image/png 52.218.29.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_pixbsqdr53i/logo.png
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.29.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9c83142f97433d4826d3896ae1f0c92e0d4c7867ac9eab4d6601ef72e5d542b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 04:38:33 GMT
Last-Modified: Thu, 30 Jun 2022 10:26:12 GMT
Server: AmazonS3
x-amz-request-id: 91466J1ZVZ979AYZ
ETag: "de252d08c38fcd33d33309f463c840a6"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 35793
x-amz-id-2: siwB1bBDp768zJGiV+clPIcrfiXgyVzQj22QyKp+ZDUlrVtv3FxRxtb9L3isKB49eRdt7PW65DY=

GET
H/1.1 200
OK ric.svg
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/sender/ Frame 54C3 1 KB
1 KB 42ms
42ms Image
image/svg+xml 52.218.29.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/sender/ric.svg
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.29.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3bfa39b49c9cd75b603c05424dd9ea30e9ed6dc0a25f77b622ae5e9a138be08a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 04:38:33 GMT
Last-Modified: Wed, 16 Dec 2020 09:18:27 GMT
Server: AmazonS3
x-amz-request-id: 9149HHTJQ34R9ZAJ
ETag: "d86484097c9ea73789f51872ad1ce852"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 1172
x-amz-id-2: D+WoZVqJXBZrHf76pZihH3xE+yxNWqzAqD4gFdaAcOO82j0SicL/59fBZ6mtvC+CSXhkDO5m+7g=

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 54C3 17 KB
6 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 04:38:32 GMT

GET
H3 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame DB59 172 KB
60 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
Origin: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:29:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58161
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Oct 2023 12:29:11 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame DB59 11 KB
4 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D2us4e2L-Py07UzwBSYhnVsyvm-VhqARedTa21Hj5xnVhTnQCW4dQfP-JybmHtNrbeZ5PBcH_M0ZUtaw76BzoLPhzsy0gKiFcyvXAZPr78M2DLK24bSgJstrGO1jT6kK2j0v0Htfeigu3MxZIKQ55EhmPssvh1g0nRHBWXHDue1RhIEdpXKfOj0CpN-ImqkrZ-ngsI0ifj_C3lfX8q1gGhWerVAA&dbm_d=AKAmf-B7LLrpgfWM0JTDdGjL-n4gT-bUknlefdSwwUCssajRgw1ToOQmvIZ_WPz5HEHtM6yeoimhyoO0SKvZhE3kVRebejWFwjVlHHabPPunOO4wRk1LLwbPJ4MM5iCbbTN6GLxf2xh3fNeX--SbvPhL1R50k3MHVdGOupdWZqa1zTBfPShtYse7docfQYch4K1-RoaGK1-CPnPlO7aFDZzIFKr7frAt-6Dwy0YfKVeQ1-9OWO8pQUDgpV28wkPGgl7YfNY71fe1syGJBj4iv71FSZBsSysJcQYz5J8PGF_x2lKpC0cuvbCXyKo3HrU3tiMVaGZFYJnXBL3bTMmy5BZxKvE3uE_dZ7CP9wWlFdTCCZm4UcY7tTnX9wpgoraWI_VTp1YhHbGttboA-KN6mVS7_m0AZ2sWuQRakgTmivG4cHy4-sjiyPavb_bOREPOjps1Ul8x3c-AeUWPrA_81116DFqjPSBvrPH0jkqNTcV80uQ45iAQ_3riKxfGttk4EB5ndhj-gj3b4oNVA32Z1jacIYmBlCTFQ5pOsxMDu3-R00atqKVWPudZk7LBb-ZpDrVywsUr6UFotkFXk4s6hzdS0RlkRKHd8SzKRBx2RUCqLWLvEn6DCz7xXqzyhWVfS8usmZlPvxuOJyaqQWMIpjln6L6m7nRiaJ4h2aBjyGiWqKau55xJhJEfQz220s2dk8PRMgHF8pxh_Ig-lWw-SVVH9xU0NkGT3WYgekJOdL7k7rqXRA55k99u4pWXdFnHdfBr0Wdq7lo2xjo57mUywkqVsaL9OMFIK4BKnnWWiePqqD0tlyJjv-xa-t33_uPl_4s7TxrUizZ0guHNWwShOX00x7vCyIsNPuvxN-bO88MoDErI4Lu8W1XeCL8V2mUDZKBMSf135qekeNmWIuyP8mz1ZN1gRDVfkcOsfJ3hzMzKqqDRLpKGmzZlkhQ8b9k4lVO_BhOYErc-wgbJvQfmJqbCgOpB1I5vAagxRdXicz01z0Q4Hr3nS5EFQwdpCGBSR2_vS1IiK_YEW2QMjl4jo7rrcecDlZAVk25m65cibA9F02z86OlGwV4SWlbAfXrVu81B-MiioHJlhVfFrBnDF5zZGyZZLqRv3DlYUG1njeyaNwM7IS0OnPVnO1EAgvUA9uedN927TXmykpXxwbZScFcPqDX9ng90SkgepOmeWvbuOjLBcQhJRaLoFtC3QcLztJLJD0OTm-ViCZ-Jei2dzSlBfLbYoCKwKs2bcSOGp33vnBw9jBj4NvHLZkziFTwuLve4Qc3nnU2K4fvnkuSjJ7NdBifHKaHaTcdZ1oYkhm2ZW4YpJO8cQ5E9mJ8F1prauBg2u9x_nSwbTqVOz925bDFQ44g8ZXtHWhSt0oSD7YTqqo3Swz1pWxlir2lvkLE7ZhZg0-lO4WIUsTJdozpKnozvRPnkjDct8FS9CQCwqPPG4awcBKndYDsq77WZPi43ppPCECwSCqGbGDA0SpUzoxZ6GBWTGuhq6M_A053GgRAXRb3fUtvm8SsF_xchrJdpLFTk1sysnHuAOzvrNOSc6l7XCuzPP8OmO1qomkNu44L5Ax-GLuAAIodbjaS-G4gRxD5Fw-V79MHjBmR0znUhlHP77HflkNgqfDsLBSU75NNSO8T0Wcy9_Lse62BqPCGqrMvh1eACdPtVeunjGDFgwBYNs6RNqRgsEQYTVtdlQXGkHLLARE7w611_QeFUgqWSJAcCSSL-C5xX3s_kYnBYId9hGrLgO3xr7IoLL-mPPF11RhqqmWRgMNgJDI26A91bAsgC_i_8mj71EhJYIagJZNobWFrMk5tfP5Rhd5AvFOQVGCHF0ibBkr28V2J_OzDnZ8qFFW03mkZCTAaF0q0_-XHoIxSrCK-_LJwQvXmM1vtE-1peq3ig7gJ41T_p7g-bJkXTTETemVWNSU-Bbo-7m6wNlFiD5savPD_RDUbVWz40RbHsc76-ggho8ZGG_S_pF7FodN7CIa7Xig_PGNcW4w90f6octVW3cgRWTLHW6UGI2XNI79Er8S9SGQ8NzyGWP15sF7s6Zk1eSSiMIhePN4fyG3rrLi5RLT26rKdMIZdpo_hP89NN6prI9hHtgTZOaeseM1G7hqmTEb1RMFQDE_lSfmvCM5azxdZopvT06Vs4tzxVkm0BRsnZwM_a55j5aWo70LVm8cMpG9QhOe6kHBCGz8IFuSzyB0pfgNXjpxZT6JdCLmJljnvltynWQunx91yGnoYzXPqw-4uz35FnibaMyhvH1p4kpsnBoX2JnJOi-ibm7KJYiiSAUx1mJGEYAJIYbjPsHOVrDIMbUQ4OtPDbtbQHRZSaaR6QN4MLoGctKVMYHs1-KIcmZO1gsJROpU7ZnzNM50RXbJ2H-BVonNtveq5tVtxO1CEMtjAXepuqvdfzAfJ3DARC-Mlb6Qj7p1gbcL4ZeXQ3G8-JwhYat2B9Cou_0OqzyIfZop9u4RozYWWqW9OdmFKtNCp9CYO_nAVL8RzfOlSY6ktZBq4CU2EB7SxPL1dOXVblmi-e5v0HhbXU8ANGr3YBnsW-cPIapFwfnYEtxYwLcaKe8Avu3y8VMY5DEQycIZM4bopQpWb5XZKAtg6g01PfUVaZCRauIwMDy7wsN0k4rnAnG47iONfbaMm2vJHiQDkY7RruKOwE2AtaVu9NbGXIkoBzTdBLTPdOktc9Y9NDQQQ8MkoEw6RKAYJIF8SIHf3PLQiBulGTiigjPyVVAD_VkYN2JMIfMEYcXNTKruMSLlnwesG8hyS_6O1khunRrQ7mOHAbGysVkRKyzV_WndNONZBByn-R4UE0N6DcP6TE2CMFijbZKPO7h4AfdBN5p3tZgYjo1WbhaFelXv5wXDXqKokIXz7sKjrlc2jsJycb0t4DhmHLrtAMn1-Q9EsgaL4Mw3UKBIg2MycLlhIojBKWdfpYaSVBn3HBhxwNLh2Hffm_mLMy55ZrnlEd0FF7Ux3SBG5RdMZ_XN8rmGUePIJO8VuxOzVdJwpzWnWDxzp_U5yIuFE2Rlp37EIwFHejmqbg4mEl312dWHC_zUgMVnCtn8rOefaRrqqzdNw9UYfSWkY6sTDeOtYbbdaHwMwNLbaiO3C9PFnDeP0pZJKnBDAnBcgzPhB8j3HktqhsSH7u8LwqL-3cFxqvvtcBQYzm-FBH4oW3HreDXHr_AOXMGZHyIOgGzTkAVOigmUl-1Gwfv8jTNe2yb8mEO2GTGUqpCVnytY5rNkOA5pEP222Z7ewT-IeJPaJOjV8w02PXE_j6S43j-YXV3EhNpvXfTnHdOwL0RRCyuR6A3Xt-c2TGmsdTu4YMAqr_ibXWFMUh_dgU43WWw2sa8rMTkyNk-YRVRUkOEutvvT-zyRb-ZuWxiUpjdtEbrlTBz1IYPKMYP7Fs836SAwSd1cajRA8WYDwmDqW_AGHQx5tYuivzInuh6GT5eUX944gJCzGXAI-TJgGIyRofNQwlcJIMifzLcaBE08k_oVwGMbIiDsHlz7LHhlnkhXfniB75O9bC7t07jbvg&pr=8%3AD2A27CF6C0A8A09D&cid=CAQSMgDICaaNUZ3Tm8SrXwQuMFnlRxmxMHVog46kmlR5PYs47TQyukl3KEbbJ42w4ZBVaSwkGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fhelopal.club%2F&ds=l&xdt=1&iif=1&cor=10174283688875602000&adk=250276038&idt=72&cac=0&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:43:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53681
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 13:43:51 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame DB59 30 KB
11 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52872
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11602
x-xss-protection: 0
server: cafe
etag: 2362517075893974484
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 13:57:20 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame DB59 41 KB
13 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 12:26:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 490324
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 12:26:28 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 1F29 281 B
554 B 11ms
7ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=de
Requested by: Host: 7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com
URL: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 18 Oct 2023 04:38:32 GMT
ETag: "4014f-119-6051b805b8000"
Last-Modified: Mon, 11 Sep 2023 20:52:16 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1F29 41 KB
11 KB 18ms
18ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=de
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 6b0ed5d45b45f3593ce12f5311c4e636ed31736ebf1710849f949c430d24bc25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 04:38:32 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Oct 2023 19:59:52 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=55293
Connection: keep-alive
Content-Length: 11123
Expires: Wed, 18 Oct 2023 20:00:05 GMT

GET
H3 200 4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js Show response
pagead2.googlesyndication.com/bg/ Frame 265E 37 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 18:13:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37491
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14648
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Oct 2024 18:13:41 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DB59 187 KB
59 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dad6108f296670c871d8e0037a1b3dbf7c8a8d0ad7f21205b0a70288526539ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697483867094811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Oct 2023 04:38:32 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/13944426607783107273/ Frame 0A0E 10 KB
2 KB 17ms
16ms Document
text/html 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13944426607783107273/index.html?e=69&leftOffset=0&topOffset=0&c=2dcXIlifOo&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47e62e32edebec69ad2df63aae2c93ae75c9cf7c2634afe6b8b91f197890ae25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2431
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Oct 2023 04:38:32 GMT
expires: Thu, 17 Oct 2024 04:38:32 GMT
last-modified: Thu, 17 Aug 2023 15:57:16 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame DB59 0
0 55ms
54ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvmZb1Kntwa25KOUcIgX2DugCHgIVfFBuw1Ta-f3u4zHXC-KzDv8HaTZPIgCrxzKKMwsgKpTUeBEPosEClrwkDbDLAaxxY7k5h0lvZyVQf2tDGA7bUt_3cBuYEG2OiCM1FstrgrMiTbZYjcsvxTYtQIeA69Vj5eeRpSaPSb-7Fabdgs-f3pm4gTOOErYfoYAInBTEB-wu3dCNf1LraE5SYuJ_C0Jt08vWAI40TbknST7NKXxhNE3g0t2oLmtyhBocaGp5YRCURQPk_OTvmInUgpJpmQPAs4jlwQaBaeA7n3EQg9RO-9jRzHNCYEO3lUtf4k5wugGgbSY1kK4YXeC_RA-iEtb-2HDG5WBBIo7s_Kpc1oV8mDY3ndLWfUvZweBp5O58tCawTlG-UTBoVektGV2qjN0OJGYtTVlCh_s7mgD0ChtPX2qB_QKnwJ5aUFkehoc5gukDbycKZrNUBka3krXWzWs2TAoeb3eYgS55BAjsLrZXoxdvdhiILTC4oahPeFBAjgagoz7gnzNaOVBvhZEW2bwQ_UCAf9nmxpTKsGIlouG7LMe7_Zh3fKAO2JCmTU6xpcmkzQbXR0a9DbAgqs8mnf71ahJ-stIENH1GcMvBeMEzs3KwI2j7-xfk3gM9p8bqwyuCHWHzVTrMMX9HOxSdCzhkAT9WnJcOSA16pBdlP7MjDwlkbA95TNxnRiGQF0X-uAHM_-5hxNEuvwgQPhg8q26lT70WS-icO0dJLCeaVJt-pX_1TD9o6WLpQBss5siczljiRKyEiYu_-hnjxVV87qZx0PYTsNoWS9A0BZHzaspqYmLWHagmKk0gUpOW9fZ_V9zCCmubAf7mv7gj3T1gISU96C3cO-3nSmkpqGXQSPTB0wb9VtOZCMFvu7d8n21Jq3G1xvua6hgsOy1MBnAsjyCdahI8RvXKOQ2e-wNAt5HJk9djyZmeV2Po3dqqK2j1kQ_5CMeXAlSUUak08qssoueG8JbRIRDvE-zkjXOnanwXVnb77PQ_P41S9WRuB4yn55fk4hFR0_Ze6hdfvotdz6kuC00G4hhfmichjQSOrAnaDb5sbVYAYLryx480DXumMb-Xdg2wv1pq_9Yd09w8kn-KwxRDEGNXh6KrXZAKai9kwB_ymtq7LmNZYf9XeeVtlr-JCVWiw8a-UCDppRX0ilYhqyTuO04mFUDPqgRFPzXMAmlN2L_BBbnGifdxkQkeNYOoLT4tVQ13zo51TllUGnAujzvGK1vzZQL-0EgdifLWP3JcXXNjbl1g&sai=AMfl-YRiitnYx4nRgAqNtA7hC3tlZ1wkx9c7pAUNGxXtAf2y2QOPIVERw5fqgCpPzbmtHcABtKjEX-Ugt5Oga2C2uEKpyWJqliQW-YFwSKf3pRYXqiwa3KspjwQ_5C-6cQuxPzUJV8vXO2IJ7wriQlu-pBCiCE9-G0Fzqf6A802YTPhobdBEI4h4qxYkNRkFdesqm9XzGswe1jWVqTOn7PhA5N5RhtWs3gEZxoaYIEwsB1O-u5wLbFSvjphGLZrs-ePElo0WiPA6VDIQxsvY_kWo&sig=Cg0ArKJSzOHmEG3ByLnwEAE&uach_m=[UACH]&pr=8:D2A27CF6C0A8A09D&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=71&cbvp=1&cstd=64&cisv=r20231004.68825&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 18 Oct 2023 04:38:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame EC27 22 KB
8 KB 9ms
8ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 421184
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 13 Oct 2023 07:38:48 GMT
expires: Sat, 12 Oct 2024 07:38:48 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 1F29 7 B
380 B 8ms
8ms XHR
application/json 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?gdpr=0
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
DATA 200
OK truncated
/ Frame AF7C 18 KB
18 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44718d713af08035d3f9d246d249df63ed5d433a1d8571429241de984c0c4dd7

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H3 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 0A0E 57 KB
23 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13944426607783107273/index.html?e=69&leftOffset=0&topOffset=0&c=2dcXIlifOo&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13944426607783107273/index.html?e=69&leftOffset=0&topOffset=0&c=2dcXIlifOo&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Oct 2023 04:38:32 GMT

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 0A0E 120 KB
41 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13944426607783107273/index.html?e=69&leftOffset=0&topOffset=0&c=2dcXIlifOo&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13944426607783107273/index.html?e=69&leftOffset=0&topOffset=0&c=2dcXIlifOo&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 08:25:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72809
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Oct 2023 08:25:03 GMT

GET
H2 200 polite.js Show response
joyn.kr-adstudios.com/img/banner-js/ Frame 0A0E 86 KB
87 KB 15ms
14ms Script
application/javascript 2600:9000:2057:2200:7:dde5:8880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://joyn.kr-adstudios.com/img/banner-js/polite.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13944426607783107273/index.html?e=69&leftOffset=0&topOffset=0&c=2dcXIlifOo&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:2200:7:dde5:8880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f56cf558e4526ba5116061cca5bdffdb159449245b4d202251e29ad1b7ffbfde

Security Headers

Name	Value
Content-Security-Policy	default-src https: gap: ws: 'unsafe-eval' 'unsafe-inline'; img-src * 'self' data: https:; font-src 'self' data:
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 01:27:37 GMT
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src https: gap: ws: 'unsafe-eval' 'unsafe-inline'; img-src * 'self' data: https:; font-src 'self' data:
strict-transport-security: max-age=63072000; includeSubdomains;
age: 83560
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 88197
x-xss-protection: 1; mode=block
last-modified: Fri, 13 Oct 2023 12:00:00 GMT
server: AmazonS3
etag: "be0097968a4b98b9427d98c7c07f9716"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
x-amz-cf-id: rZZNbEsiXlzHXGFO--1fHmx4WwLp8Imrc4N2XHnTXpiBZfFcjHL6FQ==

GET
H/1.1 200
OK teaser3_@1.5x.jpg
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_piwy8x8l4vi/120x600/ Frame 54C3 19 KB
19 KB 44ms
44ms Image
image/jpeg 52.218.29.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_piwy8x8l4vi/120x600/teaser3_@1.5x.jpg?v=2023101863832400
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.29.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: e548457c5b2ad6a7da8f4250ceca1f691905ecaf8ce7517dc85d44b1bc2a9379

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 04:38:33 GMT
Last-Modified: Thu, 01 Apr 2021 15:47:03 GMT
Server: AmazonS3
x-amz-request-id: 9145DX2J9PZEGV66
ETag: "773649eab456f28e18b1602b30958d83"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 19365
x-amz-id-2: 1l6LRAXiFTm5PSLvtyFJnixHjwBH/z+vjvtPeYu9mGSBCZ5ge5MkRRe43FACOsBk2DvCeGteTrs=

GET
H/1.1 200
OK teaser3_@1.5x.jpg
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_pixd5fbc0jj/120x600/ Frame 54C3 18 KB
18 KB 40ms
39ms Image
image/jpeg 52.218.29.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_pixd5fbc0jj/120x600/teaser3_@1.5x.jpg?v=2023101863832400
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.29.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: c467ecd77623a3ab812b54c440efa053e264e69575af330d3bf0d7bb5e6ee9a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 04:38:33 GMT
Last-Modified: Mon, 20 Sep 2021 15:09:13 GMT
Server: AmazonS3
x-amz-request-id: 9147Q7BCX0X1JTYH
ETag: "15f5ef627df0f778a2de0ec73313a900"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 17925
x-amz-id-2: 1/J4dgAbhRX2HAZvRrKO8tOM8i+maTb42HE0R9ws1ESeB/xWUuHMyyb5hs+2ebyrBCgvgihnoOU=

GET
H/1.1 200
OK teaser3_@1.5x.jpg
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_pixbsqdr53i/120x600/ Frame 54C3 22 KB
23 KB 38ms
37ms Image
image/jpeg 52.218.29.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_pixbsqdr53i/120x600/teaser3_@1.5x.jpg?v=2023101863832400
Requested by: Host: helopal.club
URL: https://helopal.club/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.29.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5b71b98288bbced7b50c8e14771866c926319b392eaaf03856a03b0bab98542c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 04:38:33 GMT
Last-Modified: Mon, 20 Sep 2021 15:16:49 GMT
Server: AmazonS3
x-amz-request-id: 9149FQ6Z0B4TY00W
ETag: "2b1f3cf60ad5fb72f295f9ca18de22dc"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 22722
x-amz-id-2: O3UhiXw7hgmwNJysFDT7xobGcoEfEjmKPx48mzjnV309zKzju6irsm5uYrMhUO1z/OldXjbcPdc=

GET
DATA 200
OK truncated
/ Frame 54C3 17 KB
17 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77f331acc0b5e3b63fcd3f31e9d334628691e1314b6fb0154b4ca5535828030a

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H3 200 p04HFUVHB2kdNiXzU6p470k3by9Z9P4MzDHJjw8x7-0.js Show response
pagead2.googlesyndication.com/bg/ Frame EC27 37 KB
14 KB 13ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/p04HFUVHB2kdNiXzU6p470k3by9Z9P4MzDHJjw8x7-0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a74e0715454707691d3625f353aa78ef49376f2f59f4fe0ccc31c98f0f31efed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 22:08:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 541781
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14689
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Oct 2024 22:08:51 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AC80 0
20 B 51ms
44ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bv9n7R2EvZc25NoHjx_APtLmQyA8AAAAAOAHgBAI&bg=!GRqlGlXNAAZy-tsgUvo7ADQBe5WfOBdP__fq738CqXHnqDVJYEey7seEqEjs9UBnJb6n07HZ-4YoqakzCy7ALYyh0r5nAgAAAQ9SAAAACGgBB5kDkiXJyLjI0F8iahTgZNvAlb--WPP4LZXwEr8jDuPWjKEL_Vwri_PHVvHNGG8jdeTE-dzq1m57aH6jrCBzly_JpZskvfev6oE7TF_46vpv5rPzd-F6ORBHhLJ9OHUNK4tBWJUFNQpFxFyVfP7-Nm6eX2yfg1xQULK75gZZkuaRkGTDyWF_X7DwJGbCvg5-atYOPBcGydgxpY2CN62wEYTnUlPfQB1wkOSbNkW2yjqqXziRx4htuw2yhwlSXffT1JH_aICSTSSx25sbpXYQQQUG2rFhHkAEyoUrEYR-1pqNVFR3V40Oo1x2zw05Wc0mSWDEv6uyKvWjbhwifkpweieOtEwVYZ00B5JpClWzmCfgkhpAO81GlL6EztMNCG8dfoU_-GmfQqxcfMEbBdbR_rFOhwYxK6JfCoTYZf6TjXUYb2Jv0WRlR-ATrJvhJb538I6oDl63yovVXMLztYeXYcDPD59_-TC3Bgfyxc3F0831G0GsdjNsjH8gHcBcunQA0NU8h359unWMGbDwZXbGc1bI-7dxgPnC78Gt0tP68eApEgIHZSdYCs_SKtleS0Aw60oFpl6CQurxvCCps7qUoQeKvk3uTvtXd5hStaDAt_ZyvGRx2RrnjdZtHuHQbAQy1oL-HsA7ENGnvLY5DBlaraCRZcscOYX8tMrwRX8m2bL5u5UK6vOyJVbGA7M8bEQxNgvA6u_SK01zgG3nD4Jrx2XCnKEYQ2E8f4ahOZcNsZWJAxBmQp7vR2Zlr-uynHs9jjmRVJLC9mdMPhoNLdrKCTujV9Fusq3DOpdWFhOz_4SZWS1lRiZcQ5HymIabs3jD8uk1SpV4dBW1_pfCtAMDEuXAnoV4ZMW3a78dQQChRmqb6n4X0pXgloC-9NrT98fAmyQJyqk3tIsVRu0vKzwofn4le1niJ6i8p__DPDQVJ2EcDvbbYtgfB7WzyJfAuNHF4lqgG6NFXyGw2kePe5s4kR07Xnq7WDOR5Lh_GFgX63uD8LJ4josZjj_MnnDozHkz3BL0Bhk-1s0SCLQAZE65aii8FMd4MqBqo9rQ2pgX8Rwbl5gSScOC-8sJJqJ5OR-tADCVXTu1VZyPJfRi6FKts90M-6evKmnbtqMaW7ad5Oc95Qn88oPNCjwv3hDb0mz9y9GWw7Mq9WSQ37fcPLZFVZJA650PEOnWikFU95KTv7xseP8AjfEVx6CBU8vBQzimqNfHCSm-

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame DB59 0
0 66ms
47ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvmZb1Kntwa25KOUcIgX2DugCHgIVfFBuw1Ta-f3u4zHXC-KzDv8HaTZPIgCrxzKKMwsgKpTUeBEPosEClrwkDbDLAaxxY7k5h0lvZyVQf2tDGA7bUt_3cBuYEG2OiCM1FstrgrMiTbZYjcsvxTYtQIeA69Vj5eeRpSaPSb-7Fabdgs-f3pm4gTOOErYfoYAInBTEB-wu3dCNf1LraE5SYuJ_C0Jt08vWAI40TbknST7NKXxhNE3g0t2oLmtyhBocaGp5YRCURQPk_OTvmInUgpJpmQPAs4jlwQaBaeA7n3EQg9RO-9jRzHNCYEO3lUtf4k5wugGgbSY1kK4YXeC_RA-iEtb-2HDG5WBBIo7s_Kpc1oV8mDY3ndLWfUvZweBp5O58tCawTlG-UTBoVektGV2qjN0OJGYtTVlCh_s7mgD0ChtPX2qB_QKnwJ5aUFkehoc5gukDbycKZrNUBka3krXWzWs2TAoeb3eYgS55BAjsLrZXoxdvdhiILTC4oahPeFBAjgagoz7gnzNaOVBvhZEW2bwQ_UCAf9nmxpTKsGIlouG7LMe7_Zh3fKAO2JCmTU6xpcmkzQbXR0a9DbAgqs8mnf71ahJ-stIENH1GcMvBeMEzs3KwI2j7-xfk3gM9p8bqwyuCHWHzVTrMMX9HOxSdCzhkAT9WnJcOSA16pBdlP7MjDwlkbA95TNxnRiGQF0X-uAHM_-5hxNEuvwgQPhg8q26lT70WS-icO0dJLCeaVJt-pX_1TD9o6WLpQBss5siczljiRKyEiYu_-hnjxVV87qZx0PYTsNoWS9A0BZHzaspqYmLWHagmKk0gUpOW9fZ_V9zCCmubAf7mv7gj3T1gISU96C3cO-3nSmkpqGXQSPTB0wb9VtOZCMFvu7d8n21Jq3G1xvua6hgsOy1MBnAsjyCdahI8RvXKOQ2e-wNAt5HJk9djyZmeV2Po3dqqK2j1kQ_5CMeXAlSUUak08qssoueG8JbRIRDvE-zkjXOnanwXVnb77PQ_P41S9WRuB4yn55fk4hFR0_Ze6hdfvotdz6kuC00G4hhfmichjQSOrAnaDb5sbVYAYLryx480DXumMb-Xdg2wv1pq_9Yd09w8kn-KwxRDEGNXh6KrXZAKai9kwB_ymtq7LmNZYf9XeeVtlr-JCVWiw8a-UCDppRX0ilYhqyTuO04mFUDPqgRFPzXMAmlN2L_BBbnGifdxkQkeNYOoLT4tVQ13zo51TllUGnAujzvGK1vzZQL-0EgdifLWP3JcXXNjbl1g&sai=AMfl-YRiitnYx4nRgAqNtA7hC3tlZ1wkx9c7pAUNGxXtAf2y2QOPIVERw5fqgCpPzbmtHcABtKjEX-Ugt5Oga2C2uEKpyWJqliQW-YFwSKf3pRYXqiwa3KspjwQ_5C-6cQuxPzUJV8vXO2IJ7wriQlu-pBCiCE9-G0Fzqf6A802YTPhobdBEI4h4qxYkNRkFdesqm9XzGswe1jWVqTOn7PhA5N5RhtWs3gEZxoaYIEwsB1O-u5wLbFSvjphGLZrs-ePElo0WiPA6VDIQxsvY_kWo&sig=Cg0ArKJSzOHmEG3ByLnwEAE&uach_m=[UACH]&pr=8:D2A27CF6C0A8A09D&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=315&vt=11&dtpt=244&dett=3&cstd=64&cisv=r20231004.68825&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: helopal.club
URL: https://helopal.club/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E212 0
0 56ms
45ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsst_FzJlDFW2My7MtQEmxXA6HkCf8biKUJBzSmJBSCnylsQZEvF0kkCYJ8TmQ6kQYsE9ZHRDEhxuAAfPXQKUKGRhyMV9K17fq4g0Z6vM9LrxnCAcTE4e7MQnDl9FRsPD4G1SqjoLBme_igGZ7UwiA2XCNnYuiU0QQKoU-i-08uCtSEAW6PbyFtnjCTY_mq7zlZcATWJWPhEGxfwxcMM1d9cmc2Ix1JZbeA6AfgkISdIRRwM3Nv58Xex0rCyNsdayQeAfKlkAAFSXX1Z537M-h1UmZooCLsd0VJbaQ1tt4gq-0Fk6J9eZrKoSNagc8P-z_FSWy9sFo_cxwEEFxWQf_zhYLczz8TwlnheH1iPuphBGXa2RGr0cGHVS-8tnlDIH9hu5vaNM5C2wPOt6we3XQ&sai=AMfl-YQ_ekFVPOC49ZCCTd8Wvy2Ge9NgXroTZCFkx31WYAoP2PtBM5LhYSMfk366Znl0DbBLuj-8m526ZapH2CFmGqaGucYKfcQTLJavZnJNWBUPjnwTJ9ND_uyK28akfA&sig=Cg0ArKJSzD7xaK_oDK1uEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 18 Oct 2023 04:38:32 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 47ms
37ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231011&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4164fcf636af0586040cc0012142117c0ad790525a264d3e1262f335e2ab80a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12097
x-xss-protection: 0

GET
H/1.1 200
OK logo.png
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_piwy8x8l4vi/ Frame 54C3 4 KB
4 KB 52ms
41ms Image
image/png 52.218.29.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_piwy8x8l4vi/logo.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.29.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 35ec7fcf1d99f0070159fd6ad151d6db1e94aca98318885f8aef04b53dd990ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 04:38:33 GMT
Last-Modified: Tue, 04 Jul 2023 12:52:00 GMT
Server: AmazonS3
x-amz-request-id: 91489GPPXA48NGT9
ETag: "c30f17f663be38b2c16ea173441d955f"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4118
x-amz-id-2: UJtdUeN3wxspl6+Y9L+NMuyEnMlNZURvG5O+YJKbZx1sksjVw/9mfUx7B0QsC6RbSyMySKJcwLM=

GET
H/1.1 200
OK ric.svg
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/sender/ Frame 54C3 1 KB
1 KB 51ms
40ms Image
image/svg+xml 52.218.29.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/sender/ric.svg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.29.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3bfa39b49c9cd75b603c05424dd9ea30e9ed6dc0a25f77b622ae5e9a138be08a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 04:38:33 GMT
Last-Modified: Wed, 16 Dec 2020 09:18:27 GMT
Server: AmazonS3
x-amz-request-id: 914E4EV7Y02V5KTX
ETag: "d86484097c9ea73789f51872ad1ce852"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 1172
x-amz-id-2: hPbHDvaakr1/YRZlb4bhW5Ak4DFepQ8ILNO/yww9mDMwStPnZXBkxHpaiveWUZ5wVECZAeVxAZQ=

GET
H/1.1 200
OK logo.png
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_pixd5fbc0jj/ Frame 54C3 5 KB
6 KB 48ms
37ms Image
image/png 52.218.29.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_pixd5fbc0jj/logo.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.29.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 411bb50a88203cebdc77dda1b1de833c042a639f1c7233ca046360bc12172aa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 04:38:33 GMT
Last-Modified: Tue, 04 Jul 2023 12:52:05 GMT
Server: AmazonS3
x-amz-request-id: 91488DQTTKHHP3JS
ETag: "bf3874f437697022d65a1cc8efcd3bec"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 5511
x-amz-id-2: EN5FDbR/tBaM5/cO4tuNijNDguy+cxemGEJ2Afn5xz3aNicbve25XHpmUqdTYpHcu36eqFRVTO4=

GET
H/1.1 200
OK logo.png
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_pixbsqdr53i/ Frame 54C3 35 KB
35 KB 59ms
48ms Image
image/png 52.218.29.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_pixbsqdr53i/logo.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.29.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9c83142f97433d4826d3896ae1f0c92e0d4c7867ac9eab4d6601ef72e5d542b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 04:38:33 GMT
Last-Modified: Thu, 30 Jun 2022 10:26:12 GMT
Server: AmazonS3
x-amz-request-id: 91493T79YP3QP79T
ETag: "de252d08c38fcd33d33309f463c840a6"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 35793
x-amz-id-2: dZEWe7VmIu4eD4l38VTcibB3oLW24SSOhIn14H2x3OpGjFyBfdMW63kZ+6meNaa0a26G2Zbo88Y=

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 04:38:32 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0A0E 7 KB
6 KB 20ms
19ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a32b663348ca575fd26df592baa1d8514de83aeb9b85d5cc092fcbc02630ee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5749
x-xss-protection: 0

GET
H/1.1 200
OK logo-joyn.svg Show response
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/sender/ Frame 0A0E 864 B
1 KB 40ms
39ms Fetch
image/svg+xml 52.218.29.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/sender/logo-joyn.svg
Requested by: Host: joyn.kr-adstudios.com
URL: https://joyn.kr-adstudios.com/img/banner-js/polite.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.29.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8695956c55e8679652a5e34279fbcf353078c3883143582a847b8a26a50a3774

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 04:38:33 GMT
Last-Modified: Mon, 04 May 2020 20:14:51 GMT
Server: AmazonS3
x-amz-request-id: 9149V6WFP66Y1YEC
ETag: "4cfbd49bbe5134d80e544db8176b5503"
Access-Control-Max-Age: 0
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Allow-Origin: *
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 864
x-amz-id-2: reciidyZFgpCu/A3OxLvsTwZAkOkGqYftpoD7lv62r3KJi7sYmHNp5iJiMZcXpz6JgRaZ7oljzY=

GET
H/1.1 200
OK baseanimation_su.js Show response
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/javascript/ Frame 0A0E 31 KB
31 KB 42ms
41ms Script
application/javascript 52.218.29.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/javascript/baseanimation_su.js
Requested by: Host: joyn.kr-adstudios.com
URL: https://joyn.kr-adstudios.com/img/banner-js/polite.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.29.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7017dd89c36e7c0b58a09fd549d82ab2cb94222822c3fea417b5f9b8a87390e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 04:38:33 GMT
Last-Modified: Fri, 13 Oct 2023 12:02:33 GMT
Server: AmazonS3
x-amz-request-id: 9144GZAY1P54ZHF3
ETag: "a4381331c24e7a56145aabbdbaa4402e"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 31370
x-amz-id-2: FE7TUpHCE00QKCMwNCRv2DNvjowWUeWrqPuy1pBMPYZhXrqAPX9BkJYLJlYRsHLaFv9NcX0Y+tI=

GET
H/1.1 404
Not Found teaser3_@1.5x.jpg
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_pkc333if2p7/728x90/ Frame 0A0E 0
0 40ms
38ms Image
application/xml 52.218.29.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_pkc333if2p7/728x90/teaser3_@1.5x.jpg?v=20231018638330
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.29.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

GET
H/1.1 200
OK teaser3_@1.5x.jpg
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_pzr29ne7udj/728x90/ Frame 0A0E 5 KB
5 KB 41ms
39ms Image
image/jpeg 52.218.29.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_pzr29ne7udj/728x90/teaser3_@1.5x.jpg?v=20231018638330
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.29.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 067d7a00b0867ed5cbcd9d81213285fefc8478303ec5314f3fd16342c7dbd462

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 04:38:33 GMT
Last-Modified: Wed, 24 Jun 2020 16:36:07 GMT
Server: AmazonS3
x-amz-request-id: 914DMY6QDQ3H0XPB
ETag: "cf89d291e9dfee4ea9870884810c11bb"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 4667
x-amz-id-2: spAgRTqSkrr1sQ/QK0qBr6CaNDkN5YXXYkoqahKZY1qJWGMDyEjd58T9v413jFx2Q7O3ppC2650=

GET
H/1.1 200
OK teaser3_@1.5x.jpg
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_pkw6hinq0vt/728x90/ Frame 0A0E 5 KB
5 KB 41ms
40ms Image
image/jpeg 52.218.29.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_pkw6hinq0vt/728x90/teaser3_@1.5x.jpg?v=20231018638330
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.29.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 97feb284c87c5c140d65b2c8ffd0d77030f8e312f99074d4beeb2b400975f19d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 04:38:33 GMT
Last-Modified: Wed, 24 Jun 2020 15:31:22 GMT
Server: AmazonS3
x-amz-request-id: 9149MX1YKKC2XAQJ
ETag: "d80d9c88e09a62e0b8ae0632da9e7ff8"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 4779
x-amz-id-2: hkgFHcDwqQIgRxmb7oHV91OkXXd3SZMIgkIZJE2/l4ptUrFxFzSnjLZoa4tuljD9GZDZVCICT2Y=

GET
H/1.1 200
OK logo.png
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_pkc333if2p7/ Frame 0A0E 4 KB
5 KB 40ms
38ms Image
image/png 52.218.29.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_pkc333if2p7/logo.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.29.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2144a371d6df0c8d812846723ff007300e35582fac35e49b7996d4d5db3a7529

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 04:38:33 GMT
Last-Modified: Tue, 04 Jul 2023 12:54:02 GMT
Server: AmazonS3
x-amz-request-id: 914C74HQAN7GTF8M
ETag: "919b4d0f7842c9bfe7ba0d10c0d4423a"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4353
x-amz-id-2: LAuVn9aO8umDyuMbSG9i7T/NayEfQofqhv8IfRwk5YfUhsKeJOWOTt3I+Ftk0GmSWXSJK9YTzZQ=

GET
H/1.1 200
OK logo.png
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_pzr29ne7udj/ Frame 0A0E 11 KB
12 KB 40ms
38ms Image
image/png 52.218.29.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_pzr29ne7udj/logo.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.29.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 077b1d0e040663ec05c5cf1dca97e84be321eefef0d9ebd1e8fcecfdd6a1ac45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 04:38:33 GMT
Last-Modified: Thu, 30 Jun 2022 09:46:53 GMT
Server: AmazonS3
x-amz-request-id: 914BQGM38C7KF5FX
ETag: "bd53621d9b56376afb98a4d5253e3204"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 11754
x-amz-id-2: ilBwG6THbuOCKYM1zcQAACESStcUXV/WQc4+luwzH81RgGt0d/eFdLSQwBRM6FfRlBc/VgYjMYk=

GET
H/1.1 200
OK logo.png
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_pkw6hinq0vt/ Frame 0A0E 11 KB
11 KB 41ms
40ms Image
image/png 52.218.29.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_pkw6hinq0vt/logo.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.29.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: edd8be480882ddfd5c67618fe43927becfaab29b430a406ab6b9ff62da59d4b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 04:38:33 GMT
Last-Modified: Thu, 30 Jun 2022 10:21:54 GMT
Server: AmazonS3
x-amz-request-id: 9143C9YRVZ1GJB1C
ETag: "cd9a9e851198ec30f2cacb9e5ca1a6d6"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 10952
x-amz-id-2: x+vnx43p0FWM8K1hniijxTAzLRVPCKZnUwGEUj5sJB0kJ1u5IAY0xyAV9PXUm0AsqbqNJeBIGJg=

GET
H/1.1 200
OK sixx.svg
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/sender/ Frame 0A0E 1 KB
1 KB 40ms
39ms Image
image/svg+xml 52.218.29.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/sender/sixx.svg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.29.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: b8a8f6a61d87c7398858d57cec96cb6c90232a0c8ca4e83678517a4db7e1728b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 04:38:33 GMT
Last-Modified: Wed, 16 Dec 2020 09:18:31 GMT
Server: AmazonS3
x-amz-request-id: 914BZ5CC5CJZV26Z
ETag: "7970f764f59c4577978c799459a0ece2"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 1169
x-amz-id-2: 6UhQlX+p5KHXge9Bsws76kwRNNhxSY2lEteR8iOyoSXTf+NL23dhpxm8rwFvbrxfLfo68GGc8mE=

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 001B 13 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://helopal.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 52480
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 14:03:52 GMT
expires: Wed, 16 Oct 2024 14:03:52 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0D45 829 B
1 KB 38ms
16ms Document
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ac860e273138830e1b639b1ff78d22619741db962f80c0d2a6c1f55753d0489b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-y86rklW0Xjkb3ZIvb1Vc6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://helopal.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-y86rklW0Xjkb3ZIvb1Vc6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 18 Oct 2023 04:38:32 GMT
expires: Wed, 18 Oct 2023 04:38:32 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0A0E 17 KB
6 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 04:38:32 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5CA3 42 B
64 B 45ms
44ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu6m0Ta-0TBYUALRXOTOFH-DUPYyUs9YOhXsk-8A_59I__aI6UMMUxrO1VuoldJH83CXmPdUQbtSUcdwjOSc5saaAUlaC7HyFfFDXXG8IKqFMc&sig=Cg0ArKJSzEeNxCuU33XBEAE&id=lidar2&mcvt=1003&p=0,0,50,320&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20231016&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697603911438&rpt=490&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js Show response
pagead2.googlesyndication.com/bg/ Frame 001B 37 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 18:13:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37491
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14648
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Oct 2024 18:13:41 GMT

GET
DATA 200
OK truncated
/ Frame 0A0E 17 KB
17 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77f331acc0b5e3b63fcd3f31e9d334628691e1314b6fb0154b4ca5535828030a

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 0A0E 18 KB
18 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44718d713af08035d3f9d246d249df63ed5d433a1d8571429241de984c0c4dd7

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H3 200 4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js Show response
pagead2.googlesyndication.com/bg/ Frame 2C69 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 18:13:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14648
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Oct 2024 18:13:41 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0D45 0
0 40ms
40ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231011&jk=1716816904784909&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5CA3 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=575134538454&version=m202309260101&ct=76&x=8&cor=11000819067449117000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CDCA 42 B
64 B 44ms
44ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssFL1Lglq-CKyl9YMpWKLuHjW2vNqYGRudBENyXMi3JXYk3ezyvWtjA6MXQ2p84Nm1JF47XvGS8VvAfbG-KbOWp6RnkInIz73W5sBOXZL_1za0vL3YxTIsPhRfygTe6&sig=Cg0ArKJSzFZFYUqDvjUWEAE&id=lidar2&mcvt=1020&p=99,640,149,960&mtos=1020,1020,1020,1020,1020&tos=1020,0,0,0,0&v=20231016&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=3030833609&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697603911372&rpt=667&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EC27 0
20 B 45ms
43ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BWGdySGEvZc7-Foel3gO40rWQCAAAAAA4AeAEAg&bg=!LyylLGPNAAZy-tsgUvo7ADQBe5WfOJ4HfwcBIWk9ddEeWqRYWP2Gjpy6aRzHKPSIRddLzLxKv9uj_71KBi1gaRS3VUl5AgAAARxSAAAABmgBB5kDlXlOWcS3lzV6mMc93wF-XGKjtKkSglM7VcljBuc5MoKvQmTC5tdwzei0qmu27NBLbMDgH0jW4ibbH11fIpgxOZd8L6C0zeEfhIaw4OYci6zGtlkBd6suNuVAsy7G25wrbTd_Vh7SSlGnPBf3hbqXsfKo4SpQMZP4R8mPiIVw6dOd_fRJQNtjwt-XoboTiKI6iVFz7srSOLZNAcNqMSc3olUUkmrj9U9X19xPYjNFtLvkcQX7F-UBFV0cO4wn8DjFVkCA-yI4MgZxjpQ_On0QRoaBapbAMGmApuk_QiVaLKy89r491HKBcR7fhwZIdz-AESY3eJ9OQWThM-00EQxw0dntmaSpNHyYamU6yUzWw6xFVzwDw4ynIYxx3n0pec1UDgEa97AbAzvV-OADyY5Ls82k-c19cjzo83YKnuJGCLwhR_OXDk3BhT4v52mqmOQWWHcz6zYm3WVD5jQGamcpRUugDGnZKH25IdubDV-YESkKnrY2VuD8BHzVRp3eD0OfGT-kCdrdcCcTitIQTTzUnh2tyV6u9rXNkiJxepar_7AWnQjUid0Za_I7RP3S-iVzs69xAeBrnY9_nmM1eIXlY7s3SLehC7uC1FYeu4kj8ORsoGjMfuHEcJK8rNJui6wJyx2gLTy9Dbmc6-0nyFxhr2nDJxDUE7BRlGKu1NmeK4I8umP-wrKR_mPXgPHks0O5hyldz2J-B17okglCfkr_sSdqw26XNz0GU72EpedbRuMA9QR6AfMP_DejHzRn_nCsV_myZ7afx9SUSOrwAXmQFeMle0_NN4k4nfAr0XgaS4pO8kWxHP1O1Zthjgvww8NuPPhFNCHz8c38N5fEQL1tRPv5SHi6DgExR5CGJ8ElvBzdU_t8HX2L9DaQyGBmkwco90ffNbRgj3nviiY-Rz5Vwemlbn5A3_5f2RQRFcEW5fI8t6vT7L1Rsz4AYJLCG6b2o6FTI0aoqzi2806UTCN2_88hFwGldPf6RQm15Xx2MHg1qF2_1PCzSREnttOFMA2yKleDC5xx2vMdR6bIiwYtSzE5DZfs0QwtfPhvaRx5CzFhWgmtQdXGck83NVHcow7q8JmBm2jKK_JU6C_hCfNIwESb1jhWUdWL0AQMSTo928ayYMbqT2eEPp0mQteN_Z6QurlJRDIj1WtNDd74z_s2ZdmeBsKgDf2Ty4xtyLUWgw3p4jYqSpfU1duLZ-G4ixK0JLdLG-3P

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 001B 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?DhEpIA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A31F 42 B
64 B 44ms
43ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstJzKbMXpY17CmMglswtjgUdNSDJN7ZHehaLCrWA0zEDDwi_TbGpOc55DhZYAGnWCNreWd84t9bMar2Ah-brrtzQdoC9YxnL4AFECSQ8g853mw&sig=Cg0ArKJSzBT0WG-lq9R-EAE&id=lidar2&mcvt=1002&p=0,0,600,120&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20231016&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697603911743&rpt=529&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A31F 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1669173070798&version=m202309260101&ct=76&x=8&cor=9471882600525046000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6124 42 B
64 B 43ms
43ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu69oYXyQ4i2TdUqz1cRgdc0ujg3HEWHMMqIZGa8EuJ_TZtvg6w-9pIuOI85hXXp_sd9ka6veBf-bkxem2m_qCsLp8FKuHjGHAYk3yEslBq9NKii_bmtg1ktfwn1eno&sig=Cg0ArKJSzNS1tGfPWOr0EAE&id=lidar2&mcvt=1000&p=183,1395,783,1515&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231016&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=682913543&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697603911661&rpt=679&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DB59 42 B
64 B 44ms
44ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssFzeqwHDxpX92CA6mz_emJBTfcIWkskjhqE1mNqEclv_ZZCs7TrW7iOQfbHdjDrlw3X9pT40TuT_kyU6ohvZC0I26OuN6Xg9QK4zou-R0HSr0&sig=Cg0ArKJSzEv6Y9W1ONv2EAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231016&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697603912233&rpt=455&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 43ms
43ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231011&jk=1716816904784909&bg=!39yl3JPNAAbFpEfJ5aQ7ADQBe5WfONjos6cAxn8ImtB-xRy1zIKYyZz0vpDWMfNJ7woCiJRzwEqi12g2KLe0gjeKCeS8AgAAAORSAAAABGgBB5kDC4QGRA33ED4lKIGdpBsKgs-x-0cEgBJ1VYP2Elv_gDDraMMVSI6pHELyULkpnKTN0p_Az5EC3c-9AAVmXNe5HiDk8dWupIyrpkod1DeI9F-Gz-brrdWaBEaMgWeL66J6NBos8XKTVRBLxCyUovKoAtWPmr9YnSbgGFRc53ZaT9ATct0jMZhhB76H6n8-fn7PVLmNh6UCB5Wk1w18IIiuiR0ZPkJHPFBpw7bVCoYWcB5xJqI3aBLp5u1Im0LhmC0OzWqCyznaD9hM0SnpU0zm3IwXM-3wZ_cwlbOpznOVSHHXAJ5z4hcWp6biJ-B7nvxgwQZ8OzokSSkn6PNH4cmKknkXQXjwOZjg67KUuwqP2_5TWxNQUVAw9i7Q02XZw3tr_C3HDT3JNftVYk-bWuibg_N_XUUCgTZ96Kq5--3KShA_jaOMnaVrsEce2KeJudcSxuoF601fWqyB0c8Hvq7-jE9k9-xdySUzvur7SpUBqy0_oSz1kwocXJYDoneb5iVf8PcbHE-HSiH8-sbgJS6uHxCVXkKdDbzhEh9a3BBocVr1PmnqKiSr-M1MnwDCvKdbK7YsHM8HZ7Bvvhd9fmb7ukyaHz9tqZSHvPy-wes5gJLKHsUUYRcNM6Rg12awiKKpY7snWdW7DLVcP0L6MyjLMwBmXbwjaNVhrXW4kPS7EfQKPsS3iOMe6ykd-Mjm55HFLOF5kkafzOhgn6W5PDQTMEPjoFXIdcJEzBWAoYSsBqpZma9TlS_7fyUcUSIlIUUmpbTBoH5E80RLeYouca1fJnz0QSpi6kozYdxI1rQk45JVUvs6Jbz57DdMt4wytHOvoVBVoqbNxVOsMhxCR_hazo6IF0BOg9T2SNOghyNtk89l6zo548bolbVz-fHP4-dJ6XWrUpqdEPfcM530LsBoLq0CnMefUz0rVIVJoVfRjEukL_UMUyXrrBVCa7Bh6sJxfIdwuwh31x-XcT-iMeJ8F_JnSZEyhKUKnsCAyaXO3DFnVP8txGtkNChQM_TsxREkzbIRNjXGm8jzvPUk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helopal.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DB59 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2274741573279&version=m202309260101&ct=76&x=8&cor=10174283688875602000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E212 42 B
64 B 45ms
44ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvDUiEMP8xwAlyTdMiUcy7mq6l7lCmSScQz_FJ184yrNR50UeQlYRporBxA3Max-k3xdaToxNq26cEy3SmVjLA5Q3iU4xZ5t2Bluu6CNap454oxVloVj2rlMK9rk-90&sig=Cg0ArKJSzD5SaT3oc-gDEAE&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231016&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=2962252032&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697603911963&rpt=805&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 40ms
13ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fhelopal.club%2F&domain=helopal.club&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://helopal.club
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://helopal.club
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 18 Oct 2023 04:38:33 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 215032
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
370 B 16ms
14ms XHR
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fhelopal.club%2F&domain=helopal.club&cw=1&pbt=1&lsw=1

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 04:38:33 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://helopal.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 244397
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
420 B 31ms
31ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 494f8128c042de0c2ad9a1e77ac78ec03158791037b72de703b895e9fea23e8b

Request headers

Referer: https://helopal.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 18 Oct 2023 04:38:34 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://helopal.club
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Fri, 17 Nov 2023 04:38:34 GMT

GET
H2 204 /
onetag-sys.com/usync/ Frame 5BA5 0
0 8ms
8ms Document
text/plain 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1697603910821&gdpr=0

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://helopal.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 7AF4 281 B
554 B 8ms
7ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://helopal.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 18 Oct 2023 04:38:34 GMT
ETag: "4014f-119-6051b805b8000"
Last-Modified: Mon, 11 Sep 2023 20:52:16 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 usersync Show response
ssp.wp.pl/bidder/ Frame FF59 477 B
415 B 33ms
33ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=77635991577424360000&sn=mc_adapter
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: 636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer: https://helopal.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
content-length: 281
content-type: text/html; charset=utf-8
date: Wed, 18 Oct 2023 04:38:34 GMT
last-modified: Thu, 12 Oct 2023 05:51:17 GMT
server: nginx
vary: Origin,Accept-Encoding

GET
H2 200 usersync Show response
ssp.wp.pl/bidder/ Frame E30F 477 B
319 B 32ms
32ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=77635991577424360000&sn=mc_adapter
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: 636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer: https://helopal.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
content-length: 281
content-type: text/html; charset=utf-8
date: Wed, 18 Oct 2023 04:38:34 GMT
last-modified: Thu, 12 Oct 2023 05:51:17 GMT
server: nginx
vary: Origin,Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame EB3E 0
0 8ms
7ms Document
text/plain 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1697603910823&gdpr=0

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://helopal.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 usersync Show response
ssp.wp.pl/bidder/ Frame 2F4E 477 B
319 B 33ms
32ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=77635991577424360000&sn=mc_adapter
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: 636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer: https://helopal.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
content-length: 281
content-type: text/html; charset=utf-8
date: Wed, 18 Oct 2023 04:38:34 GMT
last-modified: Thu, 12 Oct 2023 05:51:17 GMT
server: nginx
vary: Origin,Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame F7FD 0
0 8ms
7ms Document
text/plain 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1697603910822&gdpr=0

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://helopal.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7AF4 41 KB
11 KB 9ms
9ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 6b0ed5d45b45f3593ce12f5311c4e636ed31736ebf1710849f949c430d24bc25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 04:38:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Oct 2023 19:59:52 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=55291
Connection: keep-alive
Content-Length: 11123
Expires: Wed, 18 Oct 2023 20:00:05 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 7AF4 7 B
380 B 8ms
8ms XHR
application/json 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?gdpr=0
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H2 200 wpjslib-sync.js Show response
std.wpcdn.pl/wpjslib6/ Frame FF59 88 KB
29 KB 143ms
47ms Script
text/javascript 212.77.98.32
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by: Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=77635991577424360000&sn=mc_adapter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: wpcdn.pl
Software: nginx /
Resource Hash: b574663452fbda7729bdb437219d4cb3ed40f2ed4ab6da75347857d2c072923d

Request headers

Referer: https://ssp.wp.pl/
Origin: https://ssp.wp.pl
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:34 GMT
content-encoding: br
last-modified: Tue, 17 Oct 2023 14:29:58 GMT
server: nginx
etag: W/"faa3e29d1312b8d9918a27f51c815ec1"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=900, stale-while-revalidate=86400
access-control-max-age: 900
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 wpjslib-sync.js Show response
std.wpcdn.pl/wpjslib6/ Frame E30F 88 KB
30 KB 142ms
46ms Script
text/javascript 212.77.98.32
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by: Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=77635991577424360000&sn=mc_adapter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: wpcdn.pl
Software: nginx /
Resource Hash: b574663452fbda7729bdb437219d4cb3ed40f2ed4ab6da75347857d2c072923d

Request headers

Referer: https://ssp.wp.pl/
Origin: https://ssp.wp.pl
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:34 GMT
content-encoding: br
last-modified: Tue, 17 Oct 2023 14:29:58 GMT
server: nginx
etag: W/"faa3e29d1312b8d9918a27f51c815ec1"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=900, stale-while-revalidate=86400
access-control-max-age: 900
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 wpjslib-sync.js Show response
std.wpcdn.pl/wpjslib6/ Frame 2F4E 88 KB
29 KB 130ms
47ms Script
text/javascript 212.77.98.32
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by: Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=77635991577424360000&sn=mc_adapter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: wpcdn.pl
Software: nginx /
Resource Hash: b574663452fbda7729bdb437219d4cb3ed40f2ed4ab6da75347857d2c072923d

Request headers

Referer: https://ssp.wp.pl/
Origin: https://ssp.wp.pl
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 04:38:34 GMT
content-encoding: br
last-modified: Tue, 17 Oct 2023 14:29:58 GMT
server: nginx
etag: W/"faa3e29d1312b8d9918a27f51c815ec1"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=900, stale-while-revalidate=86400
access-control-max-age: 900
timing-allow-origin: *
access-control-allow-headers: *

Verdicts & Comments Add Verdict or Comment

199 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
helopal.club/	1970-01-20 15:33:38	Name: XSRF-TOKEN Value: eyJpdiI6Ik5nRENraGlzTHhKdVJFZldzXC9SVCt3PT0iLCJ2YWx1ZSI6ImJGYWppUlFZQTU2UHJjUnlpb0Q4aXFuc2x6dHQxeWtqNFZOTG5IdVVBWjBwRUxZR1wvazFLcXdKMElmcE50T3BPIiwibWFjIjoiN2QyZmRjZTU4YWFhZjkwNjU3YThlZWViYTIzZmMxNzllM2IwNDhiYjM1ODI3YTgxZDdlNWVkM2U5OWMxYWY3MCJ9
helopal.club/	1970-01-20 15:33:38	Name: helopal_session Value: eyJpdiI6IkY4cDRzdzVHeWZBTFBTRjZGV2NHdnc9PSIsInZhbHVlIjoiVDRlYkVXMEhRV1NGMHhTNk0rTU5IYmlEd3QyUTFNMGxvUDdqb0FkOTRiSkdra0Uya1RSUFZmY3dcL1JcL3FuTVY0IiwibWFjIjoiMmVhNjFkNDZkYTUyMGRlYzdiMTlhN2ZjM2M5NjIxYTYzNGJjYzFlNTk0NWRmMDk0MTJiNWVlNjZmMGNjOTViZiJ9
helopal.club/	1970-01-21 01:09:23	Name: language Value: eyJpdiI6ImhjUXlrelQ5NnArTHg2TmdpVzJOXC9RPT0iLCJ2YWx1ZSI6IkRuVzNpSHlydnB6NGdyNFNkV1NQTkE9PSIsIm1hYyI6ImMyMmQ3Y2QzNTEyNTJhNTI0Yzk1MTU0YTllMmJiNzlkYmEzZjY3MDRmZDRjMDhkZjVhNDFhYzFhYTNhNDhhNmEifQ%3D%3D
.helopal.club/	1970-01-21 01:09:23	Name: _ga_VWZGSQLZ5T Value: GS1.1.1697603910.1.0.1697603910.0.0.0
.helopal.club/	1970-01-20 15:34:50	Name: _gid Value: GA1.2.705716074.1697603911
.helopal.club/	1970-01-20 15:33:23	Name: _gat_gtag_UA_176069477_1 Value: 1
.helopal.club/	1970-01-20 15:33:23	Name: _gat_gtag_UA_136873609_1 Value: 1
.helopal.club/	1970-01-21 01:09:23	Name: _ga_WEZNDFHJK0 Value: GS1.1.1697603910.1.0.1697603910.0.0.0
.helopal.club/	1970-01-21 01:09:23	Name: _ga Value: GA1.1.1230205288.1697603910
helopal.club/	1970-01-20 16:16:35	Name: _pbjs_userid_consent_data Value: 6683316680106290
.helopal.club/	1970-01-21 00:18:59	Name: _sharedID Value: 344bdfa0-8b77-4d5e-931e-969dfb8c6d20
.prebid.a-mo.net/	1970-01-21 00:18:59	Name: __amc Value: 1_1697603910_1697603910
.script.ac/	1970-01-20 15:33:25	Name: __cf_bm Value: TPHOb1odp4PM8NfVgC.08jW7RCYADk75AThR1Mv3pP8-1697603910-0-Ae/q3BBBcMHloabiFMjrXzRljCvCZsPRqPxy2a9gjTK/Epw8ttL483IKYT/KlJejltqvP4B+Uhy/v6zZJTGi2MI=
.helopal.club/	1970-01-21 01:09:23	Name: _ga_Z45V12ZWF9 Value: GS1.1.1697603910.1.0.1697603910.0.0.0
.rubiconproject.com/	1970-01-21 00:18:59	Name: khaos Value: LNV9JCUV-I-9KD0
.rubiconproject.com/	1970-01-21 00:18:59	Name: audit Value: 1\|naVuGyos1qoqwhbMjxh0eQ/5onLiA/RiY1TdhAkPVQAKdoywSGEkcBloVQ1RKJOjlfsVaYCVefvOCe5Tvv8ARn75zW22WRrlLGbTiEIgcZy+xUA9sgf/4bKpUjWTmmg0
.criteo.com/	1970-01-21 00:54:59	Name: uid Value: d144b405-7d7a-4b75-9a97-7e770b493245
.openx.net/	1970-01-21 00:18:59	Name: i Value: 07cf11bd-d403-4f4e-88dd-726e12a1bdae\|1697603911
.helopal.club/	1970-01-21 00:54:59	Name: __gads Value: ID=bbc3f27f4a1e5e65:T=1697603910:RT=1697603910:S=ALNI_Ma6U4PDf7hxNk0hwJ6G-Ok-dTtmAg
.helopal.club/	1970-01-21 00:54:59	Name: __gpi Value: UID=00000c9b98588cb0:T=1697603910:RT=1697603910:S=ALNI_MZIJOg64jB6Dwyc_z8HFXWOT-RB0Q
.helopal.club/	1970-01-21 00:54:59	Name: cto_bundle Value: 4Yq1019RSGtSUDElMkZVN3l5SEpMNUt3UWlaMXdmZ1ZoMlVkUWhMQ2NNOGxQSVhoNmpSRGc1ZjBTYjA4ekQyRFhNeVVOamNBR3VhVEE5aTFIamUzdUhidGFOWk5FRnZuNjIlMkZtZXdtJTJCWGwwY1lqQ1NoSXkwbFFVOU45VmNJTkp1V1VlMlBEaVdnS2ZocWtBSE42Unk5Tnd3QmxGd3clM0QlM0Q
.doubleclick.net/	1970-01-20 19:52:35	Name: APC Value: AfxxVi7Q-bDXETLEuOz56LpUexhtKMnfFzNU9XyNBMA-k33DjRLoaQ
ads.smartstream.tv/	1970-01-21 00:18:59	Name: DID Value: aa822fe5bc27b70eee9d257ef690feec
ads.smartstream.tv/	1970-01-21 00:18:59	Name: idt Value: 100
ads.smartstream.tv/	1970-01-21 00:18:59	Name: permanent Value: 1
cm.adsafety.net/	1970-01-21 00:18:59	Name: UID Value: CM12023101804bd3cc92d0ff9d77728b
.adsafety.net/	1970-01-21 00:18:59	Name: cm_uid Value: CM12023101804bd3cc92d0ff9d77728b
.googleadservices.com/	1970-01-20 17:42:59	Name: ar_debug Value: 1
cm.adsafety.net/	1970-01-21 00:18:59	Name: permanent Value: 1
.doubleclick.net/	1970-01-21 00:54:59	Name: IDE Value: AHWqTUnLYRbnCaC8SNNwsyZPYKd03b_6WI6LSDj9m9Ngrk7lQvKaMfqlVjEzIM1MENo
cm.adsafety.net/	1970-01-21 00:18:59	Name: cache0 Value: L2UzeGVJMkNTL0pzMlRFUXR5b1cvZ3lGVWlYOHNCeGt0YjVKTXBQVmkyWUJtKzBGekd6T3NhNkZoUVlvNVp2MG9UVlNlT1pjc3dFQ3FBS085TWduUlRvOWN5Nkc0ZmVFSVBISFNud2Nsc056azNWeVdwQVJQVlNscUtQSGdmNHFhQUVrMWJGdkNzTzljZEROWTlGUS8yWnhBTTlEODRWeXJKSlg1UWRIVXZyVWlnRlJXRFJncE0xeE5HMXFkUnB0a2lKYis4R1U1N3lwRjU3a3Z6R2hOeFNGUHBsdHB0cTd4SW9SNTFBRHFzUStkQ3dDTCtpNFlVWE91MVluMzN1UXdINlZPUkZxcjk4SEhqWUhqejBBejk2NEd2REpScWRMU2ZacG9NNFNDQWNWYUYwRjF5bDVvRXByMTVWTVJ6TjBobGFyT2hCWCtiZU9vUnRqTHlFT3lRPT0%3D
helopal.club/	1970-01-21 00:18:59	Name: unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-10-18T04%3A38%3A34%22%7D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdnjs.cloudflare.com/ajax/libs/howler/2.2.1/howler.min.js(Line 1) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
network	error	URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_pkc333if2p7/728x90/teaser3_@1.5x.jpg?v=20231018638330 Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7eb317066df7aaa9503013e74f37a0d4.safeframe.googlesyndication.com
ads.smartstream.tv
adx.adform.net
ajax.googleapis.com
bcp.crwdcntrl.net
beacon-ams3.rubiconproject.com
cadmus.script.ac
cdn.helopal.club
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.optad360.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cm.adsafety.net
cm.g.doubleclick.net
eus.rubiconproject.com
fastlane.rubiconproject.com
firebase.googleapis.com
firebaseinstallations.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
fun-dare.com
get.optad360.io
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
helopal.club
id5-sync.com
invstatic101.creativecdn.com
joyn-creative-hosting.s3-eu-west-1.amazonaws.com
joyn.kr-adstudios.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
prebid-eu.creativecdn.com
prebid.a-mo.net
region1.google-analytics.com
s0.2mdn.net
script.4dex.io
securepubads.g.doubleclick.net
ssp.wp.pl
static.criteo.net
stats.g.doubleclick.net
std.wpcdn.pl
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
141.95.98.65
142.250.184.194
142.250.186.98
147.75.84.158
172.217.18.2
185.184.8.90
193.135.9.129
2001:4860:4802:32::36
212.77.98.32
212.77.99.29
217.79.187.54
2600:9000:2057:2200:7:dde5:8880:93a1
2600:9000:206f:6000:f:a31d:75c0:93a1
2600:9000:2250:3400:a:e047:753:6381
2600:9000:225e:2800:11:a4de:2580:93a1
2602:803:c003:200::37
2602:803:c003:200::43
2606:4700:10::6816:3456
2606:4700:20::ac43:4bf1
2606:4700:3034::ac43:be40
2606:4700:3035::6815:5c4b
2606:4700:3036::6815:5707
2606:4700::6810:5814
2606:4700::6811:190e
2606:4700::6812:1691
2606:4700::6812:bcf
2a00:1450:4001:800::2003
2a00:1450:4001:801::200a
2a00:1450:4001:809::2006
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::2003
2a00:1450:4001:813::2001
2a00:1450:4001:813::2008
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::2004
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:827::200e
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::200a
2a00:1450:400c:c0a::9b
2a02:2638:3::3
2a02:2638:3::c
3.33.220.150
34.102.146.192
34.120.107.143
34.96.70.87
35.244.159.8
37.157.5.133
51.89.9.254
52.218.29.128
63.33.97.132
65.9.66.122
69.173.144.138
95.101.149.233
003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476
0056b03b40f8ad674e55c222c7f27fe05c84f853c5c9b8f45541d4c954ac334c
02c1c93d946a3fe716c4e6cc090f89ec590d826b9a80ff01fb28903bd4471dd9
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
0437ecea3d443d3ca9c7537bf99ca24baa798b6f7fa49cd96d4488f825328cbc
067d7a00b0867ed5cbcd9d81213285fefc8478303ec5314f3fd16342c7dbd462
0684d99ed84155f7ef828f8f372b1a840c8db925fb39e4abb6c41eea6bb61ef4
077b1d0e040663ec05c5cf1dca97e84be321eefef0d9ebd1e8fcecfdd6a1ac45
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13aa444747a569e25f79d16b3870a9715735f0bfb98e395447f1dbc979c78be0
1997552d3c8a1f4db50fe3a28b01295a434612a3d7985da6ecd1715cc86ed270
1d65751ea786e47bfeb679bce1780acaa67db5e79a083c29fb7513f1bb4f67e1
1f36198740d2dd79a44002dcf7eebe2c43ab6b5c3ffd60b7e71dd31a7c43872b
2144a371d6df0c8d812846723ff007300e35582fac35e49b7996d4d5db3a7529
29974111dc4da2acedbd2eaadc317a3f55f71d219e2c67b661152f9f2ebad6c1
29aaec486617fb3efbf0d98e6034ad1a8eb5d82734e2aed02ab7de37fc1be9d3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
3511cc8c30068d7344fee4be5dd1b275db58bba7a6eb04b7dc8de7398b469feb
35ec7fcf1d99f0070159fd6ad151d6db1e94aca98318885f8aef04b53dd990ce
387fa76a18c1e2dcc5db9d10f530ac9c419faa94becd7bedafaf8d05521c32c4
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3bfa39b49c9cd75b603c05424dd9ea30e9ed6dc0a25f77b622ae5e9a138be08a
3ddb3df02c775166e71ca796946cebb19845067dcc47a6a50a40e52d5edebcb9
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
411bb50a88203cebdc77dda1b1de833c042a639f1c7233ca046360bc12172aa7
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44718d713af08035d3f9d246d249df63ed5d433a1d8571429241de984c0c4dd7
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45d48e1d7e27224461b0b699f702ad07ca66ff00da3e98408c23b7de03a64c19
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
47e62e32edebec69ad2df63aae2c93ae75c9cf7c2634afe6b8b91f197890ae25
494f8128c042de0c2ad9a1e77ac78ec03158791037b72de703b895e9fea23e8b
4a32b663348ca575fd26df592baa1d8514de83aeb9b85d5cc092fcbc02630ee9
4bb6bd2b131cdae1bf698a0c13cd23eb2b91f27d50e24fdeb1515339c15f20b7
4cffc9a04778a9a1f5fbd78ae1ff0d174da62c3c5fe3402524d0c6b014229de5
4e5b02b59f528a8a8aae44d9335d6548dcd7c4b0407f9233d8039ea867aa85a0
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a0e0bff8aff490cd3817c0f945e120780bd2148eb66f8179899bb4c999fc762
5b71b98288bbced7b50c8e14771866c926319b392eaaf03856a03b0bab98542c
5bd8b93147a25b894ae2f92584a545693838c3f910eab31999b22d50bca4aa6d
5c8409dcad2e8d36ca28ef173376dee1e565758442050715742bfdbb08c92cad
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
6079a677b4ff727c225559facad29c7a945d060fa5cd637ac76b4ee55d21f471
60fc4511f1c0ccb8fd9f64fed945c028634245420d93405ec69a6e8e2561447d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67a620b02e2a8b2f28d34ee63509828125c4992f021adcf05e2eabcf23ff6621
68c82d2c77388cab6da0584fcd1539d002ad095de31d9f80937aae0ca6cb15af
6ab4a49144b0899c87c607eba0952310f2790e06bf4cd6ba025fa8f4dea93052
6b0ed5d45b45f3593ce12f5311c4e636ed31736ebf1710849f949c430d24bc25
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6e01a0575080f66e28f68c7d43dd12195d569a2172bdf786643945e3589b055b
6f658c1f35864e339fa616cce27839c4220cfaf4ffcc9144165d0c5889dcdf60
6f8bfefec2cd703c79b6f039fa4091160c9ff5a67d9d3b7d159924304517d869
6f9c72ef22efe8a0e095464ab57ea0d5b6c24fa0abcd9439a1ffe1f522cca92a
6fdd68fb302111aa20d2544c139144e3e43ff45e7f46af9ecd6005dcbb1f24f6
7017dd89c36e7c0b58a09fd549d82ab2cb94222822c3fea417b5f9b8a87390e1
72035cff2a2b4aa0eee6fa22c60e429cd23e12a43f811edce39f999134dfdb08
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
72fbb7c612a676239f953f504b6afacc2f22cbb156e24a36bfb34ccf3718009a
73060bc634e7d84fa78d9e5b0b0d188c9e0e84dce0172f8042bba2b180886099
7559ba45677beff9ea485d64ab945d4a29a460c9319f20f8b131051629a1a67a
77f331acc0b5e3b63fcd3f31e9d334628691e1314b6fb0154b4ca5535828030a
7bcc32a5bd2678766a21faf6b68941eaf9fe1fc9c7168a091af3ef81c1738f50
7e24798bf685c8dd3ab867dd639df81cd17524c8959f41db978a66208ae4ab47
7f771e014a043e11cb820b26dc433bff0403017d8a36c694972577126e5b926a
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
81a8627ab6e4b8cdb43e314614583d0cde0db4a252b4a0a9d80aac984df410b0
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
83a5d8d794019a0b7b6e4c788ef3c914c88f0c02471a61d18da26e12523d6c2f
8695956c55e8679652a5e34279fbcf353078c3883143582a847b8a26a50a3774
8923adacdbe69eb5774799761d1554a44ef02a9958ba011b70aaea4c192ee26f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8eeb1635a65d8bf0fd57b195c3c3ec1fc05584505c44661285676cb4d1fdac58
8fcbbc78f17b4f6268a82ba0b61689d1d7b87767b915c6177bc1ae4b3bbd3479
91d5a56675357a940d9edf46814fe727d64336de50574120e89cb9a2f8654cdb
970dad574ea42ac2781b6457dd1ed2416c7aebd32c09669566d0cc8a20f82251
979b99e32814f4fd44975ad2903bf5098df7c6ed12e242e43cd9f03fcb237adb
97feb284c87c5c140d65b2c8ffd0d77030f8e312f99074d4beeb2b400975f19d
9809a9d6fe844649e678fda81d91b9dd6d4bfb339d495b0cdb95af999e14f9f5
9ba709a25d3fd849530bad81bec563d72fb697369b8246e5835630e87c22962d
9c83142f97433d4826d3896ae1f0c92e0d4c7867ac9eab4d6601ef72e5d542b8
9de813b6a85af64423fb0398c80b65cd85a6e2acd163d48b1f6d47b9ba1c8b70
9f16e60d0a12528f9b2d792b1cd1882ce614afdf96f43a3deaa7e17279410771
a0c71bee455ba91e5aa859abf3961d7e57c1c00cb85def124dfa1d8f53069d47
a0f95dcad4811c2b85289326687f5e63764a1a24b5f8bd2d4ad59da3858f7992
a503064915d06ea540d57bcbce6c01c12ed0da0f26ec33ea25b135594a127db0
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a74e0715454707691d3625f353aa78ef49376f2f59f4fe0ccc31c98f0f31efed
a8e0f42bb7544f3b80a70a365cda8be4758b8c434aa31d6b13612c5f55b76d2b
aa29256ffbb7f6569f59f813ff865fc1a0f13e4a1d33609814dfe16c80a5f5d5
aab452cf9898bd79f2252623197fa5c45f5c64dd82a203b7259235e6e4f8965f
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab0a1cf5ba89fad9aeb1d7350394fa5f40b9ecc33ce6fd41a83363c9ba91e48c
ac860e273138830e1b639b1ff78d22619741db962f80c0d2a6c1f55753d0489b
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b36ccb3fa489753610fcbf8f4cfe4021cd1ee7b6159d8a17eabaa92b3e3d8094
b574663452fbda7729bdb437219d4cb3ed40f2ed4ab6da75347857d2c072923d
b66fea64ce1ae1040340f5762d97a31187aaf1ec2c8a28a532b0c82622c6df3a
b6cdf83dd219f818664b987ea62981282c89efa6c4ee9be37c330b73d19b4a97
b7a44b79476282023aa69f375fb648558a8913635c9350fdcca4ef79a876d70b
b8a8f6a61d87c7398858d57cec96cb6c90232a0c8ca4e83678517a4db7e1728b
b9fa1b78af612f835e36c2b7e759d15aa574851f2fb7dd556542af5c4ae2d4ff
bcd2bbb5192d04be61a02d8b82796473b089f797523d99c2deb435990e394e31
bcfeb4b89a5cda13c5da8db61507eea441ddd4d4cb1e5a84f91d456cea251b7f
bfea5e5db4c526a9c86debd0154807b4eaddf36281a55cb3f622e441e5054dc1
c38d2a9ebeab797164a400564c4c9c21d264ab20d7d70ff90e7f04904ca93caf
c467ecd77623a3ab812b54c440efa053e264e69575af330d3bf0d7bb5e6ee9a0
c4f79e61f29ff578eac7fe01db9c651959c12df03ac71d7937c3a4ce461777f7
ce766614a0ce7850d90a574b9919975a0f77949da3c33f850b41852a774cd33f
d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1
d14cf552496ba4036ec2a27b334679e2388e13f199c25a76101482eac970ea3f
d4164fcf636af0586040cc0012142117c0ad790525a264d3e1262f335e2ab80a
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d77a063e02cae32cb17a65d6c0c8a8b4139d0be2d29ef6e5863ab44d03bfea00
dad6108f296670c871d8e0037a1b3dbf7c8a8d0ad7f21205b0a70288526539ee
ddb3aa9142a5007f984815fe8383a9d6bca2e369f19496f68025b230b4953584
ddc2d609d673db58fccf8b464694c78531fbd944870dd25ae3a2cf8176bfa4cb
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e548457c5b2ad6a7da8f4250ceca1f691905ecaf8ce7517dc85d44b1bc2a9379
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e87a0a4ea67100ecf0073972c688d535b91b6742d8f54017013b978ce2c18d57
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e90978a44f8c4ac993ebe81fd5336f5a546a7be5b7fb3c279fff395507049496
ec50c9a8d51925986413f726c63b107ff51502b5f44e49f54807c6d3427757ba
edd8be480882ddfd5c67618fe43927becfaab29b430a406ab6b9ff62da59d4b6
ee67f42e9aae1732dbba115d5ffda31f887048c6774a6e7af5b9e473ad87cde8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f11f3c9efe0a774cb3b1c1cc0edab18d7eb247f0e1092c020d77d84c06d5848a
f56a3556c45543861a8dd9b9bc9b65b1f9d64fbb7dfc03fdb416faf36356db3d
f56cf558e4526ba5116061cca5bdffdb159449245b4d202251e29ad1b7ffbfde
f9d806bcf26d8c92ced7094729531da33548645bcddb24d9a545fe97ba013e29
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

helopal.club Open in urlscan Pro 2606:4700:3035::6815:5c4b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

283 Requests

98 %HTTPS

62 %IPv6

38 Domains

59 Subdomains

56 IPs

9 Countries

4476 kBTransfer

10472 kBSize

32 Cookies

3 Outgoing links

Page URL History

Redirected requests

283 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

helopal.club Open in urlscan Pro
2606:4700:3035::6815:5c4b Public Scan

Screenshot
Live screenshot

Full Image

283
Requests

98 %
HTTPS

62 %
IPv6

38
Domains

59
Subdomains

56
IPs

9
Countries

4476 kB
Transfer

10472 kB
Size

32
Cookies

283 HTTP transactions
10 data transactions